Posts
-
Setting HTTP security headers in Rails
HTTP security headers are easy to configure, and provide a flexible way to mitigate several types of cross-site scripting and sniffing attacks.
They’re worth adding to any dynamic website, since they only take a few minutes to set up and are supported by most modern browsers.
-
What's risk management?
Risk management is one of the topics covered in the introductory computer security course at UBC, and it's relevant to many other fields including finance, engineering, and project management.
The main idea is simple: when a project involves high-value assets, an effective approach is to identify all of the relevant risks and evaluate their impact and likelihood in order to prioritize them and determine appropriate countermeasures.
-
Improving authentication usability
Usable security has become a more explicit goal, now that we've recognized that tools that are too challenging to use will not be widely accepted, no matter their utility. Usability and security in practise have become a mainstay at security conferences, and we can see some of the results in industry.
For instance, we're seeing more experimentation with authentication methods that make passwords easier to use, or that do away with them entirely.
-
Waiting until Docker containers are initialized
An issue that a lot of people run into when automating Docker builds is in figuring out how to wait for services to be set up before running subsequent commands.
For example, you might need your database container to finish initializing before you can run your database migrations and test scripts.
A common solution is to add wait times between steps, adjusting times as necessary. Another solution is to continuously ping the containers to check for open ports or specific files that are created during set up.
Neither strategy is ideal. Fixed wait times are at best unnecessarily long and at worst lead to fragile builds, and open ports and created files don’t reliably indicate that a Docker container is fully initialized.
A third strategy that has been suggested for database containers is to query the database every few seconds until it has been set up with the required user credentials.
-
Dijkstra's algorithm for finding the shortest path to other nodes
Dijkstra's algorithm is a simple, elegant graph algorithm, and one of my favourites.
The problem it solves is the following: given a graph with non-negative edge weights and a start node, how can we find the shortest path to other nodes in the graph?
-
(LXDE) Adding user-specific start menu items
In this post we’ll add a user-specific start menu item for an npm application, Evolus Pencil V3.
To create a start menu item with a custom icon, we will:
- Define the start menu item in a .desktop file
- Add an icon to the filepath specified in the .desktop file
- Refresh the start menu to view our changes
-
Scalability of data processing
How can we make distributed computing more resilient, remove bottlenecks, and improve scalability?
We can often address these questions at the architectural design level, in which we plan the structure of our system and the high-level interactions between system components.
-
Hash functions for cryptography versus look-up
A hash function accepts an arbitrary sequence of bits, such as a string or file, and outputs a corresponding sequence of bits of fixed size. This output is known as the "hash" of the input.
subscribe via RSS