Programming

Dark Politics for Engineers: Part 1

“Put your sword back into its place. For all who take the sword will perish by the sword.” — Jesus of Nazareth, 1st century Jewish Rabbi, Lord and Savior Corporate Politics Corporate politics: The human behaviors of exercising power and authority in the workplace. To double-down on this: politics is always the exercise of power and authority. Not sometimes. Always. Politics is neither good nor evil; but it can achieve both. Politics is a agent of work and change. Productive in harnessed application but destructive in unchecked liberation. ...

February 26, 2024 · map[email:tom@groshong.software github:tgroshon gravatar:3ef06d69d25df6c31fb095cfc6b08178 linkedin:thomas-groshong-2b23aa28 name:Tommy Groshong stackoverflow:2631962 twitter:TommyGroshong]

Is there a Generic "Doom Principle" of Programming Patterns?

As the software world is reeling over the log4j exploit (aka Log4Shell, aka CVE-2021-44228), I can’t help but feel a little tinge of unhealthy schadenfreude over the Java ecosystem. As I see it, Java’s infatuation with remote object directories and service providers directly led to this whack-a-mole-security-vulnerability reality that Java has been stuck in for decades. Java Naming and Directory Interface - JNDI Common Object Request Broker Architecture - CORBA Remote Method Invocation - RMI It brings to mind Moxie Marlinspike’s 2011 article “The Cryptographic Doom Principle” where he laid out the following: ...

December 14, 2021 · map[email:tom@groshong.software github:tgroshon gravatar:3ef06d69d25df6c31fb095cfc6b08178 linkedin:thomas-groshong-2b23aa28 name:Tommy Groshong stackoverflow:2631962 twitter:TommyGroshong]