lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 31 Dec 2006 09:00:23 +1100
From: Kevin Waterson <>
Subject: Re: PHP as a secure language? PHP worms? [was: Re: new linux

This one time, at band camp, Gadi Evron <> wrote:

> Indeed, the most annoying thing about the PHP worms today is that these 
> PHP vulnerabilities being exploited are everywhere.

These are not PHP vulnerabilities, these are application vulnerabilities.

> 2. Developing secure applications in PHP is difficult, as one of PHP's 
> creators said recently - even to him after years of trying.

Who said this? do you have a source?

> 3. Staying on top of new PHP vulnerabilities has become impossible, 
> popping around everywhere.

Application vulnerabilities...

"Democracy is two wolves and a lamb voting on what to have for lunch. 
Liberty is a well-armed lamb contesting the vote."

Powered by blists - more mailing lists