I must admit it’s sorta cute watching a script kiddie try to hack your site using sql injection or whatever. But it’s even cuter when they try to get your [python] code to execute a get variable in the hopes of causing your [python] code to execute php code. Maybe one should return a link to Netcraft?
In my career so far I’ve managed to meet lots of companies who have absolutely horrible business practices when it comes to security. Usually the problem is either a lack of technical staff skilled enough to secure things properly, a lack of support from management, or both. Either way the result is more open doors than are best for business. The other thing I’ve noticed is that companies who don’t take security seriously also tend to have crappy products.
Read more...
