dingostew.com

Did anyone see this this morning?

A hacker group, called Lulzsec, have released over 62000 email address with passwords, in return for their fans flooding /b/.

I downloaded the list to check if i was on it. I'm not! And neither is anyone I know. I also checked their website and they have other lists similar to this. Some of the stuff they've done is crazy, like hacking FBI affiliated websites, and exploiting other websites where the users had the same passwords! One of those users contacted them and was going to pay them to keep quiet, then they released the chat logs to the whole thing!
They also hacked Sony, using a simple SQL Injection hack and got access to over 1 million usernames and passwords!! Crazy!

People like that should be employed by the FBI... you could probably guarantee the people currently working there don't have these kind of skills.

Well considering they hacked the Sony servers by using SQL Injection, I'd hope that all the web people working for the FBI would have those kind of skills!!

Even this site is impervious to SQL injection!! And, even those crappy little PHP websites I made in college are injection proof!!

Code: Select all

stripslashes(htmlspecialchars($input))
// add to DB
...
//select from DB
stripslashes(htmlspecialchars($data))

Thats how you stop SQL injection!

I was referring more towards the FBI stuff they accessed, I'm pretty sure they've been into Gov sites etc before too...