Passwords Considered Harmful
Passwords, plainly, are not only bad at their intended purpose, but nearly everyone is incapable of using them correctly. That includes both developers, and users. Meanwhile they’re a constant security risk, not only because individual passwords can be broken, stolen, guessed, or given away. But also because, if you have no other data than email and password pairs you do have something worth stealing. Painting an even larger target on your back. It’s time to stop using password for authentication. Passwords are now considered harmful, and you shouldn’t use them anymore.
In news that’s surprising to no one who’d read this. OK Google Voice recordings leaked Yet, this is still breaking news. When I first read this story, I felt bad for the people who were contacted for comment by the news reporting agency who broke this story. It’s not hard to imagine that they were surprised that the device was recording their conversation, especially given that they didn’t even say the keyword. I’d bet it was even more surprising that it contained enough information for a reporter to find and contact them. That level of invasion of privacy is a pretty hard hit to just absorb.
You don't want to be a developer
You don’t want to be a software developer. Or at least I don’t want you to be, I want you to be a software engineer. It may seem to be simply a semantic difference, but it’s an important one. Developers write a lot of software, implement features left and right. Some of the best ideas I’ve seen come from developers I respect. The critical difference is that developers omit the well known engineering maxim.
It seemed like a good idea at the time...
Context: While working on wifi functionality for HUDTDS (heads up display that doesn’t suck), because
iwwarns not to screen scrape, I looked into exactly how it works and learned about a cool thing you can do. Because I’ve never seen anything like this, I thought it was interesting.