Monday, May 29, 2006

PHP == Lousy Security?

What is it with PHP based content management system? Every single one I have used has one of two problems (or both of them) -- lousy security, like PHP-Nuke, or lousy security upgrade path, like Drupal.

So, as you can see, I've switched to using blogger, from google. Things should be more stable from now on.

UPDATE: Case in point - Fellow Washington State blogger, AnalogKid who runs Random Nuclear Strikes, was cracked late last week. He was running Word Press (one of the best free blog systems) and it had been setup for him by Joe Huffman, who knows his security. But there is only so much you can do, short of sitting down and code-reviewing every line.


At 11:17 AM, Blogger Uncle Joe said...

I worked on RNS in late August of 2005. RNS was using Moveable Type at the time. Sometime later it was switched over to WP with the help of someone else.

This should not be a comment on the skill or lack of thereof anyone involved nor should it be a comment on the security or lack thereof of MT or WP. I am simply not in a position to know.

Joe Huffman

At 9:06 PM, Blogger my1911 said...

Oops, sorry about that Joe. I remembered wrong.

And yes, that was my point. Even when smart, paranoid people take reasonable steps it seems that PHP based apps are getting exploited left and right these days.


Post a Comment

Links to this post:

Create a Link

<< Home