Most of the programmers ,deployment engineers and web surfers have a very casual approach when it comes to Security of the application. This post describes Top 5 Security Peeve’s referred to by such folks for whom security is secondary.
This post is an effort to remind you that Security should always be an important agenda in whatever application you develop and that Prevention is always better than cure and knowledge is the ultimate weapon in this age of Information Technology.
2.) Our Application is behind a secure Firewall: This is another most commonly heard Security peeve. Even if your application is behind a secure firewall, it doesnt mean you cannot be attacked. There are various kinds of attacks which can still be made, for example; SQL Injection Attacks. You can even learn to hack and also do a hacking practise on Ruby on Rails application to learn more about such attacks.
3.) We haven’t coded that, we are re-using the Third Party Code: This is another often heard and most ignored of all Peeve’s. Its also interesting to note that most of us usually do use a lot of third party codes and re-usable code samples available freely over the internet. However, most of the developers, most of the times, never actually go and read the code behind those freely available samples and thereby imposing a security risk to the entire application using that bit of code. As a suggestion, i would say, always do read the code of the third party library to ensure that everything in it is as expected. This will also help you get rid of some of the annoying behaviour you might be noticing with your application since you started using the third party code.
4.) Our Development Methodology is Quality Focussed: Good that your development methodology is Quality focussed, but do have at the back of your mind that even if you focus on quality, security wont come attached. Defect free doesnt mean secure anymore in today’s world.
5.) I often use Free Wi-Fi at hotels, airports and coffee shops: If you are someone who uses free wi-fi at Hotels, Airports and Coffee Shops, ensure that you are enough protected. Have a good firewall, ensure that your OS is updated and you have an updated Antivirus and Spyware software. Free Wi-fi also brings with it free trouble if not administered properly. Also, its important you keep your Wifi protected so that you can ensure that your wifi doesn’t get used for illegal purposes.
Do stay tuned to Technofriends for more, one of the best ways of doing so is by subscribing to our feeds. You can subscribe to Technofriends feed by clicking here.
Filed under: hacking, security | Tagged: Age Of Information, Attacker, Casual Approach, Code Samples, Computers, Deployment, Firewall, Google, Google De, hacking, Internet, Malicious Code, Party Library, Practise, Programmers, Ruby on Rails, security, Security Risk, SQL Injection, Third Party, Ultimate Weapon, Usable Code, Web Application, Web Surfers | 1 Comment »