Presenting the “Damn Vulnerable Serverless Application” <https://www.theregister.co.uk/2019/01/03/damn_vulnerable_serverless_application/>, the latest in a line of “damn vulnerable” apps that are chock-full of deliberately-introduced security vulnerabilities. My worry about this sort of thing is the mindless-copy-and-paste crowd. We already see the effects of posting sample code with error-checking omitted “just to keep things simple”, along with exhortations to use it only as a guide, not to be slavishly copied; such exhortations are routinely ignored. From there, it seems only a small step to completely miss the context of such counterexample code, and actually use it as something to be followed.