A deeper dive into our May 2019 security incident
We take a detailed look at a hacking incident that gave a user unauthorized access to our code and data.
Dean Ward
Principal Developer
Security considerations for OTA software updates for IoT gateway devices
In order to respond to threats, device designers must remotely update, which if implemented poorly, can provide another vector for attacks. In this post, dig into specifics related specifically to the over-the-air (OTA) software update framework in an enterprise setting.
Podcast 257: a few of our favorite haxx
From the Samy Worm to WannaCry, we chat about a decade worth of security snafus.
Ben Popper
Director of Content
The perils of impersonation tooling
On Wednesday, July 15th, a bitcoin scam hit Twitter. Celebrities such as Elon Musk, Barack Obama, and Bill Gates appeared to tweet out a message that promised to return double the amount of bitcoin sent to a specific wallet. It wasn’t a spontaneous and simultaneous act of generosity, it was a scam. At this point,…
How does spam protection work on Stack Exchange?
If you put a textbox on the Internet, someone will put spam in it. If you put a textbox on a site that gets millions of hits a day, lots of someones will put lots of spam in it. So Stack Exchange uses multiple layers to block all the spam coming in.
Good coders borrow, great coders steal
Copying and pasting can be dangerous, but then again, so can many aspects of software development when done incautiously. In this post, I’ll take a look at what code copying actually means for software development, what good code theft means, and the pitfalls of copying badly.
Defending yourself against coronavirus scams
Like a lot of you, I’m pretty glued to the news these days, trying to balance unease with calm realism. In trying times like these, we look for resources for critical information and ways to help people less fortunate than us. That’s the good news; the better angels of our nature see difficult situations—fires in…
How to develop a defensive plan for your open-source software project
Open source software is becoming more and more popular. Here's how you can create a plan to ensure that your open source implementation is secure as well as effective.
Preventing the Top Security Weaknesses Found in Stack Overflow Code Snippets
Last week, we told you about research that found a number of security vulnerabilities in code snippets in Stack Overflow answers, and how some of those flaws had migrated into actual, real-live Github projects. Today, we’re following up on the top eight error types that research highlighted and suggesting ways to avoid making the same mistakes.
Lessons Learned: Adding Single Sign-On to Stack Overflow for Teams
Hi, I’m Roberta Arcoverde, a Principal Software Developer at Stack Overflow. A few months ago I was tasked with figuring out how to enable single sign-on for Stack Overflow for Teams. We felt it was important to add SSO to the private version of Stack Overflow so the admins of our Teams could easily and…
Roberta Arcoverde
Principal Software Developer