The Weekly Dev - 202201

We the Devs

If you are willing to have your code customer-facing in some way and maybe also open on the internet, you will definitely have to deal with authentication, security schemes and - in some measure - be aware of the proper ways to use cryptography for your own good and for GDPR compliance, whether your are in the EU or not.

4 easy steps to make your server less dangerously insecure

An interesting checklist of steps to secure applications you want to expose out on the internet.


A Child’s Garden of Inter-Service Authentication Schemes

An instructive write-up about all the available schemas for Server-to-Server application security. Going the long distace to explain the whys (and why nots) of X509, bearer tokens, JWT, HMAC and more.

Credits to Dmitry Medvedev for the tip.


3 Command line tool to test bandwidth between 2 servers

How many times have you loaded that very page loaded with advertisments just to have a check on you internet speed ? Did you ever remind that - if you want to measure the network speed between two points in space, there are actually proper tools?


Link shorteners: the long and short of why you should not use them

A word of warning about a (not-so-much)fancy feature that many sites encourage.


Introduction to Embedded Linux Security

Interesting writeup on linux security that covers aspects slightly unobvious for developers typically used to server and desktop computing.


[linux] [gdpr] [cryptography] [security] [x509]