Jeff Knutson : SQL Injection comic

SQL Injection comic

My friend Ryan^* sent me this comic about SQL Injection today. Here is a link to Wikipedia in case you are not familiar with SQL Injection. Your favorite search engine will also yield many results.

While it makes for a funny comic, SQL Injection is no laughing matter. As Michael Howard stated in Secure Code (2^nd ed.) p.341, "all input is evil until proven otherwise". I hope every developer who reads this will post a copy of this comic in their as a reminder to validate input and that even a serious topic like security can be made fun!

Cheers to a more secure 2008! J

^* (Ryan has still not registered his name for a web site so I can't hyperlink it here. One of these days I'm going to register it for him and put up a 'fun' picture on it, lol)

Published Wednesday, January 02, 2008 6:34 PM by jeffk

Filed under: Technical, Security

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

No Comments

Title (required)
Name required
Your URL
Comments (required)
Remember Me?

Jeff Knutson

This Blog

Syndication

Search

Tags

Navigation

Archives

SQL Injection comic

Comment Notification

Comments

Leave a Comment