Life is Great

Total Posts 372 Last Updated 19 May 2008 2:46 PM (GMT +8)

星期五, 二月 18, 2005

On Programmers

This post is in no way a smooth flow of thoughts and I can only apologize for the disconnection you’re about to read as we move along.

On programming sins

CHIP February’s (there is Mobile CHIP (!) now, see... this is already starting) latest issue presented a Hacker Report 2005 article entitled 7 Biggest Sins of Software Programmers based on a recent DefCon hacker conference.

The seven listed wrong–doings are (in no particular order of danger levels):

1. Shaking the foundation: Shatter Attack — a weakness of Windows architecture while handling input messages to execute commands;
2. Penetrating the Firewall: Injection Attack — Trojans used on browsers’ RAM sections to manipulate checksum calculations by personal firewalls;
3. Printer problem: Print Server Trojan — gaining system administrative while installing printer driver spiked with a Trojan;
4. Network Information: Google Hacking — using SQL keywords and Boolean operators on Google’s Advanced Search module to retrieve passwords, credit card numbers and other supposedly protected information from unsecured websites;
5. From the pocket of your pants: USB Stick Hacking — using the rundll32.exe command to integrate a USB stick as a virtual drive on a machine with protected hard drives to manipulate secured information;
6. Database danger: SQL Injection Attack — unvalidated external SQL manipulation formulas allow hackers to perform unauthorized functions on a web application database;
7. Endangered mobile phone: Blue Snarfing — not to be confused with Blue Jacking, snarfings are attacks launched on mobile phones from a distance using bare necessities such as a PDA or notebook.

I wonder what my programming sins are.

That said, programmers and even ethical hackers are not gods, although many of them like to think they are in what they do (trust me on this). No system, application or database are completely secured in this age of the Internet, as long as the device or machine in question is in one way or another connected to another one.

On what programmers are called these days

I’ve lost count since last year. We have these little titles causing other people confusions at times — programmer, analyst programmer (yours truly), software developer, application developer, application programmer, software engineer, application engineer, application specialist, [insert programming language here] specialist...

Are we all that different from each other? There are only these categories of computer programmers — system (as in operating system) programmers, non–web application programmers, web application programmers and game (or other rendering application) programmers. While we use the same programming principals, the nature of what these different categories of coders develop render us to think differently and have varying priorities – e.g. a system programmer’s top priorities may be cross–device and cross–chipset implemention, a web application writer fights with security issues while a pure non–web developer loses sleep on data manipulation and integrity.

On a programmer’s sociability

This depends on personalities and work environments. Programmers are generally not known for their people pleasing skills. A common stereotype is that we all get very comfortable in our cubicles or garage with our codes and endless supplies of caffeine and/or nicotine (I admit the caffeine bit... okay, and a little of the earlier bit...). Jokes have been made about us while we feel like gods in our own niches.

Some of us has to be sociable to work in a team. While I work alone now because my environment is so, most vendors and service providers encourage team developments. There are strength and weaknesses with both approaches.

posted by Pick Yin @ 2/18/2005 05:00:00 下午