Beware of Lazy Developers Copying Code, Research Suggests this can lead to Insecure Programs

In the time of high-technology and great innovations, there are still some people that are copying ideas, codes and much more in the name of the solution. Recently, a group of scientists researched online websites including Stack Overflow where the developers come to seek the solution to the broken code.

What researchers found is astonishing and is equally threatening!

Most of the snippets that were found on the website were copied chunks that were not even able to resist the most common attacks. Imagine, going for a solution that is actually a threat to your data and privacy. Many times, the developers asking for the solution were not aware of what they were signing up for, however, their unawareness is still not going to protect them from future threats.

The codes that were copied were elsewhere were lacking basic checks, while other more significant code chunks have obsolete functions in them. Moreover, the codes were not checked for user responses neither the application was tested if it became breakable after using these codes.

Researchers found another website, Github that was used for sharing programmes and codes behind application by developers. The researchers found 2,800 projects on which insecure code blocks were used, suggesting the level of threat that the developers were facing.


Researchers at the Iranian and Canadian universities are focusing on the use of C++ language on many projects. The researchers also informed the concerned people whose apps and programmes have become vulnerable to attacks due to these code chunks.

The responses from the developers were not so promising with only 13% saying that they have fixed the code and 40% stating that their programmes are safe. Stack Overflow should not be completely trusted as highlighted by the researchers. It’s necessary for developers to not seek short routes to success and look for the best way.



Read next: New Study Reveals Hackers Can Now Extract Content Even from the Protected Documents

No comments:

Post a Comment