I’m getting a bit sick of large corporations a) demanding excess data as a condition of doing business with me, b) allowing it to be stolen, and c) giving zero fucks about it.
What are some things that us netizens can do to make our displeasure known.
Extra points for funny ideas.
https://www.explainxkcd.com/wiki/index.php/327:_Exploits_of_a_Mom
SQL sanitization joke. Won’t affect most databases today.
Still, any programmer worth their salt should filter their inputs. One group at work refuses to do it and they always get away with it and it’s infuriating
Sounds like a huge liability to the company.
Until they don’t. All it would take is one malicious actor (competing company, spurned employee, data thief, etc) wrecking/stealing their entire database with an injection attack.
Their exact position would make it significantly less likely, since they aren’t working with databases, but software for individual products. That being said, it’s still shitty practice
As a security consultant who tests web applications on the regular: LOL