Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
djlazz313696yI mean, I know for a fact that it nobody can SQL inject it my machine... So... It works on my machine, lol 😂 jk
-
Voxera113886y@djlazz3 i still remember the day I learned what sql injection was an realized that our site was wide open.
One very intense and stressful hour later it was secured. -
Reminds me of what the former Minister of Justice of Spain, Rafael Catalá, said last year when it was (easily) found out that the groupware system they created basically for managing cases between lawyers and judges didn't check for unauthorized access when you incremented or decremented the case id in the URL, so lawyers could access data for any case they wanted.
When confronted with it, he said that “accessing unauthorized data is illegal anyway, so the system is perfectly secure.”
He actually and unironically used the words “perfectly secure” to describe it. -
Voxera113886y@djlazz3 not at the moment but now some 15 years later its easier to laugh about it ;)
Related Rants
-
DevLivesMatter24Big event. Massive traffic in production, so we were monitoring all night. I was in a room with 2 devs of my ...
-
stackodev15Manager: “We need you to stay in the room and not go outside to make personal calls on your mobile.” Me: ...
-
AlmondSauce11Dev: "Ah, I finally fixed that code I was working on the other day and got it pushed to staging!" Almond: "Ah...
CW: The SQL injection vulnerability isn't important because our code is proprietary so hackers won't find it.
Me: <censored>
rant
wk125