Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Anatomy of a SQL Injection Attack 267

Trailrunner7 writes "SQL injection has become perhaps the most widely used technique for compromising Web applications, thanks to both its relative simplicity and high success rate. It's not often that outsiders get a look at the way these attacks work, but a well-known researcher is providing just that. Rafal Los showed a skeptical group of executives just how quickly he could compromise one of their sites using SQL injection, and in the process found that the site had already been hacked and was serving the Zeus Trojan to visitors." Los's original blog post has more and better illustrations, too.

Bug Means High School Students' Schedule Errors May Last Days 443

Hugh Pickens writes "The Washington Post reports that thousands of high school students in Prince George's County missed a third day of classes Wednesday, and school officials said it could take more than a week to sort out the chaos caused by a computerized class-scheduling system as students were placed in gyms, auditoriums, cafeterias, libraries and classes they didn't want or need at high schools across the county and their parents' fury over the logistical nightmare rose. 'The school year comes up the same time every year,' said Carolyn Oliver, the mother of a 16-year-old senior who spent Wednesday in the senior lounge at Bowie High School. 'When I heard they didn't have schedules, I was like, "What have they been doing all summer?"' When school opened Monday, about 8,000 high school students had no class schedules and were sent to wait in holding spaces while administrators tried to sort things out." (More below.)

Do not underestimate the value of print statements for debugging.