I was NaN years old when I learned this.
this post was submitted on 24 Feb 2025
413 points (98.8% liked)
Technology
67338 readers
4366 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
How about XÆa-12? Asking for a friend.
Knew a guy who had the license plate ‘NULL’ and he was telling me how he never got a toll bill or red light ticket.
The article talks about a guy with a “NULL” license plate who gets tons of tickets for things he didn’t do so probably not the best plan
Yep. For the curious, any time a license plate photo couldn’t be fully read by the automated system, it was marked as “NULL” and he was flagged as the driver. So every single red light camera and speeding camera in the area was sending him to court every day.
load more comments
(4 replies)
My academic advisor in college was named Null
Even I kept running into trouble because the system thought I didn't have a registered advisor.
I have never seen this happen, and I don't know what tools would confuse the string "null" with NULL. From the comments in this thread, there are evidently more terribly programmed systems than I imagined.
Shit happens, mistakes are sometimes made. Valve once had code that could delete your entire drive.
I'm pretty sure at least some of the university's systems were designed by students.
load more comments
(3 replies)
I’ve been doing web development for something like 20 years now and I just can’t imagine how shitty your backend is if this is an issue.
With LLM coding increasing, it might be going up. Idk am no pro, just worried.
Tangential, but I find it hilarious how Gemini's syntax fucks up all the time.
I ask it to change my light called "CX2" to red. It complies, like usual, and it reads Okay, changing "CX2" to red., but what it says out loud is Okay, changing "CX two inches to red.
It happened to a friend who wasn't passing in the proper types into their stored procedures, all strings, and "null" (not case sensitive) conflicted with actual null values. Everything in the web interface were strings, and so was null.
For some people it takes this mistake before they learn to always care about the data types you're passing in.
This was my thought as well, sanitize your inputs! Are they not quoting/casting to string before input?
Unless you’re coding from scratch it’s hard to not do this with any modern framework.
A couple years ago I wanted to write a simple website with SQL injection vulnerability, so I could demonstrate sqlmap to someone
It was surprisingly difficult (and every fiber in my body screamed)
Imagine how hard it is to be this bad. Yet still people manage to do it.
Word press code, and plugins, do not sanitize out of the box. You have to call an additional function, each time, that is not provided automatically. Many home made plugins miss that; many popular plugins used to be home made ones
Wordpress is a sin against mankind.
Let's take a blog and slap a whole e-commerce system on it through a plugin and let it auto translate with another one, what could go wrong. wait why is everything so slow, oh i need additional plugins for caching and one more for functionality XYZ why is everything broken now?!?
Edit: Sorry, my app had a hiccup and posted my comment several times
load more comments
(1 replies)
Yet here we are, it and the plugins handle too much of my daily traffic. It’s easy to dismiss the piss poor coding, but is done at our peril.
Everyone of us has personal data stored in those God awful plugins, in their thousands of basic security holes
load more comments
(2 replies)
Legacy systems still handle more traffic than modern ones, I’d wager
any govt system.
load more comments
(1 replies)
load more comments
(4 replies)
load more comments
(3 replies)
/me changes name to '); DROP TABLE STUDENTS; --.
Are there character escapes for SQL, to protect against stuff like that?
Input sanitization typically handles this as a string that only allows characters supported by the data type specified by the table field in question. A permissive strategy might scrub the string of unexpected characters. A strict one might throw an error. The point, however, is to prevent the evaluation of inputs as anything other than their intended type, whether or not reserved characters are present.
load more comments
(4 replies)
Oh. Yes. Little Bobby Tables, we call him.