 |
|
|
|
|
|
| |
| |
|
|
|
|
| |
| |
|
|
"Orchid XP v8" <voi### [at] dev null> wrote in message
news:48163933$1@news.povray.org...
>
> Arguably one might blame Microsoft for the whole "hey, computers are
> easy now, you don't need to bother learning how to use them properly"
> mentallity.
Sorry, that's a cop-out. Blame someone else so you don't have to take
responsibility yourself.
SQL injection is mentioned in just about every single intro to web
development that I've seen. That include the '... for dummies' and '... in
24 hours' type books, as well as all the help files and documetation that
comes with the MS development tools. If there's a computer-literate person
out there who doesn't know that security is important, then they're been
under a rock for 10 years.
To make matters worse, find me another profession where people are willing
to take the cheaper option?
If you had to, say, go for eye surgery, and your options were a surgeon with
10 years experience who want to charge you a thousand pounds and an intern,
just out of med school who would do it for 200, which would you choose?
So, why in IT do people go for the cheapest option possible?
And if we're talking about computers are easy, no knowledge required,
shouldn't we also be blaming Apple?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Mon, 28 Apr 2008 21:53:34 +0100, Orchid XP v8 <voi### [at] devnull>
wrote:
>
>Once upon a time [and it was a LONG time ago], you had to have PhDs to
>even understand how to switch on a computer...
It was only the PhDs that thought that. The maintenance crew were
playing "Kingdom". ;)
--
Regards
Stephen
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Mon, 28 Apr 2008 23:06:10 +0200, "Gail Shaw"
<initialsurname@sentech sa dot com> wrote:
>So, why in IT do people go for the cheapest option possible?
Because "traditional" managers don't want to know and companies like
Andersons/Accenture and IBM think that it's the goose that lays the
golden egg.
--
Regards
Stephen
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
"Orchid XP v8" <voi### [at] devnull> wrote in message
news:48163933$1@news.povray.org...
> Arguably one might blame Microsoft for the whole "hey, computers are
> easy now, you don't need to bother learning how to use them properly"
> mentallity.
Hey, cars are so easy to drive these days you don't need to learn all the
intricacies of driving safely. Hey, I just caused a major accident. Let me
blame the car manufacturer.
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Nicolas Alvarez <nic### [at] gmailisthebestcom> wrote:
> PHP too. Few people use prepared statements in PHP, they just
> concatenate strings into a SQL statement. And that's why PHP has such
> abominations as "magic quotes", to protect the developers against
> themselves, annoy to hell people who know what they're doing, and get
> backslashes all over your webpages.
Most PHP programmers who know about SQL injections and quote escaping
believe it's enough to make PHP escape those quotes, but most of them
are oblivious to another exploit which the quote escape usually doesn't
fix, namely cross-site scripting.
--
- Warp
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Gail Shaw wrote:
> So, why in IT do people go for the cheapest option possible?
Fascinating stuff about how the space shuttle software gets written, if
you haven't seen it before...
http://www.fastcompany.com/magazine/06/writestuff.html
--
Darren New / San Diego, CA, USA (PST)
"That's pretty. Where's that?"
"It's the Age of Channelwood."
"We should go there on vacation some time."
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Warp wrote:
> are oblivious to another exploit which the quote escape usually doesn't
> fix, namely cross-site scripting.
You can fix this with quoting. You just have to quote different stuff.
Same problem, same solution, different programming language.
--
Darren New / San Diego, CA, USA (PST)
"That's pretty. Where's that?"
"It's the Age of Channelwood."
"We should go there on vacation some time."
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Mon, 28 Apr 2008 23:13:02 +0200, "Gail Shaw"
<initialsurname@sentech sa dot com> wrote:
>
>"Orchid XP v8" <voi### [at] devnull> wrote in message
>news:48163933$1@news.povray.org...
>
>> Arguably one might blame Microsoft for the whole "hey, computers are
>> easy now, you don't need to bother learning how to use them properly"
>> mentallity.
>
>Hey, cars are so easy to drive these days you don't need to learn all the
>intricacies of driving safely. Hey, I just caused a major accident. Let me
>blame the car manufacturer.
>
And like cars computers are cheep enough that they are within the
reach of a lot of people. I've noticed that more people make their
living from computers since they got cheeper.
--
Regards
Stephen
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Mon, 28 Apr 2008 14:15:09 -0700, Darren New <dne### [at] sanrrcom>
wrote:
>
>http://www.fastcompany.com/magazine/06/writestuff.html
Very interesting but what do you expect when it is safety related and
not commercial?
I've worked on lots of hardware that were "safety critical" and the
software was seldom updated.
As an aside, remember Rocket Science isn't "rocket science" but it is
heavy engineering. :)
--
Regards
Stephen
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>> Arguably one might blame Microsoft for the whole "hey, computers are
>> easy now, you don't need to bother learning how to use them properly"
>> mentallity.
>
> Hey, cars are so easy to drive these days you don't need to learn all the
> intricacies of driving safely. Hey, I just caused a major accident. Let me
> blame the car manufacturer.
Yeah, well, how many car manufacturers actually *claim* that driving a
car is so easy that a child could do it? There's your difference. ;-)
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
