WTF story in progress at /.
samwyse last edited by
State of Colorado Calls Firefox Insecure, IE6 Safe
Slashdot is all over this, obviously, dissecting the site's many security flaws. Little things like turning on remote stack trace displays in ASP.NET (they're off by default), running production code from C:\Documents and Settings\qeuc34\My Documents\Visual Studio 2005\Projects, and, oh yeah, publishing the FTP username and password on a web page!
Guest last edited by
running production code from C:\Documents and Settings\qeuc34\My Documents\Visual Studio 2005\Projects
Actually it doesn't have to be running there. If it was compiled there with debugging and then copied to the production server like that this is what would show up.