Certainly 140 characters is not enough to express all the thoughts around recent CSRF flaw in OpenCart and how it was handled (in my humble opinion it even deserves nomination for Pwnie Awards), although some people had a good go at Daniel Kerr.
Above is just a selection of comments that you can find on Twitter and in all of this negative karma there is some good thing going on. This incident got quite a lot of people to write some really good posts about the incident. Some of my favorite posts are Humble Helps and Psychology of "Secure Code" - definitely worth reading.
Although I'm not an expert in either coding or security (but I did quite a lot of both) I think there is also a bit more to it.
Above is just a selection of comments that you can find on Twitter and in all of this negative karma there is some good thing going on. This incident got quite a lot of people to write some really good posts about the incident. Some of my favorite posts are Humble Helps and Psychology of "Secure Code" - definitely worth reading.Although I'm not an expert in either coding or security (but I did quite a lot of both) I think there is also a bit more to it.
Continue reading Coder vs Security - friend or foe?.
