• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Who on here was it...

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    Who on here was it...

    “ Companies House has forced a company to change its name after it belatedly realised it could pose a security risk.

    The company now legally known as “THAT COMPANY WHOSE NAME USED TO CONTAIN HTML SCRIPT TAGS LTD” was set up by a British software engineer, who says he did it purely because he thought it would be “a fun playful name” for his consulting business.

    He now says he didn’t realise that Companies House was actually vulnerable to the extremely simple technique he used, known as “cross-site scripting”, which allows an attacker to run code from one website on another.

    The original name of the company was ““><SCRIPT SRC=HTTPS://MJT.XSS.HT> LTD”. By beginning the name with a quotation mark and chevron, any site which failed to properly handle the HTML code would have mistakenly thought the company name was blank, and then loaded and executed a script from the site XSS Hunter, which helps developers find cross-site scripting errors.”

    Company forced to change name that could be used to hack websites | UK news | The Guardian

    That looks so Brilloant...

    #2
    Nick Fitz is the obvious suspect.
    bloggoth

    If everything isn't black and white, I say, 'Why the hell not?'
    John Wayne (My guru, not to be confused with my beloved prophet Jeremy Clarkson)

    Comment


      #3
      Nah, he got an alibi - he was under lock down...

      Comment


        #4
        Originally posted by xoggoth View Post
        Nick Fitz is the obvious suspect.
        Grass.

        Comment


          #5
          how did he even register the company name.
          I would expect it would have crashed companies house or hmrc database

          Comment


            #6
            Was he called Bobby Tables?

            The greatest trick the devil ever pulled was convincing the world that he didn't exist

            Comment

            Working...
            X