thoughts about software and sensible security.

Categorysecurity

Programmeren met passie? Please!

P

Peter de Wits laatste Sigmund column kwam als geroepen deze zaterdag. Ik liep al langer met het idee om eens af te rekenen met het grootste jeukwoord van de afgelopen jaren. Ik hoop dat de Volkskrant deze trouwe abonnee en Sigmund fan dit fair use toestaat…

Peter de Wit in de Volkskrant van 4 aug 2018

(more…)

Spring Data REST: convention over security

S

You know the sales pitch by now: agile development helps to deliver value to stakeholders fast and efficiently. Frequent releases guarantee maximum visibility. We want to see progress now. So we’ll spare a thought for security along the way and worry about it when it’s too late.

Don’t get me wrong: if that’s how a team chooses to work they only have themselves to blame. There is nothing in agile development that downplays the importance of security.  It’s just that an inordinate focus on delivering visible value fast doesn’t bode well for safe software, as this is a quality attribute that takes time (=money) to do well and meanwhile is not very visible to end users. Until it all goes horribly wrong of course. (more…)

Security as an afterthought

S

I am doing a Coursera course called Usable Security which – as you would expect – is all about improving the security of systems through better usability.

It’s hard to dispel the opinion common among developers that usability and security are somehow inversely proportionate; that rock-solid secure systems are of necessity hard to use, and that improving their usability must degrade their security. Quite the opposite is true in fact. Systems with a large potential for serious damage should be foolproof and that’s where usability comes in. Making them hard to learn only makes them more error-prone. (more…)

thoughts about software and sensible security.

Recent Posts

Jasper on twitter

Catching thought criminals in Orwell's analogue dictatorship was time-consuming and ineffective. A.I. will fix all… https://t.co/XpzIDondJe
h J R
I expect Mars to be successfully colonized long before we have flawless PDF to Word conversion.
h J R
Don’t tout #kotlin conciseness as a unique selling point. Concise does not equate understandable and if concise is… https://t.co/Hj7FrbZuI8
h J R
Hilfiger gives ‘smart dress’ a whole new meaning with new tracking chip. https://t.co/OeB4NEbVQI
h J R
ATDD is really different. Think of it as All Tests Drive Development. New blog post. https://t.co/J7uyHmCXFf
h J R