IT Hare on Soft.ware

Tap to confirm selection


Your mileage may vary. Batteries not included

This category is dedicated to security best practices when applied to software development.
While we cannot provide a comprehensive list (yet), we are planning to keep expanding it.

Security Best Practices, page 1/2 :

Direct Payment Processing. Recovery from ‘Unknown’ Transaction Status. PCI DSS.

“With the Direct Processing, customer should trust us (the merchant) with their details”
Another Quote:
“On the other hand, most of PCI DSS requirements make perfect sense regardless of formal compliance”

UDP for games – security (encryption and DDoS protection)

“Yes, you DO need to encrypt your UDP traffic. And no, using UDP is NOT a valid excuse to skip encryption”
Another Quote:
“Personally, I prefer to think of it as of insurance – when I’m paying my premiums in hope that my money will go to waste.”

Avoiding ugly afterthoughts. Part b. Coding for Security, Coding for i18n, Testing as a Part of Development

“Doing sanitization at IDL level automates quite a bit of tedious-and-error-prone work, which is always a Good Thing™”
Another Quote:
“Hey, this whole thing can be made MUCH simpler, the only thing we need to acknowledge is that the best identifier for a string is the string itself!”