New MIT Research Sheds New Light on Site Security

Browsing websites are part of our everyday digital routines now – for many, the day doesn’t truly start without a scroll through Facebook or catching up on Twitter notifications. But are your favorite websites secure? Well, according to a new debugging method tested by MIT, the answer is more surprising than you think.

MIT researchers have explored new debugging methods to test the security of popular websites that were written using Ruby on Rails. The sites tested include over 50 popular sites. Surprisingly, these debugging methods uncovered 23 previously undiagnosed security flaws, in less than two minutes.

So, how exactly is this done? According to Daniel Jackson, professor in the Department of Electrical Engineering and Computer Science, the new system uses a technique called “static analysis”, which seeks to generally describe how data flows through a program. Though, Jackson adds that “most work on static analysis is focused on trying to make the analysis more scalable and accurate to overcome those sorts of problems.”

So, what makes it difficult for popular websites to stay on top of security? There are many factors that play a role in determining that, as the cost of accuracy for website security is high depending on how large the site in question is. Ruby on Rails, a popular coding language, also works well with defining the various operations needed to successfully run a website.

The full results of the research will be presented at the International Conference on Software Engineering, in May. This research actually comes at a pivotal time, with so many algorithm revisions and new trends being integrated to keep social media and sites relevant to users, security is becoming more important than ever to users. Previous methods that sites have undergone to keep security up-to-date may not be sufficient anymore, as malicious users are increasing along with the site trends.

However, it’s in these sites’ best interests to keep website security a priority on all levels. After all, user engagement can’t increase if users are afraid or unsupportive of how sites treat their privacy. Hopefully, the release of this report will shed light on the issue of adapting new site security methods and

Image via Flickr / Dino Latoga

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at

Written by:
Cameron is a tech and culture journalist, comic book enthusiast, and lives near New York City. A graduate of Stockton University, she's using her words to shift the world of online journalism, one byline at a time. When she's not writing, she can be found reading sci-fi novels, collecting succulents, and planning her next obnoxious hair color. Cameron is an editorial fellow at Tech.Co. Send your tips to or tweet @BlkGirlManifest.
Back to top