PhpRiot
News Archive
PhpRiot Newsletter
Your Email Address:

More information

Anthony Ferrara's Blog: The Secure Programmer's Pledge

Note: This article was originally published at PHPDeveloper on 17 April 5802.
PHPDeveloper

Anthony Ferrara has posted a pledge he recommends all developers take to improve the security of their applications.

Every day I come across code that is insecure. Sometimes the code is so hilariously insecure that any 10 year old could break it. I've also gotten into discussions with people who should know better about their practices. It's very, how to put this, disheartening. It's sad that the average developer knows (and cares) so little about proper security practices. So, I've put together a simple pledge (or manifesto, if you'd like).

The pledge includes the ideas of data storage techniques, taking responsibility for user data, reusing existing/tested libraries instead of writing your own and being open to constantly learning. He elaborates on each point, giving a little context for each.

Are you a secure programmer? Do you want to be? Then take the pledge, and fight for the security of your applications. It's all of our responsibility, so do your part!