Hi, I'm Paul Finn
I'm a full stack web developer with a preference for Python. I also enjoy discussions on entrepreneurship and software marketing.
Thanks for reading.Visit my blog home page.
See some things I've made.
You can follow me on Twitter.
Contact me: pvfinn@gmail.com
Handcrafted in Portsmouth, N.H.
← Blog Home
← Previous: Mandrill & Namecheap: How To Configure Your DNS Records
→ Next: Hide Recently Visited Sites In Chrome's New Tab
Real Example of Client-Side Security Failure
One might suggest that the agreement was for the developer to only provide a basic password protection scheme, maybe to just prevent robots and other crawlers. Perhaps the assets and documents located behind the login screen aren't sensitive at all.
Heck, maybe the password is publicy posted in other forums.
What does concern me, though, as a web developer, is the liklihood of someone assuming that the security of this form is no weaker than their bank. That is, an employee may upload a truly sensitive document to this location under the assumption that this form provides adequate protection.
← Previous: Mandrill & Namecheap: How To Configure Your DNS Records
→ Next: Hide Recently Visited Sites In Chrome's New Tab