Bug Hunters Face Online-Apps Dilemma - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: May 14th, 2012

Linux Advisory Watch: May 10th, 2012

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Bug Hunters Face Online-Apps Dilemma

User Rating:

How can I rate this item?

Source: Cnet - Posted by Bill Keys

Security holes in online applications may go unfixed because well-intended hackers are afraid to report bugs.

Web applications pose a dilemma for bug hunters: how to test the security without going to jail? If hackers probe traditional software such as Windows or Word, they can do so on their own PCs. That isn't true for Web applications, which run on servers operated by others. Testing the security there is likely illegal and could lead to prosecution.

"There are more legal dangers to testing an application that is hosted on somebody else's system. That is a real challenge of this new application model," said Wendy Seltzer, an assistant professor specialized in Internet law at New York's Brooklyn Law School.

Read this full article at Cnet