If you use WordPress be careful. An example Google Code Search search going around is “username file:wp-config.php” which happily displays username and passwords in WordPress config files… if they’re in compressed archives or a publicly accessible directory. Same goes for other configuration or settings files. For instance, connection strings in web.config files (connection string file:web.config), [...]

[Read more →]

Programmers, get out of your cube and play nice, share your knowledge, be open to learning from others… just a bit of great advice based on the concept of peer code reviews in Jerry Weinberg’s book The Psychology of Computer Programming. It is often tough for developers to detach themselves from their code. Code reviews [...]

[Read more →]

Product development cycles are riddled with problems. Sales people promise a great new, impossible Whatsit to customers then come tell you the Whatsit has to be built. Managers give engineers a delivery date and then ask engineers to size the effort. The engineers scramble, back burner the Hoozit project they were told last month was [...]

[Read more →]

It’s kind of old, but somewhere I stumbled on Ned Batchelder’s article on deleting code. At first glance it looked to be a trivial subject, but it actually turned out to be an interesting read. I have been guilty of leaving dead code lying around, but on the other hand I have clipped stuff that [...]

[Read more →]