Maybe you have a github and you get messages about it or maybe you write libraries that I get messages about, but I'm assuming at some point you've experienced a development somewhere that's either highlighted or caused an issue with some program you've written. Well why does this happen so consistently and what can I do about it?
Vulnerability vs Risk
Vulnerability is seen as an exploitable aspect of the program you've written. Risk is a potentially exploitable aspect if something changes. Like wiring for those light strips on planes that direct you to the exits that's functionality is contingent on air pressure is a risk factor but not an exploit. Wiring that controls those lights that direct you to the exits on planes that if you mess with in a particular way gives you control of the doors is an exploit.
Why Do they Exist Though?
Well people can only assume so much about how things can be misused. People cant see the future. come on.
Also each layer of abstraction that is the conglomeration of multifarious conditionals that coalesce into a program each assume specific input/s. As programs and all their dependencies develop their individual outputs change. When any output changes the quality of is functionality changes as well. In certain instances this change leads to exploitable deficiencies.
What Can I Do THough!?
Nothing you're fucked! Just kidding. Forethought is Key ie planning. Developing plans should be based in evidence. Knowing of "pinch points" or places with dynamics that have historically caused issues can help you highlight your potential threats. I feel like this is part of best practices really or at least justification for why certain best practices are what they are.
Keep up to date. Tests heavily. Release slowly. Eat regularly. It all helps.
That's all I got. Get out and make something. This one is nothing to write home about. Till next time.
Top comments (0)