8
ke7mzp
8y

When in an application security talk put on by our cyber security department and one team (not mine) is being chastised for only doing client side validation, another dev asks so at what point can we trust the user? A few people nod and indicate they want an answer, and the speaker, said never, you never trust the user.

I can't believe people can graduate and get a job and keep a development job, especially in a highly government regulated company like where I work

Comments
  • 4
    Well just wait till you still see

    "SELECT * FROM table WHERE name LIKE " + userInput

    In the wild
    ...even in fairly large companies
  • 1
    Especially in highly regulated government company results would matter less than certificates and reports ;-)
Add Comment