Hi there,
I'm not a DNM customer, vendor or developer, I've ordered from DNM one time that's all, but like a lot of you I like to read this sub and enjoy dramas.
Out of the darknet I'm developer, and I don't understand why are you still using PHP
/ Mysql
architecture for the markets.
Why any markets are developed with ruby
or python
, why databases are not mongodb
or other ? Why guys are still using Apache?
These languages / db don't fix all back doors, are not 100% safe whenever you don't follow basic security patterns, but at less they are no SQL injection, no .htaccess bypass and other classic attacks.
I'm not in the "dark game" (sorry for that) so I don't know how markets are done and don't know how hackers do, but when I'm reading threads about hacked market and see sometimes that is an SQL injection who allowed hacker to get part of database I imagine a guy only running a python sqlmap.py --risk 3 --level 5
and wait for message saying injection pattern is found.
In my immaculate spirit I think markets are super secure with a lot of cryptic patterns, server-side security and lot of high level stuff, but sometimes I feel that markets are not and are developed by relatively mediocre developers.
So what ? I'm wrong, markets are secured, or markets are not and that it ?
Seems to me like you just wanted to drop same fancy stuff names you have heard about. A fool with a tool is still a fool. If the developer isn't aware of the risks for a website it doesn't make any difference if he is using PHP, Python or Fortran. There are several PHP-libraries that ease the access to databases and at the same time increase the security of your web-app / prevent SQL-injection. So it is the nescience of the developers that makes the markets vulnerable. Seems like the skilled developers can get well payed jobs outside the darknet.