Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


No One is Safe


No One is Safe

Author
Message
Steve Jones
Steve Jones
SSC-Dedicated
SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)SSC-Dedicated (36K reputation)

Group: Administrators
Points: 36107 Visits: 18742
Comments posted to this topic are about the item No One is Safe

Follow me on Twitter: @way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
Jeff Moden
Jeff Moden
SSC-Forever
SSC-Forever (45K reputation)SSC-Forever (45K reputation)SSC-Forever (45K reputation)SSC-Forever (45K reputation)SSC-Forever (45K reputation)SSC-Forever (45K reputation)SSC-Forever (45K reputation)SSC-Forever (45K reputation)

Group: General Forum Members
Points: 45066 Visits: 39904
Heh... can you imagine? Someone calls at 2:00AM with a prank call to ask "Is your refrigerator running?" and when you go to look, the damned thing has taken off down the street because of a bar code on a milk carton? :-P

--Jeff Moden

RBAR is pronounced ree-bar and is a Modenism for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column.
Although they tell us that they want it real bad, our primary goal is to ensure that we dont actually give it to them that way.
Although change is inevitable, change for the better is not.
Just because you can do something in PowerShell, doesnt mean you should. Wink

Helpful Links:
How to post code problems
How to post performance problems
Forum FAQs
Naked Ape
Naked Ape
Valued Member
Valued Member (60 reputation)Valued Member (60 reputation)Valued Member (60 reputation)Valued Member (60 reputation)Valued Member (60 reputation)Valued Member (60 reputation)Valued Member (60 reputation)Valued Member (60 reputation)

Group: General Forum Members
Points: 60 Visits: 703
That's thinking outside the square - even as a developer/SQL-admin, I have to admire his ingenuity.
:-P

Chris
Abrar Ahmad_
Abrar Ahmad_
SSC Veteran
SSC Veteran (253 reputation)SSC Veteran (253 reputation)SSC Veteran (253 reputation)SSC Veteran (253 reputation)SSC Veteran (253 reputation)SSC Veteran (253 reputation)SSC Veteran (253 reputation)SSC Veteran (253 reputation)

Group: General Forum Members
Points: 253 Visits: 1288


and ensure every developer understands what SQL Injection is.
Discuss

it means every developer (negative) would turn into a Doctor with an Injection named as "Sql Injection" ....
Cool
IceDread
IceDread
Old Hand
Old Hand (329 reputation)Old Hand (329 reputation)Old Hand (329 reputation)Old Hand (329 reputation)Old Hand (329 reputation)Old Hand (329 reputation)Old Hand (329 reputation)Old Hand (329 reputation)

Group: General Forum Members
Points: 329 Visits: 1145
Security is a little interesting but to learn about it you have to dig by yourself usually. It's not promoted like other types of information. A reason for that I believe is that it's not easy to teach since there so many ways and so much to think about and it's not documented like an API because there is none, security breaches comes from peoples imagination set to practice.

To build security functions is also costly and time consuming to make it good and effective so it does not slow down your application. When you have a time line and a budget security seams to always come last and that is a problem and we know it, but will it be a problem fro your application or your environment? Maybe it wont. So time, money and knowledge limitations seams to put security last, in many cases and thus we wont get rid of most security issues for a long time.
andymcauley
andymcauley
Forum Newbie
Forum Newbie (1 reputation)Forum Newbie (1 reputation)Forum Newbie (1 reputation)Forum Newbie (1 reputation)Forum Newbie (1 reputation)Forum Newbie (1 reputation)Forum Newbie (1 reputation)Forum Newbie (1 reputation)

Group: General Forum Members
Points: 1 Visits: 15
it's not really a million miles from the "little bobby tables" xkcd cartoon from a while back, is it?
http://xkcd.com/327/
Ian Massi
Ian Massi
SSCrazy
SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)SSCrazy (2.1K reputation)

Group: General Forum Members
Points: 2067 Visits: 2173
That gives me an idea for a new vanity plate so that the electronic license plate readers on the toll highway won't bill me. Thank you for sharing that picture. It certainly made me laugh... and then think about my data import processes.
blandry
blandry
Old Hand
Old Hand (353 reputation)Old Hand (353 reputation)Old Hand (353 reputation)Old Hand (353 reputation)Old Hand (353 reputation)Old Hand (353 reputation)Old Hand (353 reputation)Old Hand (353 reputation)

Group: General Forum Members
Points: 353 Visits: 723
Great picture, and what a genius to think of that! Thanks for sharing it!

As evidenced by the recent data theft here on the east coast of the US, where two guys drove through TJX's corporate parking lot and wirelessly stole over 300,000 credit card numbers, I think the greatest danger to any kind of security is our own shortsightedness, ego, and more often than not too much 'intelligence' completely shadowing simple common sense.

Let's face it, throughout history, security is often broken by man's own shortsighted presumptions.

At Troy, a great battle was fought with great heroics and yet not one single person bothered to ask, "Why are they giving us this giant horse?" as they opened the gates to the 'impenetrable' city, and rolled their enemies in, to their own doom.

Those who forget or ignore history are doomed to repeat it - and computer security is well laden with pristine examples of overly-intelligent people failing to use common sense.

There's no such thing as dumb questions, only poorly thought-out answers...
Ben Holcombe-270296
Ben Holcombe-270296
SSC Veteran
SSC Veteran (206 reputation)SSC Veteran (206 reputation)SSC Veteran (206 reputation)SSC Veteran (206 reputation)SSC Veteran (206 reputation)SSC Veteran (206 reputation)SSC Veteran (206 reputation)SSC Veteran (206 reputation)

Group: General Forum Members
Points: 206 Visits: 3531
That is pretty hilarious.

I can only imagine being the one troubleshooting the source of the dropped table.
Dave23
Dave23
SSC Veteran
SSC Veteran (255 reputation)SSC Veteran (255 reputation)SSC Veteran (255 reputation)SSC Veteran (255 reputation)SSC Veteran (255 reputation)SSC Veteran (255 reputation)SSC Veteran (255 reputation)SSC Veteran (255 reputation)

Group: General Forum Members
Points: 255 Visits: 1806
blandry (4/20/2010)
At Troy, a great battle was fought with great heroics and yet not one single person bothered to ask, "Why are they giving us this giant horse?" as they opened the gates to the 'impenetrable' city, and rolled their enemies in, to their own doom.


There were a few doubters, Laocoon, who railed against the acceptance of the horse, calling it a Greek trick. He of course was ignored, and then murdered by serpents sent by the gods. Cassandra warned them too, but she was ignored as well.

All too frequently in my career, I've run into a general apathetic attitude from management regarding security. Every time I stand up for it, I always think of Laocoon...
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search