Re: [Social-discuss] Researcher Uncovers Major Security Exploit

social-discuss

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Social-discuss] Researcher Uncovers Major Security Exploit

From:	Alec Muffett
Subject:	Re: [Social-discuss] Researcher Uncovers Major Security Exploit
Date:	Sun, 11 Apr 2010 07:07:05 +0100

> Not intended as a dig at facebook specifically, but is this a strong argument 
> against trusting your personal data, to propriety software in the cloud?

Not intended to address the specific case, but if you've not looked into web 
security before, the Wikipedia pages on "XSS" and "CSRF" are an good grounding 
for reading between the lines of many of these terrifying exploits as-reported 
in the press, and perspective in the selfsame challenges that *any* web-based 
service must overcome - free, libre or proprietary.

It's not enough to just throw "lots of cryptography" at the problem, nor to try 
bolting-on security afterwards.  It's necessary to address security in the very 
architecture, from day 1.

        - alec

--
address@hidden
http://www.crypticide.com/dropsafe/

[Prev in Thread]

Current Thread

[Next in Thread]

[Social-discuss] Researcher Uncovers Major Security Exploit, Melvin Carvalho, 2010/04/10
- Re: [Social-discuss] Researcher Uncovers Major Security Exploit, Alec Muffett <=

Prev by Date: [Social-discuss] Researcher Uncovers Major Security Exploit
Next by Date: [Social-discuss] On Data Privacy
Previous by thread: [Social-discuss] Researcher Uncovers Major Security Exploit
Next by thread: [Social-discuss] On Data Privacy
Index(es):
- Date
- Thread