This seems like a very good basic guideline. I have actually been meaning to do some additional security review of various personal projects after reading the Instagram bounty article. This will be very helpful, thanks!
Really excellent write up. Required reading for anyone who was seriously interested in the fundamental technical / architectural issues behind what the bounty hunter brought up.
