Problems with NULL

A security researcher by the name of Droogie decided to mess with the Automatic License Plate Reader systems that issue traffic fines, securing the vanity plate “NULL,” part for fun and part in the hope that this spoofed the system into returning errors whenever his plate was seen. Instead he received more than $12,000 in fines—clearly his plate became a dumping ground for erroneous data records.

But the serious side of the pitch for Droogie remains: “Could someone exploit one of these scenarios for profit?” And the “NULL” theory extends beyond license plates to other systems. "Would a Null surname have trouble purchasing plane tickets or cause bugs in systems if applied?

So some queries treat the string 'NULL' the same as NULL ?

I don’t buy it.

1 Like

I had some BAQ’s that would fail if there were single quote marks in the parameter. Think its been patched now. The government is usually twice as crappy so it wouldn’t surprise me.

Also see relevant XKCD:

1 Like

I thought that link was going to be to the one about the guy with the license plate ‘0O00O0O’

1 Like

I don’t remember that one, otherwise I might have posted it :slight_smile:

I was slightly off…