|
DaveAuld wrote: Thats not where I was coming from. Granted
DaveAuld wrote: We (I) don't want this site being block at worked, ..that did not stop people from explaining how SQL injection works. I think that's a good thing. Even if a company decides to block CP with the argument that CP explains "SQL Injection". Where does one draw the line? How about cross-site scripting?
As for abuse, there's a lot of dangerous code out there. Any VB-script that shows how to execute a DOS-command combined with a DOS-manual is a potential security issue. It does not stand to reason to burn all old MS-DOS manuals.
It is actually WORSE to ban all information on lockpicking than it is to point how the lock on your door can be bypassed: you assume you're safe while you're not.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
|
When you write an article you have to respect the fact that there are people out-there who know better - real or imaginary...
But! - and this is most important - there are who know less than you. Learning is like climbing a ladder - you have to go over all the steps. So that part should not be a problem - you have a certain level of knowledge - share it!
About the security attacks/protections - IMHO do not detail the ways of attacks, describe them in a few words (focus on the damage) and move on to the most detailed explanation of the protections...
I'm not questioning your powers of observation; I'm merely remarking upon the paradox of asking a masked man who he is. (V)
|
|
|
|
|
Well it is very clear that I will only share attack for which I can provide a counter measure!
So that should be .. ok, I guess?!
Apparently there is a security by obscurity culture which has strong censorship power...
Beside I didn't plan to talk on any particular buffer overflow attack, just general way a crafty JavaScript attacker can circumvent your site security and how to go about out think him!
|
|
|
|
|
Sound all right!
But do not afraid - if someone will found it otherwise you will be hit and hit hard! It's the way of CPian life
I'm not questioning your powers of observation; I'm merely remarking upon the paradox of asking a masked man who he is. (V)
|
|
|
|
|
|
So you basically want to write articles about a subject as sensible as security without being an expert at it ?
I am not sure what to think about such an idea.
~RaGE();
I think words like 'destiny' are a way of trying to find order where none exists. - Christian Graus
Entropy isn't what it used to.
|
|
|
|
|
Very easy, do you think we should delete 87.3% of CodeProject's article? and tips and tricks?
(percentage carefully taken from the top of my hat!)
Same answer!
Now you know!
|
|
|
|
|
Yes, I totally think so.
~RaGE();
I think words like 'destiny' are a way of trying to find order where none exists. - Christian Graus
Entropy isn't what it used to.
|
|
|
|
|
Agree with Dave. Mention the attacks(SQL injection, DDOS attack, etc.,) briefly & explain the soltuion(s) with more details. Check these articles by @Espen-Harlinn [^] & @JocaPC [^]. I liked both articles very much so picked those for reference.
|
|
|
|
|
Thanks for the links, will have a look!
|
|
|
|
|
Mmm.. a little comment.. while you were helpful, and Espen Harlin was probably trying to be helpful too I think his communication is extremely bad!
Why?
Well, my first impression from his article is "don't bother with security, you are doing it wrong". With a strong emphasis on "don't bother".
I beg to differ! Personally I think some security is better than none and I will ignore the nay sayers and pursue my quest of knowledge accordingly!
|
|
|
|
|
I think it's not your cup of tea
Espen's article almost 3 years old. IIRC I think I have asked him to revise that article with more things.
Believe me, that article triggered me to research on many things related to security[^]
|
|
|
|
|
I like the second article much more!
I was thinking to expand some more on the same ideas!...
|
|
|
|
|
|
Ho... gimme some time!
|
|
|
|
|
I was looking through a NuGet package for Rx-Aliases and found that it references a type called IQbservable. I initially thought it was a weird bug in the generator (the file is generated by a tool), but then found this page[^] on MSDN.
So, is Qservable (Queryable Observable) a word now?
What do you get when you cross a joke with a rhetorical question?
|
|
|
|
|
|
I can't spell. Especially made up words.
What do you get when you cross a joke with a rhetorical question?
|
|
|
|
|
Surely all words are made up?
You cant outrun the world, but there is no harm in getting a head start
Real stupidity beats artificial intelligence every time.
|
|
|
|
|
The Rx library was written by ducks. Is aculy Quack Observable. aculy wrtn bi Dolan. y he do dis[^]
It's an OO world.
public class SanderRossel : Lazy<Person>
{
public void DoWork()
{
throw new NotSupportedException();
}
}
|
|
|
|
|
Sci News is reporting that astronomers at the University of New South Wales have discovered an Earthlike planet just 16 light-years away.
Clickity[^]
[edit] I wonder if that means they like bacon? [/edit]
If first you don't succeed, hide all evidence you ever tried!
modified 30-Jun-14 17:01pm.
|
|
|
|
|
Do they have QA?
I'm not questioning your powers of observation; I'm merely remarking upon the paradox of asking a masked man who he is. (V)
|
|
|
|
|
Mike Hankey wrote: astronomers at the University of New South Wales have discovered an Earthlike planet just 16 light-years away No they haven't.
What they've "seen" is a wibble in some part of the electromagnetic spectrum, probably caused either by someone's cellphone as they twatted about what came out of their anus after their liquid lunch, or by sentient interstellar dust clouds performing rabbit silhouettes to pacify their noisy kids*.
Getting really sick of all this "WE'VE DISCOVERED YET ANOTHER PLANET!!!" BS, now.
* The probability of either of those options being true is actually higher than the probability of a planet having been discovered.
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
They are planning to send a man and a sheep to settle.
~RaGE();
I think words like 'destiny' are a way of trying to find order where none exists. - Christian Graus
Entropy isn't what it used to.
|
|
|
|