Work2Code > Application Security  > The ugly side of a Fancy Software

The ugly side of a Fancy Software

Today, we may be highly proud of the internet society because of great applications that have been developed to make things easier for humans in terms of accessibility of services which includes healthcare, e-commerce, banking, insurance, social media and what not. However, there is a darker side to all of this fancy thing that we have.

Your data that you submit to any software/application on the internet is usually portrayed to be secure enough by showcasing brilliant security certificates on the webpages and also telling the world that they are using HTTPS and that means they are secure enough. Well, that’s a WHITE LIE! Here is the bitter truth, “Almost all applications are prone to hack by malicious or the black-hat hackers (Let’s call them bad guys to make it easier)”.

Everyday the websites and web applications are hacked. And when they are hacked, your data which includes text chat transcripts, (private) pictures and videos which include intimacy, your passwords, your bank account details, your credit card details, and almost everything is revealed to the hackers. Now, once the hackers with malicious intentions have your data, they are just limited by their imagination in terms of what they want to do with it. Well, they can play in whatever ways they want. It may lead to organized crime for their personal benefits, or it may end up in kidnapping someone who is your loved ones, or they may just let it go. Nevertheless, do you want to take chances on these? Never mind, but you got no option or choice to make here as long as you are continuing to submit your private data to these companies.

(Image: Illustration of the industries being evil and trying to look like they care for users privacy)

Let’s consider an example: The biggest healthcare companies (Of course, they are businesses nowadays and that’s why I refer to them as companies) in India have critical security vulnerabilities which can show your “enquiry message”, “your diagnosis report”, “your communication with the doctors”, “Your bill details”, “Your test reports” and more. And the “more” part may include your credit card details if your luck has gone beyond bad. Next time, be careful or avoid anything that’s going into the internet in terms of your healthcare because your health is very personal (Even PHI and HIPAA compliances speak about these).

The above example is just one of it, but these kinds of poorly developed software without security in mind exists everywhere because the product owners are less caring towards the privacy of people. These corporates, companies, enterprises are taking the privacy of people for granted.

What’s the problem? And how can we think about addressing this? Most of the software owners don’t really care about security testing. And some are doing it, but in a very sloppy style by hiring hackers who are not highly skilled which speaks about massive skill shortage. And all they provide is a “Certificate” to the software owners which makes them happy to make more money and increasing their bank balance. That’s a shame.

To address this, we all have to unite and fight this menace of privacy violation. These corporates don’t fear because they know that we are divided and we don’t really fight them in unity, but divided. That makes them bigger and bigger eventually. It’s the same with politics and it’s the same with corporates and every domain. The only contention that Santhosh Tuppad has is, “If he is fighting for your privacy, would you support him and also go the extra mile in his ethical movement as a privacy fighter”? Well, Santhosh Tuppad says, “He has got no trust in people because they shall just try fighting for 1 or 2 days through protest and then let it go eventually. That’s what has happened with anything in India. And that’s the saddest thing that can happen. Mind you, I am not being a pessimist here, but a realist. And I would love to be proven wrong someday and I shall change my view probably”.

Here are some of the statistics by Santhosh Tuppad based on his experiences. He likes to call them “Facts of the current internet society”.

(Image: Showcasing the facts based on Santhosh Tuppad’s experience and study in Information Security Area) Santhosh Tuppad likes to end this article with a message to netizens globally.

(Image: Santhosh Tuppad leaves the readers with this message to bring in a change. Let “Democracy” start breathing and let the citizens take the control).

Work2Code

Work2Code is a brand new breed of programmers, testers and test automation experts who always think about the value they are creating for the customers.

No Comments

Leave a reply

four × 4 =