Print Shortlink

What about Security? :)

Over the years developers have asked me several questions. The questions range from being seriously stupid to seriously smart ones. However there’re some questions which bowl me down often, no matter how many times I face them. Here’s a list of such questions.

  • What about Security? There’re are only two kinds of people who ask this question. People who are genuinely concerned about securing their applications or code and those who ask this question because they want to ask something. Unfortunately the former is a microscopic community. Once I got ticked off and told a developer that this question is like asking “What did you have for breakfast last year?”. I don’t know if he understood the point, but he seemed to be so amused :(
  • Can you show us the best practices? I would have been spending time writing thousands of lines of code discussing various features and scenarios, before I get this question. I try to say that I wouldn’t be writing horrible code and showing it to you and most of the code I write is a good(atleast not bad) quality production code. No, the guys don’t seem to be happy with the answer. They want me to give them a laundry list of best practices starting from how to write a best “Hello World” code.
  • Have you worked on complex projects? Complexity is a relative term. What is so complex to one may be a piece of cake for another. In fact, I have not come across anybody so far, who says he is working on a silly and simple project. Everybody takes so much pride in saying that theirs’ is a complex project even if it involves just taking some data and storing it in a database. I’m still working on a best answer for this question.
  • Does anybody in the industry use this?I usually want to scream NO, YOU’RE THE ONLY UNFORTUNATE SOUL IN THIS WORLD WORKING ON THIS. An “Yes” to this question always leads to a set of “Who are they?” questions. A “No” leads to a sorry face.
  • Can you cover some advanced topics in this training? It so happens that the guys who ask these questions are usually the ones who really don’t even know the basics. Several years ago I had to let go off an assignment because what the client considered an advanced topic was very basic to me and what I considered as advanced was supposedly very elementary to him.

As I type this article my Gmail pops with a new email notification from a client and the subject says “A couple of questions”. :) :(

Leave a Reply