Last week, an article was published with some interesting numbers about the security of PostgreSQL servers publicly exposed to the internet (You can find it here). But more than the numbers, what really caught my attention was the fact that most clients and libraries used to access and interact with the databases have insecure defaults: […]
Category: Software Development
In the final tips post of the year, lets address a solution to a problem that most websites face once they have been online for a while. If you have a back-office or the concept of user accounts, soon you will face the security problem of attackers trying to hack into these private zones of […]
This time I’m gonna address Django’s builtin authentication system, more specifically the ways we can build custom improvements over the already very solid foundations it provides. The idea for this post came from reading an article summing up some considerations we should have when dealing with passwords. Most of those considerations are about what controls […]
Categories
Documentation done right
One critical piece of the software development process that often gets neglected by companies and also by many open-source projects is explaining how it works and how it can be used to solve the problem in question. Documentation is often lacking and people have an hard time figuring out how they can use or contribute […]
Git by itself is a distributed version control system (a very popular one), but over the years organizations started to rely on some internet services to manage their repositories and those services eventually become the central/single source of truth for their code. The most well known service out there is GitHub (now owned by Microsoft), […]
Nowadays most software developed using the Python language relies on external packages (dependencies) to get the job done. Correctly managing this “supply-chain” ends up being very important and having a big impact on the end product. As a developer you should be cautious about the dependencies you include on your project, as I explained in […]
Last January I made a small post about setting up a “Content-Security-Policy” header for this blog. On that post I described the steps I took to reach a final result, that I thought was good enough given the “threats” this website faces. This process usually isn’t hard If you develop the website’s software and have […]
Categories
Rust examples and exercises
Learning to program in Rust is as easy like other languages out there, because it ends up having different constrains and new concepts that you will have to go through, in the beginning everybody fights the compiler at least a little bit. I started this journey a while ago, however I’ve been progressing slowly just […]
Nowadays most software projects with a “decent size” rely on many software dependencies, or in other words: libraries and tools, developed by other people. That usually are under constant change. The reasons for these are clear and can go from implementing common patterns and avoid repeating ourselves, to accelerate the development, to use mature implementations […]