Let's talk about the inadequacies of vim as a development tool on Twitter. Or look at how to use vim for PHP programming:
http://www.slideshare.net/mobile/andreizm/vim-for-php-programmers-pdf -- Kyle Gonzales Sent from my mobile On Mar 22, 2011, at 11:19 AM, Nathan Hamiel <[email protected]> wrote: >> What can we learn from this? >> >> The developer uses VI/VIM. >> Make sure to test your code before going to production. >> never rely on obscurity alone for your security…. >> > > A breach would imply that an attacker used the vulnerability and compromised > their systems. Which I don't think was the case, however, I didn't read a > whole lot about this issue. > > Who in their right mind would use VI/VIM for doing actual development? It's > an editor and its use in development for anything beyond writing or editing > simple scripts is just not smart. If the developer were using an actual IDE > he would have seen the beginning line underlined in red indicating a syntax > error. The IDE would have alerted them to the fact there was a problem and > it wouldn't have made it in to production in the first place. That's one > takeaway Tumblr should be thinking about. > > -- > *Nathan Hamiel* > http://hexsec.com > <http://hexsec.com>http://twitter.com/nathanhamiel > blog: www.neohaxor.org --------------------------------------------------------------------- Archive http://marc.info/?l=jaxlug-list&r=1&w=2 RSS Feed http://www.mail-archive.com/[email protected]/maillist.xml Unsubscribe [email protected]
