WebApp Sec mailing list archives

RE: Code Cracking in Java

From: "Maxim Kostioukov" <maxim () francoudi com>
Date: Thu, 13 May 2004 13:33:01 +0300

-----Original Message-----
From: Chitresh Sen [mailto:chitresh_sen () yahoo com]
my finding help them to develop a strong 
business case to convince top management for discarding the 
product.


The management was given misleading interpretation in support for discarding the product - the vulns have nothing
to do with Java, but with business logic distribution between client & server (which is irrelevant to any program 
language).

As others pointed out, this could be fixed easily enough... Additionally, input check on server side is not supposed to 
affect
performance; from my experience, this is not an issue.

Current thread:

Code Cracking in Java Chitresh Sen (May 12)
- Re: [security] Code Cracking in Java Allen Firstenberg (May 12)
- RE: Code Cracking in Java Oleg Dubovskoy (May 12)
- Re: Code Cracking in Java Peter Conrad (May 12)
- Re: Code Cracking in Java Rogan Dawes (May 12)
- RE: Code Cracking in Java Don Tuer (May 12)
- <Possible follow-ups>
- Re: Code Cracking in Java Suresh Ponnusami (May 12)
  - Re: Code Cracking in Java Frank O'Dwyer (May 13)
  - Code Cracking in Java (Chitresh ) Chitresh Sen (May 17)
- RE: Code Cracking in Java Maxim Kostioukov (May 13)