If you're doing API design, prefer calling things Foo and InsecureButFastFoo versus Foo and SecureFoo.
-
-
Replying to @patio11
I'm looking at you, every language's standard libraries for generating random numbers.
2 replies 9 retweets 13 likes -
Replying to @patio11
But more broadly, conventions which force code to be self-documenting about security hotspots make reasoning and assessing easier.
1 reply 5 retweets 15 likes -
Replying to @patio11
@patio11 Naming things so that bad code *looks* awkward is an underappreciated technique. See also https://github.com/facebook/react/blob/master/src/React.js#L67 …2 replies 1 retweet 4 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.