Page 1 of 2

HackerSafe - Seems like a crock of...

Posted: Thu May 31, 2007 11:24 am
by Luke
Has anybody ever heard of HackerSafe? I see this seal all over the place, and to me it seems like a crock of crap. Do these people actually test your site for hacker... "safe-ness"? I have a feeling they do some automated checks and then issue you a seal. Whenever I see this seal I just feel like hacking that site just to spite the stupid seal. :roll:

EDIT: Theory confirmed:
Web application testing is the third phase of ScanAlert's daily security audit, and perhaps the most important. According to analyst firm Gartner Group, an estimated 70% of all security breaches today are due to vulnerabilities within the web application layer. Traditional security mechanisms such as firewalls and IDS' provide little or no protection against attacks on your web applications. During this testing phase, all HTTP services and virtual domains are checked for the existence of potentially dangerous modules, configurations settings, CGIs and other scripts, and default installed files. The web site is then "deep crawled," including flash embedded links and password protected pages, to find forms and other potentially dangerous "interactive elements." These are then exercised in specific ways to disclose any application-level vulnerabilities such as code revelation, cross-site scripting and SQL injection. Both generic and software specific tests are performed in order to uncover misconfigurations and coding error vulnerabilities.

Posted: Thu May 31, 2007 11:28 am
by jayshields
I don't really understand what the company provides apart from the little logo to put on your site.

You pay them, they try to hack your site? If they can hack it, they fix it? Is it subscription based?

Posted: Thu May 31, 2007 11:32 am
by superdezign
I say the best way to prove that you're site is "hacker-safe" is to anger a hacker. Take his girlfriend... Make fun of him on his hacking forum... Taunt him with things like "You couldn't hack my site if you tried!" and "I have my credit card information hidden in one of my SQL tables!"

Then, after he hacks it, he'll give you a permanent "Not-Hacker-Safe" sticker.

Posted: Thu May 31, 2007 11:36 am
by Luke
wouldn't that actually be the worst way to prove that your site is "hacker-safe"? :?

Posted: Thu May 31, 2007 11:54 am
by superdezign
The Ninja Space Goat wrote:wouldn't that actually be the worst way to prove that your site is "hacker-safe"? :?
....... :?

Umm. Yes.


But, it is the most accurate way. :lol:

Posted: Thu May 31, 2007 1:53 pm
by thiscatis
ieuw, they have a horrible website

Posted: Thu May 31, 2007 4:20 pm
by Mordred
thiscatis wrote:die("$bird")
shouldn't it be

Code: Select all

die($bird);
:twisted:

Posted: Thu May 31, 2007 4:27 pm
by superdezign
Mordred wrote:
thiscatis wrote:die("$bird")
shouldn't it be

Code: Select all

die($bird);
:twisted:
Oh no, his code is correct. Just not "by the standards." I support rebels, even when their code looks ugly. :lol:

8)

Posted: Thu May 31, 2007 4:44 pm
by Luke
@mordred - that has always sort of bugged me too. :lol:

Posted: Thu May 31, 2007 4:55 pm
by thiscatis
updated

Posted: Thu May 31, 2007 5:00 pm
by superdezign
thiscatis wrote:updated
Hahaha. :lol: This guy is fun.

Posted: Thu May 31, 2007 5:43 pm
by Luke
back on topic! Image

Posted: Thu May 31, 2007 7:18 pm
by RobertGonzalez
Ninja, that's twice you've used that spany smilie today. Makes me wonder... Image

Anyway, their site is garbage, there services are garbage, but they have a pretty seal. Of course, anyone can get one with a right mouse click, so I suppose it isn't that cool, but it might make a hacker think twice about skipping your site, so I guess it is worth the money.

Posted: Thu May 31, 2007 7:24 pm
by superdezign
I bet I could Photoshop a good seal on the bottom. While I'm at it, I could put all kinds of seals.

Approved By The United States Government to Rock

Macintosh Disapproved

The Website Seal Seal

The "Doesn't Work In Safari or IE" Seal

Posted: Fri Jun 01, 2007 5:18 pm
by Ambush Commander
Such seals are worthless. Don't even spend time ridiculing them.