re: Explain How I Secure my First Web-Application Like I Am Five VIEW POST


To put some of those terms in 5-year-old terminology:


Sarah's lunchbox is unlocked. Trevor, the class bully, was able to open up the box and steal her cookie. (HTTP)

Tommy has a fancy lunchbox with a combination lock. If you want Tommy's cookie, you're going to have to ask him for it. Tommy isn't going to share his cookie with you if he doesn't trust you, and you won't be able to get to it without Tommy's permission. (HTTPS)


For the first week of class, everyone wears a name tag so you can learn everyone's name.


Everyone's name tag also lists that students' allergies, and any medications they need throughout the day. At snack time, the teacher looks at your nametag to see if you can have Goldfish (which has gluten), or if you instead need the gluten-free fruit snacks. Likewise, the school nurse looks at your nametag at lunch to see if you have medications that you need to take then.


At naptime, every kid is supposed to lay down on a floor mat with a pillow and blanket and rest for a little while. One day, you stuffed the blanket with extra pillows so it looked like you were under it, when in reality you were hiding in the corner quietly drawing with crayons.

Your teacher walks by each student as they lie down and asks them a question, to make sure they're actually under the blanket. As you just stuffed your blanket with a pillow, you couldn't respond to the question, and so your teacher knew it wasn't you under the blanket.


The https analogy is kinda off, it doesn't make your 'lunchbox' inaccessible to others;
for the sake of the analogy, Tommy leads you to a backroom so no one but you sees what kind of cookies he decides to share with you

code of conduct - report abuse