Improving the safety of code snippets
Last week Paul wrote about a research team that identified insecure snippets of code posted on Stack Overflow, in order to see how often they were used in Android apps.
Of course, it's not only Android developers that need to be careful of copying-and-pasting insecure code from Stack Overflow's questions and answers; it's a much broader problem. So what patterns might be helpful?
The site's users occasionally wonder whether questions containing dangerous code should attract automated answers, or whether such questions should be answered, or what the correct response should be.
Simply deleting the offending question or answer might seem the safest option. But hiding something doesn't help people learn about better alternatives. Also, in a Stack Overflow question, the code sample is often incidental to the problem that needs a solution, so deleting everything would be frustrating for the poster.
The current solution is for wiser users to post comments that point out the insecurities. But, as Paul described, these are often ignored by people who later arrive in a rush to find a piece of code.
We took a quick look at how these dangerous snippets could be highlighted in a way that would make the danger more obvious.
As an example we took this question and its answers which include samples of insecure code. If blindly copied-and-pasted they could allow a website's users to have the site execute arbitrary database commands, with potentially disastrous consequences ("the Little Bobby Tables problem").
Here's one of the answers as it currently appears:
Currently there's no way to know the code snippet might be insecure and, unlike the comments on some of the other answers, this danger isn't pointed out here.
A first step might be simply to mark potentially dangerous answers with a warning icon, that could reveal a little more information:
This keeps out of the way but still flags up the answer as something to be wary of.
(With all of these suggestions we're assuming dangerous code can be found automatically - as in the research paper mentioned earlier - or marked as such by Stack Overflow's higher-ranked users.)
A more attention-grabbing idea would be to highlight the snippets of code themselves, and link to further information:
This could be taken further by hiding dangerous code entirely, only revealing it if the user chooses:
Similiar features could be used when a user attempts to submit a question or answer. If dangerous code could be highlighted when the user tries to post it this could help reduce the appearance of these snippets on the site:
These are some quick ideas about how simple design features can increase safety and trust in digital tools. We're talking to Stack Overflow about how features like this might work in practice. We think there's a really good opportunity to set a precedent for how services handle code like this, and to make some patterns others could copy.
If you're interested in improving these kinds of things, then come along to one of our Trust & Design meetups and join the community.