currently working with younger programmers. they are very technically skilled and hardworking.
but, I notice the same problem with all companies I have been working in - almost non-existent data validation !
For example WebAPI : GetOrder(int id) , any tom dick and harry can basically view orders from any other users.
Why? These things not taught at college?