Re[4]: Re: php security books

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Andrew,

Wednesday, July 4, 2007, 8:29:51 PM, you wrote:

> I have no doubt he is a great bloke and a great public speaker / PR
> for PHP application level security, I apologise if it sounded like
> FUDing (why does that sound dirty?).  I just don't like / agree with
> his book or some of the security articles he wrote (again, I haven't
> read them in quite a while).  I think Ilia's book is a lot better.

Fair enough. This wasn't actually obvious from your one
sentence personally directed comment my reply was based upon.

I actually agree with you about Ilia's book, it is the best of the
three available (the Pro PHP Security one is certainly the worst),
although there are areas where even Ilia basically shrugs his
shoulders in the text and says "you can never have it 100%" and sort
of gives up on you :)

All three books are now well behind the times though imho.

> I also agree that awareness is no bad thing, but people should also
> be aware he is not the be all and end all of PHP application level
> security, and he has made mistakes (as have I and probably everyone
> else here at some point).

Sure, no-one is perfect :) I remember asking him years ago why he
wanted to concentrate on PHP Security explicitly, and his response was
simply that he wished he didn't have to, but no-one else was, and
ultimately in his ideal world PHP would be secure enough 'out of the
box' that he need not have to focus at all.

Cheers,

Rich
-- 
Zend Certified Engineer
http://www.corephp.co.uk

"Never trust a computer you can't throw out of a window"

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux