On Wed, 2008-12-10 at 09:58 -0600, Boyd, Todd M. wrote: > > -----Original Message----- > > From: APseudoUtopia [mailto:apseudoutopia@xxxxxxxxx] > > Sent: Wednesday, December 10, 2008 9:12 AM > > To: tedd > > Cc: ash@xxxxxxxxxxxxxxxxxxxx; PHP General > > Subject: Re: how to not show login info in the url ...what am I > > looking for? > > > > On Wed, Dec 10, 2008 at 10:03 AM, tedd <tedd.sperling@xxxxxxxxx> wrote: > > > At 9:52 PM +0000 12/9/08, Ashley Sheridan wrote: > > >> > > >> You shouldn't be passing info like that over the URL; use sessions > > >> instead. > > >> > > >> I saw a shopping cart system once that passed the price of items > > over > > >> the URL, and when I found out and alerted them, we won the contract > > for > > >> a rebuild and then got accused of hacking by their previous web guys > > >> (who incidentally built the system!) > > > > > > Ash: > > > > > > Even if you did hack the site, all that means is that site was hack- > > able and > > > thus should have been fixed anyway. > > > > > > In my mind, hacking a site (without doing damage) is a good > > introduction to > > > a client. > > > > *Ahem*....You mean 'cracking'? :-P > > IMHO... > > Cracking: breaking encryption/obfuscation methods in order to gain unauthorized access to information. "I cracked the admin's password using a brute force algorithm." > > Hacking: circumvent or leverage security flaws in order to gain unauthorized access to information. For example - "I hacked into the Gibson by re-routing their logon routine." (No, that doesn't make any sense. Maybe it's straight out of the movie "Hackers.") > > I realize that people have been using "cracker" as a malicious form of "hacker," and that a "hacker" is not malicious; but that is stupid. Cracking started out dealing with cryptography in my experience, and that's how I will continue to identify it. > > Think about it--people were "safe crackers" (discovering the combination to safety deposit boxes) before there were computers in existence. > > My 2c, > > > // Todd I wouldn't really have called it either. When someone mentions hacking, I think back to that wonderful old film with Angelina Jolie before she went all weird! I think it can make a good impression, as it shows you at least know more than the last developers they used, and knowledge ain't a bad thing. Ash www.ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
