PingFIN 9 is here

The PingFIN 9 workshop is an international e-payments workshop taking place from the 12th-15th March concurrently in 6 Universities: Colchester Institute, Faculty of Organization and Informatics, FH SalzburgOdisee, Westerdals and MCAST.

The workshop in Malta, held at the MITA Innovation Hub, is sponsored by MITA, MITA Innovation Hub, eSkills Malta Foundation and RS2 Software plc.

For more information see:

DZone: You Are Not a Compiler!

It is common practice at conferences, interviews and certifications in general to assume that the candidate can process the code and find the subtle mistakes in it. As the article clearly says “there is no single proof of correlation between correctly answering any of the above questions and real-world proficiency of applying the skills they are meant to assess.”

Doing it right requires more time to prepare the material and analyse it afterwords but unless one needs to asses thousands of candidates, that investment is well worth it

Original article:

On passwords

Almost all websites covering technology had an article this week about an interview by the Wall Street Journal with Bill Burr (the man behind the password complexity rules we are forced to use). In the interview Burr says that he might have been was ‘barking up the wrong tree’ in his 2003 manual NIST Special Publication 800-63. Appendix A

This was big news since many organisations follow these guidelines religiously, to the detriment of their users and possible security. Changing your passwords every 3 months and using long and complex combinations makes using a password-per-site impossible to remember. The advent of password managers and 2FA are a sign that the traditional username+password system is not good enough. Maybe someday in the future we will be seeing less passwords…

Reference: Original WSJ Interview and other coverage by BBC and The Verge.

3 security lessons from TDD

The original article Three Lessons From Test-Driven Development that can be found at:

“TDD was born out of a collective realization that we needed to change the way software was developed and tested. Similarly, the field of cybersecurity has, in the past decade, brought about a change in the way we think about layered defense in the face of determined attackers. By leveraging these three lessons, we can mirror TDD for software development to create new ways of validating and improving the cyber resilience of our own systems.”