Chapter 8. Cryptographic Foibles
Many times I’ve heard statements like, "We’re secure—we use cryptography..” The saying in cryptographic circles is, “If you think crypto can solve the problem, you probably don’t understand the problem.” It’s unfortunate that so many developers think crypto, as it’s often abbreviated, is the panacea for all security issues. Well, I hate to say it, but it isn’t! Crypto can help secure data from specific threats, but it does not secure the application from coding errors. Crypto can provide data privacy and integrity, facilitate strong authentication, and much more, but it will not mitigate programming errors such as buffer overruns in your code.
In this chapter, I’ll focus on some of the common mistakes people make ...
Get Writing Secure Code now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
