My 2cents …

Building for the 99% Developers | Future

This is a good post on the huge gap between what “developer-influencers” from the big FAANGs are talking about, and the daily reality of most developers.  It puts your(our) work in to perspective. Definitely a good read.

I see more and more private Blockchains or Blockchains that have a central trust. I don’t get it. If its private, use your Database, if your architecture needs a central control.. guess what its again your Database.

Blockchains do address a real problem: Keeping track of a record without access to a shared trusted party. However, it also casts serious doubts on Blockchain projects which require central trusted entities anyway. Private Blockchains are a contradiction in terms where you get all the complexity of Byzantine Consensus but none of its benefits as it is nevertheless centralized around a trusted party.

Source: What Problem Blockchains Actually Solve – The Solution Space

• When was the last time the security team gave you personalized advice?
• When was the last time the security team or even IT team asked for your permission before they made a change to your laptop?
• When was the last time the security team asked you for your thoughts on security risks you see in your daily workflow?
• Can you recall that time where they asked you how upcoming security changes to your device would impact your daily workflow?

Good questions, read more at:

Sou

Source: Honest Security

Ja so ist Java (JNDI/RMI/….):

Man muss sich das wie einen Dreijährigen vorstellen, der sich jede Klasse in den Mund steckt, um herauszufinden, wie sie schmeckt und ob sie sich ausführen lässt.

Leider war:

Code. Ist. Nicht. Dein. Freund.

Ganz besonders nicht dynamisch aus dem Internet nachgeladener Code.

Quelle: Kommentar zu Log4j: Es funktioniert wie spezifiziert | heise online

Whaoo  … the first plant on the moon.

See:

•  China’s moon lander sprouted a plant, but now it’s dead – CNET
• China sprouts the first plants on the moon
• China’s Moon mission sees first seeds sprout

This security checklist should be mandatory for anyone who is using a computer or mobile device. It is an open source checklist of resources designed to improve your online privacy and security. Check things off to keep track as you go.

Quelle: Security Checklist

OMG .. so .. good bye Atlassian  🙁

Congratulations, Australia: somehow after chaotic scenes in parliament, the government last night managed to secure after-the-bell passage of its encryption-busting eavesdropping legislation.

Quelle: Wow, what a lovely early Christmas present for Australians: A crypto-busting super-snoop law passes just in time • The Register

Amazing – the District of Columbia’s legal code it hosted at GitHub.

The District has managed to take a practice of modern software development and apply it to its legal code by putting its legal code onto GitHub at https://github.com/DCCouncil/dc-law-xml.

Quelle: How I changed the law with a GitHub pull request | Ars Technica

A really  good roadmap on how to evolve into a DevOps:

Article: https://dzone.com/articles/the-devops-roadmap-for-programmers

Image Source: https://github.com/kamranahmedse/developer-roadmap (There are also some for frontend/backend developers)

The absolute worst is when you have dozens of people from all different departments in the same room. Sales, marketing, support, administration, programmers, designers, what have you. These departments have very different needs for quiet or concentration or use of phones or open conversation. Mixing them together is peak bad open office design.

Source: https://m.signalvnoise.com/the-open-plan-office-is-a-terrible-horrible-no-good-very-bad-idea-42bd9cd294e3