Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment: Re:The CA's are not doing their due dilligence (Score 1) 64

by daeg (#31887652) Attached to: Become an SSLAdmin In a Few Easy Steps

I switched to DigiCert a few months ago and they are much more "rapid" than rapidssl was ever for us.

Our original account with Rapid was under one company name. We subsequently changed the holding company's name on a later request and apparently our account was flagged for manual validation 100% of the time. Each time we renewed it would take 4 or 5 days of faxing forms, confirmations, phone calls from hell, etc.

The nice thing was, at the time, they were one of the few SSL providers to allow unlimited re-issuance. Digicert does too, and has even better prices AFAIK.

(Note: I don't work for them or have any financial interest in them)

Comment: Community more unsecure than the language (Score 1) 229

by daeg (#27044323) Attached to: Securing PHP Web Applications

The community and fleet of developers available to PHP is far and away the more vulnerable than register_globals could ever be.

Modern code bases, books, and examples are STILL being written using string concatenation to build SQL! These examples are teaching these dated, insecure methods to novices, thus guaranteeing these horrible practices will propagate for a long, long time.

Comment: Re:Ask yourself one thing. (Score 1) 747

by daeg (#25921111) Attached to: Would You Add Easter Eggs To Software Produced At Work?

And you know, some of us in management like when people stand up to us. I don't know everything, and never will, nor do I want to. That's why I hired you (I hope). If I have to dictate everything to you and you bow to my every whim, (a) you're more worthless than your interview hinted at, and (b) you're never going to get anywhere.

Excessive login or logout messages are a sure sign of senility.