A friend of mine posed this brain teaser to me recently: | www.seancassidy.me
It's been over a year since I presented LostPass at| www.seancassidy.me
This is a summary of the talk I gave at GrrCon '16.| www.seancassidy.me
Two years ago, I wrote a post called| www.seancassidy.me
I was listening to Reply All today and they were talking about the| www.seancassidy.me
Updated 2016-02-04: LastPass has | www.seancassidy.me
January 2006: a friend and I were attending ShmooCon, a hacker| www.seancassidy.me
You need randomness. A lot of it. Good quality and fast. | www.seancassidy.me
This is a story I wrote for the DEFCON Short Story Contest. Here's my entry on the official forum. Be sure to let me know what you think.| www.seancassidy.me
You want to found a startup. You're not exceptionally well connected, you don't have the best idea in the world, your programming skills aren't world class. That's okay. You don't know how to build a product, market it, or how to sell it. That's okay, too. Because you're going to learn. You're going to learn the best way: by doing.| www.seancassidy.me
There are many analogies for technical debt, but the basic one is the most | www.seancassidy.me
How do you debug?| www.seancassidy.me
Domain names translate semantic meaning into internet addresses. They're for| www.seancassidy.me
Programming is a deeply humbling activity. | www.seancassidy.me
We have all seized the white perimeter as our own| www.seancassidy.me
Last year I started reading Meditations by Marcus Aurelius1. While I was reading it, I was struck at how many of the entries were just simple reminders to himself. Don't get mad at people unnecessarily. Remember that you are just one of many. Don't get distracted.| www.seancassidy.me
Java is one of the most popular programming languages around, but no one seems| www.seancassidy.me
For years I've been using mkpasswd in Linux to generate | www.seancassidy.me
When I wrote about the GnuTLS bug, I said that this isn't the last severe TLS stack bug we'd see. I didn't expect it to be quite this bad, however.| www.seancassidy.me
Software cannot be made to be intuitive to every person.| www.seancassidy.me
This field of glory is harvested, and the crop is already appropriated. But| www.seancassidy.me
You might have heard about the critical GnuTLS bug that was recently fixed recently. What's the deal with it? Why is it a big deal? What happened?| www.seancassidy.me
The reactions to the latest major security hole in a popular| www.seancassidy.me
The people who know the most about the systems at your company are very likely| www.seancassidy.me
I've been following the Telegram story over the past week.| www.seancassidy.me
I'm a hacker and a software engineer. You can be both. It's not mutually exclusive. This is how I did it.| www.seancassidy.me
There has been a lot of discussion recently about whether or not strings are broken or if we even need them. This misses what I believe to be a more significant issue with strings.| www.seancassidy.me
Odd as it may seem I am my remembering self, and the experiencing self, who| www.seancassidy.me
There has been a lot of discussion about 10x engineers lately. Do they exist? Are you one?| www.seancassidy.me
Recently, at work, we had an annoying bug in our code which came about from a seemingly harmless refactor.| www.seancassidy.me
Today, Groklaw shuttered its doors due to concerns of on-going privacy invasions. I understand pg's point of view and sympathize deeply, but I disagree. It is more important than ever to not give up, to not stop writing, to not stop writing privacy software.| www.seancassidy.me
Or, why Linus is wrong about being a jerk| www.seancassidy.me
The bus factor is an important thing to keep track of for both commercial and open source software development. If your bus factor is low (below two), you'll be in trouble if that developer leaves or cannot contribute any longer.| www.seancassidy.me
At my current job, we needed to move an aging web service into our job management system for reliability reasons.| www.seancassidy.me
I recently had a tough bug to deal with, and I think it makes for a good story.| www.seancassidy.me
Last year, sometime around June, I heard of Cryptocat and thought it was a pretty cool idea. Someone actually making cryptography available for the masses in an intuitive way without needing complicated key exchanges or a web of trust! Finally.| www.seancassidy.me
I recently found a rather lengthy variable name in some code, and mentioned it to a friend. It looked like this:| www.seancassidy.me
Google has recently published test results comparing VP8 to H.264. It created somewhat of a stir on the x264-devel mailing list. I thought I would add what I found two years ago as a result of my thesis work. That is, these results are not fully up-to-date, but still interesting.| www.seancassidy.me
An friend of mine used to ask this interview question:| www.seancassidy.me
When writing the HTTP API for DiNet, I had a problem that many services must deal with: one user maliciously generating traffic and denying service to legitimate users. In fact, the problem is much more severe in a flood network like DiNet (the diluvian part of the name is not a misnomer), as one user can generate a lot of traffic on routers.| www.seancassidy.me
One of the fundamental skills a software engineer needs in order to be successful today is a mastery of Google-fu. If you do not reference the accumulated knowledge and experience of the Internet on a daily basis your work will suffer. However, I think we, as a community of engineers and thinkers, should take a step back when someone says, "The best programmers are the first to Google."| www.seancassidy.me
Phishing awareness training done via simulated phishing emails that your Security team sends does more harm than good.| www.seancassidy.me