this post was submitted on 26 Feb 2024
137 points (97.2% liked)

Programming

17364 readers
181 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev



founded 1 year ago
MODERATORS
 

As someone who spends time programming, I of course find myself in conversations with people who aren't as familiar with it. It doesn't happen all the time, but these discussions can lead to people coming up with some pretty wild misconceptions about what programming is and what programmers do.

  • I'm sure many of you have had similar experiences. So, I thought it would be interesting to ask.
you are viewing a single comment's thread
view the rest of the comments
[–] PhlubbaDubba@lemm.ee 29 points 8 months ago (12 children)

That IT subject matter like cybersecurity and admin work is exactly the same as coding,

At least my dad was the one who bore the brunt of that mistake, and now I have a shiny master's degree to show to all the recruiters that still don't give my resume a second glance!

[–] huginn@feddit.it 6 points 8 months ago (8 children)

Idk I'm not sure I'd trust any dev who doesn't consider cyber security in their coding. So much development is centered around security whether that's auth or input sanitization or SQL query parameterization...

If you're working on an internal only application with no Internet connectivity then maybe you can ignore cybersec. But only maybe.

[–] Mesa@programming.dev 3 points 8 months ago* (last edited 8 months ago) (1 children)

No one's saying to ignore it.

If I own and run a sandwich shop, I don't need to be on the farm picking and processing the wheat to make the flour that goes into my bread. I could do that, but then I'd be a farmer, a miller, and a sandwich maker. All I need to know is that I have good quality flour or bread so that I can make damn good sandwiches.

[–] huginn@feddit.it 0 points 8 months ago (1 children)

I'm confused where cybersec sits in your sandwich analogy. If every time you sold a sandwich someone could use it to steal all the money in your business you'd probably need to know how to prevent reverse sandwich cashouts.

I'm not talking about advanced, domain specific cybersec. I don't expect every developer to have the sum total knowledge of crowd strike... But in a business environment I don't see how a developer can not consider cybersec in the code they write. Maybe in an org that is so compartmentalized down that you only own a single feature?

[–] Mesa@programming.dev 1 points 8 months ago

In a few words, I'm reiterating the point that a professional software developer =/= professional cyber security expert. Yes, I know that I should, for example, implement auth; but I'm not writing the auth process. I'm just gonna use a library.

load more comments (6 replies)
load more comments (9 replies)