They c\also are not ready to give passwords. They simply delete that entry and told to reregister.
Regarding draft of the letter, I have no idea about creating one. Can someone help me?? On Wed, May 13, 2009 at 2:20 AM, Visakh <[email protected]> wrote: > > Hi, > > On May 12, 6:52 pm, Aneesh A <[email protected]> wrote: > > No proper software testing. That is the problem, As I think. > > Yes. I agree. That would explain both the operability issues, security > issues and compatibility issues. > > > On student side, no problem in using firefox. > > On administrator side, ie, teacher's verification, there appears no > photos > > Well, if we place a complaint we will have to be very specific- like a > bug report. Exact nature and ways to recreate it will have to be > specified. For example, if there is a firefox/W3C incompatibility, we > will have to show atleast one instance, or define exact problem. The > problem you mentioned could be an abnormal case. However, if it can be > recreated multiple times in multiple platforms (like different > systems, OSs or browser - even just 2 cases would suffice), it would > qualify as an ideal example. > > > Also my friend tried to register, He got all SQL queries and all.. > > Exactly the kind of flaw that I am talking about. Whenever a server > returns an error message, either it should be a standard message (like > 404 file not found) or a Web app exception handled message. Anything > else will contain sensitive information about internal system- like > Web server configuration, Database information, SQL code etc. Did I > mention that this server sent me back a portion of the web app's ASP > code when tested? Just more information for a cracker to further his > attempt. Anyway, that info about SQL is useful. > > > To Vishak, You are pretty good hacker. (Didn't meant hacker). > > I presume it was a compliment. Thanx! :D But I don't qualify as hacker > by either Free software community definition or security community > definition (cracker). My field is actually electronics & communication > engg. I know more about protocols, encryption and security than web > programming and designing. In other words, somebody else with > expertise in these will have to explain to the university why their > design is insane! > > > I am not blaming ASP. I wished that it had been done using php.... that's > all. > > Technically, Java EE would satisfy these needs (security, scalability, > responsiveness) better than either ASP or PHP. It has FOSS > implementations too. But I know this is not point you make. This is > not the first time public agencies are taking a contradictory stance > on FOSS. Remember the e-VAT and PPT in +2 issues? We already have > along list of these. Its about time they get reminded about this. > > > Also there is no password recovery form... It is a real problem as I > explained in blog. > > No arguments there. They simply didn't do their homework. To get > password back, we have to first face their apathy. Even then, they > just can't avoid accidentally causing password mixups! > > Regards, > Gokul Das > > > -- Call me: 9447926826 For all hardware and software services, Computer assembling, Linux & Windows Installation etc. Visit my blig http://xtenders.blogspot.com/ Earn money http://www.rupeemail.in/rupeemail/invite.do?in=MTY0NTQxJSMlaHlzaUt4V29EVkJVNFNxdTYwYWt0MzVDTw== http://www.inboxdollars.com/?r=ref4064290 --~--~---------~--~----~------------~-------~--~----~ "Freedom is the only law". "Freedom Unplugged" http://www.ilug-tvm.org You received this message because you are subscribed to the Google Groups "ilug-tvm" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For details visit the website: www.ilug-tvm.org or the google group page: http://groups.google.com/group/ilug-tvm?hl=en -~----------~----~----~----~------~----~------~--~---
