Comments on: Apparently 8/10 High Traffic or ‘Big’ Websites are Vulnerable

By: SN

SN — Mon, 09 Jul 2007 20:01:30 +0000

no way … that much traffic.

By: Patrick Ogenstad

Patrick Ogenstad — Sat, 07 Jul 2007 09:40:15 +0000

It reminds me of the time when we had all those directory traversal issues in IIS. I once took a phone directory and went through the alphabet for companies offering computer services. Of the companies running IIS more than 80% were vulnerable, of course those were other times.

By: gyaresu

gyaresu — Sat, 07 Jul 2007 04:40:21 +0000

Yeah. It’s like credit card companies paying millions in compensation for scams because the system is essentially flawed and scams still only account for a minor portion of total transactions.
Where is the incentive to secure your site? I never seem to hear of any repercussions when thousands users data is ‘lost’/stolen etc.

Just look at the American FBI for how not to spend a stupid amount of money on a computer system.

There’s really no accountability for high security practices and even then vulnerabilities will always exist.

It’d be funny if it didn’t potentially effect me.

/me crosses fingers to avoid identity theft.

By: CK76

CK76 — Fri, 06 Jul 2007 18:30:15 +0000

Most information on the internet isn’t secure. SUPRISE!

By: Bogwitch

Bogwitch — Fri, 06 Jul 2007 17:32:41 +0000

It comes as no suprise that a Whitehat Security is reporting such high figure - it is in their interest to.

“About a third of scanned sites are at risk for some sort of information leakage, which often means the providing of programming data about the site that can facilitate an attack.” - Isn’t that condoning security through obscurity??

Fewer than one in five of the high traffic websites are vulnerable to SQL injection attacks? That’s still an incredibly high rate.

Bogwitch.