[154206] in North American Network Operators' Group
Re: No DNS poisoning at Google (in case of trouble, blame the DNS)
daemon@ATHENA.MIT.EDU (Arturo Servin)
Thu Jun 28 08:49:48 2012
From: Arturo Servin <arturo.servin@gmail.com>
In-Reply-To: <CACg3zYFmwUt78ZhVkWtxuHD0mN1v-Q3_TvDB0Ome2HBAtM9jMQ@mail.gmail.com>
Date: Thu, 28 Jun 2012 09:48:08 -0300
To: Tei <oscar.vives@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 28 Jun 2012, at 08:05, Tei wrote:
> On 27 June 2012 09:50, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote:
>> (<troll>specially for a Web site written in
>> PHP</troll>)?
>>=20
>=20
> We software makers have a problem, when a customer ask for a
> application, often theres a wen project that already do it ( for the
> most part is a round peg on a round hole). So a natural solution is to
> install this project and customize it to his needs (theme, perhaps
> some programming). The other option is to create a code from scratch
> (perhaps using a framework).
>=20
> If you create the code from scratch, it will be safe. =20
I would challenge this. This is not true unless you follow very =
strict rules to make your code safe, and even then, you are not =
completely safe.
> A tree cant get
> a human virus, and a human can't get a tree virus. You are not
> unhackable, bad practices will byte you on the long term, but you
> don't see exploits made specifically for this custom made code daily.
Think about sql injection, they are not only to specific =
platforms but to general bad programming practices.
<snip the rest, it just =85 sucks >
=3D)
Regards,
as
