0
How does Cybersecurity fit into Programming
I have been on this site for a while now, and I have a vested interest in front-end development, and am beginning to develop my skills in backend development. One of the things I have still been struggling to grasp is where cybersecurity and building secure programs and websites that handle peoples data come into play. I want very interactive programs where my users can feel apart of an experience, but how do I know if I am addressing the right security problems, and developing software and websites that my users can trust?
2 Réponses
+ 2
rhett, good question. i suggest you look at white hat hacking or penetration testing guides. the trick to building secure programs is knowing what hackers will be looking for. this includes poor design patterns, logic flaws in your program’s execution, and issues with insecure server setups and accessability.
for example, you can have an incredibly secure web app built and running, but if it is on a shared hosting web server hosted by a web host, that means its on the same server as some less secure apps. if i were a hacker and wanted access to your site, i need only to get through one of those other less secure sites to get on the server to access your site’s docs. ssl->tls is one very miniscule part of securing the packet delivery between your site and the user which helps to prevent eavesdropping by people surfing at cafes and such (but this is somewhat easy to bypass for even a seasoned newb hacker and “this site is secure” badges flashing how secure they are is merely a gimmick for customers and users). i recommend also looking into hashing algorithms and how to store user passwords as hashes and how to verify user passwords against those hashes as opposed to storing passwords in plain text. this has been a huge issue for even some large companies who don’t take time to listen to security experts. it’s an ongoing lesson and you’ll never stop learning but it is a lot of fun learning just how vulnerable most people are and how good security pays once you learn it. k thats my 2 cents. hope that helps! ^.~
+ 1
I have started looking at some of the server part of security, like creating an SSL, and things of that nature. Still trying to figure it out from a code and database perspective.