Page 1 of 1

UN Website

Posted: Sun Aug 12, 2007 8:52 am
by thiscatis
The United Nation's website has been hacked
:)

Posted: Sun Aug 12, 2007 8:53 am
by feyd
That's nice. ... and...?

Posted: Sun Aug 12, 2007 8:58 am
by thiscatis
It does stress the fact you coding guru's always say about safe code and exploits.

You had a bad childhood feyd, or am I misinterpreting your attitude.
I just thought it was something I could share with other people here and just don't comment if this news doesn't have any value for you.

Posted: Sun Aug 12, 2007 9:00 am
by superdezign
I think he's just saying that a lot of websites get hacked... If it's in the public eye, someone's more likely to try.

Good thing we have ways of catching and jailing hackers... :roll:

Posted: Sun Aug 12, 2007 9:17 am
by feyd
superdezign roughly got my point.

A website getting hacked isn't all that interesting today. Since this particular hack was politically targeted toward a member of the UN, it's even less interesting.

Unless they came up with some ingenious or novel way to hack the site, it's just another site hacked -- no more interesting than the next --, likely through a slip in site security.

Posted: Sun Aug 12, 2007 2:32 pm
by TheMoose
feyd wrote:Unless they came up with some ingenious or novel way to hack the site, it's just another site hacked -- no more interesting than the next --, likely through a slip in site security.
What makes it more interesting (to me) is that it was a superb lapse in security judgment. The hackers used SQL Injection to do it. Nothing fancy. But you would think that even the most basic programmers know about SQL Injection and some basic steps to prevent against it. Whoever coded the site didn't even try to prevent against it, and half their site still allows for it.

Posted: Sun Aug 12, 2007 2:45 pm
by superdezign
TheMoose wrote:What makes it more interesting (to me) is that it was a superb lapse in security judgment. The hackers used SQL Injection to do it. Nothing fancy. But you would think that even the most basic programmers know about SQL Injection and some basic steps to prevent against it. Whoever coded the site didn't even try to prevent against it, and half their site still allows for it.
Makes you wonder how easy it is for a company to act as though they are more experienced than really are when they are being contracted.

Posted: Mon Aug 13, 2007 7:16 am
by malcolmboston
superdezign wrote: Makes you wonder how easy it is for a company to act as though they are more experienced than really are when they are being contracted.
I could tell you some real horror stories of so called professional companies handing out piece of <span style='color:blue' title='I&#39;m naughty, are you naughty?'>smurf</span> and charging through the roof

Posted: Mon Aug 13, 2007 12:14 pm
by RobertGonzalez
This article is a blast, and points out that the UN site has some issues with outdated systems and such...

I personally found it hilarious that a global organization would allows their web site to be put up without every making sure that the site was protected. I mean, seriously, there isn't a developer in all of Earth that help this organization out with some usability and security tests?

Posted: Mon Aug 13, 2007 10:31 pm
by timvw
Well, the UN have each year a lot of CS students that work on their website during an internship... Knowing a couple of those 'experts' i can't say that it surprises me.