New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I actually like this response. I really do. Too many people who run hosting business try to act like experts about everything at any cost. Like everyone is security expert by profession or something like that.
If you're not sure about something it's better to prevent than cure. If I would be your client I would appreciate your fast reacting to secure your business and my private data more than waiting what will happen... And if then nothing happens even better.
Plenty competent people who run decent business here aren't programmers and security experts by profession. It's nothing bad with that. Bad is when they try to act like they know everything but in their arrogance jeopardize own business and their clients data.
In my profession, we often run across something known as the Iceberg phenomenon, which seems to be true for security exploits too. It states that for every few exploits made public, there is a bigger fraction out there unpublicised, and waiting to be released.
You can be sure of that. Any secure code is a code which no serious hacker "audited".
The reason for that is that is not popular enough, is not available to decompile/decrypt yet, nobody wants to harm the people using it, etc.
Sooner or later, it will be "audited" and exploited.
Just assume nothing is ever 100% secure because it isn't and plan accordingly. That is how I sleep at night.
Does that help?
Being realistic in business is always helpful. Been hacked before on things I though were secure. Luckily not WHMCS or Solus.
Banks and credit card companies are still being hacked on occasion. If you somehow expect WHMCS and Solus to do an even better job you are not being realistic imho.
For the love of god, why're y'all freaking about a bloody XSS?
XSS vulnerability can do a lot of damage; of course, what the post describes isn't an actual vulnerability.
Great, he made another post, now it's "password protected" http://zoned.pw/?p=27
Edit: nevermind already posted
A lot of self described 'security guru's love hyperbole and are addicted to constant paranoia.