Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Submission Summary: 0 pending, 8 declined, 0 accepted (8 total, 0.00% accepted)

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

+ - What does your network need?

Submitted by dword
dword (735428) writes "I'm working for a company that produces software for UTMs. We use GPL software so we release GPL software and we live by providing paid services to users, for things like storing of log files on our servers. So far, so good, but I'm sure we could do a lot better than just do business from word of mouth so I'm asking you: what features would you like to have on your router? What would help you configure your network the way you want and what would give you a strong feeling of security? What features would require more usage of our services, so we may earn our daily bread? What features should we provide our users with for free?"
Google

+ - Google to launch browser to battle IE

Submitted by dword
dword (735428) writes "Google has announced that in a few hours they will be releasing their own open source browser called Chrome, which is a front attack against Microsft's Internet Explorer. For now, we don't know if Firefox will assist in this battle or if it will be just a casualty of war. They claim it will be more secure and faster than the current browsers, but only time will tell if that's true. This will have a major impact on web developers, as it will probably gain at least the popularity that Firefox has in a few months and they will have another "modern" browser to test and tweak their products against. Was this really needed?"
Security

+ - Storing sensitive data

Submitted by dword
dword (735428) writes "We are working on a PHP website which uses a MySQL database. There are two payment forms in the application, the actual transfer is made live using YourPay's API. Our customer has specifically asked that we store all the users' payment information in the database, encrypted with a key which is stored in plain text in one of the .php files. The only reason for doing this is to restore the users' credit card details without having them enter it again. Of course, if a user's password gets leaked, his credit card details will be available to whoever finds the password. We have recommended many safer alternatives, but he refused everything.
Considering the customer is located in the U.S., our company is in the E.U. and he has been made aware of the risks he's exposing his customers to, if anything goes wrong (like someone gets his hands in the php files which means they will have complete access to everyone's credit card information), who we be held liable?"

Have you ever noticed that the people who are always trying to tell you `there's a time for work and a time for play' never find the time for play?

Working...