On May 16, 8:21 pm, Roy Schestowitz <newsgro...@xxxxxxxxxxxxxxx>
wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> After 'treasure Hunt,' Hacker Releases IE Attack Code
>
> ,----[ Quote ]
> | The flaw affects IE 7 and IE 8, Raff said. Security vendor Secunia said that
> | the bug also affects IE 6.
> `----
>
> http://www.pcworld.com/businesscenter/article/145953/after_treasure_h...
>
> SQL injection attack in 'third wave,' says IBM
Ask any senior web programmer and he would tell you SQL injection is a
flaw in the website code - NOT THE BROWSER OR WEB SERVER. The problem
exists for many websites because programmers don't know/care about
submitted data containing invalid values, and because customers rarely
care it because they test only the standard and working procedures,
not failed/error ones. And it can be exploited by simple tools such as
telnet or wget, not just web browsers.
The author of the article is an idiot. But since you're a linux user
and you post it here, I must admit the quality of linux users really
have degraded considerably over the years.
Ask yourself, Is it really good to advocate linux to those common PC
users, who have no idea how real things work and have no interest to
know, and would just talk nonsense instead of trying to find the truth
whenever they see a problem?
--
!!!!!!stoidi gnikcuf
|
|
