Even though I usually don’t cover any releases which are intended to solely promote a report, I have to make an exception for this one:
The 2009 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most significant programming errors that can lead to serious software vulnerabilities. They occur frequently, are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or prevent the software from working at all.
The list contains a variety of errors and bugs ranging from mundane things like improper input validation to highly annoying (and difficult-to-find) stuff like race conditions. Each “eeker” comes with a short description and a few hints for preventing it in the future.
While the average mobile software developer probably won’t be too interested in most of these issues, they nevertheless make a good read. Get the full scoop here:
http://cwe.mitre.org/top25/#Brief
Image: Wikimedia Commons / US Navy
Related posts:
Content, RSS
Twitter