More bookmarks.

Thanks to Joe D. for the SQL injection by automobile photo in the earlier post.

Something else I happened to stumble across, while reading a Stack Overflow thread (“We have an employee whose last name is Null. He kills our employee lookup application when his last name is used as the search term (which happens to be quite often now).”). There’s a website devoted to preventing SQL injection.

Is that unusual? No. But the URL sent me into giggling fits. My hat is off to the folks behind this site.

Something else I’ve been meaning to link, and which Tom Ritter’s Twitter feed reminded me about: “Applied Cryptography Engineering“.

Applied Cryptography is a deservedly famous book that lies somewhere between survey, pop-sci advocacy, and almanac. It taught two generations of software developers everything they know about crypto. It’s literate, readable, and ambitious. What’s not to love?
Just this: as an instruction manual, Applied Cryptography is dreadful.

Applied Cryptography was an important book for me, and I don’t have the chops that would allow me to intelligently criticize Schneier or Thomas Ptacek. But even I have to admit that AC is almost twenty years old; that’s two or three lifetimes in cryptography. (Also, that makes me…f’ing old.)

One Response to “More bookmarks.”

  1. Andy Lester says:

    I’m glad you like bobby-tables.com. Tell your friends about it so that more newbies can learn the right way to prevent SQL injection. Also, if you have updates or suggestions, the entire site’s source code is at https://github.com/petdance/bobby-tables