What don't people tell you about programming, my response

In this response to What don't people tell you about programming?, I wanted to outline a few things that many might not know. But also, areas where I think I am in the minority of critical objections. You can read the original post for yourself at the above link. I have only brought in part of the text, and the statements that I am commentating on.

Read More

Traveling for work.

2021-06-03 travel, work, thoughts, personal

Before having kids, I used to like traveling for work. It was fun, and I got to see other places, mostly on the companies expense (of course tourism, never happened on company time, or at all; for any of my trips >.<  that seemed to be reserved for upper management travel meetings)

Read More

Distributed Password Salts For Security?

First "Do Not Create Your Own Password Storage & Verification" (unless you 'Know' what you are doing) instead of using an already established and proven library or algorithm and 'scheme'. But let's say you are using PBKDF2-sha256 which is very good, but like me you don't like how it stores the Salt in the database along with the hash and iterations. Well, on a project where I beefed up password security, on a 10+ year old website; the client's on staff developer came up with what I consider, one of the best Salt storage ideas. Then it was my job to make it real, and make is fast enough for production use. (I am not covering basic password security concepts here, just a slight modification, to increase complexity of obtaining all the data to compromise a users password)

Read More

WordPress is a Security Mess

By WordPress, I mean everything written for WP, not just the core software. Honestly, with a little configuration with security in mind, WP Core is rather solid (security-wise). However I have a client that wanted a specific "Feature" on their website, they found and installed a seemingly good plugin to add the desired functionality. Only 3 days later their website had been compromised. We started fresh, and installed everything again, double checking all the configurations. In just a day, it had been attacked and compromised again. How is this possible?

Read More

Quora Programming Questions?

More so recently I think there is a serious problem in the Quora Programming Community. There are a few issues, but at the top of my list is the number of absolutely ridiculous questions being asked. From the "Can I Actually Become a Programmer" to the "Why is X no longer good practice".

Read More