Hack Proofing Your Web Applications

A code grinder as defined by the hacker community reference, the Jargon Dictionary (http://info.astrian.net/jargon) is a developer who lacks creativity and is bound by rules and primitive techniques. Those primitive techniques make it difficult to introduce creativity into the developer s work effort if he or she is bound by such rules. Developers who become code grinders rarely become that way because of lack of ambition; code grinders are born from an environment that struggles with freedom at a developer level.
Some industries hold the belief that rigid rules and boundaries are needed to produce secure, consistent results the banking industry and the federal government are two such industries. Stringent rules apply to development work in these industries, as well as any others that have a need for strict security. With strict security controlling the developers, little room is allowed for creativity in coding, which in turn, ironically, leads to vulnerabilities in the code.
The old-school thought process in these industries is that if the code is functional, the code is secure; security is thought to happen at the network level, oftentimes leaving the code wide open for hackers. Unfortunately for the industries that need to have the tightest security, they are often the industries that have the strictest policies and procedures regarding any code that is written.
Many businesses actually put security out of their minds until a crisis occurs. The out of sight, out of mind adage often applies. Any money used to prevent security breaches is not thought of...