So long DrupalCon Europe!

Last week I attended DrupalCon Vienna. And I must say, it’s been one of the better and most positive DrupalCons in a long time. The past 12-18 months have been really tough on the community. There’s been a lot of fatigue, doubt and uncertainty in Drupal 8 as a product, as well as other issues in the community. But I really think we’ve come out of this period stronger than ever! Continue reading “So long DrupalCon Europe!”

Should developers be responsible for potentially harmful software?

With the recent news concerning the arrest of Marcus Hutchins — the security researchers who stopped the biggest-ever ransomware attack — I’ve been thinking (more than usual) about the ethics of software development. But before we go into that, who’s Marcus Hutchins and what did he really do? Continue reading “Should developers be responsible for potentially harmful software?”

Changing the world, one block at the time

In the past year Bitcoin and Ethereum have gained some incredible traction. Normal people are buying it, developers are building it, and companies are using it. Too often, however, the technology is being portrayed as a silver bullet. Is it going to end poverty and create world peace? Probably not. But is it going to have a big impact? Absolutely yes. Continue reading “Changing the world, one block at the time”

Simple yet comprehensive explanation of blockchains

I’ve been writing about blockchain technology and Ethereum for a while on my blog. But as these technologies are becoming wider spread I’ve found it challenging to explain these concepts to people not familiar with them. There’s a few layers of technology that are important to understand. Continue reading “Simple yet comprehensive explanation of blockchains”

Padlock – my new password manager

Up until a few weeks ago I never used tools like password managers or digital keychains to keep track of my passwords, recovery codes etc. I’ve had a system in my head for each service and password where I consistently could (kind of) encrypt each password into a 16 character long string. All passwords were unique for private as well as work. However, it’s become harder and harder to maintain this system and keep track of everything. It’s also been a bit inconsistent because I’ve had to keep things such as two-factor authentication recovery codes on an encrypted external hard drive which isn’t easy to access when I need it. I needed a better system. Continue reading “Padlock – my new password manager”

EVRF – Ethereum Vulnerability Reporting Framework – a proposal for less chaos

Any amount of security research, auditing, formal verification or bug bounty programs will never get around the fact that humans make mistakes. Security is not only defined by the software we write, equally important is how we react to vulnerabilities when they are found. In this post, I propose a decentralized autonomous organization called Ethereum Security Consortium (ESC) along with the Ethereum Vulnerabilities Reporting Framework (EVRF) that both exist to standardize disclosure, identification, naming and communication of security vulnerabilities related to Ethereum — our new decentralized web.

Continue reading “EVRF – Ethereum Vulnerability Reporting Framework – a proposal for less chaos”