Encoding vs Encryption vs Hashing.

In partnership with

Hey there! Let me break down the concepts of encoding, encryption, and hashing for you in simple terms. Understanding these concepts are important for every developers.

Encoding: The Data Translator

Encoding is like being a translator for data. Its job is to convert data into a specific format so it can be properly represented. When I encode something, I'm not trying to hide the content - I'm just changing its appearance. It's like putting a new outfit on the data, but underneath, it's still the same.

For example, when I use Base64 encoding, I take binary data and turn it into text using a set of 64 characters. It's a straightforward process, and anyone can easily reverse it without needing a secret decoder ring. That's why I would never use encoding for sensitive information like passwords.

Encryption: The Data Locksmith

Now, encryption is a whole different ballgame. Its purpose is to protect data from prying eyes. When I encrypt something, I use complex algorithms and keys to scramble the data so that only authorized people can unscramble it.

I have two main methods for encryption:

1. Symmetric encryption: It's like having a single key that both the sender and receiver use. The sender locks the data with the key, and the receiver uses the same key to unlock it.

2. Asymmetric encryption: This one uses two keys - a public key that anyone can use to lock the data, and a private key that only the intended recipient has to unlock it.

Encryption is my go-to when I need to keep conversations or sensitive application data secure.

Hashing: The Data Fingerprinter

Hashing is a unique creature. Its job is to create a digital fingerprint of the data. When I hash something, I get a fixed-size output that's unique to the input. The cool part is that hashing is a one-way street - once I hash something, I can't go back and figure out the original data.

Hashing is often used for storing passwords securely. However, it's not foolproof. Attackers can still try to guess the original password using methods like dictionary attacks or rainbow tables. That's why I always use a "salt" (a random string) when hashing passwords to make them extra secure.

So there you have it - encoding, encryption, and hashing explained. I hope this helps you understand the differences between these data transformation techniques and how you can use them in my day-to-day life as a developer.

The Essential Tech Knowledge

I recently came across an insightful article that got me thinking about the key things every software architect should know, beyond just understanding the domain. As architects, our primary mission is to grasp the domain and its challenges, but at some point, we also need to support our teams by choosing the right concepts and tools to solve the puzzle.

Based on my experience working on various systems and environments since 2012, here's a list of tech things I believe every software architect should have some knowledge about:

• Cloud providers (Azure, AWS, GCP)

• Docker

• Kubernetes (and lightweight versions like k3s)

• Message brokers (e.g., RabbitMQ)

• Data streaming (e.g., Kafka)

• Event Sourcing and CQRS

• Relational and non-relational databases (e.g., Postgres, Mongo)

• Single and multiple deployment units (modular monolith and microservices)

• API gateways and load balancers

• Building APIs

• Authentication and authorization

• Monitoring (e.g., using Grafana and Prometheus)

• Testing (shift-left, performance, pen-testing)

• Security topics (IDOR, XSS, DoS and DDoS, SQL injection, OWASP, NIST)

Remember, our role as architects isn't just about knowing technologies and concepts; it's primarily about understanding how to apply them effectively to solve business problems in a given context.

I hope this list helps you on your journey as a software architect. Feel free to reach out and share your thoughts on what else you would add to this list.