Ed Finkler agrees with me

From Pro PHP Podcast:

Q: What do you think are the three largest failings of PHP and Security?

“I agree with some things that Terry Chay has said about this: that the things that tend to make PHP insecure also tend to be the things that make PHP easy to work with.”
Ed Finkler, PHP Security Expert, CERIAS

Thanks Ed. :-)

Listen to the podcast. It’s a realistic assessment of the state of security in PHP.

[Some comments after the jump.]

Favorite quote:

“If web developer doesn’t understand common security issues they shouldn’t be considered developers…[Web appications] essentially are dealing with data that someone is inputting there. As a developer of web applications, you are stewards of that data.”
Ed Finkler, PHP Security Expert, CERIAS

Ed also mentions asking security questions in interviews (which I do). Perhaps I’ll talk about some of them in a future blog entry.

About tychay

Test
This entry was posted in PHP, quotes. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

6 Responses to Ed Finkler agrees with me

  1. Terry Chay’s Blog: Ed Finkler agrees with me…

  2. [...] Chay has some of his own comments surrounding the latest episode of the Pro::PHP Podcast, an interview with Ed Finkler about the [...]

  3. [...] Ed didn’t oblige me like he did last time. But luckily for me, Sean and Paul did. With Cal’s PHP Abstract now on the air, the busy [...]

  4. [...] know Ed’s some some hot shit security expert, but I think he should write a book on AIR… for WROX. Don’t [...]

  5. [...] actually don’t have much a problem with global variables. The reason this is a security problem is far more subtle than being [...]

  6. [...] actually don’t have much a problem with global variables. The reason this is a security problem is far more subtle than being [...]

Leave a Reply

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>