Forgot your password?
typodupeerror
Security

+ - The PunkSPIDER Project Controversy-> 1

Submitted by
punk2176
punk2176 writes "Recently I started a free and open source project known as the PunkSPIDER project and presented it at ShmooCon 2013. If you haven't heard of it, it's at heart, a project with the goal of pushing for improved global website security. In order to do this we built a Hadoop distributed computing cluster along with a website vulneraility scanner that can use the cluster. Once we finished that we open sourced the code to our scanner and unleashed it on the Internet. The results of our scans are provided to the public for free in an easy-to-use search engine. The results so far aren't pretty.

In short after having found tons of vulnerabilities, we've been blowing up. Social media users either love or hate us. Critics have been claiming that the results of our scans can be used for evil by script kiddies. We argue that these results will, more importantly, be used by website owners to check the security of their own websites or website users to check the security of sites to which they entrust their sensitive data. Due to the controversy around the project The Register asked us for our response and published an article about it. I'm curious to see what the Slashdot community thinks — do you think we are doing the right thing?"

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

The PunkSPIDER Project Controversy

Comments Filter:
  • I think this is a great project. Not only is it a great computer science experiment but it's also a useful tool. Anyone who sees it as a threat doesn't recognize the threat posed by their unpatched system. They are already at risk. They wouldn't know otherwise. You are providing a service.

Do molecular biologists wear designer genes?

Working...