Featured Articles

Nvidia Shield 2 shows up in AnTuTu

Nvidia Shield 2 shows up in AnTuTu

Nvidia’s original Shield console launched last summer to mixed reviews. It went on sale in the US and so far Nvidia…

More...
AMD CSO John Byrne talks ARM

AMD CSO John Byrne talks ARM

We had a chance to talk about AMD’s upcoming products with John Byrne, Chief Sales Officer, AMD. We covered a number…

More...
AMD Chief Sales Officer thinks GPU leadership is critical

AMD Chief Sales Officer thinks GPU leadership is critical

We had a chance to talk to John Byrne who spent the last two years as Senior Vice President and Chief…

More...
OpenPlus One $299 5.5-inch Full HD phone

OpenPlus One $299 5.5-inch Full HD phone

OnePlus is one of the few small companies that might disrupt the Android phone market, dominated by giant outfits like Samsung.…

More...
KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 gained a lot of overclocking experience with the GTX 780 Hall of Fame (HOF), which we had a chance to…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Monday, 22 August 2011 11:28

Web-developers not thinking about security

Written by Nick Farell
y_questionmark

Ovum warns
Analysts Ovum have warned that Web developers are not putting enough importance on ensuring websites and applications are secure.

The outfit claims that all this has led to security breaches many high-profile companies have faced in recent times. In a new report Ovum claims that attacks on the web facilities of companies such as Sony have happened due to a lack emphasis on security when they were built.

It said that web developers are placing too much importance on “cosmetics” such as the look, speed, and ease of access, and not enough on writing secure code, leaving websites and applications vulnerable to hackers. Andy Kellett, Ovum analyst and author of the report, said that over the past three years, many respected companies and their web facilities have been targeted by malware. These include Sony, RSA, and several financial institutions, proving that even the most well-respected organizations can be compromised.

He said that developers have put too much emphasis on web cosmetics, the look and feel, the speed, and the ease of access. Not enough importance has been placed on the requirement to write secure code and deliver a hardened infrastructure. In the last three years, up to 70 per cent of the web’s top 100 sites have either hosted malicious content, or have contained redirect facilities to illegitimate websites.

According to the report, real-time analysis and inspection of web pages and their content is required to ensure that users remain safe. The report also finds that the data-protection element of the technology has a growing role to play in protecting businesses from the malicious attacks of hackers keen to steal high-value data. Kellett added that the use of Web 2.0 services, the requirement for social media access in a business and personal context, and the introduction of an increasing number of new mobile devices mean that the real-time elements of web protection have to deal with the combined requirements of corporate and social use.


Nick Farell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

Comments  

 
0 #1 STRESS 2011-08-22 13:10
This is only because these companies had been fooled by the Web2.0 hype
 
 
-1 #2 JAB Creations 2011-08-22 16:17
Web developers rely heavily on server side frameworks that introduce a ton of overhead and automate too much.

Since many developers are too lazy to build secure code that is reusable it leads to even major sites to be vulnerable to simple attacks such as SQL injection. That is where a good chunk of those emails in your inbox about compromised gamer sites requiring password resets come from.

Things would be more secure if programmers were more competent and focused on reusable non-framework code. End result? Just more markets waiting for competent developers to be taken advantage of.
 

To be able to post comments please log-in with Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments