One would assume that a programmer who is just learning, shouldn't enter web security, because it requires experience.

But that is actually wrong, web security is a very loving, and lovely, field.

It is perfect for artists and inventors, and those who are learning programming.

A person new to security, is more cautious than a busy overpaid senior developer.

That caution, is an infinite source, of security skill, programming intuition, and security wisdom.

It is in fact, an enormous superpower that instantly challenges state of the art technologies.

Allow me to show you, just the entry into this world, and hopefully shock you with how far you travel.

We will build a small company, that sells captcha.

It has been said that captcha is a solved problem, but only the captcha AI can train on is easily solved.

And right now all you need to do to defeat it, is just look up what the latest AI has trouble with.

Here, you don’t even need to create images, but ask odd questions that you know will trip up AI.

See, you are already up against generative language models.

And you are already, targeting their flaws, their lack of comprehension of context.

You may not even need to generate any strange images, just sit on top of what AI chokes on.

You only need very pleasant and basic lectures in p5.js, to begin generating image challenges that AI has never seen.

The pre-AI generative art, is all about visual complexity, and incredible and unseen beauty.

You get to learn programming, while generating odd art, to stop generative AI that cost millions of dollars to make.

I don’t want to get into details, but imagine Monday morning, as you are headed to cerate new challenges.

Just scribbling doodles on sticky notes, that you know will stop the AI.

Your company, should be a marketplace, that supports multiple users, so other programmers can come in and build challenges.

And whenever a new customer signs up, and your creative coders challenges successfully stop attacks, they get paid.

Programmers will see what works what does not, and when you detect high rate of traffic to some registration form.

You can then respond with multiple challenges, or more difficult questions.

Finally, your paying customers will instantly appreciate your work, you are stopping AI eqquped hackers, stopping network attacks, and automation.

Your company is useful, it increases the security of their company, especially when you code custom capcha just for their company.

When the AI gets too good, you then use text prompting, and another AI against it.

And then you get into interactive capcha, a small game, a 3D scene, a strange puzzle.

AI has been unleashed, and hackers secretly going crazy about it, their tools will become more powerful…

And here you are, in the very beginning, ready to cheerfully answer that challenge.

Web security needs your creative coding, your inventiveness, your brilliance.

And you can slowly learn, all kinds other programming along the way.

All you need to start, is Svelte/Kit, node.js and p5.js tutorials, and you’ll begin generating AI unsolvable capchas in no time.

it is a beautiful start to learning programming, it gets your company creating useful services nearly instantly.

In fact, start searching around the internet right now, what are the questions that AI can’t reliably answer?

And more importantly why, and how can you build on that.

And what in the world, are you going to call your company name?