How Not to Write an API

by
in code on (#3FD)
While creating an Android App for Criticker, a movie review and recommendation website, this author found some interesting security holes in their API.

Who knew that a LookupPassword function that returned any user's password in plain-text would be a bad idea?

Re: Deeper problem (Score: 1)

by insulatedkiwi@pipedot.org on 2014-03-10 15:17 (#CN)

I only forget the salt when cooking, but when cooking, you can usually add the salt later with no negative impact to food safety and security.
Post Comment
Subject
Comment
Captcha
Which of 74, one or 61 is the largest?