Way to many...

- Passwords stored in plain text on the year 2014
- Not supporting HTTPS because to expensive
- Hidden admin URLS
- Databases available all over the internet
- Client Side validation
- IoT

  • 3
    There's no excuse for https now though. It's free with let's encrypt and people who don't want to do it are just a bunch of old guys who don't understand what it does.
  • 4
    Granted, client-side validation isn't a security flaw. It's a UX feature.

    Lacking server-side validation is the security flaw!
  • 0
    Major ++ on IoT though
  • 1
    @martin of course you are right.

    It is supposed to mean: Client Side validation only!
  • 2
    I didn't realise it was 2014! I must be from the future! 😁
Add Comment