Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
Log in  ::  Register  ::  Not logged in


By Steve Jones,

There are no shortage of books about cyberattacks and hackers. Some of these fictional stories even postulate that countries will build armies and engage in digital war with other countries. Some of this has come true, with the US and Israel attacking Iranian targets, suspected Chinese hackers targeting the US, and the announcement that Britain is building their own cyber army.

While there are certainly no shortage of attacks made on corporations every day, how long before countries make determined efforts to disrupt their enemies' economies with digital war? It's a scary thought, and given the poor security habits of so many developers, it's possible that many companies might find themselves struggling to conduct businesses while under attack. It might not be any different than if conventional weapons were being used near our facilities.

The state of coding by so many "developers" today is somewhat scary. It's not even old applications that are vulnerable to SQL Injection, but even new systems that have poor security practices being used that are vulnerable.

I think that secure coding practices like these should be implemented by anyone writing software. I think examples, frameworks, and presentations about coding shouldn't use simple passwords and bypass checks. Yes, it's a pain for those that teach, but it also means that shoddy coding practices aren't proliferated as people borrow your code and alter your examples.

Security is a problem, but I think a lot of the issues would be minimized if we, as an industry and professionals, learned to write more secure code as a matter of habit, not as an additional feature to be added later.

Total article views: 81 | Views in the last 30 days: 1
Related Articles

Security Focus

Are IT administrators focusing on the wrong attacks when securing their systems? Should we as DBAs a...


injection attack

injection attack to saeed


SQL Server 2005 Security Best Practices Whitepaper Released

Saw this first here: SQL Server 2005 Security Best Practices. It's on the blog for Microsoft UK's SQ...


Yet Another Attack Vector

The lack of progress in amending our laws to handle the digital revolution in our leaves may leave u...


Expect an Attack

Most companies in a recent survey expect to get hacked this year. Steve Jones wishes that the techno...

software development    

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones