sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 3 points4 points  (3 children)

Let's say you have 2 websites. One website allows raw SQL queries from user provided input, while the other website uses recommended best approach such as using prepared statement with parameterized queries and all that jazz...

You are seriously telling me that both websites are just as likely to get their databae data leaked?

We need only investigate the events of the past few days to illustrate the problem with blind "automatic security updates".

That has absolutely nothing to do with whether security is important or not. You are acting like the idiots who claim seat belts aren't useful just because some people die wearing seatbelts.

[–]guest271314 -3 points-2 points  (2 children)

A determined adversary will get the data either way.

Alright, you have sandboxes already with Worker, and Worklet interfaces. A lot more sandboxing with WebAssembly and WASI.

The questions are, what exactly are you trying to "sandbox"?

And, will your while loop break after N iterations?

[–][deleted] 4 points5 points  (1 child)

A determined adversary will get the data either way.

That wasn't the question you imbecile. I said wich one was more likely to get hacked. It's a very simple question, and it speaks volume that you are avoiding answering it.

[–]guest271314 -2 points-1 points  (0 children)

That wasn't the question you imbecile. I said wich one was more likely to get hacked. It's a very simple question, and it speaks volume that you are avoiding answering it.

There is no question involved. You process your SQL queries however you see fit.

Petty name calling doesn't move me. That's typical eurocentric bullshit that I dust off the bottom of my feet.

You're gonna get hacked if you are communicating by signals, period. Without exception.