PHP is a scripting language that can be run as either a CGI application or as an integrated Web server module.
Regardless of its mode of execution, the PHP interpreter has the potential to access virtually every part of the host -- the file system, network interfaces and etc. Consequently, it has the potential to cause a lot of damage. The programmer needs to be aware of everything that can go wrong at any time during the program execution,in order to prevent attacks from adversaries. And yes this is a formidable task. Software getting so complicated very fast.
But somehow, ussually knowledge about the weaknesses of a system and the common modes of attack can go a long way toward increasing its security. Same goes to any other piece of software.
I aggree. The poorly designed application usually will lead to future vulnerability problem. We all knew that any software or application that are well written (in terms of coding), are seldom lead to future security threat.
The manufacturer really needs to do something before the users turn to other more 'trusted' scripting langguage. And before it causes to lot more damage.
But Windows in their website did mention that:
"Windows Live OneCare is a new and subscription-based service provided by Microsoft to protect Windows computers... provides anti-virus protection, a two-way firewall, a back-up utility, and system tune-ups. It also integrates with Windows Update and Windows Defender, ensuring the computer always has the latest security updates from Microsoft and is protected against spyware and adware."
It sounds really perfect in a glance. Isn't it?
Slashdot Mirror
PHP is a scripting language that can be run as either a CGI application or as an integrated Web server module. Regardless of its mode of execution, the PHP interpreter has the potential to access virtually every part of the host -- the file system, network interfaces and etc. Consequently, it has the potential to cause a lot of damage. The programmer needs to be aware of everything that can go wrong at any time during the program execution,in order to prevent attacks from adversaries. And yes this is a formidable task. Software getting so complicated very fast. But somehow, ussually knowledge about the weaknesses of a system and the common modes of attack can go a long way toward increasing its security. Same goes to any other piece of software.
I aggree. The poorly designed application usually will lead to future vulnerability problem. We all knew that any software or application that are well written (in terms of coding), are seldom lead to future security threat. The manufacturer really needs to do something before the users turn to other more 'trusted' scripting langguage. And before it causes to lot more damage.
But Windows in their website did mention that: "Windows Live OneCare is a new and subscription-based service provided by Microsoft to protect Windows computers... provides anti-virus protection, a two-way firewall, a back-up utility, and system tune-ups. It also integrates with Windows Update and Windows Defender, ensuring the computer always has the latest security updates from Microsoft and is protected against spyware and adware." It sounds really perfect in a glance. Isn't it?