this post was submitted on 10 Jul 2023
740 points (95.8% liked)

General Discussion

12131 readers
20 users here now

Welcome to Lemmy.World General!

This is a community for general discussion where you can get your bearings in the fediverse. Discuss topics & ask questions that don't seem to fit in any other community, or don't have an active community yet.


πŸͺ† About Lemmy World


🧭 Finding CommunitiesFeel free to ask here or over in: [email protected]!

Also keep an eye on:

For more involved tools to find communities to join: check out Lemmyverse!


πŸ’¬ Additional Discussion Focused Communities:


Rules

Remember, Lemmy World rules also apply here.0. See: Rules for Users.

  1. No bigotry: including racism, sexism, homophobia, transphobia, or xenophobia.
  2. Be respectful. Everyone should feel welcome here.
  3. Be thoughtful and helpful: even with β€˜silly’ questions. The world won’t be made better by dismissive comments to others on Lemmy.
  4. Link posts should include some context/opinion in the body text when the title is unaltered, or be titled to encourage discussion.
  5. Posts concerning other instances' activity/decisions are better suited to [email protected] or [email protected] communities.
  6. No Ads/Spamming.
  7. No NSFW content.

founded 2 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 58 points 1 year ago (2 children)

Suddenly, very relatable today...

[–] Reliant1087 19 points 1 year ago (2 children)

I was just thinking how the developer of kbin made a post regarding a similar bug in kbin and some people made fun of him for missing something so obvious, and here we are 🀨

[–] glorious_albus 44 points 1 year ago (4 children)

There's only two kinds of people:

  1. Those who know no system is fool proof.
  2. Dumbasses.
[–] Reliant1087 9 points 1 year ago

I think everyone is on a journey from 2 -> 1, some just get there sooner than others :)

[–] [email protected] 3 points 1 year ago

I'd call the second group fools because those are generally the ones that the system is trying to be safe against.

[–] Hypersapien 1 points 1 year ago

Foolproofness is an asymptote. It's not achievable but we can always get closer.

[–] marcos 0 points 1 year ago

If you are creating some software in 2023, it should not be vulnerable to SQL injection.

There's no "but" or "unless".

I really wished the presentation layer and session management had that kind of clear interfaces, instead we are stuck into only solving some 99.9% of CSS and 90% of CSRF. But SQL injection is 100% complete solved for good.

[–] [email protected] 11 points 1 year ago (2 children)

The best developers can admit they missed something, fix it, and move on to the next thing.

[–] [email protected] 8 points 1 year ago

The difference is that here lots of people posted about it and action was taken. If this was corporate owned, any suggestions of a problem would have been removed or denied, and months later after it hits public media they would have admitted there might have been a problem, and here's some free identity theft protection if you feel like you were affected.

[–] Reliant1087 3 points 1 year ago

True. Looking at lemmy GitHub, it looks like everyone is swamped.

[–] [email protected] 5 points 1 year ago (2 children)
[–] [email protected] 8 points 1 year ago

Because there was a xss bug in Lemmy cause by not escaping some inputs

[–] teft 7 points 1 year ago* (last edited 1 year ago) (1 children)

Because he doesn't know the difference between an SQL injection and a Cross site scripting attack.

Link for those who would like to learn more.

[–] [email protected] 22 points 1 year ago (1 children)

Or because both relate to not sanitizing your input

[–] glorious_albus 14 points 1 year ago (1 children)

Yeah lol. What is up with the condescension?

[–] [email protected] 2 points 1 year ago

Reddit migration side-effects.