This is mainly the case because web design people dont really think about security, because thats not their job. WEb designers are essentially graphic designers who work in a specialised field. Their primary concerns are appearence, usability, and site promotion.
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Random Letters > Sent: 17 March 2004 09:28 > To: [EMAIL PROTECTED] > Subject: RE: [Full-Disclosure] [Bug Proofing Microsoft.com > with Internet Explorer ** Part > > <opinion> > > I think this demonstrates that the web design people haven't > a clue about security. They're opening up their webserver to > all sorts of potential expliots. If he can get some simple > javascript to run then maybe other people can also do more > sophisticated stuff. > > Also, if they're that lax about security on their own > machines, even their externally facing machines, then what > does that say about the products they sell? They're supposed > to be in the software business and stress in their marketing > campaigns that their top concern is now security. > > Is is hypocrisy or is it incompetence? > > </opinion> > > _________________________________________________________________ > Use MSN Messenger to send music and pics to your friends > http://www.msn.co.uk/messenger > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html