On 11/14/09 3:18 AM, FDIMM wrote:
>> Go read about TamperData, HttpFox, tcpdump, telnet... The only thing
>> detecting Firebug would get you is a false sense of security.
>>
> yeah right... its not good to detect it. Let the user see/take/edit
> EVERYTHING you use in the site.REALY good point.
>
That's how the web works, it's got nothing to do with Firebug. If all
copies everywhere of Firebug suddenly disappeared, it would do nothing
to change what people could do with your site.
> False sense of security ? doesn't make sense at all. Preventing user
> from seeing the code lowers the security? WOW
>
But that's the point, it *wouldn't* prevent users from seeing your code,
that's why it would be a *false* sense of security. And yes, preventing
users from seeing your code can lower your security. Security through
obscurity is never a good security policy.
This may sound snarky, it's not meant to be, but you seem to have a
fundamental misunderstanding of how the web and security works.
Brian