This place went from being one of the least reliable websites I frequent on low speeds to being easily the fastest and least likely to stop loading. Yay!
Posted by FoolzMon, 09 Aug 2010 05:23:57(comments: 22)
Thanks Yoda for that insightful and very informative reply.
I learned a lot from that one post than all the things I read on the internet.
I do get paranoid from these things which is why I wanted to ask. I edited my original post thinking it was inappropriate to ask about that because I know this site has been great.
But thanks for taking the time to explain all that.
Never hesitate to ask. It's always better to investigate and learn, than ignore and give up. And think it's out-of-line, either; this site was a rewrite of Y-Reviews (my review site), which was the first real full site I ever wrote in PHP, and was consequently in retrospect, a security nightmare
This place went from being one of the least reliable websites I frequent on low speeds to being easily the fastest and least likely to stop loading. Yay!
Thanks Yoda for that insightful and very informative reply.
I learned a lot from that one post than all the things I read on the internet.
I do get paranoid from these things which is why I wanted to ask. I edited my original post thinking it was inappropriate to ask about that because I know this site has been great.
But thanks for taking the time to explain all that.
Never hesitate to ask. It's always better to investigate and learn, than ignore and give up. And think it's out-of-line, either; this site was a rewrite of Y-Reviews (my review site), which was the first real full site I ever wrote in PHP, and was consequently in retrospect, a security nightmare
I wrote that when I was still in college. We didn't cover security at all in college. It's pretty laughable how bad that entire program was, but that may be the worst part. The following topics were not even mentioned: SSL/TLS, encryption, hashing, input sanitation, man-in-the-middle, session IDs, cross site scripting, cross site request forgeries, phishing.
Congnisant of this, I made an expressed effort after graduation to focus on that aspect. The best I could say is that I had basic sense to eliminate logical flaws to cheat the system, but it wouldn't have stopped any of the numerous common attacks.
When I used to run IIS servers back in the old days it was almost vomit inducing (again in retrospect) how many security flaws the program had built into it (and the default settings). Back then we had no idea.
That's the story of my life right there, hot blondes chasing after me!
(In my dreams *cry*)
Yeah, what's up with the cat pr0n on this site!
Never hesitate to ask. It's always better to investigate and learn, than ignore and give up. And think it's out-of-line, either; this site was a rewrite of Y-Reviews (my review site), which was the first real full site I ever wrote in PHP, and was consequently in retrospect, a security nightmare
"Alls I know is I hit the 'nip one too many times last night, and woke up with my face all sticky!"
Aw man?
Now I know why cats lick themselves!
Oh, and thanks...I guess?
I can't believe that for a second!
I wrote that when I was still in college. We didn't cover security at all in college. It's pretty laughable how bad that entire program was, but that may be the worst part. The following topics were not even mentioned: SSL/TLS, encryption, hashing, input sanitation, man-in-the-middle, session IDs, cross site scripting, cross site request forgeries, phishing.
Congnisant of this, I made an expressed effort after graduation to focus on that aspect. The best I could say is that I had basic sense to eliminate logical flaws to cheat the system, but it wouldn't have stopped any of the numerous common attacks.