[nycphp-talk] PHP Pentration Discussion
Adam Maccabee Trachtenberg
adam at trachtenberg.com
Sat May 28 13:39:44 EDT 2005
On Sat, 28 May 2005, inforequest wrote:
> Working on, or do you mean leading/editing?
>
> If you don't know much about security, but know/like PHP, and are
> interested in this stuff, then I would think you are a good
> candidate to WORK ON such a best practices page. What a great way to
> learn, no?
>
> I agree about leading and editing completely. That's why we need
> guys like you and Chris, and apreciate your books.
Actually, everything I know about security I learned from Chris. I'm a
follower here.
I do agree that working on something is usually the best way to
learn. However, with security, I worry that unless there a real expert
at the helm, you can end up producing an guide that misleads people
into believing their sites are secure, but are really filled with
holes. That's even worse than no guide at all.
I also wanted to point out that these issues are somewhat subtle, and
it's easy to "know" something is secure, when it's really not at all.
-adam
--
adam at trachtenberg.com | http://www.trachtenberg.com
author of o'reilly's "upgrading to php 5" and "php cookbook"
avoid the holiday rush, buy your copies today!
More information about the talk
mailing list