Featured Articles

IHS teardown reveals Galaxy S5 BOM

IHS teardown reveals Galaxy S5 BOM

Research firm IHS got hold of Samsung’s new flagship smartphone and took it apart to the last bolt to figure out…

More...
Galaxy S5, HTC One M8 available selling well

Galaxy S5, HTC One M8 available selling well

Samsung’s Galaxy S5 has finally gone on sale and it can be yours for €699, which is quite a lot of…

More...
Intel lists Haswell refresh parts

Intel lists Haswell refresh parts

Intel has added a load of Haswell refresh parts to its official price list and there really aren’t any surprises to…

More...
Respawn confirms Titanfall DLC for May

Respawn confirms Titanfall DLC for May

During his appearance at PAX East panel and confirmed on Twitter, Titanfall developer Respawn confirmed that the first DLC pack for…

More...
KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 gained a lot of overclocking experience with the GTX 780 Hall of Fame (HOF), which we had a chance to…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Monday, 22 August 2011 11:28

Web-developers not thinking about security

Written by Nick Farell
y_questionmark

Ovum warns
Analysts Ovum have warned that Web developers are not putting enough importance on ensuring websites and applications are secure.

The outfit claims that all this has led to security breaches many high-profile companies have faced in recent times. In a new report Ovum claims that attacks on the web facilities of companies such as Sony have happened due to a lack emphasis on security when they were built.

It said that web developers are placing too much importance on “cosmetics” such as the look, speed, and ease of access, and not enough on writing secure code, leaving websites and applications vulnerable to hackers. Andy Kellett, Ovum analyst and author of the report, said that over the past three years, many respected companies and their web facilities have been targeted by malware. These include Sony, RSA, and several financial institutions, proving that even the most well-respected organizations can be compromised.

He said that developers have put too much emphasis on web cosmetics, the look and feel, the speed, and the ease of access. Not enough importance has been placed on the requirement to write secure code and deliver a hardened infrastructure. In the last three years, up to 70 per cent of the web’s top 100 sites have either hosted malicious content, or have contained redirect facilities to illegitimate websites.

According to the report, real-time analysis and inspection of web pages and their content is required to ensure that users remain safe. The report also finds that the data-protection element of the technology has a growing role to play in protecting businesses from the malicious attacks of hackers keen to steal high-value data. Kellett added that the use of Web 2.0 services, the requirement for social media access in a business and personal context, and the introduction of an increasing number of new mobile devices mean that the real-time elements of web protection have to deal with the combined requirements of corporate and social use.


Nick Farell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

Comments  

 
0 #1 STRESS 2011-08-22 13:10
This is only because these companies had been fooled by the Web2.0 hype
 
 
-1 #2 JAB Creations 2011-08-22 16:17
Web developers rely heavily on server side frameworks that introduce a ton of overhead and automate too much.

Since many developers are too lazy to build secure code that is reusable it leads to even major sites to be vulnerable to simple attacks such as SQL injection. That is where a good chunk of those emails in your inbox about compromised gamer sites requiring password resets come from.

Things would be more secure if programmers were more competent and focused on reusable non-framework code. End result? Just more markets waiting for competent developers to be taken advantage of.
 

To be able to post comments please log-in with Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments