Life and Ruby and Security
I read a quote this week that sums up a large part of why policies often fail to achieve their objectives: Just remember: people tend to resist that which is forced upon them. People tend to support that which they help to create. —Vince Pfaff Policies fail because they are forced upon people without any […]
Last night I was at the Chicago Area Ruby Group, and there was a presentation by Trevor Turk on his El Dorado project. While he was showing us the code I saw the method that generates the application’s authentication token. I could not help but notice that the security of the authentication tokens depends greatly […]
My previous post on Process Hell generated some thoughts from my friend Ryan at his blog in a posting called Policy, Subjectivity and Inteligence. It seems last year he had some similar thoughts in another post titled The “What isn’t easily measurable, doesn’t exist” Rule. I think he was spot on with why many costs […]
One thing that I learned in five years of working for an FDA regulated company: policies are usually written to address fears instead of to solve problems or provide a return on investment. Often when one challenges the usefulness of a troublesome policy the answer is that Something Bad might happen if we did not […]
I’ve decided that cosine.org should be dedicated to my favorite computer topics: Ruby, Rails, application security, and OpenBSD. This is all awesome stuff. Stuff that is awesomely interesting to me. However my level of knowledge in these topics varies a bit, and it creates a perplexing situation for me.
You are currently browsing the archives for the Security category.
