Updates

DZone: You Are Not a Compiler!

It is common practice at conferences, interviews and certifications in general to assume that the candidate can process the code and find the subtle mistakes in it. As the article clearly says “there is no single proof of correlation between correctly answering any of the above questions and real-world proficiency of applying the skills they are meant to assess.”

Doing it right requires more time to prepare the material and analyse it afterwords but unless one needs to asses thousands of candidates, that investment is well worth it

Original article: https://dzone.com/articles/youre-not-a-compiler

Advertisements

On passwords

Almost all websites covering technology had an article this week about an interview by the Wall Street Journal with Bill Burr (the man behind the password complexity rules we are forced to use). In the interview Burr says that he might have been was ‘barking up the wrong tree’ in his 2003 manual NIST Special Publication 800-63. Appendix A

This was big news since many organisations follow these guidelines religiously, to the detriment of their users and possible security. Changing your passwords every 3 months and using long and complex combinations makes using a password-per-site impossible to remember. The advent of password managers and 2FA are a sign that the traditional username+password system is not good enough. Maybe someday in the future we will be seeing less passwords…

Reference: Original WSJ Interview and other coverage by BBC and The Verge.

3 security lessons from TDD

The original article Three Lessons From Test-Driven Development that can be found at: https://securityintelligence.com/three-lessons-from-test-driven-development/

“TDD was born out of a collective realization that we needed to change the way software was developed and tested. Similarly, the field of cybersecurity has, in the past decade, brought about a change in the way we think about layered defense in the face of determined attackers. By leveraging these three lessons, we can mirror TDD for software development to create new ways of validating and improving the cyber resilience of our own systems.”

Goodbye, finally!

“In collaboration with several of our technology partners – including Apple, Facebook, Google, Microsoft and Mozilla – Adobe is planning to end-of-life Flash. Specifically, we will stop updating and distributing the Flash Player at the end of 2020 and encourage content creators to migrate any existing Flash content to these new open formats.”
Read the entire Adobe article titled: The Future of Interactive Content