Submitted via IRC for TheMightyBuzzard
Researchers have checked 64,000+ GitHub projects, and found 117 vulnerabilities introduced through the use of code from popular programming tutorials.
Things like this are why I would never hire a professional programmer without an online portfolio of source code to check for Blatant Stupidity.
Source: https://www.helpnetsecurity.com/2017/04/21/programming-tutorials-vulnerabilities/
(Score: 2) by VLM on Monday April 24 2017, @01:20PM
A tutorial that shows everything that can go wrong is not a tutorial
In the simpler, older days, that's how a lot of assembly language opcodes were documented, and some other languages too.
Something I always liked about assembly was an architecture that didn't suck, tended to fully document almost all opcodes in one page or less. Usually the outliers were the more exotic floating point ops especially I/O-type format conversion ops, and interrupt control in CPUs with more elaborate interrupt systems or more elaborate stack systems.
As things get more complicated, and lower IQ people became programmers, docs quality dropped until the standards are so low its "wrong" to be good now.