Old but good
http://xkcd.com/327/
Vulnerabilities on a Daily Telegraph website have been exposed by serial grey-hat hacker Unu. In a posting on the hackersblog site Unu outlines a number of SQL injection security weaknesses on the newspaper's website. The entry, which includes screenshots to substantiate the claim, claims that subscriber email addresses were …
A company taking prompt action, acknowleding a weakness and thanking the hacker? Whatever has the world come to. I guess guys at The Telegraph are expert at handling PR issues - a few other companys I could name but won't should follow their lead...
Calm today.
"thanking the hacker"
Err .... I read the article again and I can't see anywhere where the hacker is thanked. Yes they acknowledged the problem and yes they took prompt action. But there's no mention of thanking the hacker, merely acknowledging that the problem was reported by hackersblog.org.
This post has been deleted by its author
You can have some other fun with the Telegraph links....
For example, here's their article about the Spotify hack:
http://www.telegraph.co.uk/news/4949044/Spotify-hacked-top-recent-hacker-stories.html
and here's the same article with a much funnier URL:
http://www.telegraph.co.uk/news/4949044/We-copy-all-our-stories-from-El-Reg.html
I'm sure you can all think up some better URLs than me ;-)
Sorry Dennis I read the full statement over at the Maily Telegraph:
http://blogs.telegraph.co.uk/shane_richmond/blog/2009/03/09/hackersblog_and_telegraphcouk
"Now hackers are rarely embraced as being friends but in this instance it's important to thank the team at hackersblog.org for bringing these issues to our attention..."
"Take responsibility for security on your own site"
"It was a third party who done it, not us"
Obviously you don't rely on a garage to service your car - you take responsibility and do it yourself.
And you don't rely on parts from the manufacturer - you take responsibility and make your own brake pads.
And you don't rely on farmers and supermarkets - you take responsibility and grow all your own food.
From Trends Security Suggestions (Linked from article)
"Trend Micro recommends the usage of the Comma Delimited Format when saving or exchanging Excel spreadsheets. Comma Delimited files (with the .csv file extension) have the same functionality as regular workbooks (with the .xls extension) ."
I wondered how long it would take for a fanboy to post a totally irrelevant comment about how good Apples are. What's that got to do with a website being attacked in this way exactly? Are you suggesting people should run enterprise-sized sites on Apple hardware and software?