Three Devs and a Maybe
About This Show
Join us each week as we discuss all things software development. Frequently joined by a far more intelligent guest on the show's topic, we by no means know everything, but love what we do. Topics range from daily developer life, PHP, frameworks, testing, good software design and our experiences using many other programming languages.
Most Recent Episode
141: Web Application Security, Part 2 with Scott Arciszewski
2 days ago
In this weeks episode we continue our discussion with Scott Arciszewski about all things Security and Cryptography.
We start off the show by highlighting what a SQL injection attack is and the differences between (emulated) prepared statements.
This leads us on to look into how to securely handle file uploads, what a reverse shell is and how to defend yourself against XSS/CSRF attacks.
From here we touch upon the recent inclusion of libsodium into PHP, why mcrypt should be avoided, and the side-channel vulnerabilities that brought way to Meltdown and Spectre.
Finally, we mention how computers generate seemingly random numbers, what a Web Application Firewall (WAF) is, and how WARD goes about protecting your systems.
Episodes of This Show
3 days ago