Security

SQL injection is probably one of the most widely used techniques for hacking websites. Hackers can look at the form variables on a website to determine if it could possibly be injected with SQL. Many home made website portals can easily be hacked because SQL injection prevention can be time consuming for programmers, and many people don’t know how to protect against SQL injection.

Lets take a look at the following SQL statement.

Statement: select * from users where username=’ + $formUserName + ‘;
$formUserName data comes in from an HTML form from your website. This is the key variable in the script that you will use to inject SQL code into. Lets look at the hacked, SQL injected version.
(continue reading…)

News Corp, which owns the Wall Street Journal, MySpace, Fox News, and DirecTV hired the world’s “second best hacker” ,Christopher Tarnovsky. Tarnovsky was used to flood the market with pirated DISH smartcard devices, giving free satellite television to potential paying DISH customers, which ultimately tanked about $900M from DISH. Tarnovsky says he was paid on a regular basis for 10 years, and received paychecks from Harper Collins, News Corp’s publishing company.

Smart cards enable satellite TV converter boxes to bring in premium channels, Tarnovsky hacked the smart cards,duplicated them, then flooded the market to effect DISH’s competitiveness.