Secure Coding In Java: Bad Online Advice And Confusing APIsOct 03, 2017, 07:00 (0 Talkback[s])
(Other stories by Anonymous)
For programmers and software developers, the Internet forums provide a great place to exchange knowledge and seek answers to concrete coding conundrums. Alas, they are not always the source of accurate information.
A group of Virginia Tech researchers has analyzed hundreds of posts on Stack Overflow, a popular developer forum/Q&A site, and found that many of the developers who offer answers do not appear to understand the security implications of coding options, showing a lack of cybersecurity training. Another thing they discovered is that, sometimes, the most upvoted posts/answers contain insecure suggestions that introduce security vulnerabilities in software, while correct fixes are less popular and visible simply because they have been offered by users with a lower reputation score.
0 Talkback[s] (click to add your comment)