[OWASP-GUIDE] Re: [OWASP-LEADERS] Black Hat Presentation draft - please review and comment
Andrew van der Stock
vanderaj at greebo.net
Wed Jun 8 06:25:37 EDT 2005
> Spelling mistakes:
>
> You use the word "canocalization" on one of your slides. I think you are
> looking for "canonicalization", derived from "canonical" as in
> "authoritative"?
Good spotting. It's not a real word according to dictionaries, so any old
spelling crept in. Fixed (and will be fixed in the Guide as well).
> "Use compiler features, correct THEM fast" ?
That's the sort of bullet point I wish to remove; it's unnecessary detail
when there's so many other things to get through. We have 75 minutes of
material, which I will be apportioning
65 minutes: setup and slides
10 minutes: Q&A and early let out (there's no time between sessions)
> you may want to change the download URL to
> "documentation/guide/downloads.html" to fit it onto one line
Agreed.
> "If I don't get AN answer for you"
Fixed (made much simpler)
> I'm also not sure what you are aiming for under the "Threat Risk Model"
> slide. There are a lot more assets than reputation and user posts and
> attachments in general. On this slide, you don't seem to be talking
> about a specific BBS product, so you may want to be more general?
Absolutely; the slides are partially derived from a talk I did on what is
wrong with phpBB, and why it will continue to be successfully attacked.
That's all going as I don't want to be negative or pick on a (still) faulty
product, and only concentrate on one application (XMB) which I am intimately
familiar with.
Andrew
More information about the Owasp-guide
mailing list