Skip Navigation

CWE Top 25 Most Dangerous Software Weaknesses

cwe.mitre.org /top25/index.html
2
TechNews @radiation.party irradiated @radiation.party
BOT
[HN] CWE Top Most Dangerous Software Weaknesses
2 comments
  • 18.Use of Hard-coded Credentials

    I mean, really! At least it's down from last year.

    • I’ve known dev teams who don’t really know how to get their application to read from a configuration file (or similar). They would know how to do it in a “Hello, world!” type tutorial. But they didn’t have the skills to do it otherwise - let alone in the codebases they were maintaining. They just kept their apps chugging along on some super outdated .Net and they knew the database’s schema. That’s about it.

      They were getting paid more and have more job security than me so I commend them.