| Subject | Security paranoia |
|---|---|
| Author | Lester Caine |
| Post date | 2014-02-07T12:10:53Z |
PHP is being exercised at the moment by
http://en.m.wikipedia.org/wiki/Timing_attack and it's ease of use for PHP
applications. Since I do that bit on secure sites in an SQL query is it
something that is likely to be susceptible to this type of attack? I'm talking
about stored data, but the database password itself has just come to mind!
I only ask because I got a grilling from an 'independent security expert' at one
of my customers yesterday. One of his solutions to his identified security
problems was to replace the two XPHome machine licenses with windows server
ones! Apparently you never could use XPHome legally for business use? So I'm not
particularly bothered by the nitpicking, but it would be nice to be able to
speak with some confidence on these things :)
--
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk
http://en.m.wikipedia.org/wiki/Timing_attack and it's ease of use for PHP
applications. Since I do that bit on secure sites in an SQL query is it
something that is likely to be susceptible to this type of attack? I'm talking
about stored data, but the database password itself has just come to mind!
I only ask because I got a grilling from an 'independent security expert' at one
of my customers yesterday. One of his solutions to his identified security
problems was to replace the two XPHome machine licenses with windows server
ones! Apparently you never could use XPHome legally for business use? So I'm not
particularly bothered by the nitpicking, but it would be nice to be able to
speak with some confidence on these things :)
--
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk