March 12, 2004
most?! (geekin, link, opinion, quote)
http://www.cnn.com/2004/TECH/ptech/03/11/resumes.fraud.reut/index.html
Breaking into a database is relatively easy because MOST DATABASE SERVERS ARE NOT PASSWORD PROTECTED, said Alfred Huger, director of engineering at anti-virus company Symantec.
Emphasis mine, obviously. That has got to be one of the stupidest things I've ever heard. EVERY database server I've ever used or even heard anything about has been pasword protected. I have an extremely hard time believing Mr. Alfred Huger's statement. The reporter should have at least asked him to provide a source to back up that statement. If I ever found out that a company that I bought a product or service from had a database (such as a database of attendees to, say, a university) that wasn't password protected, I would probably sue them. That's just gross negligence.
Posted by yargevad at March 12, 2004 01:18 PMAfter a brief email exchange with a PR guy associated with Symantec, it turns out that Mr. Huger was misquoted:
"It was a misqoute. What Alfred actually said is it's not uncommon for database servers to be without passwords or with weak passwords."
I can understand the "weak passwords" argument, but I've never seen or even heard of a database that isn't password protected ("without passwords"), except maybe for local connections, which would still require access to the database server itself... sounds like the beginning of a sales pitch to me.
Posted by: yargevad at March 17, 2004 12:43 AMAlfred Huger is a murdering neo-nazi - ask around.
Posted by: Marcus Pinto at August 15, 2007 04:04 PM