Thursday, June 28, 2007

reflecting on CSRF

As more light and heat is being generated by the release of (at least) 8 products being vulnerable to CSRF attacks, what surprised me more than the flaw existing practically everywhere was the (non-)response by supposed security vendors.

All software has bugs. It shouldn't be any big surprise to reveal that.

What keeps you ahead of the game is how you respond to bugs, including security holes, especially for security vendors.

Yet, besides Check Point, their reaction seems to have been to cover their ears and pretend it didn't happen. One vendor claimed to have filed "a formal complaint with CERT"; we'll get out more about that one later. :)

3 comments:

  1. Your post is totally on point. Just the way you defined about software's, same goes for life, we will face all kinds of people, good and bad, it all depends on us how we deal with every individual.

    ReplyDelete
  2. Anonymous1:47 AM

    hey friends if you are a gamer and want some amazing adventures game then try
    robux hack its best game ever

    ReplyDelete
  3. Such an amazing and helpful post this is. I really really love it. It's so good and so awesome. I am just amazed. I hope that you continue to do your work like this in the future also. PLease visit 192.168.l.254

    ReplyDelete