Thursday, August 9, 2007

Ghost Stories for Geeks

In the dead of night, the moon is suddenly obscured by the clouds. A wolf howls in the distance. In the dim flicker of the campfire, a speaker leans in closer to the group. These developers have heard some of the stories before, but nonetheless they are wide-eyed and transfixed.....

The nefarious cracker was a vampire! He snuck up on the unwitting server using an SQL injection attack and sunk a stored procedure into its neck. Then he drank the data out of the database! But his thirst for info could never be quenched, and so he used the customer records to write a XSS exploit to eat all of their cookies and curse them to an unending hell of identity fraud!

Horrendous PR.... Financial ruin... Indictments!


(Kudos to Jay Mayer for a good talk at the St Louis JUG)

No comments: