 Thanks for hanging out with us right here on Why In The Morning. This is Thursday Vibes and straight up we're going to talk Mattis Sport on Tech. And before that you can chime in on the hashtag Why In The Morning everywhere on all our social media, Facebook, Instagram, Twitter as well as the Why 2 For 4 channel. And you can find me personally at Brian Sakurano 1 and for those that are not seated in front of your screens you can stream at the comfort of your own device on www.kbc.co.ke4slashy254. Forgive my voice today I'm a little bit straining. Now joining us live in studio today to talk about how to develop a secure website, a company. You could be an individual person you want to have an amazing website or an amazing blog or even creating yourself an app. And I feel like we've already had this interview behind us since already. So joining me live in studio is Arna Mombi-Kamao she's currently studying computer science at Strathmore University and she is a brilliant mind that I can't wait for us to get into this conversation. First of all, nice to meet you Arna. Nice to meet you too. Thank you. Good morning. Welcome. Good morning too. Right so if you were to introduce yourself before we get to the business of computer science and developing a website how would you introduce yourself to your friends or even professionally as well? So I'm Arna Mombi-Kamao. I'm a computer science team student at Strathmore University. Second year I mainly develop websites for small companies for personal individuals like blogs, business websites and all. I'm also a writer, a writer bit and I love art, I love art. You love art. Yeah. The art point in computer science is totally different but I love the fact that you are multi-skilled. Now let's get to the business of computer science as to how to create a secure website from scratch. If you were to be approached by a company and maybe they want you to create them like a health website or let's say we had this conversation behind the scenes before a cooking website, what are some of the prospects that you'd consider before you start to work that journey with them of now presenting to them something tangible on the table like even a demo if you want to do that where would you start? So we'll first start with looking at the requirements if it's a cooking website like what do they need for what is their website for what do they need it for what specific tasks are needed there then we also look at who will be using the website the clients it will be the customers only be the admin will leave be both of them so we look at that we look at the time frame that is given to us after which duration do the clients want us to have produced the website we also look at the cost the cost needed for the whole website the number of workers who will need on board yes so that's where we start and then now after all that after collecting all the requirements whatever we need and all that communicating with the clients even the customers whatever they'll need now we get to planning now we plan whatever we'll be needing we plan the sections we need this section done after a certain period of time to present so that will have a model to present at each given stage after that we now go to designing the whole thing how should it look and all that we have many software tools that you can use Figma and all that and then now we get now to the coding part now in the coding we don't for example if the project is protect six months we want to it for the whole six months for us to now go and present the project at each section maybe after one month or after some weeks whatever progress that we've made we're going to present to the clients to see is it matching with what they wanted at the colors good so there's that constant feedback from us to the clients from them to us to see how the project is going on and all that then after at the end of it now we implement the project we check whether we check whether it's in it's in terms of what they had wanted we check the maintainability and all that right interesting and for example now you've already started to create the website from scratch and you've already started that journey already started work that journey of like you're not constructing it you're not constructing it now you already now started with the domains you talked about the coding part you're now putting up components together what are some of the tools involved in this in this construction now from scratch okay if you're working as a team there are okay there are platforms such as Mira which help you to to monitor the progress of each person there's also GitHub repository everyone can add whichever part they're doing and then you collaborate their tools I was I've mentioned such as Figma to help in designing there's Laravel there's a visual studio code yeah now interesting you mentioned Laravel called it kept on popping up on one of my friends then the job like what exactly is Laravel because to me it sounds like some drug you know some prescription but an interesting name so Laravel is a software tool that enables you to develop it's like provides a template when you're developing a website such that you don't have to start from scratch it has classes it has objects implemented there so you just have to like add add what is whatever is not there and your project will run and you can continue adding whichever you want to add whichever views whichever models that are there so that you don't have to start from scratch so in a way it saves time yeah you can say that and unlike when using let's say visual studio code for Laravel you don't have to like run you don't have to be running the the database MySQL on the background provided you have it installed you have the migrations and all that on the Laravel just run it right interesting detail I think before somebody gets a grasp of that like now mentally and visualize it you need to have attended a lot of classes a lot of training and even done like pre-class in our class pre-class and it's really a technical course that needs a lot of attention yeah it needs a lot of attention though not so technical like if you sit down there are a lot of YouTube videos that you can learn from and all that they help a lot and then when you have like projects of your own just for practice and all it will really help and improve your skills now speaking of projects who are some of the people that you've managed to work with that you'd say you know this one I did like if you see that website just know it's me and won't be behind it who are some of them that you've worked with that you'd say you're proud and you made something so incredible for them and they wanted you for it okay the people who have worked mostly with our students who want to implement small businesses around campus or they just have an idea that they want to express or they want a website to market themselves for example you just want our website where if you're going to apply for a job just give them the link and from the website they can see your bio they can see whatever you've been working on they can see something personal about you a video about you and all that so I've been working on that our majorly with students around campus and all we have a project that I'm currently working on it's by our student from jquat who wants to implement like an ID recovery system where if you collect an ID you can put it on their website upload it and then other students can also log into their website and confirm or check if I lost ideas there from that they can get it and hopefully that will be so handy because a lot of people have lost the idea hopefully here it's a she friend or a he friend it's a he friend hopefully he makes it and then he can he can make it to be interviewed right here as well that's an interesting idea the government needs to know about that because okay I'm going to put a video with Tambulisha my grandma calls it oh my god there are so many now the features of our website the topic is developing a secure website many at times we've seen even Twitter a Twitter customer Twitter in my home so you know website I call there's a time even Instagram went on a log like you couldn't post or even see anything but also we've seen companies when you're they'll put up a post on the social media and say somebody hacked our website we are longer you know available in this website but we are creating another one what could have possibly have happened that led to that that you know our website it had disappeared to Amar County got hacked to boom and then we are now creating another account from scratch what is usually the the the the the nitty gritties that you know went wrong and then all of a sudden things went sour when it comes to hacking mostly it's there usually loops they can be a loop in our in our website so now for a hacker he will use that loop or that our weakness in our website to now get access to the website and now take control over that website as that mean yeah yeah it becomes that mean of that website so this loop you've mentioned something called it I know it's a terminology right would you say it's a it's a terminology in your would you say it's a terminology in that area or that aspect as well I look like you know a whole yeah like a loop a loop hole is like a weakness like when they were developing the website in terms of security there's something they missed there's a security breach or something that they didn't consider so now when someone else comes to know of it they can use that to hack into the website right yeah and at times there is also overloading of websites it was supposed to maybe the server is supposed to accommodate a certain number of websites but then now it's overloaded there's so many servers for example let's say in our students module our website for schools and all and there's an assignment to be submitted at 1159 and students love submitting at the last minute so you find like 200 students at 1158 submitting yeah so now that will cause a logging like now there will be such sort of a search there will be something that comes up because there are too many people who are trying to access the website at that at that moment yeah remind me of the other thing the other thing was you know Instagram and then all of a sudden somebody couldn't or an account that was being used by a company all of a sudden it disappeared or another good example is I ebc at my elections my heart my heart shouted to him he was the common denominator I want to say my whole they have said we can't access my heart and the network you say come on I've not seen his face I'd love to see his face they are like you say come on my same we can't access the servers all we need to do some intellectual rights to actually access it because even we are not honest what was happening in that situation because I miss him a noisy access service and then it just happened that nobody else has this kind of knowledge of knowing how to access the server and see who's entering in these servers and exit one in the key guza guza my documents didn't give an account of learning then I'm a put here and then all of a sudden and it would you say come on go to the high you co-Africa what happened I think I suspect yeah such a case it's where the developers okay when you're creating a website or a product the person who developed it or the people who went through the whole process of developing need to be there when maintenance part comes so when you find a case where we have a website it was developed but then after it was developed the developers disintegrated now there nowhere to be found so now the people who know the basics of the back end of that website another and they're the ones who may be put certain conditions or certain security let's say access features yeah access features and maybe they didn't document it well so now when it comes to the maintenance the poor who are now handling it at that point now it causes an issue yeah they don't even know they know how yeah they don't know how to go through it yeah website so I wish we had a chance to bring you on the table explain you on me this is what was happening because every Kenyan till today it's even in history like you know we didn't have access to servers because the developers wanted to do they they needed an intellectual license to be granted to people in Kenya so that they access it and and they talked of intellectual integrity like if we temple with that you know we are liable for lawsuit again I was like why why is there but the website is Kenyan since designed for IBC but then now the constitution comes in the IBCs and independent you know body that actually runs it on mind it so you have no power to force it you know so I think it was it was quite a horrible situation but I'm glad you've explained so a lot of people would be wondering what's usually happens to this IT stuff now let's come to the servers I have speaking of still servers you've had for company where somebody I'm dwelling yet another server to be a container certain feature and then it comes a cornish at differently on the back end I make affect all the computers I think I change programming and there's also been an issue of like a bug I think it will engage a change you can pass words and then you're no longer even able to function well with the computer because it's like an infestation of something some sort of a virus or a bug what you truly exactly must have happened for that to occur with someone tempers with the server okay when you you as a let's say customer or use of a website when you send a request the request first goes to the server okay and then from the server it accesses whichever resource that you want and sends it back to you so if the server has been interfered with it means that whichever resource you'll say you'll want to access from the server may not be available or it may send a resource that you do not want okay yeah and then now on the issue of bugs and all someone okay bugs are usually or maybe let's say something like a Trojan horse it's or just a virus so it's kind of cow and someone can actually create a virus okay somebody can create one yeah and then basically attacking another person website and yeah so it happens there was a case where it's a WhatsApp group so someone sends in a file an application file I don't know if it was a WhatsApp application file or something of that sort so when someone opens it your WhatsApp crashes your whole WhatsApp crashes so now that's like a software or an application that someone has made that causes all that effect so like when it gets into the system it can access yeah it can access certain information and that's how actually also hacking comes in where you can find someone sending you a link I'm looking into this link yeah you will get to this link to add 20k you're like yeah let me do it yeah and then you log in and then you even give you details there your password now that's how someone can hack your account so majorly if you don't know where a link is from you know you don't trust the source of that link don't go into it because it can be a case where you get a link and you open it so when you open it and you try to exit from it maybe you see a button of exit while you're trying to exit from it it could be that it's actually sending a message to other people in your contact list telling them to send money there has been such a case so yeah it's bad so after that you just find like a hundred messages on your WhatsApp where you had sent to people and all that yeah I think personally I've had an experience of the somebody who sent me a link on Instagram DM asking me to log in and promote the website but when I clicked on that I told myself I will try I will try but I be very cautious I clicked on it and then you have got to a place it was showing inside your password and login with the Gmail I went to the person and told you bro I told them bro I'm too smart for this you can't hack me yeah you can't hack me and then I consulted a friend of mine and he told me bro don't don't don't do that the second time you're lucky you very clicked on it and it didn't you know make your account disappear yeah so you think those are some of the common cases there's even one when somebody sends you and I say ma click on this link and you'll get a thousand bomb and you know if others will even create for for brands like even supermarkets and you know as you task is has to be this offer click on this website and you're going to get 10,000 straight to your M-pesa and you keep on clicking and the numbers continue to go up on that website what do you usually happens for that okay for example when they use the name of a brand or most of the time when you study the the link well or the name or whichever brand they're using there's usually an error with maybe there's usually something off about it like when you check the official website the original website and you check that there's always something altered maybe there's a letter that's usually not there there's maybe the brand the brand name looks almost it's almost the same but then there's something that's usually not on the original one so there's usually some alteration yeah even a comment could be have exactly so now they're actually creative because when you see one money everyone wants to go for it so such when they do that now whatever program that they have run on their end when you log in it now accesses your information because you are giving them access to your to your passwords to your Gmail to your word now you even end up receiving some messages funny messages through SMS and another interesting question how do you make our website user-friendly for example it's for a person who is disabled maybe they're blind but yes blind people do they use websites as well maybe it's for a person who is a handicapped maybe they don't have hands but you are you want to make it a user interface friendly website for them to be able to use and navigate it if you want to make it for them what are some of the things that you would consider to ensure that you know if a user-friendly like it's compatible with each and every kind of personality okay for such websites they need we can incorporate features like gestures where when you guess just something on the phone the phone is able to know what it means you can we can bring in such things as voice recognition when you give a certain command it it will take you to a certain a certain page or yeah and certain tab and all that really such features right now let's say for compared to let me say for commercial companies what do you think are some of the things that you know for for a person who wants to create for them a website the things that they should do to ensure that you know that website is also in as much as we talked about he's a friend but it's appealing it's colorful it's bold it's all about you know bold colors it's attractive especially for this big commercial companies and I think behind the scenes we had talked about a radio website in a TV that were actually conspicuously you know interesting many look at how does it go on that one Making a competitive website you have to know what's the need of the website what is it going to be used for and for it to be appealing to the customers and oil you also need to consult to the pool will be using it like no when you create something don't just create it alone as if you're the only person who's going to be using it so you need to consult with the clients what do they want what do the customers want and you also need to be flexible you need to be agile whatever requirements they need whatever changes they need made you also go and make it plus also drawing inspirations from other website helps a lot like not purely your own idea which can be good but drawing inspirations from other websites great websites that are there can help a lot something else is okay for the colors okay there's also the part of let's say wardings it's don't like put so much so many words on the website like just go direct to the point yeah because it's not like a blog and all that we just need the functionality there yeah speaking of that what's the difference between a website and a blog you know somebody say I'm in corner blog but another one we say oh this is a website so for person who is watching how do they tell or contrast between a website and a blog okay a blog majorly is okay it's up we can say it's a website in our it's type of website where now you you may mainly talk about you're writing something an article are certain discussions and all that like you viewing giving your point of view about something and all that different topics yeah and then now when we're a website can be it can be a business website you want to sell something right it can be a management website it can be yeah it can be a marketing website it can be a school website yeah right also I've seen like personalized websites and they have like the persons or the clients them like for example fire what you have mine I can have it as Saco.com I'm a brand Saco.com slash something something blah blah blah blah now at what point do you get to you know have your own personal domain and our first speaking of domain for a person who doesn't know what a domain is how would you explain it before your answer you know how to create a personalized you know website domain a domain is okay let me explain it like this for example where you see WWW dot dot Brian dot Amazon and all that so that is divided into sections so for the domain part that's like what how do I put it where the website is being serviced from or where the website is being hosted right that's the domain yeah the host of the domain is where the website is being hosted so now if you want to personalize it now you have to have your own servers okay yeah now from it being hosted by a server somewhere else you can now integrate now you need to have your own servers right to host that to host that website right yeah interesting because you know personally I think at some point I wanted to have my own my own domain and then I was speaking to also a friend who was telling me but Saco you have to give me like 2000 when I'm gonna remember you give me 10k there's another who said I need like 20k I'm like bro what do you mean then she explained and said I want to go and buy for you this domain so I never understood what was happening at that point he said he wants to go and buy for me a domain and we left it at that yeah so you also need to yeah to buy the domain it's like to certify to certify for example when you are you want to host a website and you can just do your code and all that but then there's a secure website and there's a non-secure website so there's usually HTTP so for a secure website it has to have HTTPS yeah the S for the secure website so now for you to make it secure you have to be certified so you can certify yourself which I think most for one trust yeah and then now for you to now be secured like for people to trust you have to buy to buy the certificate yeah so that's when you hear stories of somebody buying a domain right now I get it now let's talk about the competitiveness of it all because you know I know there's a lot of there's a lot of web web would you consider yourself a web developer as well yeah right there's a lot of web developers there's even a story of creating an app but then would you create an app are you able to create an app you can keep for us one yeah yeah yeah just a little description because I know we have like four minutes before exit how does someone come up with an app that's so secure let's say for example even your own app or let's say a Y254 app we want to have ours as well Y254 TV how do you how would you create it for us okay just the development tools that are used the languages Java JavaScript Python depending on the use of the website or the flexibility of the website what you wanted to do for you if you wanted to incorporate certain aspects for example machine learning or AI and you have to know which languages to use and now you come to the coding part okay the requirements what of course and then there you code the website and of course there has to be certification for you to host the I mean to launch yeah to launch the app and to certify it yeah so it's like also coming up with the website from scratch now right what do you say that you know you've met let me say let me just let me put it in a simpler way that the other challenges maybe that you face that you would say even all web developers go through this before you come up with the final in me because I've had somebody say and we have this conversation also behind the same so you told me just one comma made you know sleep for an hour one exclamation mark or just one letter but at the back end in doing how could symbol like maybe are there any other that you guys go through what was okay I think generally we come so it you know at times when someone hears when it's your it and if you're here too can you make my laptop can you fix this can you fix the remote and all that kind of a thing so other on technical issues can be the issue of certification can they be the issue of our client trusting to make something good something appealing right yeah another challenge can be when it comes to relation with the relating with the clients and the clients keeps changing like he wanted this and then after sometime yeah they need from the needs change yeah so now keeping becomes confused yeah to now update the up to suit the needs of the client as we finalize for example maybe you had a chance maybe a chance comes up in future with the government for you to walk with them in terms of even creating website what is what is that one speciality that you've always wanted to come in and feeling as a gap if you had a chance maybe in future one thing that I've always wanted is okay my speciality is majorly in AI artificial intelligence so I think it's something that's growing in the world and it's also something that needs to be needs to come up first in Kenya especially for ladies in stem so that encouragement of more ladies to go out there to to work on these technical issues to be to be competitive yeah that's something that only want okay you have you have friends also who you walk with together because you mentioned you've created other websites yeah I have this okay shout out to them we are out of time just like maybe to give social media hundreds if you have one or if you looking for work or maybe a person watching they want to access your services and maybe help them create some two three things here that's your camera right there if they want to access you where can they find you okay on Twitter at moon become all on Instagram at moon become ours and on LinkedIn at and come out right that's where they can find you yeah you have a number yeah you want to do it's okay if you can if you can give it's okay yeah so my number is 0701 25 15 10 again 010 or 0701 25 15 10 all right thank you we have been speaking to Anna momy Kamau she is currently studying at Strathmore University a degree in computer science she's second year by the way and she sounds like she's already graduated and she's already in the industry interesting I wish you the best of like a country thank you so much here working with Safari com working with the biggest brands ever you're welcome and about not we are going to take a short break but before that you can find us on the hashtag why in the morning today still Thursday vibes van will be coming up next with interviews of course we have artists as well who are on standby but you can swim in again for free on www.kbc.co.ke forward slash why to for when personally you can find me at Brian's a corner one we take a break we are back with much more including interviews don't change the channel