9 December 2005
I just had the pleasure of giving a lecture on Internet security at a local high school. Over the years I've learned enough things the hard way that I figured I had a few tips to offer. The class was most impressive, they discovered the content hijacking exploit within 90 seconds of being told to hunt for "something unexpected" in a search form. It was wonderful to be in a room full of people eager to explore. The impromptu penetration testing of their websites was also quite enjoyable (ooh, I can execute arbitrary SQL statements).