[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Social-discuss] Researcher Uncovers Major Security Exploit
From: |
Alec Muffett |
Subject: |
Re: [Social-discuss] Researcher Uncovers Major Security Exploit |
Date: |
Sun, 11 Apr 2010 07:07:05 +0100 |
> Not intended as a dig at facebook specifically, but is this a strong argument
> against trusting your personal data, to propriety software in the cloud?
Not intended to address the specific case, but if you've not looked into web
security before, the Wikipedia pages on "XSS" and "CSRF" are an good grounding
for reading between the lines of many of these terrifying exploits as-reported
in the press, and perspective in the selfsame challenges that *any* web-based
service must overcome - free, libre or proprietary.
It's not enough to just throw "lots of cryptography" at the problem, nor to try
bolting-on security afterwards. It's necessary to address security in the very
architecture, from day 1.
- alec
--
address@hidden
http://www.crypticide.com/dropsafe/