this post was submitted on 24 Jan 2024
391 points (98.5% liked)
Cybersecurity - Memes
2000 readers
1 users here now
Only the hottest memes in Cybersecurity
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If they're trying to protect themselves from code injection by rejecting certain user input like that, then they don't actually know how to protect themselves from code injection correctly and there may be serious vulnerabilities that they've missed.
(I think it's likely that, as others have said, they're using off-the-shelf software that does properly sanitize user input, and that this is just the unnecessary result of management making ridiculous demands. Even then, it's evidence of an organization that doesn't have the right approach to security.)
I don't know, maybe they saw that classic XKCD comic and now they're thinking "hahah, I'm wise to your tricks, ya little shit"