[nycbug-talk] (no subject)
Jonathan Vanasco
nycbug-list at 2xlp.com
Sun Jul 15 12:54:11 EDT 2007
On Jul 14, 2007, at 9:56 PM, Marc Spitzer wrote:
> It is part of defense in depth. Face it people screw up all the time,
> myself included, and having having 2 ways to be "safe" is better then
> 1. Also things like -3 TV's should be checked by unit tests before it
> ever gets to production. I think that most problems are caused by a
> lack of discipline not ignorance or malice. Especially when deadline
> loom people can be pressured into doing things that may be less then
> good.
As long as it is a backup, and not relied upon, its fine. once you
introduce it as something peopel rely on, it makes for bad coding.
since you're also introducing something that is standardized here,
you also start opening yourself up to new security holes-- and you
have hackers not only looking to exploit your webapp, but mod_sec or
whatever other standard firewall app they figure you're running and
can look for known exploits on.
those apps are great to bolster a strong defense, but as the only
defense its irresponsible.
// Jonathan Vanasco
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - -
| CEO/Founder SyndiClick Networks
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - -
| Founder/CTO/CVO
| FindMeOn.com - The cure for Multiple Web Personality Disorder
| Web Identity Management and 3D Social Networking
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - -
| RoadSound.com - Tools For Bands, Stuff For Fans
| Collaborative Online Management And Syndication Tools
| - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - -
More information about the talk
mailing list