Thursday, May 18, 2006

LOL What?

Cross-posted from Husi.

I can't stop laughing!

I had a look at the queue of incoming tickets and stumbled across this one:
Can you tell us if $YourBigApp is secure from the following:
  1. Buffer Overflow
  2. SQL Injection
  3. Script Injection
  4. URL Injection
Now guess which customer it was.


Yes, that company actually submitted those questions. I forwarded it in a mail to the worldwide SysAdmin team with my dream response:

It will be when yours is.

I can't help wondering that if we answer "Yes" that they'll come back with "So how do you do it?"

There's no way in the world I'm taking that ticket because there's no possible way I'd be able to stop myself including my dream response, so I have to settle for a big glass of LMAOnade and leave this one for someone else.

While technically correct, my answer would get way too much attention from upper management. Not the good kind of attention but rather the kind that could quite possibly interfere with my addictions to food and four walls.

One guy who this was forwarded to wrote back saying his dream response would've been "Sure, if you install it on UNIX." Unfortunately $OurBigApp runs in MainWin, so even though $OurBigApp runs on stable machines, it does so in an inherently unstable and insecure manner.

I'll be in a good mood for a while today.


Post a Comment

Links to this post:

Create a Link

<< Home

In compliance with $MegaCorp's general policies as well as my desire to
continue living under a roof and not the sky or a bus shelter, I add this:

The views expressed on this blog are my own and
do not necessarily reflect the views of $MegaCorp, even if every
single one of my cow-orkers who has discovered this blog agrees with me
and would also like to see the implementation of Root Cause: 17-Fuckwit.