Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The PunkSPIDER Project Controversy

punk2176 (2840475) writes | about a year and a half ago

Security 1

punk2176 writes "Recently I started a free and open source project known as the PunkSPIDER project and presented it at ShmooCon 2013. If you haven't heard of it, it's at heart, a project with the goal of pushing for improved global website security. In order to do this we built a Hadoop distributed computing cluster along with a website vulneraility scanner that can use the cluster. Once we finished that we open sourced the code to our scanner and unleashed it on the Internet. The results of our scans are provided to the public for free in an easy-to-use search engine. The results so far aren't pretty.

In short after having found tons of vulnerabilities, we've been blowing up. Social media users either love or hate us. Critics have been claiming that the results of our scans can be used for evil by script kiddies. We argue that these results will, more importantly, be used by website owners to check the security of their own websites or website users to check the security of sites to which they entrust their sensitive data. Due to the controversy around the project The Register asked us for our response and published an article about it. I'm curious to see what the Slashdot community thinks — do you think we are doing the right thing?"

Link to Original Source

cancel ×

1 comment

Proceed (1)

SampleFish (2769857) | about a year and a half ago | (#42993855)

I think this is a great project. Not only is it a great computer science experiment but it's also a useful tool. Anyone who sees it as a threat doesn't recognize the threat posed by their unpatched system. They are already at risk. They wouldn't know otherwise. You are providing a service.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...