The most dangerous programming mistakes

All topics about coding, designing, etc. goes in here.
Post Reply
User avatar
Ron2K
Forum Technical Administrator
Posts: 9050
Joined: 04 Jul 2006, 16:45
Location: Upper Hutt, New Zealand
Contact:

The most dangerous programming mistakes

Post by Ron2K »

InfoWorld wrote:Programmers often like to talk about how a new tool or a new version of their favorite platform will make coding faster, easier, or more elegant. Although this may be true, it ignores just how difficult and painstaking the process of developing quality software actually is, no matter what tools are used.

Case in point: the CWE/SANS list of the top 25 most dangerous software errors. Each year, the list's editors draw upon the experience of leading software security experts to rank programming errors by frequency, severity, and the likelihood that they will lead to exploitable vulnerabilities. This year's list was published this week, and the bad news is how few surprises it contains.
Full article

Well worth the read, particularly in this day and age of Anonymous and LulzSec.
Kia kaha, Kia māia, Kia manawanui.
Bladerunner
Registered User
Posts: 14338
Joined: 04 Sep 2004, 02:00
Processor: i386DX Sooper
Motherboard: A blue one
Graphics card: A red one
Memory: Hard drive
Location: On a Möbius strip
Contact:

Re: The most dangerous programming mistakes

Post by Bladerunner »

I once had to do maintenance on an already live website (CMS actually) my employer took over from a place called "Electric Pencil", or something along those lines. These morons couldn't even bother to do a proper login: you had to enter a password, but then you were simply redirected to the admin page. Anyone who knew they could just navigate to "http://site.com/admin.php" would have been able to edit the entire web site and database content.

Now that's scary.
If I weren't insane: I couldn't be so brilliant! - The Joker
Post Reply