Ed Finkler agrees with me

From Pro PHP Podcast:

Q: What do you think are the three largest failings of PHP and Security?

“I agree with some things that Terry Chay has said about this: that the things that tend to make PHP insecure also tend to be the things that make PHP easy to work with.”
Ed Finkler, PHP Security Expert, CERIAS

Thanks Ed. :-)

Listen to the podcast. It’s a realistic assessment of the state of security in PHP.

[Some comments after the jump.]

Favorite quote:

“If web developer doesn’t understand common security issues they shouldn’t be considered developers…[Web appications] essentially are dealing with data that someone is inputting there. As a developer of web applications, you are stewards of that data.”
Ed Finkler, PHP Security Expert, CERIAS

Ed also mentions asking security questions in interviews (which I do). Perhaps I’ll talk about some of them in a future blog entry.

6 thoughts on “Ed Finkler agrees with me

  1. Pingback: PHPDeveloper.org

  2. Pingback: developercast.com » Terry Chay’s Blog: Ed Finkler agrees with me

  3. Pingback: The Woodwork » Blog Archive » I just like hearing my name

  4. Pingback: The Woodwork » Blog Archive » Adobe’s AIR MAX

  5. Pingback: The Woodwork » Blog Archive » You Use PHP to Troll WHOM?!

  6. Pingback: The Woodwork » Blog Archive » Sinking a Fleet of Fail (PHP and Enterprise Scalability Part 3/5)

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>