Ed Finkler agrees with me

Posted by tychay on 2007-04-30T21:41:33-08002007-05-01T05:41:33ZY-m-d\TH:i:sO">30 April 20072007-05-01T05:41:33Zj F Y

From Pro PHP Podcast:

Q: What do you think are the three largest failings of PHP and Security?

“I agree with some things that Terry Chay has said about this: that the things that tend to make PHP insecure also tend to be the things that make PHP easy to work with.”
Ed Finkler, PHP Security Expert, CERIAS

Thanks Ed. :-)

Listen to the podcast. It’s a realistic assessment of the state of security in PHP.

[Some comments after the jump.]

Favorite quote:

“If web developer doesn’t understand common security issues they shouldn’t be considered developers…[Web appications] essentially are dealing with data that someone is inputting there. As a developer of web applications, you are stewards of that data.”
Ed Finkler, PHP Security Expert, CERIAS

Ed also mentions asking security questions in interviews (which I do). Perhaps I’ll talk about some of them in a future blog entry.

About tychay

Test
This entry was posted in PHP, quotes. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

6 Responses to Ed Finkler agrees with me

  1. PHPDeveloper.org says:
    1 May 20072007-05-01T13:06:07Zj F Y at 5:06 am2007-05-01T13:06:07Zg:i a

    Terry Chay’s Blog: Ed Finkler agrees with me…

    Reply
  2. developercast.com » Terry Chay’s Blog: Ed Finkler agrees with me says:
    1 May 20072007-05-01T18:02:42Zj F Y at 10:02 am2007-05-01T18:02:42Zg:i a

    [...] Chay has some of his own comments surrounding the latest episode of the Pro::PHP Podcast, an interview with Ed Finkler about the [...]

    Reply
  3. The Woodwork » Blog Archive » I just like hearing my name says:
    18 June 20072007-06-18T21:53:37Zj F Y at 1:53 pm2007-06-18T21:53:37Zg:i a

    [...] Ed didn’t oblige me like he did last time. But luckily for me, Sean and Paul did. With Cal’s PHP Abstract now on the air, the busy [...]

    Reply
  4. The Woodwork » Blog Archive » Adobe’s AIR MAX says:
    1 October 20072007-10-01T19:44:10Zj F Y at 11:44 am2007-10-01T19:44:10Zg:i a

    [...] know Ed’s some some hot shit security expert, but I think he should write a book on AIR… for WROX. Don’t [...]

    Reply
  5. The Woodwork » Blog Archive » You Use PHP to Troll WHOM?! says:
    4 February 20082008-02-05T05:11:49Zj F Y at 9:11 pm2008-02-05T05:11:49Zg:i a

    [...] actually don’t have much a problem with global variables. The reason this is a security problem is far more subtle than being [...]

    Reply
  6. The Woodwork » Blog Archive » Sinking a Fleet of Fail (PHP and Enterprise Scalability Part 3/5) says:
    8 February 20082008-02-08T23:09:23Zj F Y at 3:09 pm2008-02-08T23:09:23Zg:i a

    [...] actually don’t have much a problem with global variables. The reason this is a security problem is far more subtle than being [...]

    Reply

Leave a Reply

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>