You seem to see threats as a "black and white" problem. Put enough "what ifs" 
in front of a statement, and nothing anywhere has any security at all.

On 15 Nov 10, at 23:30, mysql-digest-h...@lists.mysql.com wrote:

> From: "Daevid Vincent" <dae...@daevid.com>
> Date: 14 November 2010 13:22:02 PST
> To: <mysql@lists.mysql.com>
> Subject: RE: FW: [USN-1017-1] MySQL vulnerabilities
> 
> 
> I don't think you understand how many exploits work. Through some social
> engineering or plain brute force or rainbow tables I can get the user/pass
> for many typical users. I could also give you some code and tell you to run
> it and thereby my code is executed as an "authenticated user" without you
> even knowing it. And here's another statistic you might not be aware of --
> most "hacking" attempts are done BY people INSIDE a company, not external to
> it. It's extremely foolish and short-sighted to think that your system is
> safe unless it's in a "glass jar" and YOU are the ONLY user on it. Even
> then, YOUR account could be compromised too.

----------------
Thought is the sculptor who can create the person you want to be. -- Henry 
David Thoreau
:::: Jan Steinman, EcoReality Co-op ::::


--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe:    http://lists.mysql.com/mysql?unsub=arch...@jab.org

Reply via email to