Software companies used to have one goal: to develop efficient applications that users liked. When people switched from desktop to SaaS / web applications, companies were forced to focus on security to avoid being hacked. Now they will have a new mission: to ensure the privacy of their users. At any costs.
It's 8 PM on a Saturday and you get a call from your project manager asking if you could quickly modify a project's code and deploy it in production. You don't feel okay about it? You're absolutely right!
After years of developing software by (incorrectly) applying the Scrum methodology, I have come to this conclusion: Scrum is the new death march. Or rather, Scrum does more harm than good when it's mindlessly requested by managers who are merely trying to show how modern and trendy their development teams are.
Being the test-driven developer that you are, you are writing a Jasmine test for your AngularJS factory function, which returns a promise generated by our beloved $q. You know how to test an asynchronous response with Jasmine. You confidently run the test and... bam, you get an error message "Timeout - Async callback was not invoked within timeout specified by jasmine.DEFAULT_TIMEOUT_INTERVAL"
This week I resigned from my comfortable, well-paid job. Why on earth would a developer close to his 40s quit a very nice position as an architect/developer?
Scrum: this single word triggers heated debates, passionate evangelization and tales of horror stories. But whether you think it works or not, there is this one thing I've seen some Scrum adopters do, which defies the whole purpose of the methodology. And in my opinion, that is one of the factors that might lead to... epic failures!
You are developing your web client (AngularJS or any other) against your REST services' server, secured using cookies-based sessions and CSRF tokens sent as cookies. You've done everything by the book, followed the tutorials to make your security work, especially CORS and CSRF tokens. And yet you still get a pesky 403 when trying to login!
Welcome to my first "gotchas" post! In this series I'll try to document common traps we tend to fall into again and again. In this episode: Tomcat throws a java.lang.NoClassDefFoundError: org/apache/commons/logging/LogFactory when deploying and starting your brand new Java web application...
And now for something completely different. I recently had the privilege to play the first alpha preview of Tower 57: a gorgeous old school, pixel-art designed, "Chaos Engine"-inspired game by Pixwerk. A little something I got for being an early backer of its Kickstarter campaign. Warning, biased shameless plug ahead!
In October 2015 me and my partner-in-dev Emad Heydari Beni ran a small survey on how our blog readers, friends and relatives felt about privacy and security on the Internet. The survey was closed November the 11th and we started analyzing the data we had gathered. The short version? We were actually surprised at some of the answers!