Comment Re:This is not a bug (Score 2, Insightful) 89
Everything today is "a feature". Real tired to hear these "problems" - not really problems but laziness, ignorance, whatever by developers / designers! Yes, the base, the standards, the tools, and so on are flawed but nothing says the systems have to be coded that way, allowing all the security and other problems. I have tried a long time to defend the developers - it wasn't their problem that that their tools, toys, systems, etc were bad but after so long - anyone anymore creating systems with these flaws is to blame!
This is really getting out of hand - why would anyone build systems which allow these problems, cross-site without checking, whatever - on purpose? Sorry, after 30+ years designing / creating safe systems for global mission critical operations, public safety, etc - I just can't understand!! Yes - sometimes it means fighting the management and even customer but why would anyone do it - every time it comes back haunting you, badly! What has happened to separation of presentation, processing, authentication, authorization, etc?? The basic rules in safe computing! Or did your vendor licensing book forget to tell you about the bad and ugly world outside the door? If so - why not start thinking yourself?