Thoughts about security risks and respecting privacy in Web Technologies
In the past years we have seen an enormous technological advancement in web applications, they are faster and more powerful than ever before. We can also access to a wide variety of tools that can optimize our web development workflow and so everything seems so good to the point that some developers might take for granted that the frameworks they use will remove all security vulnerabilities.
This is a problem because bad hackers are trying to find holes in this technologies that will affect mostly all the developers that don’t create extra security layers for their application. And the biggest problem is that if there is a popular application that is affected with the security breach, millions of users are in danger of getting their personal information stolen and it will probably will be sold in the dark web.
Of course the idea of someone stealing all of your personal data might seem scary, but nowadays the people do not seem to care much about it because this problem is something that is not visible and they just want to use their favourite web application to upload, photos and personal information without caring much about who might end up with all this data. Whether we like it or not there is a huge amount of money involved with obtaining and selling personal information, but surprisingly in most cases it is legal to do it. When you accept all those terms and conditions that no one reads, there is a big chance you are giving access to the web application for obtaining all your data to use it for quality improvement and also sell it to advertisers that can take advantage of it.
It is also understandable that web applications that give their services free, need something other than donations to stay working. But the challenge here is for the developers that need to earn money in an ethic way to respect the privacy of their users and also take in consideration all the security risks that can impact their application that may also harm their user’s privacy.