At the end of the day.. "users can't be trusted!"
You make a very good point Gary.. if you want to hear a funny story..
I started my career as a software developer with SQL Injections 🙂
I used to repair printers and computers in a small shop. Business was not great so I had a lot of time to kill.. I thought Kali Linux was very cool thing to learn and (don't tell anyone) I started attacking our client's websites trying to get the site admin password. I managed to hack a few sites and added a "THIS SITE HAS BEEN HACKED" banner in bright red in the homepage 😈
Then I picked up the phone and called each one of them and say, "Hey, I noticed your site has been hacked! By the way, do you know that we also sell CMS and they're all security tested?"
I don't know if that actually lead to any business because I joined a software company a couple of weeks later.. but.. a big thank you to all "developers" that don't sanitize user's data! 🍻 You helped me land my first job as a software engineer!
A Senior Developer working mostly with PHP and JavaScript, with a bit of Python thrown in for good measure, all on Linux. My tooling is simple, it's GitLab and JetBrains where possible.
I've done a few system audits for clients. This particular one we then quoted for a secure rebuild (I worked for a custom software house), but they declined and took our findings to another company. I did one which was for parents to track their kids on their school journey in real time. It was a couple weeks from launch and we discovered such serious issues that we told them if they went live with it, we'd have an obligation to break our NDA and report them to the ICO for a data breach. I think they went out of business a couple months later.
A Senior Developer working mostly with PHP and JavaScript, with a bit of Python thrown in for good measure, all on Linux. My tooling is simple, it's GitLab and JetBrains where possible.
They offshored the development to the cheapest bidder. It cost them their entire investment and business. I don't think the business owners realised how bad it was until we showed them.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
At the end of the day.. "users can't be trusted!"
You make a very good point Gary.. if you want to hear a funny story..
I started my career as a software developer with SQL Injections 🙂
I used to repair printers and computers in a small shop. Business was not great so I had a lot of time to kill.. I thought Kali Linux was very cool thing to learn and (don't tell anyone) I started attacking our client's websites trying to get the site admin password. I managed to hack a few sites and added a "THIS SITE HAS BEEN HACKED" banner in bright red in the homepage 😈
Then I picked up the phone and called each one of them and say, "Hey, I noticed your site has been hacked! By the way, do you know that we also sell CMS and they're all security tested?"
I don't know if that actually lead to any business because I joined a software company a couple of weeks later.. but.. a big thank you to all "developers" that don't sanitize user's data! 🍻 You helped me land my first job as a software engineer!
That's a great story, made me chuckle.
I've done a few system audits for clients. This particular one we then quoted for a secure rebuild (I worked for a custom software house), but they declined and took our findings to another company. I did one which was for parents to track their kids on their school journey in real time. It was a couple weeks from launch and we discovered such serious issues that we told them if they went live with it, we'd have an obligation to break our NDA and report them to the ICO for a data breach. I think they went out of business a couple months later.
Wow, is that for real?! No excuses for taking security lightly with the kid's location! Unbelievable how people just don't care..
They offshored the development to the cheapest bidder. It cost them their entire investment and business. I don't think the business owners realised how bad it was until we showed them.