FUDforum: comp.lang.php » [CM] Falkvinge: MtGox had custom SSHD written in PHP

Home » Imported messages » comp.lang.php » [CM] Falkvinge: MtGox had custom SSHD written in PHP

Show: Today's Messages :: Polls :: Message Navigator

Re: [CM] Falkvinge: MtGox had custom SSHD written in PHP [message #185208 is a reply to message #185206]

Tue, 11 March 2014 21:23

Jerry Stuckle
Messages: 2598
Registered: September 2010

Karma:

Senior Member

On 3/11/2014 6:49 AM, RS Wood wrote:
> From the «That oughta work» department:

<snip>

> It gets worse. Karpeles didn’t just write his own remote-access security
> (“SSH server”). He did so in the programming language PHP, which is a
> dangerously unsafe language intended for low-security applications like
> displaying web pages. It basically has no error checking or safety nets of
> any kind. So not only did Karpeles think it was a good idea to do something
> that almost guaranteed MtGox to get hacked, he did so using one of the worst
> possible tools imaginable. It wasn’t enough to shoot himself in the foot and
> reload, he had to pick a bazooka to do it.
>

I disagree here. Languages are not secure or insecure. Programmers
are. PHP is no more or less secure than the programmer who writes it.

Someone without extensive experience in secure programming practices
should not be coding a site like this. One with extensive security
experience can write it in any language he/she is experienced in.

--
==================
Remove the "x" from my email address
Jerry Stuckle
jstucklex(at)attglobal(dot)net
==================

Report message to a moderator

[Message index]

		[CM] Falkvinge: MtGox had custom SSHD written in PHP By: RS Wood on Tue, 11 March 2014 10:49
		Re: [CM] Falkvinge: MtGox had custom SSHD written in PHP By: john[1] on Tue, 11 March 2014 21:08
		Re: Re: [CM] Falkvinge: MtGox had custom SSHD written in PHP By: Rick Falkvinge on Wed, 12 March 2014 03:22
		Re: [CM] Falkvinge: MtGox had custom SSHD written in PHP By: Jerry Stuckle on Tue, 11 March 2014 21:23

Previous Topic:	switch with range of comparisons
Next Topic:	readdir lists randomly

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Thu Nov 28 14:31:32 GMT 2024

Total time taken to generate the page: 0.04188 seconds