As a consultant who reviews code a lot, this statement immediately got me thinking about trust at the code-level. Trust issues are fun to think about — not only because there are bookoos of trust-related issues in today’s apps (particularly mashups) but also because they are difficult to mitigate through good defensive design. As a software design enthusiast, I believe we can apply the concept of trust attacks as described above to low-level module design (think the Class keyword in Java or class keyword is C++) by changing one word in the second sentence:
good code, secure software
Secure Design —
Category Archives: Secure Design
IO Chokepoints: J2EE Filters
This is the first post in a series covering tactics for implementing input and output chokepoints in J2EE. My goal is to describe different techniques in separate posts and then summarize the tradeoffs involved in putting them in place in a final post. In this first post, I’ll show you how to setup a J2EE servlet filter to perform HTML escaping on multiple servlet-related input sources.
Mixing GET and POST request data
Are designs that mix GET and POST requests inherently flawed?
It’s common for J2EE developers to create designs that pass both GET and POST requests through a centralized processing pipe, as in the controller method below: [...]