I really hate that OWASP page (it's not as bad as it used to be --- that is, god... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

tptacek on May 1, 2013 | parent | context | favorite | on: Reputation.com Loses User Passwords, Emails, and A...

I really hate that OWASP page (it's not as bad as it used to be --- that is, godawful --- and now it's just incoherent) and think we shouldn't be directing developers to it. If there's something "OWASP" (whatever that is) is truly bad at, it's cryptography.

ineedtosleep on May 1, 2013 | [–]

I usually rely on OWASP for general guidelines, but if that page isn't enough for you, what is? (not a rhetorical question)

What should one look into in order to fill in OWASP's gaps?

gcr on May 1, 2013 | | [–]

What things would you change?

gcr on May 1, 2013 | [–]

What's wrong with it?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact