THE SQL Server Blog Spot on the Web

Welcome to SQLblog.com - The SQL Server blog spot on the web Sign in | |
in Search

Joe Chang

NY Times The Great Cyberheist

I pretty much stick to performance related issues and know very little of security, except that I prefer to enforce security at the boundaries instead of on the SQL Server itself. Its just after 5pm, and I came across this article, which eventually leads to SQL Injection http://www.nytimes.com/2010/11/14/magazine/14Hacker-t.html
SQL Injection has already been widely discussed, but after reading this, my policy will now be to refuse any engagement on systems still using direct SQL with an open web interface.

Published Monday, November 15, 2010 6:43 PM by jchang

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

No Comments

Leave a Comment

(required) 
(required) 
Submit

About jchang

Reverse engineering the SQL Server Cost Based Optimizer (Query Optimizer), NUMA System Architecture, performance tools developer - SQL ExecStats, mucking with the data distribution statistics histogram - decoding STATS_STREAM, Parallel Execution plans, microprocessors, SSD, HDD, SAN, storage performance, performance modeling and prediction, database architecture, SQL Server engine

This Blog

Syndication

Powered by Community Server (Commercial Edition), by Telligent Systems
  Privacy Statement