Tix Upgrades and Security

[Arnie Shore]

Guys, when this topic started to surface a thread or two ago, I have to admit I was a bit disappointed.  The Lord knows I've  been more than aware that Tix internals needed attention.  But I saw no direct $$$$-based implications of the acknowledged security weaknesses, by the nature of Tix usage I thought was aware of.

But 'Best Practices?'  A different story altogether, and I saw that most of the security-focussed stuff could as easily be justified on that basis  So I kept my counsel to myself.  (Not that I have a vote on what the active developers here pay time and attention to.  But  still ... .)

But guess what did I see in the NY Times a couple of days ago (Jan 26, see page 12) about what was happening in Jolly Old London?  

There, an Iran-based group was busy trying to break into a dispatch operation used by some in the Jewish community, mostly of the Israeli diaspora.

Go figger! 

Lesson learned?  Yes, application security is fundamental, and you guys doing the pick and shovel code work have got it exactly right.  Thank you!