Menu

IT Hare on Soft.ware

Tap to confirm selection

Subscribe:

Your mileage may vary. Batteries not included

This category is dedicated to security best practices when applied to software development.
While we cannot provide a comprehensive list (yet), we are planning to keep expanding it.

Security Best Practices, page 1/2 :


Direct Payment Processing. Recovery from ‘Unknown’ Transaction Status. PCI DSS.

Quote:
“With the Direct Processing, customer should trust us (the merchant) with their details”
Another Quote:
“On the other hand, most of PCI DSS requirements make perfect sense regardless of formal compliance”

UDP for games – security (encryption and DDoS protection)

Quote:
“Yes, you DO need to encrypt your UDP traffic. And no, using UDP is NOT a valid excuse to skip encryption”
Another Quote:
“Personally, I prefer to think of it as of insurance – when I’m paying my premiums in hope that my money will go to waste.”

Avoiding ugly afterthoughts. Part b. Coding for Security, Coding for i18n, Testing as a Part of Development

Quote:
“Doing sanitization at IDL level automates quite a bit of tedious-and-error-prone work, which is always a Good Thing™”
Another Quote:
“Hey, this whole thing can be made MUCH simpler, the only thing we need to acknowledge is that the best identifier for a string is the string itself!”