You are reading a single comment by @hippy and its replies.
Click here to read the full conversation.
London Fixed Gear and Single-Speed is a community of predominantly fixed gear and single-speed cyclists in and around London, UK.
This site is supported exclusively by donations. Consider donating a small amount regularly.
hippy
I'll revise this in light of more info on the Talk Talk "hack".
CloudFlare would've prevented it.
Aside from handling the DDoS, we would've stopped the SQL injection that formed the actual hack.
Talk Talk should be sued for negligence, SQL injection is #1 on the OWASP Top Ten list: https://www.owasp.org/index.php/Top_10_2013-Top_10 . It's very easy to avoid, so any software that doesn't avoid it is flawed and the responsibility should be wholly with Talk Talk and no-one else.
A 15 year old script kiddie!