« Whats with the Roaming
Packaging PHP as Exec »

Ive been Hacked

Yep, if your site hasn’t been hacked in one form or another, your are a lucky
one. I think that there might be several reasons why hacking runs so rampant:

- No matter how good you code software, it will
always in most cases have vulnerabilities (look at all the critical
updates from Microsoft or even the previous ones from WordPress for example).
- International laws, when they even do exist, are a
bit lenient on the hackers.
Take this for example: A hacker creates and spreads a virus that in most cases
renders the computers Operating System useless. Here we go again, re-format
disk, re-install the Operating System, all the hardware drivers, etc. And lose
all data that you did not manage to save. Multiply this by millions of computers
whether  home based or business/work computers. Do you see the damage done
in terms of expenses/fees, lost time, lost revenue etc., to these millions of
computers?
The hacker gets caught and does 50 hours of community service.
Now imagine if someone broke into all these houses and businesses and physically
sabotaged these computers. Do you think he would still get the 50 hours of
community service? Because that’s basically what the person is doing.
- You or your host are not taking
the necessary precautions to avoid this nightmare.
Back to the above. Updates, security patches, etc.
Its essential that you/your host update to the latest security patches, etc. If
your working with a pirated version  of windows, spend the extra buck, the updates are worth it, (but not on Vista, lol).

Like I said in a previous post, I worked/am working on a shopping cart system,
and id be filthy rich if I had the same number of results on google for the actual system as I did for security advisories.
That’s why sometimes you have to re-think what direction you want to go. Like all other software vendors, Id hate to hear that a site got hacked because of my software. And as I said before, the software is mainly for developers, but still no excuse.
The next post will cover some of the security stuff I’ve learned dealing with php on a web server.

.

Posted inUncategorizedOctober 20th, 2008

No Comments! Be The First!

Leave a Reply