[117842] in North American Network Operators' Group
Re: operations contact @ facebook?
daemon@ATHENA.MIT.EDU (Alexander Harrowell)
Mon Oct 5 12:07:27 2009
From: Alexander Harrowell <a.harrowell@gmail.com>
To: nanog@nanog.org,
leland@taranta.discpro.org
Date: Mon, 5 Oct 2009 17:06:46 +0100
In-Reply-To: <1254756973.4530.19.camel@leland-gandi>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--nextPart1256392.Qr0f3a2hj7
Content-Type: text/plain;
charset="iso-8859-15"
Content-Transfer-Encoding: quoted-printable
This is a classic case of one of the problems of the increasingly numerous =
and=20
powerful Web dev platforms - as you let other people either control your ap=
p=20
through an API, or even write code that executes on the server-side, you're=
=20
increasing the cycles available to an attacker. It's similar to the dns=20
reflector attack.
--nextPart1256392.Qr0f3a2hj7
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
iD8DBQBKyhmX0c69vkueJcQRAnhwAJ0ezglADurX3veFmR2NwfEN7n0nOQCfSy/X
lcJhjPK9iEPLT3isy1jXVZo=
=aQ1T
-----END PGP SIGNATURE-----
--nextPart1256392.Qr0f3a2hj7--
