2010-08-07 12:33:10.071226+00 by meuon 3 comments
Good article, tools and demo about the perils of memcaching compounded with poor authentication techniques. Bottom line: don't memcache things that include or may include authentication or important data.
[ related topics: Weblogs ]
comments in ascending chronological order (reverse):
#Comment Re: made: 2010-08-08 02:41:15.375226+00 by: spc476
Or better yet: firewall memcached, or run on a private network. It's not like this isn't mentioned in the documentation for memcached.
#Comment Re: made: 2010-08-08 14:55:02.175226+00 by: meuon
You read the docs?
#Comment Re: made: 2010-08-08 23:43:34.391226+00 by: spc476
Enough to see that Brad didn't bother with security, not that I blame him. It does one thing really well and there are plenty of other ways to secure the program than to burden it with that task.