It appears as though we may well have discovered software security's third 
rail over the last couple of weeks in the discussions regarding programming 
language choices.  I don't mean to fan those flames by any means, trust me.  
However, I noticed several announcements for PHP version 5 (see for the official announcement and press release) over 
the weekend.  PHP has long been the whipping boy of secure programming, and 
version 5 appears to add a great deal of new functionality to this popular 
language.  Secure or not, there's a lot of PHP users and coders out there, 
and this added complexity certainly enhances its "trinity of trouble" profile 
(with respect to Gary McGraw's "Exploiting Software").

Along those lines, there's a good article at that compares PHP5 against 
ASP.NET, including the security features of each.

Happy reading...


Ken van Wyk
KRvW Associates, LLC

Reply via email to