SQL Injection isn't special code. It consists of regular, valid T-SQL that is unexpected by the application. Steve Jones notes that using the principle of least privilege can help to limit the damage from SQL Injection if the application fails to properly check input.
2015-12-28 (first published: 2011-04-12)
598 reads
Steve Jones talks about the possibility of SQL Injection, or other security issues from malformed input, affecting our lives in new and annoying ways.
2011-04-11
584 reads
Quite a few utility companies and energy producers have ha data breeches in the last year, yet most of them don't have good tools to detect the intrusions or the support of executive management. Steve Jones talks about this being a problem in many companies.
2011-04-11
97 reads
This Friday Steve Jones asks what you would like to see in Standard Edition. Is there one feature that would make a big difference to you?
2011-04-08
126 reads
If the future of out IT works involves more ad hoc, swarming project teams, are you prepared? Steve Jones talks about social networking being something you might consider as a way to build some skills to work with others in a less formal way.
2011-04-07
105 reads
We never know enough ourselves to be sure that we have completely thought through all the scenarios or holes in our logic. This is why it makes sense for us to have a group that spends time looking for problems.
2011-04-06
195 reads
Today Steve Jones asks for your ideas on Microsoft's Connect. It's a good way to submit bugs and suggestions, but it seems to suffer from a scale problem. What do you think would help?
2011-04-05
155 reads
What value can you place on data? It can be hard to determine, especially when so many sites on the Internet want data to be free. However the New York Times is going to a subscription model, with the idea that there is some value to their data and people will pay for it.
2011-04-04
103 reads
Any DBA who has been bitten by these subtle data integrity issues, or reports that erratically produce the wrong results, will know how much careful testing is involved in mitigating them.
2011-04-04
273 reads
Today Steve Jones talks about changes that are coming to SQLServerCentral.
2011-04-01
199 reads
By Brian Kelley
If you want to learn better, pause more in your learning to intentionally review.
By John
If you’ve used Azure SQL Managed Instance General Purpose, you know the drill: to...
By DataOnWheels
Ramblings of a retired data architect Let me start by saying that I have...
Not sure if this is really a relational theory question but it seems about...
Hi everyone, Below is a consolidated summary of what we validated Architecture & data...
Hi all, I recently moved to a new employer who have their HA setup...
I have this data in a SQL Server 2025 table:
CREATE TABLE Response ( ResponseID INT NOT NULL CONSTRAINT ResponsePK PRIMARY KEY , ResponseVal VARBINARY(5000) ) GOIf I want to get a value from this table that I can add to a URL in a browser, which of these code items produces a result I can use? See possible answers