All the latest UK technology news, reviews and analysis
|
|
|
06 May 2010
Google has released a new micro-blogging application that is riddled with security holes and designed to act as a guide for developers.
The Jarlsberg application is for developers who want to improve the security of their code. It includes flaws that can be easily fixed as well as more complex problems that require source code access.
"Jarlsberg was written specifically to teach about security," said the company in a blog post. "More specifically, it is a tool to show how to exploit web applications and, in turn, protect against those exploits when developing software."
The application displays problems with cross-site scripting, cross-site request forgery and cross-site script inclusion, as well as client-state manipulation, path traversal and Ajax and configuration vulnerabilities.
The code has been released as part of Google's Codelabs training system, which seeks to improve code security and flexibility.
Google warned developers that they download the Jarlsberg app at their own risk, but hope it will provide some useful pointers.
Latest stories from Developer
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Business Objects Developer - VP - Banking My leading...
C++ Programmer/ Developer/Object Orientated/ Software...
Senior Java Design Developer Banking / J2EE...
Internet Solutions Architect - Hands-on Banking experience...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?