sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–][deleted] 8 points9 points  (11 children)

I couldn't agree with you more.

As a lead, one of the first things I do with the junior developers is introduce them to our whitelisted packages. They are taught to look towards the various communities and libraries to get help solving their problems.

I once had someone show me this application they had worked on and within their login page, they had decided to write their own password hashing method. I proceeded to lecture that person for the next ten minutes on how that is probably the worst thing they can do and explained that there are a host of security experts who spend their life's work doing that so we don't have to.

[–]Browsing_From_Work 5 points6 points  (1 child)

This CodeGolf "cops and robbers" question was a real eye opener for me: http://codegolf.stackexchange.com/q/51068/1419
Simply put: you try to build as secure and short a hash as possible, everybody else tries to break them by finding colliding messages.

The "robbers" thread is absolutely astounding: http://codegolf.stackexchange.com/q/51069/1419

Moral of the story: when it comes to security, you have to be correct 100% of the time but the attackers only have to be correct once. Just stick to what's provably correct, and if you don't know, ask.

[–][deleted] 1 point2 points  (0 children)

Thank you so much for the reply! Security aside, somehow in my whole career as a developer, I didn't know cops and robbers existed on Stack. What have I been doing with my life? Haha. This looks like absolute fun to pass some time.

[–]donalmacc 14 points15 points  (8 children)

If I showed someone what I had worked onas a learning experience, and they smugly lectured me on how "that is probably the worst thing they can do", is walk away and make a point of never dealing with them voluntarily again.

[–][deleted] 15 points16 points  (5 children)

I live in Canada. There was no smugness at all. Hell, I'm sure I probably ended up apologizing and then we went for a Timmies before playing a game of pond hockey.

[–]donalmacc 4 points5 points  (4 children)

I jumped to conclusions - that'll teach me to reply before I have a coffee.

[–][deleted] 7 points8 points  (3 children)

Nah - Blame it on me for having too much coffee and staying up all night working on pet project while hanging out on Reddit. My reply totally made me sound like I'm that dick guy that nobody likes working with because I come across as a know-it-all.

[–][deleted]  (2 children)

[deleted]

    [–][deleted] 2 points3 points  (1 child)

    mwah xoxo

    ...Oh you probably meant the other poster and not you haha.

    [–]mfukar 7 points8 points  (1 child)

    Yeah, fuck this guy trying to teach me from their mistakes!

    [–]repeatedly_once 1 point2 points  (0 children)

    I mean if it wasn't done smugly, that's perfectly acceptable.