I shouldn’t have agreed to do this.
So, a little story for those of you who like hearing me talk. Or reading me talk. Or something…
I’ve been an aspiring software engineer since I was 12 years-old, nearly 17 years ago. Yes, I’m that old. That also means I’ve made some god-awful crap in my time, as I tried learning new and different techniques. My first publicly-released bit of software was something I called the Generic Encryption Program. For backstory, I was part of a community where some people had…content on their computers they’d rather their parents not see. Nothing illegal, mind you, just risque. Being an avid student of engineering, I decided to craft a solution to this problem that did some simple encoding and applied some encryption to a file (or set of files) on a person’s hard drive, that they could later decrypt with the same program.
There were problems, mostly because it was amateur hour coding that hurts my very being to admit I did.
SO! What’d I cock up? A lot. I stored the secret key to the file(s) inside them. In an obvious location, no less: right at the end. I stored crap in plaintext inside the program, a software security no-no. What’s more, the program was horrendously inefficient. I had no separation between the UI and operational layers; a good engineer keeps the UI in one thread and any heavy-duty operations in another so they don’t interfere with one another.
Nowadays, I know better. A lot better. I’d never store secret information plaintext, I’d hash it. I’ve since learned to separate out heavy computations into their own threads so users can still interact with the program as it runs. I have a lot more professional-grade techniques and tools under my belt to make things a lot more efficient and nice to work with. I am a proper engineer, now.
Maybe, one day, I’ll properly come back to that little project and turn it into something more professional.