#security on software development security and web security, security best practices and discussions, break-ins and countermeasures. Everything you ever wanted to know about software security but were afraid to ask, for fear of not understanding the answer!
Finally, someone registered a company that is an SQL injection attack. We saw the license plates on cars doctored to execute SQL injection attacks but this is the first time, I think, that an attempt to crash all business SQL databases in a country is made.
The company name is: ; DROP TABLE “COMPANIES”;– LTD
This is a lighter software security blog. I start it now mainly because of two reasons.
First, something has to be done. The recent break-ins at the likes of LinkedIn and Yahoo show that even at the large companies people do not understand the basics of security. By looking at what is proposed and advised under the guise of security to people starting out to write their own web applications I understand that those are not far behind. Should their applications become famous, they will be broken as easily. There needs to be a place to discuss even the most basic things, so people do not keep making the same mistakes over and over again… like if it’s bloody Groundhog Day.
Second, why do we have to talk about software security always with a grave face? Yes, it is a serious subject but that does not warrant the long faces. Lighten up, people! Relax, let the Force flow. Have a break and make a joke. Security can be an entertaining subject. Let’s not make it appear harder than it is.
So here we are, something has to be done and it better be done with a smile. Or a grin… a smirk, a beam, a crack. Not with a frown. I will write my thoughts on software security, you are welcome to comment, make fun of, ask questions and generally have a good time.