This story is pretty horrifying. SQL injection attacks are trivial to protect against - many popular web application development environments (such as Django and Ruby on Rails) provide protection out of the box, and in other environments a simple coding pattern called parameterized statements provides full protection for no extra effort at all. There's certainly no need to buy an application firewall or other external piece of software!
The problem here is that many web developers fail to understand even the most basic concepts of web application security. The solution is better training or just to hire better developers.
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
