Hacker News new | ask | show | jobs
by tptacek 4794 days ago
I really hate that OWASP page (it's not as bad as it used to be --- that is, godawful --- and now it's just incoherent) and think we shouldn't be directing developers to it. If there's something "OWASP" (whatever that is) is truly bad at, it's cryptography.
3 comments
ineedtosleep 4794 days ago
I usually rely on OWASP for general guidelines, but if that page isn't enough for you, what is? (not a rhetorical question)

What should one look into in order to fill in OWASP's gaps?

link
gcr 4794 days ago
What things would you change?
link
gcr 4794 days ago
What's wrong with it?
link