Secure coding in Java: Bad online advice and confusing APIs
Found on Help Net Security on Saturday, 07 October 2017
A group of Virginia Tech researchers has analyzed hundreds of posts on Stack Overflow, a popular developer forum/Q&A site, and found that many of the developers who offer answers do not appear to understand the security implications of coding options, showing a lack of cybersecurity training.
“These poor coding practices, if used in production code, will seriously compromise the security of software products,” the researchers pointed out.
There are a bunch of people who think they know how to write code because they are able to copy&paste snippets together. Nobody knows everything, but if you blindly use code in your project which someone else posted on an online board, without actually understanding it, you deserve every single problem you get.