Greetings, It appears as though we may well have discovered software security's third rail over the last couple of weeks in the discussions regarding programming language choices. I don't mean to fan those flames by any means, trust me. However, I noticed several announcements for PHP version 5 (see http://www.zend.com/ for the official announcement and press release) over the weekend. PHP has long been the whipping boy of secure programming, and version 5 appears to add a great deal of new functionality to this popular language. Secure or not, there's a lot of PHP users and coders out there, and this added complexity certainly enhances its "trinity of trouble" profile (with respect to Gary McGraw's "Exploiting Software").
Along those lines, there's a good article at http://otn.oracle.com/pub/articles/hull_asp.html that compares PHP5 against ASP.NET, including the security features of each. Happy reading... Cheers, Ken van Wyk -- KRvW Associates, LLC http://www.KRvW.com