There are some excellent ideas here, and I am awed by their creativity. We ought to do something: and build a straw website to demonstrate intrusion techniques on. The idea of a shrink-wrapped 'hack-o-matic' is excellent.
The whole point I'm trying to make is that, until you've seen how easy it is to do, the whole subject of SQL Injection etc just seems so unreal. It really focuses the mind to see it in practice.
To Mike Brockington, thanks for the legal angle, but I thought I was already arguing against hacking other people's websites. This is why I felt that a community-based 'straw man' would take away the temptation. I am, of course ridiculously averse to breaking the British law, even though the bossy, venal, and sanctimonious occupants of the mother of parliaments have insisted on enacting 3000 new criminal offenses since coming to power, including the cardinal sin of playing piano in a pub without a license, selling a gray squirrel, staging a lone protest within a kilometer of the Houses of Parliament, smoking in a pub as ones forbears were able to do for the past four hundred years, owning a donkey without a passport, or obstructing the work of the Children's commissioner for Wales. (P Johnson: The Daily Telegraph) No, despite all this, I am not advocating any illegal acts, quite the reverse in fact, though I would certainly smile sympathetically on any British people reading this who feel tempted, if they come across any member of parliament who have fiddled their expenses in the past four years,to pursue them through the streets with a stick, shouting 'stop! Thief!'.
I have never hacked a website without being careful to obtain the written permission of the web site's owners first. It is extraordinary, but my request has never been refused. None have, for a moment, beieved that it was possible. I once presented the director of an insurance company with a list of his customers, and he was surprisingly narked with me when I gave it to him, even though he'd allowed me to do so. His IT department had laughed and said it was impossible: their systems were completely secure. Fortunately, his anger was eventually diverted to its' rightful direction.