As mentioned in other articles published on this blog, security issues are becoming more numerous and more dangerous for users. More and more programs, accounts, or websites are hacked and accessed illegally every day.
It seems paradoxical, as security elements are supposed to be incorporated from the design phase of the code behind any web product. Operating systems also have numerous security programs, which sometimes even attack the programs we knowingly want to install. There are, for developers of programs and applications, SDL (security development lifecycle) coding techniques and tools. Nevertheless, many hackers manage to break into websites of world-class organizations.
Why?
We asked ourselves this question as well, and as a result, we compiled a list of 5 possible reasons.
1. We are human. Programming is done by humans. No matter how much we know, how good we are, mistakes happen. Most errors occur because people either do not pay enough attention to details related to securing the code or do not understand its principles.
2. Increasingly complex software. This reason is closely related to the one above. More complex programs mean, at the same time, more lines of code and thus a higher chance of human errors in writing them. It seems programmers make a mistake every 5 to 15 lines of code. And since there are applications or programs with over 10,000 lines of code…
3. Use of "Fuzzer" – tools programmed to detect errors in code. These tools are also created by humans and are very easy to adapt and use, especially if you know where to look and what to search for. Their effectiveness therefore depends on how they are programmed.
4. Lack of responsibility of manufacturing companies regarding security issues of products, programs, and gadgets released on the market. Currently, there is no possibility to take legal action against a company because a program it released was hacked. This problem has two sides. One negative, in the sense that manufacturers do not pay the necessary attention to these issues. If they had to be accountable for programming errors, they would try harder to eliminate them. On the other hand, this would lead to slower technological development, as much more time and resources would be devoted to ensuring security instead of discovering new applications or gadgets.
5. The existence of hackers. Yes, even if it seems a bit exaggerated, this reason is perhaps the most important. If they did not exist, security would not require such great attention, as we would have no one or nothing to protect ourselves against. If laws were much stricter in this field, and those who hack accounts and exploit vulnerabilities on the internet were punished properly, maybe their number would decrease, and the internet would be safer.
