A place for developers to talk about building on Farcaster.

/dev

Interesting article about the impact of knowing a database schema has on potential sql injection. It’s a legal drama played out in sql tables.

Interesting article about the impact of knowing a database schema has on potential sql injection. It’s a legal drama played out in sql tables. https://sockpuppet.org/blog/2025/02/09/fixing-illinois-foia/

Writer. Building @pinatacloud. Working on simple static site hosting https://orbiter.host \ https://polluterofminds.com

Super cool read, thanks for sharing! This is a classic case of "security by obscurity" which never ends well.

That said, I do wonder what tables exist in that schema that would give pause to citizens if revealed.

Part of modern democracy will be better disclosures about the tech that's used to govern us

Designing and building AI systems

https://agents.gladio.ai

Yeah I’m actually all for FOIA requests revealing database schemas. I also think it DOES make it easier to find vulnerabilities if you know the schema. But the way to protect against vulnerabilities shouldn’t be based on obscurity

More specifically, you can say it facilitates target identification, knowing exactly which tables and columns you're interested in.

That said, it's just one small step, you still need to extract the data.

This is most definitely a patchwork software system as alot of gov software is, where the terribleness is concealed through obscurity as a hopeful layer of protection