Archive for October, 2007

Injection Attacks

Injection attacks pose a serious threat to web applications. As more applications become web-based, these kind of attacks have become a growing concern. These attacks are usually embedded in the code itself so, it’s really quite complex to detect if your code has been injected with some malicious code. So to prevent this, it’s really important to have a secured code. I think one good way of securing web apps is by filtering all inputs which includes anything submitted through a form. Like what the guy did in the injection demo, a code can be easily manipulated by using special characters like ‘#’ and ‘!’ so filtering is really helpful to avoid these kind of attacks.

-michelle a.ü


Double Jeopardy

Technology is now widely being used as a tool to capitalize on other people’s innocence. I remember watching an episode on Oprah about internet scams. There was this girl who tried out this online dating thing. She met this guy who was based on Africa. The guy told the girl that he’s into social work, taking care of the poor African kids and other noble stuff. They had this dating thing for months. The girl fell in love with the dweeb and after some time, the guy asked the girl to marry him. This guy told the girl that he needs money to support the funding of his “noble work” so that he could leave Africa for good and marry her. Because the girl was desperately in love with the guy, she sent him the money. The girl told the guy that she already sent the money but there was no reply. Days have passed but still, there was no reply from the guy. The girl told his brother about this and he told her that she was scammed. The girl was left with a broken heart and an empty bank account. It wasn’t a fairy tale ending after all. Maybe the girl wasn’t aware of these online dating scams so she was easily lured. I personally don’t know how these online dating sites work because I haven’t tried it….. Anyway, the moral of the story, don’t be too trusting and don’t take online dating seriously or anything ‘online’ because the the internet is very vulnerable to scams. 

-michelle a.ü