2010-08-07 14:33:10.071226+02 by meuon 3 comments
Good article, tools and demo about the perils of memcaching compounded with poor authentication techniques. Bottom line: don't memcache things that include or may include authentication or important data.
[ related topics: Weblogs ]
comments in ascending chronological order (reverse):
#Comment Re: made: 2010-08-08 04:41:15.375226+02 by: spc476
Or better yet: firewall memcached, or run on a private network. It's not like this isn't mentioned in the documentation for memcached.
#Comment Re: made: 2010-08-08 16:55:02.175226+02 by: meuon
You read the docs?
#Comment Re: made: 2010-08-09 01:43:34.391226+02 by: spc476
Enough to see that Brad didn't bother with security, not that I blame him. It does one thing really well and there are plenty of other ways to secure the program than to burden it with that task.
We will not edit your comments. However, we may delete your comments, or cause them to be hidden behind another link, if we feel they detract from the conversation. Commercial plugs are fine, if they are relevant to the conversation, and if you don't try to pretend to be a consumer. Annoying endorsements will be deleted if you're lucky, if you're not a whole bunch of people smarter and more articulate than you will ridicule you, and we will leave such ridicule in place.
Flutterby™ is a trademark claimed by
Dan Lyke for the web publications at www.flutterby.com and www.flutterby.net.