On 9/24/07, Ben Sgro (ProjectSkyLine) <[EMAIL PROTECTED]> wrote: > > I recently finished a security audit and pen test for a client. I couldn't > believe the problems they had. > They found a developer off CL and with his impressive portfolio decided to > work with him. Now my > firm, 8 months later, is fixing all the developers mistakes. They had cookie > based auth, file upload > exploits, xss, sql injection, ... you name it we could do it. Anyways, its > just sad to see these types of > moonlight coders calling themselves developers and doing an awful jobs at > writing software and leaving > their clients exposed.
You know what? As long as the market for geeks remains hot like it is now, there will be these parasites making us all look bad. Unfortunate but true, and I distinctly remember observing this last time around in the late 90s. Once the bubble burst and the economy went into the toilet, all these folks went back to whatever it was they were doing before jumping on the web developer bandwagon in disguise. -- Mitch _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
