Reply to post: Re: In what way do you assert that excerpt requires

TalkTalk attack: 'No legal obligation to encrypt customer bank details', says chief

Freimer

Re: In what way do you assert that excerpt requires

There are products that offer searchable encryption. And, just because you are theoretically vulnerable to SQL injection does not mean you actually are. It has been a very long time since the ability to protect against SQL injection was widely known. It is only lazy or incompetent web developers that don't know how to properly validate user input and quote data that are still vulnerable.

Searchable data masking and SQL injection sound like excuses to me...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021