Google has released a free online tutorial that gives developers the chance to play the role of malicious hacker by exploiting real security bugs in a mock web application. The codelab is premised on a "small, cheesy web application" dubbed Jarlsberg that is chock-full of bugs that can be exploited to take down webservers, …
Anyone smell the honey?
A PDF users guide? Come one, we aren't going to fall for that!
Open PDF - BINGO! pwned again by Adobe security FAIL!
Why no Eeeeevil Google icon, BTW?
Computer misuse act anyone?
This sounds to me like Google distributing hacking tools.
Isn't the British legal system great....
(for those of you not seeing how great it is, look back a few days for the post about the chap jailed for not giving up his encryption passwords)
I'm sure the misue act allows for "educational purposes," which is what most exploit code, etc is released as. This is simply an educational tool to help classes with known exploit vectors in a piece of dodgy software.
You can legally "hack" a system if you have permission.
I don't really need Google to provide such a system most of the time. You find this type of thing. Even on BANK websites!
Is the developer behind this tutorial
by chance a Norwegian ?...
What... Passing up the obvious joke...? Who are you and what have you done with El Reg?!!?
"The codelab is premised on a 'small, cheesy web application' dubbed Jarlsberg that is chock-full of bugs that can be exploited..." ...full of holes, rather than bugs, surely...!