Network Security: Detailed info on Re: Languages/platforms used for Web apps. Any stats?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Web-App-Sec

[Top] [All Lists]

Re: Languages/platforms used for Web apps. Any stats?

from [Adam Shostack] Network Security

[Permanent Link]

Subject:	Re: Languages/platforms used for Web apps. Any stats?
Date:	Sat, 25 Jun 2005 09:44:01 -0400

On Sat, Jun 25, 2005 at 08:08:32AM -0400, Mark Curphey wrote:

| Also if the cost of entry is low, you will see less commitment. Less
| commitment will = less security. That is to say if my grand mother can write
| a simple PHP app but not "fast CCGI" then chances are she will not be able
| to write secure apps in either. One has a chance of making it on the net,
| the other not.  

I think this is key.  PHP (and VB.net) apps are often written by web
designers, UI experts, or novice programmers, because these languages
are easy.  So the folks writing them have less experience, less
training about security, and a lower chance of having an experienced
peer review their code.

I do know some serious programmers who use PHP because its fast and
easy, and in looking at their code, they seem to avoid a lot of the
mistakes that are associated with PHP.  One said something like 'yeah,
I looked up the "What not to do in PHP" page.'

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Languages/platforms used for Web apps. Any stats?, (continued) Re: Languages/platforms used for Web apps. Any stats?, Jesse G. Lands Re: Languages/platforms used for Web apps. Any stats?, Mamading Ceesay Re: Languages/platforms used for Web apps. Any stats?, Andrew van der Stock Re: Languages/platforms used for Web apps. Any stats?, focus Re: Languages/platforms used for Web apps. Any stats?, Steve McCullough Re: Languages/platforms used for Web apps. Any stats?, Rob Lanphier Re: Languages/platforms used for Web apps. Any stats?, Gary Warner Re: Languages/platforms used for Web apps. Any stats?, prep RE: Languages/platforms used for Web apps. Any stats?, Mark Curphey RE: Languages/platforms used for Web apps. Any stats?, Steve Slater Re: Languages/platforms used for Web apps. Any stats?, Adam Shostack <= Re: Languages/platforms used for Web apps. Any stats?, Ben Sytko RE: Languages/platforms used for Web apps. Any stats?, Mark Curphey

Previous by Date:	RE: Languages/platforms used for Web apps. Any stats?, Steve Slater
Next by Date:	Re: Languages/platforms used for Web apps. Any stats?, Ben Sytko
Previous by Thread:	RE: Languages/platforms used for Web apps. Any stats?, Steve Slater
Next by Thread:	Re: Languages/platforms used for Web apps. Any stats?, Ben Sytko
Indexes:	[Date] [Thread] [Top] [All Lists]