• @Aceticon
    link
    7
    edit-2
    1 year ago

    In the old days you could do a lot of damage to a lot of websites with this kind of trick…

    Mind you, it’s only because nowadays libraries for processing web-requests and for feeding SQL queries to databases automatically do all kinds of escaping of special characters and sanitizing of inputs that things are a lot better: in my experience the “average” dev out there doesn’t really has much awareness about security-adjacent concerns like “sanitize inputs coming from the outside” (and no, you can’t trust Javascript on the browser for that) and, besides, tons of companies outsourced their code making work to places like India were far too many “devs” are people with zero skill for it who joined the Industry because demand was so big that anybody who knows the right side of the keyboard to type on is hired and then outsourced to some western suckers in management as a “senior developer”.

    • @[email protected]
      link
      fedilink
      11 year ago

      Haha the outsourcing stuff is kind of hilarious. They just usually churn and burn people through products and somehow they use it as a selling point… “Don’t like your team, you can easily adjust with new members equally skilled instantly!”

      So they just move people through projects, and eventually they usually learn enough coding to remain.

      • @Aceticon
        link
        31 year ago

        From my own experience, which even included managing a small outsourced team in India, I concluded that whilst they do have as many good devs in that country as elsewhere, their own pay scale structure pushes the good ones into management (were they usually suck) to be able to get a raise, and due to the extra demand due to the outsourcing industry for developers over there, which is well above and beyond what most countries have, the normal proportion of naturally good devs is drowned in a sea of mediocre types who have no actual skill and would never had gone into IT otherwise. Also the best guys (and a few gals) usually leave to go earn a lot more in places like the US and UK.

        In my own experience with this, we (a small very senior team based in London) were forced by management to use the work of the guys in India because the company had spent lots of money setting up a division there for it, and in practice we ended up spending just as much time fixing their code as we would have spent doing it right ourselves in the first place, so at least in my team the company was just wasting money.

        Funnilly enough the few guys we had based in London that came from the Indian Subcontinent (so not just India but also Pakistan, Banglasdesh and even Sri Lanka) were significantly better than the guys from that outsourcing division in India.