SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in


By Steve Jones,

There are no shortage of books about cyberattacks and hackers. Some of these fictional stories even postulate that countries will build armies and engage in digital war with other countries. Some of this has come true, with the US and Israel attacking Iranian targets, suspected Chinese hackers targeting the US, and the announcement that Britain is building their own cyber army.

While there are certainly no shortage of attacks made on corporations every day, how long before countries make determined efforts to disrupt their enemies' economies with digital war? It's a scary thought, and given the poor security habits of so many developers, it's possible that many companies might find themselves struggling to conduct businesses while under attack. It might not be any different than if conventional weapons were being used near our facilities.

The state of coding by so many "developers" today is somewhat scary. It's not even old applications that are vulnerable to SQL Injection, but even new systems that have poor security practices being used that are vulnerable.

I think that secure coding practices like these should be implemented by anyone writing software. I think examples, frameworks, and presentations about coding shouldn't use simple passwords and bypass checks. Yes, it's a pain for those that teach, but it also means that shoddy coding practices aren't proliferated as people borrow your code and alter your examples.

Security is a problem, but I think a lot of the issues would be minimized if we, as an industry and professionals, learned to write more secure code as a matter of habit, not as an additional feature to be added later.

Total article views: 82 | Views in the last 30 days: 1
Related Articles

Security Focus

Are IT administrators focusing on the wrong attacks when securing their systems? Should we as DBAs a...


injection attack

injection attack to saeed


SQL Server 2005 Security Best Practices Whitepaper Released

Saw this first here: SQL Server 2005 Security Best Practices. It's on the blog for Microsoft UK's SQ...


Yet Another Attack Vector

The lack of progress in amending our laws to handle the digital revolution in our leaves may leave u...


Expect an Attack

Most companies in a recent survey expect to get hacked this year. Steve Jones wishes that the techno...

software development