Scarborough Building Society pulls insecure 'print' form
Back to the article"We have experienced a technical issue" #
Posted Tuesday 23rd September 2008 12:33 GMT
It's not a technical issue, it's incompetence.
AJAX? #
Posted Tuesday 23rd September 2008 12:33 GMT
I bet it was an AJAX based form, and I bet it was created using some mickeysoft (s)tool.
I mean, come on... to resolve it you don't need to remove the whole form, you need to either: make it send it's requests to a secure server; or remove the validation system for now (replacing with javascript if appropriate as time allows).
Oh well, another one bites the dust!
Sign up, sign up for The Register's weekly IT security newsletter - click here
Popular Whitepapers
- New storage architectures make SSDs more cost-effective
High-performance, cost-efficient storage infrastructures - Automating the Acquisition Process with Enterprise Level CRM
Sales Force Automation buyer’s guide - Buyer's Guide: ERP Systems
ERP, a strategic investment - Comparison Guide: IP Phones
Exact details on specific IP Phone features such as function buttons, display resolution, weight and price - Dell PowerEdge R710 solution with VMware ESX vs. Dell PowerEdge 2850 solution
Initial investment payback analysis summary report - System x iDataPlex Brochure
Keep up with power required for Web2.0, HPC and corporate data processin
