Ruby On Rails SQL Injection Flaw Has Serious Real-Life Consequences

vikingpower writes "As a previous Slashdot story already reported, Ruby on Rails was recently reported to suffer from a major SQL injection flaw. This has prompted the Dutch government to take the one and only national site for citizens' digital identification offline (link in Dutch, Google translation to English). Here is the English-language placeholder page for the now-offline site. This means that 16 million Dutch citizens cannot authenticate themselves anymore with government instances, and that those same government instances can not communicate anything to those same citizens anymore." Fixes were released, so it looks like it's on their sysadmin team now.

Re:Overraction

[Andy+Prough]

Good point - that does look better. And I think maybe Peter with the third line, like this:

Quagmire: "Really? The Dutch government does a decent job at being serious on maintaining security of their citizens' identification data and your first thought is to criticize them for overreacting?"

Cleveland: "You've obviously never worked with sensitive data."

Peter: "Any decent admin's reaction should have been the same if it included the possible leak of sensitive data. This is an entire country's data."

Stewie: "You have no idea what you're talking about and should just shut your pie hole."