[Owasp-brazilian] PHP Conference 2008

Wagner Elias wagner.elias at gmail.com
Wed Jun 18 12:22:44 EDT 2008


Concordo Cima! Mas uma macaco altista consegue fazer merda até em
código gerenciado...rs

Abs.

2008/6/18 Fernando Cima <fcima at microsoft.com>:
> Oi Wagner,
>
>> Pode usar qualquer linguagem, quem não
>> sabe programar vai fazer merda...
>
> Só que que algumas é muito mais fácil fazer merda (ou muito mais difícil programar de forma segura) do que em outras...
>
>
>
> -----Original Message-----
> From: owasp-brazilian-bounces at lists.owasp.org [mailto:owasp-brazilian-bounces at lists.owasp.org] On Behalf Of Wagner Elias
> Sent: Wednesday, June 18, 2008 12:11 PM
> To: Thiago Lechuga
> Cc: owasp-brazilian at lists.owasp.org
> Subject: Re: [Owasp-brazilian] PHP Conference 2008
>
> Register_Global, Magic_Quotes, é problema do PHP ou do programador que
> não faz sanitização de dados?
>
> Os recursos da linguagem estão lá, basta você saber usar...
>
> Eu costumo dizer que a maioria dos problemas de segurança é causado
> por quem não sabe programar...Pode usar qualquer linguagem, quem não
> sabe programar vai fazer merda...
>
> Abs.
>
> 2008/6/17 Thiago Lechuga <thiagoalz at gmail.com>:
>> PHP ≈ Falha de segurança!
>>
>> haiuahiuah
>>
>> Sds,
>>
>> Thiago Alvarenga Lechuga
>> (19)9153-3822
>>
>> Página Pessoal:
>> http://thiagoalz.googlepages.com/home
>> http://segurancawebbr.blogspot.com/
>>
>> ===Knowledge is only useful if you can share it.===
>>
>> 2008/6/17 Wagner Elias <wagner.elias at gmail.com>:
>>>
>>> Eu prefiro falar de PHP, pois a linguagem teve uma evolução e muita
>>> gente ainda mete o pau sem conhecer...Os aspectos de segurança em PHP
>>> são vastos e é interessante salientar, afinal muita gente usa PHP...
>>>
>>> Abs.
>>>
>>> 2008/6/17 Myke <mykesh at gmail.com>:
>>> > eu particularmente não acho interessante falar de infra numa con de dev.
>>> >
>>> >
>>> > On 6/17/08, Rodrigo Montoro(Sp0oKeR) <spooker at gmail.com> wrote:
>>> >> Sera que aceitam algo de web application firewall com modsecurity?
>>> >>
>>> >> []zz
>>> >>
>>> >>
>>> >> On Tue, Jun 17, 2008 at 5:55 PM, Thiago Lechuga <thiagoalz at gmail.com>
>>> >> wrote:
>>> >>
>>> >> > Já que é de php alguem podia ir lá falar também de MagicQuotes....
>>> >> > Chega
>>> >> me dá calafrios quando alguém fala que MagicQuotes evita SQL Injection!
>>> >> >
>>> >> > hehehe
>>> >> >
>>> >> > Sds,
>>> >> >
>>> >> > Thiago Alvarenga Lechuga
>>> >> > (19)9153-3822
>>> >> >
>>> >> > Página Pessoal:
>>> >> > http://thiagoalz.googlepages.com/home
>>> >> > http://segurancawebbr.blogspot.com/
>>> >> >
>>> >> > ===Knowledge is only useful if you can share it.===
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> > On Tue, Jun 17, 2008 at 15:33, Wagner Elias <wagner.elias at gmail.com>
>>> >> wrote:
>>> >> >
>>> >> > > Eu vou submeter uma palestra!
>>> >> > >
>>> >> > > Abs.
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > > On Tue, Jun 17, 2008 at 3:21 PM, Myke <mykesh at gmail.com> wrote:
>>> >> > > > Pessoal,
>>> >> > > >
>>> >> > > > Alguém se habilita?
>>> >> > > >
>>> >> > > > http://phpconference.com.br/
>>> >> > > >
>>> >> > > >
>>> >> > > >
>>> >> > > > obs:
>>> >> > > >
>>> >>
>>> >> http://jeremiahgrossman.blogspot.com/2008/06/developers-dont-go-to-security.html
>>> >> > > > _______________________________________________
>>> >> > > > Owasp-brazilian mailing list
>>> >> > > > Owasp-brazilian at lists.owasp.org
>>> >> > > >
>>> >> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>>> >> > > >
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > > --
>>> >> > > Att.
>>> >> > > Wagner Elias
>>> >> > > http://wagnerelias.com
>>> >> > >
>>> >> > >
>>> >> > >
>>> >> > > _______________________________________________
>>> >> > > Owasp-brazilian mailing list
>>> >> > > Owasp-brazilian at lists.owasp.org
>>> >> > >
>>> >> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>>> >> > >
>>> >> >
>>> >> >
>>> >> > _______________________________________________
>>> >> > Owasp-brazilian mailing list
>>> >> > Owasp-brazilian at lists.owasp.org
>>> >> >
>>> >> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>>> >> >
>>> >> >
>>> >>
>>> >>
>>> >>
>>> >> --
>>> >> ===========================
>>> >>  Rodrigo Montoro (Sp0oKeR)
>>> >> Security Analyst
>>> >> SnortCP / RHCE / LPIC-I / MCSO
>>> >> http://www.spooker.com.br
>>> >> http://www.snort.org.br
>>> >> http://www.linkedin.com/in/spooker
>>> >>  ===========================
>>> >> _______________________________________________
>>> >>  Owasp-brazilian mailing list
>>> >>  Owasp-brazilian at lists.owasp.org
>>> >> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>>> >>
>>> >>
>>> > _______________________________________________
>>> > Owasp-brazilian mailing list
>>> > Owasp-brazilian at lists.owasp.org
>>> > https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>>> >
>>>
>>>
>>>
>>> --
>>> Att.
>>> Wagner Elias
>>> http://wagnerelias.com
>>> _______________________________________________
>>> Owasp-brazilian mailing list
>>> Owasp-brazilian at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>>
>>
>> _______________________________________________
>> Owasp-brazilian mailing list
>> Owasp-brazilian at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>>
>>
>
>
>
> --
> Att.
> Wagner Elias
> http://wagnerelias.com
> _______________________________________________
> Owasp-brazilian mailing list
> Owasp-brazilian at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
> _______________________________________________
> Owasp-brazilian mailing list
> Owasp-brazilian at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-brazilian
>



-- 
Att.
Wagner Elias
http://wagnerelias.com


More information about the Owasp-brazilian mailing list