Log in

No account? Create an account
entries friends calendar profile It's Me Previous Previous Next Next
The Autobiography of Russell
Life from a different perspective
"Well, condoms don't _always_ work, so let's just not use anything!"
A recent post in lj_dev talked about the recent security vulnerability and linked to a bug patch in Mozilla/Firefox that would help ... mitigate this problem. I like Brad's recent comment about it:

While we could discuss forever that HttpOnly isn't a complete solution for all attack instances, that's not what matters. It's like saying, "Well, condoms don't _always_ work, so let's just not use anything!" HttpOnly does work most of the time, especially for stopping what our HTML/CSS spermicide doesn't.

heh... I think he made his point very valid by using an analogy like that. Too many people try to get away with not doing anything simply because it doesn't do everything (I could probably be included with that at least sometimes).

Reference: Mozilla/Firefox Comment #49, Bug #178993

Current Mood: amused amused
Current Music: "Ask Anybody" by Swirl 360

Leave a comment