Pinned toot

I'm a ruby developer that typically works with data, queues, schemas, csv and json.

Recently I got involved on projects related to SAML/SSO, encryption, security, certificates and all that jazz, that was a big leap on my career.

Been rubyist the last 4 years. Same time I've been also an US immigrant, so if you ever need it, then se habla español.

Currently based on San Francisco Bay Area, USA.

2020-01-19 - Late hacking session with Standard Library

twitch.tv/videos/538913018

This session covers Oct 2019 to Jan 2020 changes on Standard Library gems.

I added a Privacy page to my website:

esparta.co/privacy/

Privacy (and security) is something I do really care and would love everybody else join the effort to protect ourselves.

It's highly inspired on what @kev did for his own privacy page.

Your opinion is important, let me know if you have any questions about it :)

I was not able to find any reference on the webs... So I'm asking here:

Why do you prefer to use

array = []

Instead of

array.clear

Is it just for the sake of be sure to have an empty array and avoid a possible error? as in

NoMethodError (undefined method `clear' for nil:NilClass)

If you know the array variable is an Array type, do you still avoid the `clear` method?

Browsing secure is a complicated and not trivial stuff, Mozilla is trying to make it easy when you are using free open WiFi's.

I'm publishing my opinions after a week using Firefox Private Network:

esparta.co/posts/0002/

@mperham checking the Contribsys page:

contribsys.com/faktory/

On the bottom left there's a link to the source (of the webpage?) but it 404-me: github.com/contribsys/contribs

Safari 13 is GA and now supports FIDO2-complaint USB security keys with the Web Authentication.

It's a great step towards a secure we everywhere! And closer to password-less services.

You can read more about FIDO2 here: fidoalliance.org/fido2/ cc. @fidoalliance

I'm on a journey testing @Firefox
Private Network, and I'll be publishing the results and opinions after one week using this new service (at home & work).

private-network.firefox.com

-- Ridiculous excuses I've heard (about securing systems) 3/2

Writing Secure Code is magnificent book (highly recommended) written by Michael Howard and David circa 2001/2003.

It's almost 2020 and I still hearing all of them on a frequently basis.

amazon.com/Writing-Secure-Seco

-- Ridiculous excuses I've heard (about securing systems) 2/2

- We know it's the default, but the administrator can turn it off.
- If we don't run as administrator, stuff breaks.
- But we'll slip the schedule
- It's not exploitable
- But that's the way we've always done it
- If only we had better tools

by Michael Howard and David LeBlanc (c. 2001-2003)

-- Ridiculous excuses I've heard (about securing systems) 1/2

- No one will do that.
- Why would anyone do that?
- We've never been attacked.
- We're secure - we use cryptography.
- We're secure - we use ACLs.
- We've reviewed the code, and there are no security bugs.

by Michael Howard and David LeBlanc (c. 2001-2003)

New Code Challenge

Implement a Symmetric Difference where...

{ 1, 2, 5 } △ { 2, 3, 5} △ { 3, 4, 5 } = { 4, 5, 1 }

The result should have no duplicates.

My solution using Enumerable#reduce & a nice twist at the end.

in
→ How to do a constant really 'private'

transcript: gist.github.com/esparta/cbe628

stack:

As usual, your feedback will be appreciated

P.S. The inspiration for this screencasrt came from this toot by @james: ruby.social/@james/10241167346

looks like uploaded images are not being processed . It's some restriction/issue with the instance, @james ?

AMA: One week updating multiple Rails 5.x to Rails 5.2.1 (current as I write this 20180911).

We experienced some issues, the most problematic so far has been 5.0.2 -> 5.2.1 where a super tiny change broke a fairly new and untested* feature related to http headers. ActiveRecord changes was also hard, but IMO needed.

Takeaway for us? Unless you have a very good reason: Update your gems frequently.

* Untested because we assume we should not be testing what was probably tested by the framework.

Politics and OSS + EU Article 13 

Show more
Ruby.social

A Mastodon instance for Rubyists & friends