[nycphp-talk] NEW PHundamentals Question
jon baer
jonbaer at jonbaer.net
Mon Feb 9 22:53:18 EST 2004
i guess it really depends on how secure you want to be + what u r
protecting, providing we are talking about the fact that you might not be
ssl/tls/ssht your stuff to begin with, if you are id say no, not really
anything to worry, if you are say sitting @ a cafe - browsing in the wide
open and going to access/submit this page you are most likely giving the
hacker a harder challenge to pickoff the raw image data vs. the key string
itself. in which constructing a string back is easier (although tools do
exist for picking off images, etherape i think can) ...
i dunno, i think if ur super paranoid about who is going to
register/enter/submit for something you probably shouldnt have a public form
in the first place :-)
i dont see many tools besides the searchengine submit ones that pose a
threat to automating entries, oh and maybe the sql injection test toolkits
which seem to be popping up.
- jon
----- Original Message -----
From: "Jeff Siegel" <jsiegel1 at optonline.net>
To: "NYPHP Talk" <talk at lists.nyphp.org>
Sent: Monday, February 09, 2004 10:29 PM
Subject: Re: [nycphp-talk] NEW PHundamentals Question
> Any reason to choose one over the other?
>
> Jeff
More information about the talk
mailing list