Forgot your password?
typodupeerror

Comment: SQL injection detection (Score 1) 156

by rgovostes (#24461529) Attached to: Diagramming Tool For SQL Select Statements

I've thought about such a tool for detecting SQL injection. Essentially, you have a whitelist of SELECT statement "diagrams" stored somewhere. Before running a query, you generate a diagram of the current statement and check it against the diagram.

Of course a better investment would be to write your code the right way first...

The Internet

+ - Road Runner's wildcard DNS service a privacy risk->

Submitted by
rgovostes
rgovostes writes "Road Runner recently added a wildcard DNS record to redirect typo'd URLs to an ad-ridden web portal much like VeriSign's failed Site Finder, discussed many times on Slashdot. I poked at the service on my blog and found reasons for security and privacy concerns, such as geographical tracking of users and unauthenticated preference changes.

Affected customers can opt-out on the preferences page. That is, if someone else doesn't do it for you."

Link to Original Source
Utilities (Apple)

+ - Adium code forked over Leopard Dispute->

Submitted by admiralfrijole
admiralfrijole (712311) writes "Earlier this week, several people opened tickets against Adium crashes occurring in the latest Leopard Beta, which started a veritable firestorm of controversy that included discussions of GPL violations, disabling features, and quite a spat across no less than 3 different IRC channels.

Today, one of the people who filed a ticket and was told that it would not be fixed until Leopard ships announced on his blog that he, and several other unnamed individuals, have forked Adium to create A.org."

Link to Original Source

The 11 is for people with the pride of a 10 and the pocketbook of an 8. -- R.B. Greenberg [referring to PDPs?]

Working...