Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

webappsec logo WebApp Sec mailing list archives

Re: Web 2.0 support group
From: Steve Pinkham <steve.pinkham () gmail com>
Date: Wed, 09 Sep 2009 09:10:56 -0400
Steven M. Christey wrote:

So I've been an observer of the "Web 2.0 is a security nightmare" camp
with the occasional head nods and detached agreement, being enough of a
generalist that I didn't have anything to add to the alarms raised by the
specialists.  Where is the support group for those who have recently
realized just how desperate the situation is?

I'm not being entirely facetious.  Is there any hope at all?

- Steve
1. No, but there is no hope for generalized security apart from "Web 2.0" either. There is only risk reduction.
2. Stop complaining about Web 2.0. Really. It doesn't exist. There are security problems specific to JSON, AJAX, REST, SOAP, FLEX, social networking, P2P, etc. If you want to actually discuss the risk, name the risk you're interested in. Web 2.0 doesn't mean anything we can discuss like rational people. Same goes for "the Cloud". 

Steve
--
 | Steven E. Pinkham                      |
 | Security Researcher, Maven Security    |
 | steve.pinkham () mavensecurity com        |
 | GPG public key ID CD31CAFB             |

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]