TreZ - Slashdot User

Submission + - Ask Slashdot: Security review tales

Submitted by TreZ on Wednesday October 04, 2017 @12:14AM

TreZ writes: If you write software, you are most likely subject to a "security review" at some point. A large portion of this is common sense like don't put plain text credentials into github, don't write your own encryption algorithms, etc. Once you get past that there is a "subjective" nature to these reviews.

What is the worst "you can't do" or "you must do" that you've been subjected to in a security review? A fictitious example would be: you must authenticate all clients with a client certificate, plus basic auth, plus MFA token. Tell your story here, omitting incriminating details.

Comment Simpsons Knew Better (Score 2) 123

by TreZ on Monday November 17, 2014 @11:43PM (#48408231) Attached to: Electric Shock Study Suggests We'd Rather Hurt Ourselves Than Others

http://en.wikipedia.org/wiki/There's_No_Disgrace_Like_Home

Submission + - IP Laws are blocking innovation (groklaw.net)

Submitted by DrJimbo on Friday February 11, 2011 @05:35PM

DrJimbo writes: The White House is asking us to give them ideas on what is blocking innovation in America. I thought I'd give them an honest answer. Here it is:

Current intellectual property laws are blocking innovation.

President Obama just set a goal of wireless access for everyone in the US, saying it will spark innovation. But that's only true if people are allowed to actually do innovative things once they are online.

You have to choose. You can prop up old business models with overbearing intellectual property laws that hit innovators on the head whenever they stick their heads up from the ground; OR you can have innovation. You can't have both. And right now, the balance is away from innovation

Slashdot Top Deals