|

Security vs. Usability

Note: This article was published while I was in my early 20s. I was much younger and dumber. Please don't hold it against me. One of the perils of having a 20+ year old website!
Comp Sec

A problem that all web developers people in the computer field face is security. When creating your application, website, server, you have to take into account what kind of security measures you must take to protect yourself and your users. However, you have to make sure that these measures don’t horribly inhibit the users. Twice over the last couple of months I have ran into server trouble where I felt the server disallowing certain actions strongly inhibited my ability to create a good website.

The first occurred in October, while I was creating a website for a client. They wanted to be able to upload images to the server, to add them to the site. This required me to set the permissions on sections of the site to 777 (all can execute). There are numerous web apps out there that do this, and if the programmer does it right, security is not a huge issue. However, the server I was working decided (after years of me using it), they were going to reset the permissions every 6 hours for ‘security’ measures without notifying it’s customers. Never mind that I spent hours debugging a script I knew was working. How can one make a sophisticated web app without being able to change the permissions for more than 6 hours at a time?

More recently, I am working on a website that would send emails through a php script using the standard mail() function. Only, due to ‘security reasons,’ the mail() function is disabled. Now I cannot report bugs automatically, nor can the user use the current contact form. Sure, the mail() function could be exploited, but so can almost anything when dealing with a scripting language. Are they going to disable SQL in fear of SQL injection statements?

The point is that if these servers are going to disable certain, very useful functions, what are they providing as an alternative for their users? They are choosing a little bit more security in exchange for strongly inhibiting their users from creating more user driven web applications.

Similar Posts

  • | | |

    The Web is Dead

    Note: This article was published while I was in my early 20s. I was much younger and dumber. Please don’t hold it against me. One of the perils of having a 20+ year old website!In Wired Magazine’s latest issue they proclaim, “The Web is Dead. Long Live the Internet.” I was pretty intrigued by this and decided…

  • |

    QT: Increase the WordPress RSS Widget Refresh Rate

    Note: This article was published while I was in my early 20s. I was much younger and dumber. Please don’t hold it against me. One of the perils of having a 20+ year old website!While working on the redesign to this blog, I wanted to add the “Interesting Stuff” column you see just to the…

  • |

    Initial Impressions on the Kindle Scribe

    Earlier this year, Amazon announced the Kindle Scribe — their competitor to the reMarkable 2. It’s more affordable, they had an initial deal for Prime members, and a good trade-in price for my Kindle Oasis. SO the $500 device got down to $238. I bought it. Here are my initial impressions.

  • | |

    My Favorite Android Apps

    Note: This article was published while I was in my early 20s. I was much younger and dumber. Please don’t hold it against me. One of the perils of having a 20+ year old website!When I got my Droid, one of the first things I did was tap into Android’s vast app market  to check…

  • | |

    AppBrain for Android

    Note: This article was published while I was in my early 20s. I was much younger and dumber. Please don’t hold it against me. One of the perils of having a 20+ year old website!A week or so ago, Gina Trapani wrote on her website about AppBrain, an Android app that inventories your apps, makes…

  • |

    RWD: Galaxy Gear Hacked to Browse Web

    Going through my feeds this morning, I came across a link to a story on Engadget talking about how the Samsung Galaxy Gear was hacked to browse the web. With this, another screen/device that can view websites enters the fray, making Responsive Web Design as important as ever.