A Physics Puzzle

While working on Floating Sandbox 1.8 I realized I’d gone through 8 versions without noticing a subtle bug in the buoyancy simulation. Fixing the bug challenged my common sense on how things really sink underwater, and after bringing up the discussion at lunch with some of my colleagues, I realized it was not only my […]

Read More A Physics Puzzle

Proud of My Patch Panel

Today was my last day of work at my current company, and I paid a visit to the company’s offices to return company property and cleanup my drawer. On my way out, I had a last glance at the patch panel of the office – it took me a few days in February 2010 to […]

Read More Proud of My Patch Panel

OWASP and Input Validation

As a follow-up to my previous post, here’s another example of OWASP’s “authoritative” prescriptive guidance that gives developers advice that is, in my humble opinion, dangerously wrong, and which contributes in building that sort of “parrot security expertise” – i.e. expertise that is based on repeating nonsensical mantras – which you see unfortunately way too […]

Read More OWASP and Input Validation