|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
SQL Injection attack
If this could happen on a Microsoft site with all their resources, what chance does a normal enterprise stand?
Most enterprises have staff who can code just enough to make something work and no more and certainly none with the skills of Microsoft themselves.
The answer is to never deploy Microsoft technologies in any web-facing environment. It's not their key focus, they aren't good at it and they're too expensive. Deploy open source instead, it was designed for the Internet in the first place, Microsoft designs for the desktop.
Having said that, the site was probably secured by perimeter firewalls instead of application firewalls. Application firewalls look at behaviours and would have stopped this. Microsoft nil points.