ethunderwear - Slashdot User

Anatomy of a SQL Injection Attack 267

Posted by timothy on Friday February 26, 2010 @06:03AM from the the-alarm-you-trip-could-be-your-own dept.

Trailrunner7 writes "SQL injection has become perhaps the most widely used technique for compromising Web applications, thanks to both its relative simplicity and high success rate. It's not often that outsiders get a look at the way these attacks work, but a well-known researcher is providing just that. Rafal Los showed a skeptical group of executives just how quickly he could compromise one of their sites using SQL injection, and in the process found that the site had already been hacked and was serving the Zeus Trojan to visitors." Los's original blog post has more and better illustrations, too.

Debunking a Climate-Change Skeptic 807

Posted by kdawson on Tuesday February 23, 2010 @02:01AM from the so-many-notes-mister-mozart dept.

DJRumpy writes "The Danish political scientist Bjørn Lomborg won fame and fans by arguing that many of the alarms sounded by environmental activists and scientists — that species are going extinct at a dangerous rate, that forests are disappearing, that climate change could be catastrophic — are bogus. A big reason Lomborg was taken seriously is that both of his books, The Skeptical Environmentalist (in 2001) and Cool It (in 2007), have extensive references, giving a seemingly authoritative source for every one of his controversial assertions. So in a display of altruistic masochism that we should all be grateful for (just as we're grateful that some people are willing to be dairy farmers), author Howard Friel has checked every single citation in Cool It. The result is The Lomborg Deception, which is being published by Yale University Press next month. It reveals that Lomborg's work is 'a mirage,' writes biologist Thomas Lovejoy in the foreword. '[I]t is a house of cards. Friel has used real scholarship to reveal the flimsy nature' of Lomborg's work."

Comment Re:Leave it to the bean-counters (Score 1) 6

by ethunderwear on Monday February 22, 2010 @05:35AM (#31227232) Attached to: Ask Slashdot: How much per line?

I agree with you - a question "how many lines per day can you produce" is a clear signal, that you are being asked for something uncountable and that the person asking it isn't really into the business of programming :) The thing about the "per line factor" is just my own geek-curiosity - I am not going to draw any serious conclusions from the results. I find it "funny to see and compare", others (non-techs) see there only money (as you said "bean-counters") or raise "a stupid question" flag :)

Comment Re:Peter.... how's it going? (Score 1) 709

by ethunderwear on Wednesday January 06, 2010 @03:31PM (#30673638) Attached to: Office Work Ethic In the IT Industry?

Which is why you are completely wrong ;)

Comment Re:Peter.... how's it going? (Score 1) 709

by ethunderwear on Wednesday January 06, 2010 @08:24AM (#30668102) Attached to: Office Work Ethic In the IT Industry?

And you are right. This is why I do work on Sundays.

Slashdot Top Deals