Ed Finkler agrees with me

From Pro PHP Podcast:

Q: What do you think are the three largest failings of PHP and Security?

“I agree with some things that Terry Chay has said about this: that the things that tend to make PHP insecure also tend to be the things that make PHP easy to work with.”
Ed Finkler, PHP Security Expert, CERIAS

Thanks Ed. 🙂

Listen to the podcast. It’s a realistic assessment of the state of security in PHP.

[Some comments after the jump.]

Favorite quote:

“If web developer doesn’t understand common security issues they shouldn’t be considered developers…[Web appications] essentially are dealing with data that someone is inputting there. As a developer of web applications, you are stewards of that data.”
Ed Finkler, PHP Security Expert, CERIAS

Ed also mentions asking security questions in interviews (which I do). Perhaps I’ll talk about some of them in a future blog entry.

6 thoughts on “Ed Finkler agrees with me

  1. Pingback: PHPDeveloper.org
  2. Pingback: developercast.com » Terry Chay’s Blog: Ed Finkler agrees with me
  3. Pingback: The Woodwork » Blog Archive » I just like hearing my name
  4. Pingback: The Woodwork » Blog Archive » Adobe’s AIR MAX
  5. Pingback: The Woodwork » Blog Archive » You Use PHP to Troll WHOM?!
  6. Pingback: The Woodwork » Blog Archive » Sinking a Fleet of Fail (PHP and Enterprise Scalability Part 3/5)

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.