Think Like A Hacker

To write safe software we needed to think like a hacker...

At first I thought this was weird... to do a good job as a nice innocent doing good programmer needs to think in evil ways???

 Yes...

So by learning to think like a hacker you created safety...

When you viewed the world through the hackers eyes, it looked completely different... you could see holes and exploitation’s...

You looks at how the same software could be used to create problems...

An example... as a public user you could wipe a companies database in seconds...

By doing a little research you could work out what platform they were using, what database and therefore create a plan... if the programmer didn’t lock the door...

Simply filling out an online form you could do this thing called an SQL Injection... assuming you were submitting data or doing a search with fields on a site, you write come SQL, which terminates the code call of the field you are using... that line fails... you inject your new sql code Eg drop database... and ask that line to execute...

The innocent programmer is expecting a good user to use the field to simply search for say ‘last name’ but a hacker has instead dropped in destructive code...

Computer viruses were also the same...

But once you give yourself permission to entertain the viewpoint from the hackers perspective you see the world differently...

I the case of computer viruses... there is a obvious big business opportunity to pay people to create and spread the viruses while also selling the anti virus software...

So... a good programmer would then screen the inputs of the fields checking for any ‘code’ before passing through what’re was entered into the field...

I don’t like thinking about things through evil eyes, but sometimes a lot can be learnt and avoided from entertaining that view to double check...