[WEB SECURITY] Web Applications on Line

Maxim Kostioukov maxim at francoudi.com
Wed Dec 21 03:53:18 EST 2005


George,

The question seems to be strange... Anyone was doing Risk Assessment when people started to use cars instead horses?
The tendency is that the web is growing meaning we rather benefit from that than suffer.

> Would you trust Web Applications to secure your computers or company data?
Would you trust DHL to secure your computers or company data? Would you trust the new basement door to secure your computers or company data?
Depends I guess... The web is just another interface with all that it implies.

-----Original Message-----
From: Greenarrow 1 [mailto:Greenarrow1 at msn.com]
Sent: Wednesday, December 21, 2005 3:33 AM
To: websecurity
Subject: [WEB SECURITY] Web Applications on Line


I find it interesting the push to take applications off the hard drive and 
place them on the web.  With the security problems that are occurring daily 
one must really Take a Risk Assessment before even attempting this sort of 
movement, ie, one still has to back up as would you depend on the vendor to 
secure your backups, what about break ins at the vendor and insecure 
applications?  While they can scan for viruses and malicious programs can 
they also monitor your private email accounts?  What about your Privacy or 
Corporation matters that are handled over the internet?  I do not feel 
applications are yet written securely enough for a Web Application to 
protect a  users' computer.  Who is responsible if a hacker or a malicious 
program does get to your computer and either corrupts or deletes your data 
if the Web Application is a Firewall or Anti-Virus Program?  There are just 
to many ifs and buts on securing applications at present for this type of 
function to go main stream.

I am interested to see what your responses towards this are.  Would you 
trust Web Applications to secure your computers or company data?


Regards,
George
Greenarrow1
InNetInvestigations-Forensics 

---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/


---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/



More information about the websecurity mailing list