I'm always amazed by what lengths random people will go to hack software. Half my developers don't even understand SQL injection attacks. There's not one of them that really understands buffer overflows. So what chance do I have of getting a secure product out?

Those sorts of things really should be part of every programmer's education.

they were in mine. in fact, had a whole class and (private, disconnected, secure) lab devoted to them. covered everything from your basics (buffer overflow, sql injection) to more interesting stuff (analyzing/creating/decompiling viruses). it was my favorite class. good times.

i was thoroughly surprised when i started working in the "real world" and no one had any clue about what i thought was basic security practices.

CPSC 420? Sounds like a good class.

This seems far simpler than SQL Injection of Buffer Overlow attacks. Why doesn't Time require some kind of registration? They could use registered users as a basis for, dare I say, "Web 2.0" features.

Registration instantly kills participation. This is a poll, not a transaction, or a subscription, or anything complicated like that - there's no reason to make it so.

A captcha would have worked nicely - hassle free, commitment free (remember, most of your visitors will flee for the hills as soon as you present a registration), and tough enough to crack that most people wouldn't even try. Even if you had a script that farmed captchas all day to manual labour the effect is still relatively small.

its similar to a really easy to perform sql injection.

So...where do you work?

:)

4chan is basically the definition of silly.

4chan, overall, might be silly, but /b/ is trolling elevated to an art form. absolutely, the most depraved and nihilistic of all the internet, so much so that it becomes something beautiful. /b/ is the works of Marquis De Sade, John Waters, Roger Corman, Banksy, Cortney Love and Dead Kennedys all rolled into one. (also, throw in Kant and Hegel for good measure, because /b/ operates under its own dialectic.)

It's the low points of humanity pursued with ecclesiastical rigor. /b/ will fuck you over in every possible way, for no reason, and you will get up whipping your bloody nose knowing you have made someone else's lulz possible. And what pleasure!

I think Xoxohth/Autoadmit (a law school admissions forum that is actually about 20 trolls using 800 user names to "flame" each other) is more artsy than /b/, though it doesn't have quite as much force. XO has resulted in lawsuits, and it has also brought to trolling the "heroic women" and "guys at my high school" memes, the WGWAG acronym, whokebe and the word "pwnsive" (a corruption of "pensive").