1392 Gab has been hacked. The whistleblower site DDoSecrets says it will selectively share 70GB of encrypted passwords, private posts, and more with "journalists, social scientists, and researchers." (media.patriots.win) posted 45 days ago by maga_mama_757 45 days ago by maga_mama_757 +1393 / -1 235 comments share 235 comments share save hide report block hide child comments Comments (235) sorted by: top new old worst You're viewing a single comment thread. View all comments, or full comment thread. ▲ 2 ▼ – dev01 2 points 44 days ago +2 / -0 That's not the software engineers job. That's a penetration testers job. permalink save report block reply ▲ 5 ▼ – CantStumpTheTrump 5 points 44 days ago +6 / -1 Security is everyones job. permalink parent save report block reply ▲ 1 ▼ – dev01 1 point 44 days ago +1 / -0 A nice thing to say that functions as an excuse to avoid spending money on process improvement, actual security audits and bullet proofing. permalink parent save report block reply ▲ 2 ▼ – Artymisfoul 2 points 44 days ago +2 / -0 That is dumb. Speaking as a software engineer you do not allow sql injection when writing software. permalink parent save report block reply ▲ 0 ▼ – dev01 0 points 44 days ago +1 / -1 Not deliberately. But it's not our job to do in depth security testing permalink parent save report block reply ▲ 1 ▼ – deleted 1 point 44 days ago +1 / -0 ▲ 1 ▼ – dev01 1 point 44 days ago +1 / -0 It is excusable, because people are human and make mistakes. Escaped security holes are a development PROCESS problem not a programmer problem. permalink parent save report block reply ▲ 1 ▼ – CantStumpTheTrump 1 point 44 days ago +1 / -0 I'm going to be straight up; you're one of those guys everyone hates to work with. permalink parent save report block reply ▲ 1 ▼ – dev01 1 point 44 days ago +1 / -0 No, I'm not. My entire team loves me. permalink parent save report block reply ▲ 1 ▼ – Artymisfoul 1 point 44 days ago +1 / -0 Sql injection is easy to avoid. Would not hire you fwiw. permalink parent save report block reply ▲ 1 ▼ – dev01 1 point 44 days ago +1 / -0 I'm a veteran. The chance that I would make that mistake is next to zero, but I'm not going to attack junior devs for it, or fire them. It's more likely that I would refuse to work for you. permalink parent save report block reply
That's not the software engineers job. That's a penetration testers job.
Security is everyones job.
A nice thing to say that functions as an excuse to avoid spending money on process improvement, actual security audits and bullet proofing.
That is dumb. Speaking as a software engineer you do not allow sql injection when writing software.
Not deliberately. But it's not our job to do in depth security testing
It is excusable, because people are human and make mistakes.
Escaped security holes are a development PROCESS problem not a programmer problem.
I'm going to be straight up; you're one of those guys everyone hates to work with.
No, I'm not. My entire team loves me.
Sql injection is easy to avoid. Would not hire you fwiw.
I'm a veteran. The chance that I would make that mistake is next to zero, but I'm not going to attack junior devs for it, or fire them. It's more likely that I would refuse to work for you.