I came across some information about website cracking, and it’s highly disconcerting how many ways there are to hack systems. However, the methods aren’t what concern me.

A long-standing pet peeve of mine is the concept of a freelance “web developer.” I’m referring to the type that designs and develops inexpensive websites with no concept of security, marketing, or anything other than design and, maybe, simplistic forms.

The pet peeve is actually a result of my marketing background. I’ve seen “web developers” design sites that don’t fit their respective brands at all. I’ve met too many “web developers” who only think about website statistics, maybe, and not at all about business metrics. They are single-minded in their focus.

My recent research is troublesome, therefore, because of the number of security issues “web developers” don’t concern themselves with. They are not security experts, after all, they are primarily designers.

However, they very well could be collecting some kind of data. And, they most likely are not securing any data they collect.

How does all this tie into the theme of this blog?

I was watching someone crack his own website, as a demonstration, and I was thinking about how an AI could be trained to do it. Without getting into any kind of detail, the cracker tried some code, analyzed the result, tried some more code, and so forth, until usernames and passwords were displayed. He didn’t get into decypting the passwords, which he did for his site but that “web developers” don’t necessarily do, but he showed that he had the database values.

The cracking process was very logical. And, anything logical can be coded.

But, that’s also not the most worrisome part. After all, viruses and worms exist already.

The most worrisome part is imagining what hackers already do with AI, as well as what they will be able to do in the future. After all, hackers are getting more and more sophisticated while discount “web developers” are not. You would face challenges even if you study security, but countless developers just don’t concern themselves with it at all. User information is at unnecessary risk.