“We have discovered a technique to scan a network, fingerprint all the Web-enabled devices found and send attacks or commands to those devices,” said Billy Hoffman, lead engineer at Web security specialist SPI Dynamics. “This technique can scan networks protected behind firewalls such as corporate networks.”
Security makes it difficult
Security does not figure in many applications as one of the primary requirements. Either the client is not very interested or even if i is considered its cost might turn it into a good-to-have feature. Many a times, a project starts with a reduced scope where the security is not urgent and is ignored. However, the project evolves with time and then it is more difficult and expensive to make it secure. Today, Web 2.0 is headed that way.
Clients, designers, developers, browsers – the whole industry should accept policy based decisions to avoid hacking. It would be perfect if there would be a way of differentiating between good-intentioned and malicious code. Maybe there can be certifications to certify non-malicious code. Ted Dziuba presents a novel approach, though a little critical, by differentiating between a document and an application.
Software creators should focus on security along with the quick and easy rush. Make the web site secure and safe along with making it dynamic, interactive and flashy.
Copyright Abhijit Nadgouda.