A security blog – to be or not to be?

I have been toying with the idea of starting a security blog for some time now. Today, again, was talking to my colleagues and at least one of them thinks it is a great idea.

I always look with horror at what passes as security “features” proposed to the people who just start writing websites. The frameworks are no better, they usually have a long outdated set of functions. Or some of them are defective by design. And there seems to be no place on the whole Internet to turn for help. You would not e-mail Bruce Schneier every time you need to make a password hash, would you?

So I think there must be a place where people can turn to for some information on how the proper security is built. How the user authentication should be set up, how the passwords are stored, what is a good and a bad implementation of “remember me” function and so on. Something has to be done to improve the security of all those start-up website coming online by the thousand every day. Even old companies, like LinkedIn and Citibank, get hacked because they do not do it right. The help on security must be provided somehow, somewhere.

Isn’t there such a  place already?… -->

continue reading →

Back to square one

I am officially announcing that the idea to write in two places just because of the language difference was a stupid one. So we are back to the square one blog and I hope having a multilingual blog makes it all the more exciting. Who wants to bet that I will now start writing in all the other languages I know as well? どうですか?:)… -->

continue reading →

Blog separation

I am wondering whether it would be best to have two blogs, one for posts in English and another – for posts in Russian. The setup seems to be simple enough, so I just try it out. If I do not like it after a while I will merge things back to where they were.

So, head over to domtigra.wordpress.com for the posts in Russian or stay at tigrino.wordpress.com for English.… -->

continue reading →