Tuesday, May 16, 2006
obfuscating the QueryString (just don't)
I just read this post by Peter A Bromberg, where he suggests that you can obfuscate the Query string to pass sensitive data around by "performing ASCII-to-HEX scrambling"; the guy usually has good ideas, but this one, please just don't use it, security through obscurity is not security
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment