1392 Gab has been hacked. The whistleblower site DDoSecrets says it will selectively share 70GB of encrypted passwords, private posts, and more with "journalists, social scientists, and researchers." (media.patriots.win) posted 45 days ago by maga_mama_757 45 days ago by maga_mama_757 +1393 / -1 235 comments share 235 comments share save hide report block hide child comments Comments (235) sorted by: top new old worst You're viewing a single comment thread. View all comments, or full comment thread. ▲ 7 ▼ – Artymisfoul 7 points 44 days ago +7 / -0 Really a sql injection hack? Do they have imbecilic software developers???? permalink save report block reply ▲ 4 ▼ – deleted 4 points 44 days ago +4 / -0 ▲ 4 ▼ – Ic3D 4 points 44 days ago +4 / -0 Do they have Twitter money? I don't think so ... Seems like the hack is still unproven, unless you have seen the leaked data ? permalink save report block reply ▲ 3 ▼ – CantStumpTheTrump 3 points 44 days ago +3 / -0 Literally any WAF worth its salt should prevent SQL injections. permalink parent save report block reply ▲ 2 ▼ – dev01 2 points 44 days ago +2 / -0 That's not the software engineers job. That's a penetration testers job. permalink parent save report block reply ▲ 5 ▼ – CantStumpTheTrump 5 points 44 days ago +6 / -1 Security is everyones job. permalink save report block reply ▲ 1 ▼ – dev01 1 point 44 days ago +1 / -0 A nice thing to say that functions as an excuse to avoid spending money on process improvement, actual security audits and bullet proofing. permalink parent save report block reply ▲ 2 ▼ – Artymisfoul 2 points 44 days ago +2 / -0 That is dumb. Speaking as a software engineer you do not allow sql injection when writing software. permalink parent save report block reply ▲ 0 ▼ – dev01 0 points 44 days ago +1 / -1 Not deliberately. But it's not our job to do in depth security testing permalink parent save report block reply ▲ 1 ▼ – deleted 1 point 44 days ago +1 / -0 ▲ 1 ▼ – CantStumpTheTrump 1 point 44 days ago +1 / -0 I'm going to be straight up; you're one of those guys everyone hates to work with. permalink parent save report block reply ▲ 1 ▼ – Artymisfoul 1 point 44 days ago +1 / -0 Sql injection is easy to avoid. Would not hire you fwiw. permalink parent save report block reply
Really a sql injection hack? Do they have imbecilic software developers????
Do they have Twitter money? I don't think so ... Seems like the hack is still unproven, unless you have seen the leaked data ?
Literally any WAF worth its salt should prevent SQL injections.
That's not the software engineers job. That's a penetration testers job.
Security is everyones job.
A nice thing to say that functions as an excuse to avoid spending money on process improvement, actual security audits and bullet proofing.
That is dumb. Speaking as a software engineer you do not allow sql injection when writing software.
Not deliberately. But it's not our job to do in depth security testing
I'm going to be straight up; you're one of those guys everyone hates to work with.
Sql injection is easy to avoid. Would not hire you fwiw.