The Weekly Dev - 202201
We the Devs
If you are willing to have your code customer-facing in some way and maybe also open on the internet, you will definitely have to deal with authentication, security schemes and - in some measure - be aware of the proper ways to use cryptography for your own good and for GDPR compliance, whether your are in the EU or not.
An interesting checklist of steps to secure applications you want to expose out on the internet.
An instructive write-up about all the available schemas for Server-to-Server application security. Going the long distace to explain the whys (and why nots) of X509, bearer tokens, JWT, HMAC and more.
Credits to Dmitry Medvedev for the tip.
How many times have you loaded that very page loaded with advertisments just to have a check on you internet speed ? Did you ever remind that - if you want to measure the network speed between two points in space, there are actually proper tools?
A word of warning about a (not-so-much)fancy feature that many sites encourage.
Interesting writeup on linux security that covers aspects slightly unobvious for developers typically used to server and desktop computing.
[linux] [gdpr] [cryptography] [security] [x509]