[Noisebridge-discuss] Any chance in hell this might work?
Matt Brannock
heisroot at gmail.com
Mon Mar 22 17:18:47 UTC 2010
Maybe when the OCR fails, it's passed to a human being to interpret. If the
human being decides to enter the full line, and their entry form does no
validation/sanitization, it's conceivable.
I've seen physical security system software (especially surveillance
software). Unbelievably awful.
Still quite a long shot...
On Mon, Mar 22, 2010 at 7:53 AM, Red ShuttleGunner <
redshuttlegunner at gmail.com> wrote:
> perfectly reasonable question. physical security systems are crap. people
> who build video analytics software (that "we can read your licence plate on
> the far side of the corporate parking lot" stuff) are indeed the kind of
> microsoft koolaid-sipping idiot app programmers who would drop unscrubbed
> input into the backend.
>
> I love it. will take this picture with me to ISC West (physical security
> conference this week in 'Vegas, where I'm doing a talk.)
>
> Yes, sensible developers aware of 21st century coding defenses could
> trivially survive this, were it to get back a rationally designed set of
> equipment that might read this.
>
> Like I said, not the folks running the monitoring cameras...
>
> On Sun, Mar 21, 2010 at 10:36 PM, Ozzy Satori <ozzymandi at gmail.com> wrote:
>
>> http://i.imgur.com/RQcCi.jpg
>>
>> I know it's a long-shot, but I'm seeing the most epic civil-disobedience
>> campaign in history.
>>
>> I'm a mobile client guy whose always depended on Database Programmers for
>> my SQL stuff, but I'd love some tech feasibility opinions from people who
>> know more than me.
>>
>> Is this an injection vector that the vendors would have likely
>> considered?
>>
>> -Ozzy.
>>
>> _______________________________________________
>> Noisebridge-discuss mailing list
>> Noisebridge-discuss at lists.noisebridge.net
>> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>>
>>
>
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20100322/ef89270e/attachment-0003.html>
More information about the Noisebridge-discuss
mailing list