NissanConnect mobile app developer caught copying code word for word from Stack Overflow
Nissan’s NissanConnect EV mobile app is known to readers for a lot of wrong things but this one takes the cake. Its developer was caught red-handed for copying a code verbatim from the coder help site, Stack Overflow. For the uninitiated, Stack Overflow is a question-and-answer sites for coders, where any developer can post a programming-related question and get a response from a fellow developer.
Copying and pasting code from the internet is one of the biggest open secrets in computer programming but doing it word for word is bad. Even a third grader knows that copying a essay word for word from his friend would get him caught by the teacher. But NissanConnect EV mobile app developer seems to have forgotten this cardinal rule.
A screenshot from the latest version of the Nissan ConnectEV app… pic.twitter.com/Tseyvwyg3R
— Scott Helme (@Scott_Helme) May 4, 2016
Scott Helme, a security researcher, caught the developer red-handed when a verbatim Stack Overflow answer showed up in the most recent app update. Helme immediately tweeted his find which is given above.
Its funny that the line of code which contains Stack Overflow motto “the spirit of stack overflow is coders helping coders” escaped the eyes of Nissan App development and quality control checks.
Like I said above, NissanConnect EV mobile app is known for using insecure APIs which can be hacked from anywhere in the world. The two security researchers, Scott Helme and Troy Hunt demonstrated vulnerabilities in the NissanConnect EV mobile app remote management APIs that allow anyone with the VIN number of the car to access certain features of it from anywhere across the Internet.