We needed to think like a hacker

business life Nov 17, 2021
When I was studying computer science at University I came across a weird concept. To write safe software we needed to think like a hacker. At first I thought this was weird. To do a good job as a nice innocent doing good programmer needs to think in evil ways???
 
Yes...
 
So by learning to think like a hacker you created safety. When you viewed the world through the hackers eyes, it looked completely different. You could see holes and exploitations.
 
You look at how the same software could be used to create problems... An example, as a public user you could wipe a companies database in seconds. By doing a little research you could work out what platform they were using, what database and therefore create a plan.
 
If the programmer didn’t lock the door, simply filling out an online form you could do this thing called an SQL Injection... assuming you were submitting data or doing a search with fields on a site, you write come SQL, which terminates the code call of the field you are using... that line fails... you inject your new sql code E: drop database... and ask that line to execute...
 
The innocent programmer is expecting a good user to use the field to simply search for say ‘last name’ but a hacker has instead dropped in destructive code...
 
Computer viruses were also the same... But once you give yourself permission to entertain the viewpoint from the hackers perspective you see the world differently.
 
One, the case of computer viruses... there is an obvious big business opportunity to pay people to create and spread the viruses while also selling the anti virus software. So, a good programmer would then screen the inputs of the fields checking for any ‘code’ before passing through what’re was entered into the field.
 
I don’t like thinking about things through evil eyes, but sometimes a lot can be learnt and avoided from entertaining that view to double check.