A Lesson on the Fundamentals

straight_stewie · December 19, 2016

So this is a website called jail tracker (still broken as of 12/19/16). It lets you view your friends jail status, any open cases, and their bail/bond. It contains only already public information, so breeches of security aren't necessarily a big deal from the standpoint of privacy. However, the website has failed and leaves us with this, lovely page:

Some of the text is cut off.

Just about the only thing worse for security than a stack trace is actually showing people your full source code.

And that brings me to the point: Always practice the fundamentals of error checking and exception handling. If this were a website like Facebook, Yahoo, or Twitter, billions of peoples personal information would be at EXTREME risk.

madknight3 · December 19, 2016

3 minutes ago, straight_stewie said:

Always practice the fundamentals of error checking and exception handling

Also utilize things like error pages so even if you miss something, the user doesn't see anything they shouldn't.

Mira Yurizaki · December 19, 2016

I bought this book a few months ago. While it's geared towards Node.js web applications, the content can be applied pretty much anywhere: https://www.amazon.com/Secure-Your-Node-js-Web-Application/dp/1680500856