its true for _any_ language. If you don't break your program before you make it available to the public, you're just asking for someone to pounce all over it.
Security should be addressed on both ends of the spectrum...the server side (developing a solid tough to crack nut of a server side app) and client side ( developing a secure unbreakable client side app). unfortunately, in the commercial world, deadlines and such limitations plague this to no end...thus sloppy insecure code from deadline pressed coders.
Slashdot Mirror
its true for _any_ language. If you don't break your program before you make it available to the public, you're just asking for someone to pounce all over it.
Security should be addressed on both ends of the spectrum...the server side (developing a solid tough to crack nut of a server side app) and client side ( developing a secure unbreakable client side app). unfortunately, in the commercial world, deadlines and such limitations plague this to no end...thus sloppy insecure code from deadline pressed coders.