[thelist] Need help with a simple regex (Monday annoyance)

Joshua Olson joshua at waetech.com
Mon Apr 4 23:24:55 CDT 2005


> -----Original Message-----
> From: Ken Schaefer
> Sent: Monday, April 04, 2005 11:34 PM

> Unfortunately, none of us (AFAIK) are experts on this. If 
> people like Michael
> Howard (author of Writing Secure Code [1]) and David 
> Litchfield (NGSS - he's
> discovered how many vulnerabilities in various pieces of 
> software? [2]) say
> it's possible, then I take their word for it (especially over 
> people here who
> say "they can't get it to work" - no offence intended, but I 
> think the former
> two know a lot more about what they are talking about).

Respectfully, I'd love to see an example of the character encoding injection
attack.  Any chance you could dig one up?     Smart people theorizing about
things isn't enough to make me worried.  This kinda reminds me of the dark
matter problem in astrophysics... most of the smart minds say is MUST exist,
but nobody can find it.  I'm sure this nut is a bit easier to crack, though,
or prove.  So, let's prove it...  then will I get onboard and be an evangel,
too.

<><><><><><><><><><>
Joshua Olson
Web Application Engineer
WAE Tech Inc.
http://www.waetech.com/service_areas/
706.210.0168 




More information about the thelist mailing list