20070804

Finally, somebody sees it my way

Link

Okay, Pravir had cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 idea all on his own. But this is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 soapbox I almost constantly stand on when it comes to security.

If you don't want to read cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 article, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 gist is that if you're depending on input validation to fix your semantic flaws, you're missing a great deal of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 application where cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 data bounces around and could potentially get re-broke. And that you potentially end up denying characters that are really legitimate in some context, just not one.

Now, I know Pravir is running cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 CTF competition at DEFCON, which makes me wonder why he had this post yesterday. Eicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r he has a bunch of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m queued and set to go, or he's listened to so many speakers say that something is a problem and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 way to fix it is to do better input validation.

1 comment:

  1. Anonymous14:13

    The Cigital blog is co-authored. Every post is available internally for several days before being published. That's how he posted right during CTF.

    ReplyDelete