Html

[Chris]

Chris : YES I know Front Page BAD!!! My dreamweaver crashed on me so I had to throw things together with front page. However I only use front page to throw the table together and then move it to CodeWright. I used to code in straight HTML...LOL LOL I can put together 10 pages in the time it takes to hard code one by using Dreamweaver or FrontPage.

First of all, that's no excuse for using frontpage. Second of all, If you actually know html (it's not like it's that tough, take 5 minutes to learn it), can type over 60 words a minute, and know how to cut and paste, Notepad is just as fast (if not faster) and gives you far more flexibility (if you suck, this could be a bad thing).

So in conclusion, if you know html, use a simple text editor (with no margins). If you don't know html, learn it. If you have some sort of disability that prevents you from learning simple things such as html, use dreamweaver. If you like to sniff glue, use frontpage.

[FlashOveride]

Well I could sit and argue till I am blue in the face. I have been doing this for 6 years and started off straight coding and still do when creating pages with php or perl. Otherwise I can build a full page with tables and embedded tables in minutes and spend more time with graphic design. Since I do everything in web design I have to cut my time down where I can. Besides I have some people that believe the same way you do and can code in html really well. However when they have problems they send them to me because I can do it both ways.

[Chris]

Hey, check it out, using frontpage can be a federal crime....

http://www.linuxfreak.org/post.php/08/17/2001/134.html

[FlashOveride]

Ok I think the link you have there needs to have a thread all by itself. I think it needs to be something more people are aware of.

[Chris]

yes it is worthy of its own thread, but you see, people here barely seem to be able to discuss pickled crabfish or html without having a flame war so I'd give them 3-4 years before this topic can be rationally discussed.

[Quad]

Chris your so mature. Way to go bud.

[Negative]

Let's just try to make it a new thread right here and now!

A couple of considerations:

- Is recording a call/conversation legal in the US of A? Is it valid in US law? Seems like it. Am I glad not to live there.
- The fact that he didn't deface the site, is of no matter IMHO. It's like trespassing without vandalizing anything. It still is trespassing. Of course, websites don't usually have those 'no trespassing' signs on them. They're still private property, though, so no 'trespassing'.
- About the part that says: 'On February 2, after testing the hole to make sure there really was a problem, Brian West contacted the editor-in-chief of the Poteau Daily News, Wally Burchett, to tell him about the problem with his company's web site. He did this even though the site was hosted by Cyberlink, a company in direct competition with his own employer. '
After testing the hole? What did he test? To see if he could use the password file to gain access to the site? Not very wise, if you'd ask me. But of course, it's exactly the same thing I would do...
I like Brian K. West's comment on this: 'its like seeing an open door.. with keys laying there in the floor.. you put the key in the lock to see if those keys belong to that door but the door was already unlocked and wide open when you walked up!'.

Any opinions?

[Chris]

Yes, I have an opinion (surprise, surprise)

The guy was a moron for reporting this, if you phone up someone who doesn't know a thing about computer security, especially with all the media hype surrounding "hackers" and tell them their website is insecure, what are they going to think? If you really feel like a nice guy and want to help out your competition (or help your chances of getting a job, right hogfly?) you can alert the hosting company. They still might get pissed and get you in trouble, but are probably less likely to do so. The best policy would just to ignore such security holes.

[Negative]

The best policy would just to ignore such security holes.

Just ignore them? Sounds to me like ostrich-policy. Why are you reading those pages anyway? To ignore them? Or do you mean that this guy in particular should have ignored the hole because he lives in that Mr. Facing-both-ways country, known as the US of A?

[Chris]

Sorry, maybe 'ignore' isn't the best word. I was saying that the guy shouldn't have reported to security hole in the first place, it's likely to be more trouble than it's worth.