[dundee] Don't Copy This Code

azmodie azmodie at gmail.com
Wed May 5 11:42:45 UTC 2010


this seems to follow on from the damn vulnarable web app.

Sent to you by azmodie via Google Reader: Don't Copy This Code via
Google Open Source Blog by Ellen Ko on 5/4/10
Normally, when we release source code we're hoping that other people
will build on it and improve it. Today's release of Jarlsberg, a small
yet full-featured microblogging application, is a code release of a
different sort entirely.

Jarlsberg has one feature that most applications usually do their best
to avoid: lots of security bugs.
In fact, Jarlsberg was written specifically to teach about security.
More specifically, it is a tool to show how to exploit web applications
and, in turn, protect against those exploits when developing software.
Jarlsberg is the software component of the "Web Application Exploits
and Defenses" codelab being released today on Google Labs in
cooperation with Google Code University. The codelab walks participants
through a number of common web application vulnerability types and
demonstrates how an attacker could exploit such vulnerabilities.
So while we don't want you to copy the code in Jarlsberg, we do hope
you'll check it out and learn from it.

By Bruce Leban, Software Engineering Team
Things you can do from here:
- Subscribe to Google Open Source Blog using Google Reader
- Get started using Google Reader to easily keep up with all your
favorite sites
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/dundee/attachments/20100505/5451fe8c/attachment.htm 


More information about the dundee mailing list