Software insecurity

Justin Cappos, associate professor at NYU Tandon, commented on how the security of a given software can count on some small, seemingly insignificant component, without which it fails:

"In a prominent example, the author of the left-pad NPM software package removed it from the NPM registry over a trademark dispute. The missing component, only 11 lines of code, caused massive outages across a wide array of programs that relied on NPM," said Cappos.