On 28 Jun 2012, at 08:05, Tei wrote:
> On 27 June 2012 09:50, Stephane Bortzmeyer <bortzme...@nic.fr> wrote:
>> (<troll>specially for a Web site written in
>> PHP</troll>)?
>>
>
> We software makers have a problem, when a customer ask for a
> application, often theres a wen project that already do it ( for the
> most part is a round peg on a round hole). So a natural solution is to
> install this project and customize it to his needs (theme, perhaps
> some programming). The other option is to create a code from scratch
> (perhaps using a framework).
>
> If you create the code from scratch, it will be safe.
I would challenge this. This is not true unless you follow very strict
rules to make your code safe, and even then, you are not completely safe.
> A tree cant get
> a human virus, and a human can't get a tree virus. You are not
> unhackable, bad practices will byte you on the long term, but you
> don't see exploits made specifically for this custom made code daily.
Think about sql injection, they are not only to specific platforms but
to general bad programming practices.
<snip the rest, it just … sucks >
=)
Regards,
as
