I found this interesting link in my logs to the University of Washington’s CS department coursework. Apparently their assignment (due tomorrow) is to actually get their professors to give up their fake credentials by getting them to click on links. Pretty interesting actually! I’m surprised to see this kind of stuff being taught, but I’m really glad too, because a lot of what XSS is is input validation basics. It’s exactly the sort of thing that needs to be taught in CS classes, and it’s one that has somehow evaded most schools.
The intense irony in finding this is not lost on me though - I actually failed out of school and now my site is recommended course reading for CSE 490K (an advanced CS class). Maybe I should ask for course credit! Now don’t go and help the students! They have to learn this stuff for themselves!