Nokia's developer network hacked

Abu Mami

I got an email from them this morning and promptly deleted it. Nokia developer? I'm mean really - does such a thing exist today? Had to go look in my deleted mails to find it. Interesting.

OriginalGriff

I think the problem is that they don't seem to teach anything about injection attacks on IT courses any more - they just seem to go "Here is a SELECT statement, now lets move on". Certainly the number of Q&A questions that leave massive security holes is not reducing. Teach the little buggers about Parametrized queries from day one! Or are all lecturers too damn lazy to bother? Sorry, but SQL injection attacks are one of my personal bugbears...

Real men don't use instructions. They are only the manufacturers opinion on how to put the thing together. Manfred R. Bihy: "Looks as if OP is learning resistant."

0bx

"We noticed someone has copied your passport. We believe they're just trying to forge a passport with your name on it and sell it on the black market. The only potential impact to you may be additional security checks at the airport, so it's no big deal really. Oh by the way, we're sorry."

Giraffes are not real.

Tech Code Freak

Agreed!

gavindon

I'll have to say, I never even heard the words "sql injection" during ANY of my classes... you might indeed have a point.

Programming is a race between programmers trying to build bigger and better idiot proof programs, and the universe trying to build bigger and better idiots, so far... the universe is winning. Be careful which toes you step on today, they might be connected to the foot that kicks your butt tomorrow. You can't scare me, I have children.

Albert Holguin

Very true...

Rage

GuyThiebaut wrote:

I am amazed at how this can still happen nowadays...

Have you been to Q&A recently ? The people asking question there are the same that are supposed to understand what SQL injection is and how to protect their code against them. Still amazed ?

QuiJohn

Isn't the "Nokia's developer network" now MSDN? Since they've switched to WP7 and all...

Gregory Gadow

I don't think anyone posted this yet to this thread: xkcd: Exploits of a Mom[^]

lewax00

gavindon wrote:

I never even heard the words "sql injection" during ANY of my classes

It's true. All I know about sql injection I've learned from the internet...

Sander Rossel

And so easy to prevent! Simply check if the sql statement to execute contains the words table, drop, delete, select... ;P

It's an OO world.

Nokia's developer network hacked

Continuous effort - not strength or intelligence - is the key to unlocking our potential.(Winston Churchill)

Continuous effort - not strength or intelligence - is the key to unlocking our potential.(Winston Churchill)