For all that is related to development
You decided to apply for that position or mission and nailed the technical interview. They want you on board! That sounds great, but… before saying “yes” there might be a few questions you should ask and a few things to clarify.
As professional developers, we constantly try to make our code readable for all to understand. We use the term “fluent code” to describe that line of thought. But beginners may find that a bit of an abstract notion… In this post I propose you to examine a concrete case I have recently encountered, and one solution for turning that bit of code into something I am proud(er) of.
So far in this series of posts we have examined how to handle PGP encryption’s core tasks in Java. We now move to the front end side and examine the incredible power of OpenPGP.js !
You’re working on a new project, which uses a framework requiring strong random number generation. Typically, this could be Spring Security’s BCryptPasswordEncoder. You run your application on a Linux machine: your local Linux Mint for development or some Ubuntu Server instance, for example. And then… nothing happens. The application seems to be hanging! What gives?
In the previous installment we examined how to generate PGP keys using Java. Now that we have those, we can start encrypting! This post examines how to leverage the excellent Bouncy GPG library to make Java PGP encryption as easy as it gets.
Last time we examined whether Efail and SigSpoof were a game breaker or not. Spoiler: it’s not half as bad as it was claimed. Today we will get our hands dirty: we will implement OpenPGP key generation in Java with BouncyCastle’s seminal library.
You may have noticed: encryption has received some bad rap lately. I’m talking about Efail and SigSpoof of course, two flaws that impacted OpenPGP-based applications such as GnuPG, Enigmail, etc. Does it mean that OpenPGP is broken?
To complete this series about stateless security, I decided to take a bow and list all the blogs posts and websites I’ve studied to get here. If you’re looking for more information on stateless authentication and JWTs, this might be a good place to start from!
After a small pause, I resume our exploration of stateless RESTful security by asking THE big question everyone should consider when deciding to go stateless: is it worth it?