jm + rants   5

Epic twitter thread from @colmmacc explaining why client certs and mutual-auth TLS are TERRIBAD
Ok. tweet thread time! Too long ago I promised to write a screed explaining how much I hated mutual-auth TLS and why. I got distracted, and I wasn't happy with the writing, so here it is in tweet thread form instead! But basically: Client certs and Mutual-Auth TLS is TERRIBAD.
When I say TERRIBAD, I mean that unless you've got the resources of a big security dept and folks who comb threat models for a living, using clients certs and mutual auth probably materially lessens your security. That's NUTS!


(source: https://twitter.com/colmmacc/status/1057017343438540801 )
terribad  rants  twitter  threads  tls  ssl  authentication  mtls  security 
18 days ago by jm
Camille Fournier's excellent rant on microservices
I haven’t even gotten into the fact that your microservices are an inter-dependent environment, as much as you may wish otherwise, and one service acting up can cause operational problems for the whole team. Maybe if you have Netflix-scale operational hardening that’s not a problem. Do you? Really? Is that the best place to spend your focus and money right now, all so teams can throw shit against the wall to see if it sticks?
Don’t sell people fantasies. This is not the reality for a mid-sized tech team working in microservices. There are enough valuable components to building out such a system without the fantastical claims of self-organizing teams who build cool hack projects in 2 week sprints that change the business. Microservices don’t make organizational problems disappear due to self-organization. They allow for some additional degrees of team and process independence and force very explicit decoupling, in exchange, there is overall system complexity and overall system coordination overhead. I personally think that’s enough value, especially when you are coming from a monolith that is failing to scale, but this model is not a panacea.
microservices  rants  camille-fournier  architecture  decoupling  dependencies 
july 2016 by jm
Paleo is the Scientology of Diet
Being paleo is like paying a stupidity tax. Again, it’s not you who is stupid, but the diet sure is, because it lets you drink paleo coffee while putting paleo butter and paleo syrup on your paleo waffles before you drive your paleo minivan to the paleo office to sit in your paleo cube and do spreadsheets on your paleo computer. See, the paleo diet made up a bunch of silly rules on how we allegedly ate, and then goes and twists them all to hell in the name of selling you a crappy, overpriced product. That is scientology-level stupid.
scientology  paleo  rants  funny  food  diet  health  bulletproof-coffee  stupid 
june 2014 by jm
SEO Is Mostly Quack Science
'There is no hypothesis being tested here. It's just graphs, and misleading graphs at that. The sad part is, SEOMoz is as close as the SEO industry comes to real science. They may be presenting specious results in hopes of looking like they know what they're talking about, but at least they are collecting some sort of data. Everything else in the field is either anecdotal hocus-pocus or a decree from Matt Cutts. When you hire an SEO consultant, what you are really paying for is domain experience in the not-failing-at-web-design field.'
seo  ted-dziuba  rants  science  seomoz  quality  correlation  statistics  google  from delicious
june 2010 by jm

Copy this bookmark:



description:


tags: