Slashdot Mirror

← Back to Stories (view on slashdot.org)

LiveJournal XSS Security Challenge

Posted by CmdrTaco on from the now-thats-a-game-worth-playing dept.

Jamesday writes "LiveJournal is offering a free permanent account and possibly other prizes to those who find new vulnerabilities in its XSS Security Challenge. LiveJournal has recently been attacked via a Firefox XSS exploit."

1 of 66 comments (clear)

  1. Re:Y'know... by Billosaur · · Score: 0, Flamebait
    ... this wouldn't even be necessary if they'd taken security seriously in the first place, instead of tacking it on as an afterthought, or using the "eh, we can probably trust all this user-submitted content" model.

    Oh, but we can trust users, can't we? And what's with a little harmless hacking? Good for the spirit, good for the soul!

    Making software bulletproof is probably impossible. If one coder can think something up, another can devise a way to break it or exploit it. LiveJournal is going to run their little contest, someone will come along and solve their current problem, and all the while Bantown will be finding a new exploit. Perhaps they should go back to first principles and design the site correctly.

    --
    GetOuttaMySpace - The Anti-Social Network