WebApp Sec mailing list archives
RE: Code Cracking in Java
From: "Maxim Kostioukov" <maxim () francoudi com>
Date: Thu, 13 May 2004 13:33:01 +0300
-----Original Message----- From: Chitresh Sen [mailto:chitresh_sen () yahoo com] my finding help them to develop a strong business case to convince top management for discarding the product.
The management was given misleading interpretation in support for discarding the product - the vulns have nothing to do with Java, but with business logic distribution between client & server (which is irrelevant to any program language). As others pointed out, this could be fixed easily enough... Additionally, input check on server side is not supposed to affect performance; from my experience, this is not an issue.
Current thread:
- Code Cracking in Java Chitresh Sen (May 12)
- Re: [security] Code Cracking in Java Allen Firstenberg (May 12)
- RE: Code Cracking in Java Oleg Dubovskoy (May 12)
- Re: Code Cracking in Java Peter Conrad (May 12)
- Re: Code Cracking in Java Rogan Dawes (May 12)
- RE: Code Cracking in Java Don Tuer (May 12)
- <Possible follow-ups>
- Re: Code Cracking in Java Suresh Ponnusami (May 12)
- Re: Code Cracking in Java Frank O'Dwyer (May 13)
- Code Cracking in Java (Chitresh ) Chitresh Sen (May 17)
- RE: Code Cracking in Java Maxim Kostioukov (May 13)