Not so long ago, software developers mostly lived in a world of safety, in which crime and accidental privacy loss were virtually unknown, prevented because the computers stood alone and rarely communicated with each other. Nowadays every computer and every application is essentially part of a world computing network, widely accessible to other people; and criminals and accidental disclosure can hurt large numbers of people very badly.
We all know the stories – grandmothers losing their life savings to online fraudsters; cars potentially crashing at speed because their control systems are compromised; hospital patients dying because the hospital computers are encrypted by an ‘Internet Worm’. In 1990 such things were hardly considered; in 2000 only science fiction writers worried about them; in 2010 we started to see real problems; and by 2019 most people have personally encountered the risks and dangers of software security problems. They’re right to be worried.
Clearly software developers can have a part to play to keep software users from harm. In my book, I will show you how we can do this, alongside what helps a development team – programmers, testers, managers and product managers – to achieve security without compromising all the other demands on ourselves.