WTF story in progress at /.




  • State of Colorado Calls Firefox Insecure, IE6 Safe
    Slashdot is all over this, obviously, dissecting the site's many security flaws. Little things like turning on remote stack trace displays in ASP.NET (they're off by default), running production code from C:\Documents and Settings\qeuc34\My Documents\Visual Studio 2005\Projects, and, oh yeah, publishing the FTP username and password on a web page!



  • @samwyse said:


    running production code from C:\Documents and Settings\qeuc34\My Documents\Visual Studio 2005\Projects

     

    Actually it doesn't have to be running there.  If it was compiled there with debugging and then copied to the production server like that this is what would show up. 


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.