Your API sucks : security

Pop quiz time. You are given the following example URL to GET as an example of making a payment from your application. How many things here would make you back away slowly before setting the server farm on fire? http://www.example.com/api/pay?cardnumber=1234123412341234&ccv=1234&expirymonth=12&expiryyear=12&amountinpence=123456 So you complain it’s unsecured and they come back with an upgrade, so you need … More Your API sucks : security

What engineers want

How to keep engineers interested, and understand the people the company is so keen to tell us are the core of the business : engineers love problems, keep the work interesting; engineers are creative. Give them space to do so; engineers need autonomy to do the above; we do the work we do because no-one … More What engineers want