WTF story in progress at /.
-
State of Colorado Calls Firefox Insecure, IE6 Safe Slashdot is all over this, obviously, dissecting the site's many security flaws. Little things like turning on remote stack trace displays in ASP.NET (they're off by default), running production code from C:\Documents and Settings\qeuc34\My Documents\Visual Studio 2005\Projects, and, oh yeah, publishing the FTP username and password on a web page!
-
@samwyse said:
running production code from C:\Documents and Settings\qeuc34\My Documents\Visual Studio 2005\Projects
Actually it doesn't have to be running there. If it was compiled there with debugging and then copied to the production server like that this is what would show up.