In the 10 years since I launched my consulting/training venture, I've worked with thousands of software developers around the world. As you might expect, I've seen many software security failures. Given that experience, I'm often asked what I think are the biggest, baddest mistakes made in software today.
In response, I don't cite specific failures. That's what the OWASP Top-10 does. It and similar lists serve a purpose, but at heart they describe a set of symptoms of just a few, far bigger problems.
Security has seldom been a priority in application development, but pressure from businesses stuck patching faulty software is having an impact on the industry.
Among the large software makers that have seen the light is Microsoft, which is pushing Windows developers to adopt a standard methodology and framework for building secure applications.
Bitcoin is not going away, the digital currency's developers say, and they're craving more technically savvy people to support its use.
"Our bottleneck is not new code, it's code review and testing," said Gavin Andresen , chief scientist at the Bitcoin Foundation, which provides most of the core backend development for the currency.
Dokkat was contracted to do a small job on a website for a large corporation. After giving the project a once over, he realized the code base was full of security risks:
"Lots of PHP files throwing user get/post input directly into mysql requests and system commands." Dokkat says the programmer responsible has a family and children, and he doesn't want to be the one to put this employee's job in jeopardy. How should he proceed without throwing someone under the bus?
Finding a Facebook friend for a benefits-only rendezvous is now more convenient than ever with the hump day release of the Bang With Friends mobile apps for iPhone and Android.
Bang With Friends (Official) for Android and BWF (Official) for iPhone arrived Wednesday to help Facebook members discreetly facilitate hook-ups from their smartphones.