New System Finds Security Flaws in Popular Web Apps
MIT researchers have developed a system that can quickly comb through tens of thousands of lines of application codes to find security flaws in popular web applications.
In tests on 50 popular applications written using Web programming framework Ruby on Rails, the system found 23 previously undiagnosed security flaws, and took no more than 64 seconds to analyse any given programme.
According to researchers from Massachusetts Institute of Technology (MIT) in the US, the new system uses a technique called static analysis which seeks to describe in a very general way how data flows through a programme.
"The classic example of this is if you wanted to do an abstract analysis of a programme that manipulates integers, you might divide the integers into the positive integers, the negativ...