Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
If you have some interesting news or want to throw up a link to discuss it, here's the place. Anything is okay, even shameless vendor launches (since that is often applicable to what we work on). 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
http://palisade.plynt.com/
Posted by: maluc
Date: October 18, 2006 04:59AM

http://palisade.plynt.com/issues/ a websec online magazine. i haven't read their articles yet.. so i'm not sure of how advanced they cover topics. But i just now stumbled upon it, and has alot of interesting looking articles. Worth a look

Edit: heh, i found it via http://www.cgisecurity.com/2006/10/04 .. and i very much plagiarized his words without thinking: "I stumbled upon this website by accident and it has quality articles worth checking out." .. i should sleep.

-maluc



Edited 1 time(s). Last edit at 10/18/2006 05:11AM by maluc.

Options: ReplyQuote
Re: http://palisade.plynt.com/
Posted by: rsnake
Date: October 18, 2006 10:24AM

Hmm... I guess this is good from a high level for people who aren't really in the know. Almost every article I looked at had issues. For instance, look at this: http://palisade.plynt.com/issues/2005Apr/quiz/

That misses almost all the obscure vectors and javascript injection.

I'd read this only if you really didn't know anything about web application security and secure data storage - lest you get haX0r3d. :)

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: http://palisade.plynt.com/
Posted by: maluc
Date: October 18, 2006 07:26PM

indeed.. not to mention parameter injection which is quite common.. i.e. " style="blah .. since it doesnt suggest encoding ' or ".

Sadly, most every article trying to teach developers how to prevent XSS, CSRF, and SQL injections .. are flawed/incomplete in one way or another. It's difficult to find a knowledgeable reporter to detail such things.

[rant]
And god damn my neighbors dog barks for hours (literally) everyday. There really should be some disturbing the peace laws after the first solid hour of constant barking. I love dogs, but damn.[/rant]

Options: ReplyQuote
Re: http://palisade.plynt.com/
Posted by: rsnake
Date: October 19, 2006 10:20AM

That's been my problem with a lot of articles lately. They are missing facts. For instance there was a statistic the other day saying that the average stock broker in NY makes $300k a year. But does that mean there are a few billion dollar a year stock brokers skewing the average? Without knowing more information that's basically a useless statistic - reporting is tough.

Try a dog whistle. Every time he barks whistle. He might get the hint. Lots of dogs bark because they are lacking social input - they're bored. ;)

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote


Sorry, only registered users may post in this forum.