MyThinkPond

On Java, Python, Groovy, Grails, Spring, Node.js, Linux, Arduino, ARM, Embedded Devices & Web

Archive for the ‘Security’ Category

Your password is probably useless, says coding guru Jeff Atwood. Here’s why | ZDNet

Posted by Venkatt Guhesan on March 13, 2017

The best way to improve passwords is to think like the user and stop creating bad password-composition rules, Stack Overflow founder Jeff Atwood tells developers.

Source: Your password is probably useless, says coding guru Jeff Atwood. Here’s why | ZDNet

Posted in Security | Tagged: , , | Leave a Comment »

An insecure mess: How flawed JavaScript is turning web into a hacker’s playground | ZDNet

Posted by Venkatt Guhesan on March 13, 2017


Researchers say tens of thousands of sites are using JavaScript libraries that are years old and contain publicly known vulnerabilities.

An analysis of over 133,000 websites has found that 37 percent of them have at least one JavaScript library with a known vulnerability.

There are no reliable vulnerability databases, no security mailing lists maintained by library vendors, few or no details on security issues in release notes, and often, it is difficult to determine which versions of a library are affected by a specific reported vulnerability.

Source: An insecure mess: How flawed JavaScript is turning web into a hacker’s playground | ZDNet

Posted in Javascript, Security | Tagged: , , , , | Leave a Comment »