Image for post
Image for post
Photo by Mauro Sbicego on Unsplash

For years, we have learned to repeat that data has three vulnerable points, data-at-rest, data-in-transit, and data-in-use. And for years we have learned to repeat that data-in-use is hard to protect, well because you are using it. A sword is kept in its scabbard to protect it, once drawn out and being used in battle, I’m sorry to say, it’s going to get gouged. And data, albeit mightier than the sword, when in use, suffers the same fate. (If you wish to read about data leakage and prevention, here’s a shameless plug to my article on it.)

Not all roads…

Image for post
Image for post
Photo by Gary Butterfield on Unsplash

Whenever you take up an enterprise middleware assignment with existing backend systems, you are bound to discover a jack or two in the box. But when you come across a slow, yet mission-critical piece of software that cannot be upgraded nor replaced, you know you’ve hit the holy grail of antipatterns.

Daunting as it may be, it’s not without remedy. And often, a less thought-through design can make the situation far worse than it is. What I’m trying to propose here are a few design considerations you can try if you are ever found in the same unfortunate situation.

Are we there yet? — Response Caching


Image for post
Image for post
Photo by MinuteKEY on Unsplash

If you’ve used APIs, you are not a stranger to oAuth2 and Refresh Tokens. Although there are numerous ways of securing an API, oAuth2 has always been the Durex to API and oAuth2 has never let API down, well almost, 98% of the time, if used correctly.

oAuth2 is a well versatile battle-hardened framework which is invaluable when it comes to securing and securely sharing resources. However during one of my previous engagements, I’ve come across a scenario where it didn’t fare very well. The objective is to explore the possibility of using something completely different to solve the problem…

Image for post
Image for post
Photo by Erick Zajac on Unsplash

When you think of native Java apps, you think of an executable jar and this has been the case since Google has been indexing us, I mean the web. There is a profusion of platforms and frameworks which would allow you to boilerplate a java app really quickly and Quarkus is one of those. But Quarkus is a bit more as well. You focus on solving the problem whilst Quarkus will do everything else including, managing dependencies, bundling, and building you a native image of your choice. So once you’ve done writing your application, you should be able to run…

Image for post
Image for post
Bolling Air Field horn amplifiers via Wikimedia Commons (Unknown author / Public domain)

Eavesdropping, has nothing to do with the Garden of Eden, or Eve, or.. well you get the picture, since that bad joke is out of the way, let’s focus on Acoustic Eavesdropping.

Acoustic Eavesdropping is the process of gathering information/intelligence using sound and has been used in various forms since as long as WWI, or even earlier. The picture above is a device used to listen to the sound of enemy aircraft during WWI as a warning of an air strike, this was the pre-radar era. Gathering intelligence using acoustics is quite widely used and nothing new. So I thought…

Image for post
Image for post
Image by 272447 from Pixabay

The darkest places in hell are reserved for those who do not take data loss seriously. Although Dante did not write that, I believe it’s true.

We live in a world where silicon, aluminum, copper, and lead is interwoven with flesh and blood to create an extension to ourselves we call smart devices, the very elements that are toxic to us. The software that gives life to these devices is like the soul, and without a proper sense of responsibility, ethics, and a moral compass, they too can very well end in eternal damnation, along with us.

You see, security…

Image for post
Image for post
Photo by Yaopey Yong on Unsplash

Rise and Shine! Oh, what a lovely morning, you could already feel a touch of spring in the air! Alrighty right, let’s get some work done!

“I need to work on that document we started yesterday, need to send it off EOD”

“Wonder what happened to Kim Jong Un, is he alive?”

“Hmm… turns out he’s ok”

“back to work, Ooh, encryption! Remember the article on elliptical curves, need to finish that”

“Sure, but first, let’s get on with this”

“But seriously though, what’s with all the NSA backdoor talk with ECC”

“For the love of God, and everything else…

Shane T. McCoy [Public domain], via Wikimedia Commons
Shane T. McCoy [Public domain], via Wikimedia Commons
Shane T. McCoy [Public domain], via Wikimedia Commons

When I say it’s coming, what I mean is that it’s already here. As a matter of fact, it’s been around for a while now. I guess that’s how QUIC HTTP/3 is, here even before it is here. Ok, so it’s still experimental, but most of the trailblazers like Google, Facebook, Mozilla have already adopted it and have being using it for a while now.

So what’s the big deal with HTTP/3? It’s just another version of HTTP. Wrong, this is the first version of HTTP purpose-built for the interactive & mobile internet, I feel. See, the earlier versions were…

’Tis the season peeps! Lot of traveling, shopping and crowded roads, so, I thought of giving everyone a quick memory refresh on road signs and rules.

Before we start, if you drive a bus or is a benevolent soul who art above the law, you don’t have to read this, road rules don’t really apply to you folk. So have a Merry Christmas Ho! Ho Ho.

Dotted, single and double lines: Purely decorative. They bring a certain elegance to a rather mundane black/grey backdrop. They can be quite handy though, specially if you want to keep your vehicle straight on…

Word of the day: finifugal. (Adjective) hating endings; of someone who tries to avoid or prolong the final moment of a story, relationship, or some other journey.

I believe that’s the best way to describe today, a day I didn’t want to think about, this is coming from a man who’s excited to know what’s beyond death.

As my fellow, CoD and PUBG players would understand the objective is to hit the target and not to become the target, and the way to do that is to focus on your target and move around, I guess life is the same.

Charith De Silva

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store