Back in 2019, I released a gaming content distribution mobile app, as a safe way to download content for Minecraft. At the time, I was relatively new to developing software on a relatively large scale (500k downloads in the first two years), and had no clue about security, software supply chains, or anything related. The backend utilized a standard LAMP stack, and the frontend was written in Android’s dialect of JavaWhile Kotlin was the new standard, Java was easier to understand and there was extensive documentation related to the exact technology stack that I was using..
This project was a perfect example of the sad state of consumer software designSecurity by obscurity is a dangerously flawed approach, as it hinges on the false belief that hiding security mechanisms will keep a system safe. In reality, attackers are relentless and capable of uncovering hidden elements through reverse engineering and analysis, leaving systems with solely obscure protections wide open to exploitation.. It was released quickly to be able to capture market share from the upcoming COVID pandemic, and it was written with a standard tech stack that is still very popular today.
Eventually (it took a year) it was hacked due to a SQL injection vulnerability (of course!) and it was a particularly bad hack, because every user was sent a notification with a link to an adult porn website. Due to this, Google pulled the app from the play store and while I did re-release it later, I gave up for a while.
This was my first real adventure into the world of cybersecurity, and a constant reminder of what can go wrong if I follow current industry standards.
Battle tested software
Just like those who design military vehicles, software developers must also battle test production software as we’re building to ensure that when it ends up in the hands of end users (and adversaries) the virtual armor is not going to be destroyed before it even has a chance to do its job.
One way to do this is by releasing development builds to communities eager to break whatever you’ve made. With my project where I’m Building a programmatic search engine, I released it as a Tor hidden service (on the dark web) and shared it aroundThis is a fairly unique approach to securing consumer software, but it’s already proven successful where I’ve implemented it.. I had no idea what to expect, but within minutes the project started getting attacked, and I was able to take note of what worked, what didn’t, and what needed fixing. A week later I did another security release, analyzed the attacks, and and am in the process of fixing the issues that came up during the 12 hour test window.
As part of My programming journey I’m learning the Rust programming language, and this is the second part of my approach to building things with security front of mind. Rust enforces relatively safe programming practices (beyond just memory safety) at the compiler level, which forces the developer to consider their actions.