[nycphp-talk] Injection Attack, any ideas?
David Krings
ramons at gmx.net
Tue Nov 13 06:43:21 EST 2007
mikesz at qualityadvantages.com wrote:
> too (security and quality never got any space on the project priority
> list obviously).
From my experience that is true for 90% of all software projects. Only
documentation ranks lower. But using every spanking new unproven technology
(especially in Microsoft only shops) ranks very high. And some things just
don't want to go away. Yesterday my former employer asked me a question about
a DCOM based client/server app that we made years ago. DCOM sucks!
But back to the original issue, while radical, but how plausible would it be
to ditch that code and write new? As long as you know what needs to go where
in the database replacing that portion could be done. It may even be faster
than to figure out what the old code does, why it is broken, and how to fix it.
David
More information about the talk
mailing list