Wash
“Wash” can mean two very different things in a dev context:
- Cleaning devices (keyboards, laptops, phones) without wrecking them.
- Cleaning input data so it’s safe to store, render, and process.
Both are about the same principle: remove the bad stuff without damaging the thing you care about.
1) Washing devices: practical, low-risk cleaning
If you type all day, keyboards get grimy. The goal is to clean them without pushing liquid into switches, ports, or the battery.
A simple routine that’s hard to mess up:
- Power down (and unplug where possible).
- Turn the keyboard upside down and gently tap to remove debris.
- Use compressed air in short bursts.
- Use a soft brush for stubborn dust.
- For keycaps (where removable), wipe with a lightly damp cloth.
- For surfaces, use a small amount of isopropyl alcohol on a cloth — not directly on the device.
Avoid:
- soaking anything,
- spraying liquid into keys,
- “deep cleaning” laptops unless you know how to open them safely.
2) Washing input: sanitisation vs validation
In software, “washing” input usually mixes up two ideas:
- Validation: is the data shaped like we expect?
- Sanitisation/escaping: is it safe to store or display?
Validation is about correctness. Sanitisation is about safety.
The web basics: escape for the right context
When you output user-controlled text into HTML, the safe default is:
- treat it as text,
- escape it,
- never concatenate it into raw HTML.
MDN is a solid reference for how browsers interpret content and APIs: https://developer.mozilla.org/
Don’t trust “cleaning” functions
A common anti-pattern is trying to “strip bad characters” with a regex. That usually breaks legitimate input (names, addresses, non-English text) and still misses edge cases.
Better patterns:
- validate against a clear schema,
- store raw values,
- escape on output,
- and use parameterized queries for databases.
If you’re thinking about phishing and account risk, keep a calm checklist around too:
- UK NCSC phishing guidance: https://www.ncsc.gov.uk/collection/phishing-scams
Small habits that help
- Keep device cleaning supplies separate from food/drink areas.
- Treat input handling as a design decision, not an afterthought.
- Prefer “safe defaults” even if they’re slightly less convenient.
Related
- Tools we use: /release1-2-tools.html
- Phishing basics: /security/phishing/
If you only do one thing: don’t put raw user input into HTML, and don’t put liquid into keyboards.