--On November 20, 2007 7:21:29 PM -0500 [EMAIL PROTECTED] wrote: > On Wed, 21 Nov 2007 07:51:30 +0800, Eduardo Tongson said: > >> I wonder why we don't see web applications use secure cookie recipes >> like [1] and [2]. There are also existing secure password hashing >> frameworks such as Solar's [3]. Are developers just unaware of these >> secure schemes?. > > Browse the worsethanfailure.com website for a while, and you'll convince > yourself that the average developer thinks that booleans are > trinary-state. ;) > They're not???)(*&)(*&@)(*(*#)(*&$
:-D Paul Schmehl ([EMAIL PROTECTED]) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
