Archive for May, 2004
More Security or Different Security
We’ve just been having a discussion at work about the benefits of Impersonation and Delegation in .Net. That is, the ability of an application to perform actions using the identity of the human user driving them.
For web applications, web services, database access etc this can be very useful, giving a trail throughout a multi-tier application showing which user performed an action.
The obvious perception is that this is, of course, more secure. But that’s just not true…
Comments and Hot Water
“…and they don’t even comment their code…” said Brian as he explained noisily why the project he was code reviewing was poor enough to get someone fired.
“But comments are evil” I said, defending code that was not mine and I had never seen. “Comments are an excuse for writing unreadable code that nobody other than the writer can understand … and they go out-of-date quicker than you can say ‘jack robinson’ so you can’t trust them even if they’re there.”
As the looks of incredulity greeted me from around the office I realised that, perhaps, I hadn’t done enough groundwork before making this statement.
“It’s like those ‘Very Hot Water’ signs you get in office bathrooms” I went on. “The problem is that the water is too bloody hot, ” I aspoused “but instead of fixing the water temperature somebody, almost certainly in a meeting where the guy who controls the water temerature wasn’t present, orders the installation of the evil signs”.
Still ranting on I point out that “the whole purpose of which is to present a defence in the event that someone gets scalded and decides to sue”.
“They actually turn the water temerature up to kill any germs in the pipes” a small voice threw across the room.
But the point still stands. Stop insisting developers write comments and start insisting they write _human_ readable code.
Must learn to look deeper
I always enjoy mind puzzles like The Monty Hall Problem which I discovered recently while reading The Curious Incident of the Dog in the Night-time. Many of my friends like these puzzles too. Yes, I am a geek.
But one of the obvious ones I’ve always thought I knew, as it’s easy, I’ve just found out I got wrong…
Search
What I'm Doing...
- @moustaki, would you recommend an equivalent to music ontology for visual recordings? 2 days ago
- @chriskeene Does the uni have it's own local weather system? (http://twitter.com/chriskeene/status/10314171215 and go left) in reply to chriskeene 2 days ago
- @_philjohn should I expect a late arrival then? in reply to _philjohn 2 days ago
- More updates...
Recent Comments
- Patents are Property – Like it or Not « Chasing the Power Curve on When Patents Go Wrong…
- Arizona Joe on Fixing a plasma TV
- alex_turner11 on Ground roundup of new eReaders at CES on CNN
- negative_charge on Hacking Into Your Account is as Easy as 123456
- infopeep on Hacking Into Your Account is as Easy as 123456
- BenenhaleyBrian on The 18 Mistakes That Kill Startups
- Brian Benenhaley on The 18 Mistakes That Kill Startups
- infopeep on The 18 Mistakes That Kill Startups
- Rob Styles on Ruby Mock Web Server
- Jim on Fixing a plasma TV
Categories
- .Net Technical (8)
- Blog on Blog (6)
- commands I have issued (9)
- Enterprise Architecture (19)
- event (4)
- Fiction Book Review (2)
- Food (2)
- Intellectual Property (9)
- Interaction Design (27)
- Internet Social Impact (43)
- Internet Technical (16)
- IP Law (10)
- Library Tech (19)
- Music (2)
- New Toy (4)
- Non-Fiction Book Review (7)
- Ontologies (6)
- Open Data (7)
- Other Technical (20)
- Personal (36)
- Random Thought (16)
- Resourcing (4)
- Review (1)
- Security And Privacy (11)
- Semantic Web (30)
- Software Business (10)
- Software Engineering (37)
- Talis Technical (9)
- Uncategorized (44)
- Working at Talis (26)
- [grid::blogpaper] (8)
- [grid::fatherhood] (4)
Archives
- February 2010 (1)
- January 2010 (4)
- November 2009 (10)
- October 2009 (4)
- September 2009 (2)
- August 2009 (9)
- July 2009 (12)
- June 2009 (5)
- May 2009 (6)
- April 2009 (7)
- March 2009 (3)
- February 2009 (6)
- January 2009 (10)
- December 2008 (4)
- November 2008 (4)
- October 2008 (9)
- September 2008 (23)
- August 2008 (8)
- July 2008 (1)
- June 2008 (1)
- May 2008 (6)
- April 2008 (14)
- March 2008 (3)
- January 2008 (5)
- December 2007 (6)
- November 2007 (13)
- October 2007 (9)
- July 2007 (2)
- June 2007 (1)
- May 2007 (10)
- April 2007 (5)
- March 2007 (11)
- February 2007 (10)
- January 2007 (13)
- December 2006 (8)
- November 2006 (8)
- September 2006 (2)
- August 2006 (1)
- June 2006 (2)
- February 2006 (2)
- January 2006 (3)
- December 2005 (3)
- November 2005 (2)
- September 2005 (2)
- August 2005 (5)
- July 2005 (8)
- June 2005 (3)
- May 2005 (2)
- February 2005 (1)
- January 2005 (4)
- December 2004 (3)
- November 2004 (6)
- October 2004 (2)
- September 2004 (2)
- August 2004 (5)
- July 2004 (1)
- June 2004 (4)
- May 2004 (4)
- April 2004 (3)
- March 2004 (13)
- February 2004 (6)
- December 2003 (3)
- November 2003 (1)
- August 2003 (2)
- July 2003 (1)
- June 2003 (2)
- May 2003 (1)
- March 2003 (1)
- January 2003 (1)
- October 2002 (1)
- May 2002 (1)
- March 2002 (1)
- August 2001 (1)
- May 2001 (1)
- April 2001 (1)
- January 2001 (1)
- December 2000 (1)
- November 2000 (1)
- December 1999 (1)
- November 1999 (1)
- July 1999 (1)