Re: No DNS poisoning at Google (in case of trouble, blame the DNS)

[Arturo Servin <arturo.servin () gmail com>]

On 28 Jun 2012, at 08:05, Tei wrote:

> On 27 June 2012 09:50, Stephane Bortzmeyer <bortzmeyer () nic fr> wrote:
> > (<troll>specially for a Web site written in
> > PHP</troll>)?
>
> We software makers have a problem,  when a customer ask for a
> application, often theres a wen project that already do it ( for the
> most part is a round peg on a round hole). So a natural solution is to
> install this project and customize it to his needs (theme, perhaps
> some programming).  The other option is to create a code from scratch
> (perhaps using a framework).
>
> If you create the code from scratch, it will be safe.  

        I would challenge this. This is not true unless you follow very strict rules to make your code safe, and even 
then, you are not completely safe.

> A tree cant get
> a human virus, and a human can't get a tree virus. You are not
> unhackable,  bad practices will byte you on the long term, but you
> don't see exploits made specifically for this custom made code  daily.

        Think about sql injection, they are not only to specific platforms but to general bad programming practices.

<snip the rest, it just … sucks   >

=)

Regards,
as