Why software is so insecure: clueless developers
British gas
dotenv
So, you think you are not in a technology business?
Many years ago the CEO of a large transport company [1] told me that he regarded their IT as a key competitive advantage. IT should be a vital part of reducing costs, or improving the product or service, or generating leads in almost any business. What opportunities do you have to make technology a competitive advantage?
Why your business (probably) has code quality problems
We are very much an advocates of developing custom systems in pursuit of productivity and competitive advantage, but in this post I am discussing one of the draw backs of doing so. In fact, most businesses rely on custom code in some form or another, but do not really realise it.
A Perfect example of pointless benchmarks
The developers of a web framework written in Apple's Swift language have a set of benchmarks that (surprise, surprise) shows that their framework, modified to use a new (now newish) async library is faster than everything else. Apart from the the usual dangers of micro-benchmarks, there is a lot wrong with the tests.
Automate deployment - even for small systems
One of the clients who I have been working for in the last few weeks has far more automated deployment than the others. It makes a huge productivity difference. This was not only because it was one of two server migrations I did, although that did make the difference starker, it was the continual time savings.
What determines success and failure on the web?
What makes a web site (or a web app) a success or a failure? Having seen a lot of successes and failures I find there are a few common types of business website that have different risks and determinants of success:
What's your disaster recover plan?
A business can be destroyed by losing its data. I have known even losing the data on a single person's hard drive to be very expensive, and losing your servers can be much worse. You need to think about backups, continuity, hardware. I have taken a server out of a bomb blasted building and it worked - but it might not have.
When REST and Websockets are a bad idea
HTTP was designed for a specific use case: communication between a browser and a server. The same is true for JSON. Is also often a good idea to use HTTP ports for things like mobile apps because a significant number of people need to use them from networks that block other ports (e.g. when using corporate wi-fi). The problem is that HTTP and websockets are used inappropriately.
Technical debt from a business persepective
Technical debt tends to be talked about, and worried about, more by developers than by those running a business or looking after its finance. The problem is that not taking it into account will lead to bad decisions.
Why your website should be ugly
Most people (out side the industry anyway) assume that web sites should look good, and an aesthetically good website will produce better results than an ugly one. This is not true, and many of the things that make a website look good will tend to make it worse for users.