Agencies compile list of 25 worst security threats

The US National Security Agency has helped put together a list of the world's most dangerous coding mistakes, the BBC says.

The 25 entry list contains errors that can lead to security holes or vulnerable areas that can be targeted by cyber criminals. Experts say many of these errors are not well understood by programmers, according to the BBC.

According to the SANS Institute in Maryland, just two of the errors led to more than 1.5 million web site security breaches during 2008.

It is thought that this is the first time the industry has reached agreement on the worst things that can creep into software as it is being written.

More than 30 organisations, including the US National Security Agency, the Department of Homeland Security, Microsoft, and Symantec published the document.

'There appears to be broad agreement on the programming errors,' says SANS director, Mason Brown, was quoted saying in the BBC report. 'Now it is time to fix them. We need to make sure every programmer knows how to write code that is free of the top 25 errors.

'Then we need to make sure every programming team has processes in place to find and fix these problems [in existing code] and has the tools needed to verify their code is as free of these errors,' he adds.

Suggested Articles

Wireless operators can provide 5G services with spectrum bands both above and below 6 GHz—but that doesn't mean that all countries will let them.

Here are the stories we’re tracking today.

The 5G Mobile Network Architecture research project will implement two 5G use cases in real-world test beds.