Advertisement
Promo

Security threats Toolkit

In association with HP

Talkback

Post a comment


Story: Script kiddies learn grown-up hacking techniques

  • Previous comment

Posted by: John McVey (Monday 17 January 2005, 1:14 PM)

  • Reply

SQL Injection is not a problem if the application developer has coded the application not to trust the queries it receives. Form/search string validation should take into account any possible hack and code in defenses to obviate them. If the developer doesn't do this, then they're really incompetent and there's nothing more to it.

However, none of this you'd know from reading the article. The journalist seems to be arguing that problems arise due to bad Firewalls. That's not the case at all. In this context, firewalls have nothing whatsoever to do with the applications which sit behind it. They're really concerned with network traffic, not necessarily the content of trusted traffic to specific applications, eg form data to web applications. Thus if the application fails and is subjected to a successful crack it is down pure and simply to the lack of skill of the developer, nothing else.

  • Previous comment

  • Reply to this comment
  • Return to story
  • Report this as offensive


Full Talkback thread

More In Security threats


Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment

Win a BlackBerry with Vlingo voice recognition

Win a BlackBerry with Vlingo voice recognition

What is ZDNet UK's usual tagline?

Competition closes - 14 Jan 2010


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters