RE: NASA.GOV SQL Injections

["Schmehl, Paul L" <pauls () utdallas edu>]

> -----Original Message-----
> From: Jonathan A. Zdziarski [mailto:jonathan () nuclearelephant com] 
> Sent: Friday, October 17, 2003 8:08 AM
> To: Russ Spooner
> Cc: full-disclosure
> Subject: RE: [Full-disclosure] NASA.GOV SQL Injections
>
> Hmm if I was in the top 1% of the smartest people in the 
> world, I don't know if I'd have the time to read all the 
> flames and spam that occur on this list.  They probably have 
> a team of their own computer geniuses auditing code on a 
> daily basis, at which point it's only a matter of time before 
> they realize the flaw.
No offense meant to the fine IT people at NASA, but do you seriously
believe that the one-percenters are securing the network?  As opposed to
say, figuring out how to land a rover on Mars, how to keep astronauts
alive in space, how to overcome the long-term negative effects of zero
gravity, etc., etc.???

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html