Stories
Slash Boxes
Comments

SoylentNews is people

Top-Ranked Programming Web Tutorials Introduce Vulnerabilities Into Software

posted by Fnord666 on Sunday April 23 2017, @08:33PM   Printer-friendly
from the then-again-it's-PHP dept.

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

Researchers have checked 64,000+ GitHub projects, and found 117 vulnerabilities introduced through the use of code from popular programming tutorials.

Things like this are why I would never hire a professional programmer without an online portfolio of source code to check for Blatant Stupidity.

Source: https://www.helpnetsecurity.com/2017/04/21/programming-tutorials-vulnerabilities/

Original Submission

 
This discussion has been archived. No new comments can be posted.
Top-Ranked Programming Web Tutorials Introduce Vulnerabilities Into Software | Log In/Create an Account | Top | 46 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by VLM on Monday April 24 2017, @01:20PM

    by VLM (445) on Monday April 24 2017, @01:20PM (#498816)

    A tutorial that shows everything that can go wrong is not a tutorial

    In the simpler, older days, that's how a lot of assembly language opcodes were documented, and some other languages too.

    Something I always liked about assembly was an architecture that didn't suck, tended to fully document almost all opcodes in one page or less. Usually the outliers were the more exotic floating point ops especially I/O-type format conversion ops, and interrupt control in CPUs with more elaborate interrupt systems or more elaborate stack systems.

    As things get more complicated, and lower IQ people became programmers, docs quality dropped until the standards are so low its "wrong" to be good now.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2