- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
42 States have breach notification laws: http://privacylaw.proskauer.com/2008/04/articles/security-breach-notification-l/more-breach-notification-laws-42-states-and-counting/
OK is one of that 8 that doesn't. Surprise!
Admin
Admin
When I first glanced at the title of this story in my RSS reader I thought it said "Obama Leaks Tens of Thousands of Social Security Numbers, Other Sensitive Data".
Admin
This redefines what a SQL Injection is. I guess SQL Execution is more appropriate since there is literally nothing to inject
Admin
@Zathrus: "For those who still haven't gotten it -- the names and addresses are public information that's supposed to be provided by the sex offenders' list anyway."
Read the entry again. It's clear the author disapproves of this ridiculous practice. So why put the possibly "fornicating teenagers" through more humiliation?
Frankly, I'd be a hell of a lot more interested in a list of known murderers.
///ark
Admin
Do they? Can you give an example?
Admin
Don't you mean "injected"?
captcha: populus
Admin
TRWTF is that you went to the trouble of using a reversable filter when just blanking it out in the first place would have been easier and faster to do.
Admin
Admin
From that report link:
I can just see a VAX sitting in a corner, sucking down on a power cord and coughing spastically every so often.
Admin
Yeah, anyone who loses customer data has a tough time dealing with all the lawsuits and lost business... (e.g. Bank of America, HSBC, Citigroup, Ameritrade, Ernst&Young losing Hotels.com data, etc... Not to mention the thousands of entries in the Attrition.org Data Loss Database...)
At least Wells Fargo went to court... and we can see how well that went...
Admin
Admin
Did this story remind anyone of this little gem? ;)
http://xkcd.com/327/
Addendum (2008-04-15 21:35): Crap. I see it did.
Never mind.
Admin
Bet developer is an outsource or a bunch from one of the "raising powers"
Admin
The total cost to the agency from 1998 to 2002 for development and support of OMS was $3.6 million.
Enough said!
Admin
Amen to that.
Admin
I just want to say thanks to all of who introduced me to xkcd. Since I saw it for the first time the other day, I have nearly gone through all the cartoons. It's like they were made for me. Very strange. Well... I'm not crazy about some of the romance ones, but I love the majority of them.
Thanks again!
Admin
Another one, this one Coast Guard related:
http://www.vesselsafetycheck.org/ideaexchange.asp?sql=Select+*+from+Best_Table+where+OKtoView+%3D+1+Order+by+DatePosted+Desc&startwith=5
Admin
That is just awesome... The best thing I've read on this site for ages. Bloody excellent.
Thanks for that. It truly helps me relax and de-stress. Just to know there are some total turkeys out there so that even on a bad day I'm still pretty competent (probably not earning more money though).
You can just see their minds going... 'Well, it's Oracle. That's unbreakable isn't it?'
More! More!
Admin
From the article:
This appears to me to be the worst part of this story.
Admin
the real WTF will be the moment u see hot and sexy chicks on millionaireloves.com it's just breathtaking!!!
Admin
Communist!!
Admin
So I take it "For those unaware, the SVOR is a federally-mandated, publically-available registry designed to protect us from the truly horrendous specimens of humanity by forever branding those convicted of a certain crimes with a big “SO”." is a personal, uneducated view?
If you were a UK citizen, I'd assumed you'd got that politicised uneducated nonsense from The Daily Mail. For those who are educated in the causes of Sex Offences, it is a little more complicated.
Admin
The rWTF here is calling a table Best_Table
Admin
I just did this for the country I live in - and one of the links which came up is for the trades union for IT professionals.
Admin
That would be an idea for the next wtf programming contest.
Submit an entry for the Oklahoma DOC.
Ofcourse all entries will be submitted and the contract will be the prize. :p
Admin
A common feature of many of these sites appears to be the use of "sqlquery" in the querystring (i.e. to find a whole bunch you just need allinurl: sqlquery) suggesting the possibility that this disgrace stems from a single, original, potentially traceable source. As a starting point some of the sites contain an advert for their creator, which is a useful anti-pattern to watch for if you're planning on using the perpetrator for any development.
ahhhhhhh - I love the smell of a witchhunt in the morning...
Admin
Believe me, this is so much more important than whether this information is publicly available or not ;)
Admin
Admin
Sometimes this kind of thing makes me think we programmers should need to earn a 'licence to code' :) Whoever wrote this mess would immediately have it revoked!
Admin
Yea, Mee too.. Quite disgusting really
Found out that they ran their database on PostgreSQL and that the pg_class table was WORLD READABLE for C... sake!!!! (hint pg_class stores info on tables in the database such as table names etc making guessing table names real easy...)
I didn't look more into it, and didn't get the table names etc, but I did get the amount of rows a 'SELECT * FROM pg_class' would generate (some 20 or so)
Yours Yazeran
Plan: To go to Mars one day with a hammer.
Admin
Yeah, Sure. Like licenses prevent drivers from being idiots! Having a license is no guarantee of ability, they are more about keeping out competition.
Admin
Admin
Thanks for sharing that. It was fascinating. It sounds so much like several places I have worked that it's fascinating. This assessment resembles something that could have been written about Hennepin Count Minnesota in their effort to acquire a new jail management system. The Sheriff assigned oversight to an employee who had no experience overseeing technology projects. How naive. But then, what did the Sheriff know about IT? Probably nothing. Our industry sure faces some tough challenges supporting those we serve.
Admin
Licensing doesn't prevent idiot drivers. but it reduces them. Imagine who would be driving if NO licenses were required.
Admin
I was thinking about this last night. A person with access to this kind of information could make a lot of money working with those who do not wish to be recognized as pedophiles. "Slide me a thousand bucks and I'll erase you out of the registry."
Where's my torch and pitchfork?
Admin
http://docapp8.doc.state.ok.us/pls/portal30/url/page/sor_roster?sqlString=drop table registration_offender_xref
Way to commit any sort of crime in Oklahome and get away with it!
Admin
http://identitytheft911.org/alerts/alert.ext?sp=10431 http://www.networkworld.com/news/2007/060807-tjx.html http://www.usatoday.com/tech/news/computersecurity/infotheft/2007-04-03-radio-shack-id_N.htm
Granted, the larger companies are seemingly as immune as the government when it comes to this negligence. Hopefully that will change. Unfortunately it seems that it's going to take more than a lost CD or laptop before someone takes serious action.
Admin
Admin
Maybe it's all according to spec, and the "vulnerability" is just the required federal backdoor.
Admin
Oklahoma has another website (http://www.oscn.net/applications/oscn/start.asp) where they share all sorts of personal information, including physical description and date of birth on people with traffic offenses and other legal issues. I don't know of any other state that violates the privacy of its citizens like that. It's time to get out of this primitive backwards state.
Admin
I've always thought that the ODOC websites in Oklahoma were poorly developed. I'm glad someone finally hacked in and caused a ruckus.
Admin
Can you say (Irreparable damage), this is ridiculous! My great grandfather would've went CRAZY over a rights violation of this magnitude. This is probably the beginning, the foresight we will look back upon and realize a lot of things could've been prevented with common sense. Our nation is becoming incredibly delusional, all the sudden the effects that christened America so great has become discarded for good intentions. This is the war I see, it’s a war on our children and our rights! Sex Offenders are the other form of terrorist according to the government, because you don’t know who they are or where they are. So the government says to protect us and our children they will implant V Chips, not only in us, but in our cars, passports, identification, and run surveillance on our streets, homes, friends, and conversations. 96.5% of sex offenders are family members or friends to the victim, 97% are male, and only 3.5% of overall convicted sex offenders reoffend sexually... Therefore the odds are YOU are more of a threat to commit a sex offense than a "sex offender". Mull over that for a moment. What will the next set of laws be? Will they treat us more like criminals than they currently are over of statistics like these? Will we again support them for the reasons or justifications of “good intentions”? In fact I have already seen the question that leads to this, (We need to constantly ask "Legislators," why they continually focus new more restrictive legislation on ALL registered sex offenders, when they have the lowest recidivism rate, and legislators ignore the group committing "96.5% of new sex offenses," persons who have never before committed a sex offense?) How can we prosecute people for life knowing how easy it is to be charged and convicted of a sex offense? Do you realize how many death row inmates have been found innocent due to D.N.A.? They convict sex offenders every day with merely ones word against anothers, today, a simple lie can wreck your life! How do V Chips, satellites, surveillance, and treating us like criminals stop our children from having a sexual encounter, protect our credit, or save us from terrorists that our government antagonizes? We let them ignore Americans rights because we agree with the “good intentions” they sell us. Isn’t that what the Bible states the path to Hell is paved with? Did you know since that registry began the recidivism rate has increased, not declined, and the rate of sex offenses has not changed? There have however been thousands of vigilante attacks that have gotten an estimated 4000 innocent people hurt and even killed by mistaken identity or wrong addresses all together. In one case a pregnant woman was burned alive for nothing she had done. I have heard of “American justice” before, but it was in times when a guilty man unjustly went free. Not on a man who served HARD time in prison, not after the humiliation of refacing the public, and never after he was continually punished during and after his parole by the state. Now we harass or kill his family and friends as well? Is this what we have become? We now allow rights to be ignored? Hitler used the media, fear mongering tactics, and created monsters to use as justifiable leverage against peoples rights, turned the people against one another, tortured people, held secret prisons, and reversed the impact of the word "WAR" till it was a good thing to happen to a nation. He too painted himself the protector and guardian. It makes me wonder if it is just a coincidence that Bushs’ grandfather worked for and with Hitler. How are we keeping out terrorists if we can’t keep out drugs? How does opening our borders protect our borders? If this is what our country has become maybe the “terrorist” have us pegged, and we deserve whatever we get. I for one do not need the government to protect my children and still hope we are a great and proud country because of our freedom, honor, fairness, and morals on life, liberty, and justice.
Admin
@Richard: Whatever you wrote, nobody read it. Maybe you should consider shortening your future comments to less than the length of the article in question.
... And by the way, HAHAHAHAHAHAHHAHAHAHAHAHAHAHAHHAHAHAHAHAH @ "upper(zip) = '73064'", that made my day.
Admin
Just don't use blur. This is recoverable: http://www.schneier.com/blog/archives/2007/01/how_to_recover.html
Admin
http://newsok.com/article/3230675/1208345421
captcha: validus
Certainly not...
Admin
oi:
http://www.mepa.org.mt/asps/enf_pending.asp?whichpage=1&pagesize=50&sqlQuery=EXEC%20sp_tables%20@table_type%20=%20%22'TABLE'%22;
Admin
On the other hand, and also in reference to the wonderful Hennepin County system mentioned in the comment above yours, I've twice had a 'suspended' license, due to either software or data-entry screw-ups on the part of that county. You know how great that is? It's so nice to get pulled over for no apparent reason, to have the nice officer approach the vehicle with gun drawn, barking orders, and then to lose a couple hours of my life inspecting the back seat of his police cruiser. Thankfully, I was eventually able, purely by way of having a completely perfect driving record, to convince the officer that it had to be a mixup, so he let me go. In the second occurrence I was lucky enough to have had friends riding with me, so one of them could take the wheel...otherwise, since the officers wouldn't listen to reason, I'd have had my car impounded and spent the night in jail.
Yep, the existence of driver's licenses has sure made my life alot better.
Admin
too bad that even though they took it down, all that information is still available cached away in google, and now with the press on this article boatloads more people are looking for it.
Admin
There were some major screwups in the UK a while back, with people's license classes getting randomly changed, so suddenly someone with a motorbike license gets told they can't drive a motorbike - but are licensed to drive a tank! In some cases the attitude of the DVLA (organisation responsible for licensing) was 'retake your test. And no we won't even pay for it'.
But licensing driving is still important. Not to stop the 'dangerous unlicensed drivers' we have, who drive despite being banned, but in helping ensure that EVERYONE on the roads has at least a minimum level of competence - that required to pass the test in the first place (of course it's not foolproof, loads of people forget some of it, and wouldn't pass a snap retest were such things administered). If there was no driving license, we'd soon have a lot of crap drivers on the road; those who currently learn what they have to, but if they weren't compelled to, wouldn't bother.