Quick note about application security learned from VSSPro

So I funny thought came over my head as I was talking to a buddy in response to my last post about Cracking VSSPro14 and it’s that programmers tend to use the same code techniques for a majority of their projects. That simple idea then led me to look at what else ABS Solutions provides and it’s very true: StaffFiles (A Human Resources program) uses almost the exact same mechanics as VSSPro does in terms of their Demo/Registration. It wouldn’t be a wild guess to say all of their offerings other than their online software was built using VB6 and used the same codebase.

Now this isn’t a surprising discovery, in fact that’s one of the glories of programming, a lot of times an application is nothing more than something else redressed to function a different purpose. My own two application brain-children (GIGeeks MDS and my Security DataSolutions) both are being built with the same framework that I’m developing and will utilize much the same code. Their differences will be in the plugins that are built to display specific windows and how to handle data differently. Otherwise they are almost 1 in the same. That also means that if a flaw is found in one, I’m going to probably have to patch the other if it’s in the framework rather than in the custom plugin. That’s where it stands for ABS’s software. They have a number of great applications, built using the same codebased to save costs and development times, but their flaw is in their registration/demo features.

Things to keep in mind.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.