11. Privacy and Secrets

Three may keep a secret, if two of them are dead.

–BENJAMIN FRANKLIN

Most programs have something to hide. They need to be discerning about who gets to look at or modify the data they control. The need to maintain confidentiality is often associated with traditional security features such as access control, authentication, and cryptography, but to an increasing degree, it’s being addressed by programmers who don’t realize they’re making security decisions. The sections in this chapter share a common thread: keeping information away from an attacker who is bent on gaining access to it. The chapter covers these topics:

Privacy and regulation—Public attitudes about privacy are changing. Those attitudes are quickly turning ...

Get Secure Programming with Static Analysis now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.