Weblog entry #6 for kaerast
Still, it's not quite as bad as the time we had the vendors of a commercial database system in the office, and one of their marketing people logged into our server through an unpublished SQL injection vulnerability in order to check database size without first asking permission. Tech support, I could almost have forgiven for this, but marketing people knowing about this vulnerability and blatantly using it in front of me?! That to me is completely unacceptable.
Comments on this Entry