You're viewing a comment by John H and its responses.
|
I really hate this damned machine. I wish that they would sell it. It never does quite what I want. But only what I tell it. |
About the site:
Twitter
Facebook
Plurk
more
GitHub
LinkedIn
FriendFeed
Google PlusSubscribe to my posts:
Server Sponsors
I am being sponsored by Syntress! They bought me an amazing dedicated server to run catonmat on. If you're looking web services, I highly recommend the Syntress guys!
My Amazon Wish List
I love to read science books. They make my day and I get ideas for awesome blog posts, such as Busy Beaver, On Functors, Recursive Regular Expressions and many others.
Take a look at my 
Amazon wish list, if you're curious about what I have planned reading next, and want to surprise me. :)
My Other Websites
Top Ten Articles:
- Top Ten One-Liners from CommandLineFu Explained
- My Job Interview at Google
- MIT's Introduction to Algorithms, Lectures 1 and 2: Analysis of Algorithms
- Famous Awk One-Liners Explained, Part I: File Spacing, Numbering and Calculations
- The Definitive Guide to Bash Command Line History
- Working Productively in Bash's Vi Command Line Editing Mode (with Cheat Sheet)
- Vim Plugins You Should Know About, Part VI: nerd_tree.vim
- Vim Plugins You Should Know About, Part I: surround.vim
- Famous Sed One-Liners Explained, Part I: File Spacing, Numbering and Text Conversion and Substitution
- Learning JavaScript Programming Language through Video Lectures
Top Ten Downloads:
- awk cheat sheet (.pdf) (99,018)
- perl's pack/unpack and printf cheat sheet (.pdf) (78,015)
- bash history cheat sheet (.pdf) (71,492)
- sed stream editor cheat sheet (.pdf) (67,278)
- screen cheat sheet (.pdf) (54,804)
- perl's special variable cheat sheet (.pdf) (50,271)
- bash vi editing mode cheat sheet (.pdf) (45,910)
- perl1line.txt (43,121)
- crypt-o.mp3 (musical geek friday #1) (42,064)
- the bill gates song.mp3 (musical geek friday #8) (40,285)
Recent Articles:
- Announcing my third e-book "Perl One-Liners Explained"
- How Browserling Works [art]
- Node.js modules you should know about: procstreams
- Browserling has a new design!
- Node.js modules you should know about: everyauth
- How to setup Stripe payments with node.js
- A Perl Regular Expression That Matches Prime Numbers
- Node.js modules you should know about: jsonstream
- Node.js modules you should know about: cradle
- Node.js modules you should know about: semver
Article Categories:
- Awk Programming (8)
- Cheat Sheets (9)
- Computer Science (8)
- Hacker's Approach (5)
- Howto (10)
- Introduction to Algorithms (15)
- Linear Algebra (6)
- Mathematics (1)
- Misc (8)
- Musical Geek Friday (17)
- Node.js Modules (15)
- Perl Programming (13)
- Programming (29)
- Projects (13)
- Security (1)
- StackVM Startup (10)
- The New Catonmat (1)
- Tools (1)
- Unix Shell (17)
- Video Lectures (17)
- Visual Math Friday (1)
Article Archive:
- February, 2012 (1)
- January, 2012 (4)
- December, 2011 (15)
- November, 2011 (3)
- October, 2011 (2)
- September, 2011 (2)
- August, 2011 (3)
- July, 2011 (1)
- June, 2011 (2)
- May, 2011 (1)
- April, 2011 (1)
- March, 2011 (1)
- February, 2011 (1)
- January, 2011 (1)
- December, 2010 (2)
- November, 2010 (1)
- October, 2010 (1)
- September, 2010 (1)
- August, 2010 (2)
- July, 2010 (2)
- June, 2010 (2)
- May, 2010 (2)
- April, 2010 (2)
- March, 2010 (5)
- February, 2010 (5)
- January, 2010 (7)
- December, 2009 (6)
- November, 2009 (6)
- October, 2009 (2)
- September, 2009 (3)
- August, 2009 (2)
- July, 2009 (4)
- June, 2009 (1)
- April, 2009 (1)
- March, 2009 (2)
- February, 2009 (7)
- January, 2009 (4)
- December, 2008 (8)
- November, 2008 (7)
- October, 2008 (4)
- September, 2008 (5)
- August, 2008 (9)
- July, 2008 (14)
- June, 2008 (4)
- May, 2008 (5)
- April, 2008 (8)
- March, 2008 (3)
- February, 2008 (1)
- January, 2008 (1)
- November, 2007 (1)
- October, 2007 (3)
- September, 2007 (5)
- August, 2007 (10)
- July, 2007 (9)
Technology Solutions
Advertisements
Video Chat
Advertisements
Advertisements
I've got two questions that might somewhat deflate the presentation:
#1 In the SQL injection 'union' attack (clever!) how did the attacker know the columns names and types... inside job? Surely probing on that by an attacker would leave massive traces
#2. In the XSS attack, surely the site would not announce itself as 'evil.org' ... would the name be utterly shrouded, or would there be a placeholder name, and if so... what would Alice be aware of it? ah the zero-size iframe... clever again
Reply To This Comment