Skip to main content

View Diary: A Web Developer's View of Lieberman's Lie (203 comments)

Comment Preferences

  •  smtp != http (5+ / 0-)
    Recommended by:
    pb, Avila, mariva, kraant, lightfoot

    If the email server is written into the site by the same person, as is often the case on a site where everything is web based, the email would go down for the count in the first punch as well.

    nuh-uh.  email server is something completely separate from web server.  web-based email, as in, checking and sending email via a web browser, has nothing to do with the actual email server.

    and w/r/t SQL injection, it's not that difficult to recover from.  restore db from backup, boom, fixed in 5 minutes.

    •  each user would have their email client (3+ / 0-)
      Recommended by:
      Clem Yeobright, mariva, kraant

      config'd to use a smtp server, i bet they were using the same mail.joe2006.com for smtp as well as pop3 just like most small sites.

      Believing isn't Seeing, Seeing is Believing.
      Heathbar's Crunch

      by Dr Seuss on Tue Aug 08, 2006 at 08:31:34 PM PDT

      [ Parent ]

    •  Many sites (0+ / 0-)

      have all their communications stuff web based, including email.   Yes there is an email server underneath, but there is often other correspondence in the web server that is supplimented by or suppliments the email.  If such a system existed, a cheap drop in system that the admin only knew how to use, but not to debug, that would explain the crying and deep despair.  

      Many users, like maybe Joe, don't know that SMTP is not HTTP.  They think everything is the web.   They may have had all kinds of collaboration tools on their site not open to the public, that some dumbass admin set up in the cheap but didn't know how to fix.

      Most people are idiots... But don't tell them. It'll spoil all the fun for those of us who aren't.

      by d3n4l1 on Tue Aug 08, 2006 at 09:40:06 PM PDT

      [ Parent ]

    •  Also (1+ / 0-)
      Recommended by:
      DemCurious

      if the code on the backup is bad for the injection attack, what is going to keep the same request from causing another crash once the backup is restored?

      Please understand I am imagining an incompetent admin at the controls.

      Most people are idiots... But don't tell them. It'll spoil all the fun for those of us who aren't.

      by d3n4l1 on Tue Aug 08, 2006 at 09:48:55 PM PDT

      [ Parent ]

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site