Secure Coding mailing list archives
eWeek: AJAX Poses Security, Performance Risks
From: gunnar at arctecgroup.net (Gunnar Peterson)
Date: Tue, 28 Feb 2006 17:38:49 -0600
a lot of this gets back to a "framework versus roll your own debate" http://1raindrop.typepad.com/1_raindrop/2005/05/wsmex_v_httpget.html & http://www.identityblog.com/2005/04/30.html#a210 also, for some good context security in ajax, rest, et. al. as well as examples of how amazon and google deals with security check out mark o'neill's deck from rsa: http://radio.weblogs.com/0111797/2006/02/20.html#a44 -gp On Feb 1, 2006, at 12:31 AM, Crispin Cowan wrote:
ljknews wrote:I have been involved in a dialog with AJAX fans (which is different from experts) who say "you security folks just have to bow to the inevitable and figure out how to secure whatever mechanism we come up with.This attitude is not unique to AJAX advocates. I remember holding this view myself, while wrestling with the problems of producing a truly transparent distributed operating system in the late 1980s and early 1990s; security was a bother that made things hard(er). Of course, this is just lifetime employment for security people :) I have certainly made a career out of securing things that are inherently insecure. Crispin -- Crispin Cowan, Ph.D. http://crispincowan.com/ ~crispin/ Director of Software Engineering, Novell http://novell.com Olympic Games: The Bi-Annual Festival of Corruption _______________________________________________ Secure Coding mailing list (SC-L) SC-L at securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/ listinfo/sc-l List charter available at - http://www.securecoding.org/list/ charter.php
Current thread:
- eWeek: AJAX Poses Security, Performance Risks Kenneth R. van Wyk (Jan 30)
- eWeek: AJAX Poses Security, Performance Risks Pascal Meunier (Jan 30)
- eWeek: AJAX Poses Security, Performance Risks ljknews (Jan 30)
- eWeek: AJAX Poses Security, Performance Risks Crispin Cowan (Jan 31)
- eWeek: AJAX Poses Security, Performance Risks Gunnar Peterson (Feb 28)
- eWeek: AJAX Poses Security, Performance Risks Crispin Cowan (Jan 31)