Comment by tptacek
2 months ago
There is a whole sub-field of software security dedicated to retrieving information from SQL injections that don't directly return results. This is not a plausible objection.
2 months ago
There is a whole sub-field of software security dedicated to retrieving information from SQL injections that don't directly return results. This is not a plausible objection.
Well, again, you make your attack and you retrieve the schema. Why did you do that?
To become informed, which is also the stated purpose of FOIA?
Some may use their newfound education for good while others use it for evil, as with any education.