My musings on tech and life

Field Level Security (in rails) "Done Right"


I’m a huge proponent of believing that security shouldn’t be something that’s baked in after the fact – it’s something that should be all or nothing from day one. I realize that this is probably a wild and opinionated point of view, but, let me try to explain: When your application starts out, user account security is usually one of the things that you think of last unless you’re utilizing a framework that has some type of tenant segregation in from day one.…
Read more ⟶

Tabs, Windows, and Buffers in Vim


I move back and forth between neovim and vscode frequently, depending on the day of the week, which way the wind is blowing, and a litany of other things including how I feel like my system is behaving, even if that is something that is completely subjective. I found myself struggling to really grasp the keystrokes required to manage my split panes, so, this post is 50% education for you, and 50% a reminder for me.…
Read more ⟶

Wednesdays With Aspen


You can totally tell when I’m depressed if you’re watching closely. Yeah. Maybe I should move more when I'm depressed.... Yes. For those who are wondering, I did hit 10k steps today. Aspen decided that we needed to go for a long walk today. Halfway through the walk – after she had tried to chase after a fox, a skunk, and a goose – she decided that she had enough walking, and loafed on the ground.…
Read more ⟶

Employee Surveillance Fosters Mistrust


A new study titled “Employees as Risks” - released today by the Vienna-based non-profit crackedlabs - explores software from Microsoft and formerly from Forcepoint – specifically SIEM (security information and event management) and UEBA (user and entity behavior analytics) applications. This study, part of an ongoing series of reports on the Surveillance and Digital Control at Work, examine the way in which expansive information gathering in the workplace turns employees into suspects.…
Read more ⟶

Snowflake Security and SAML


There’s been a bit of stories about Snowflake recently; both from users who are recovering from the fact that Snowflake had no velocity limits on their wide open user data buckets, companies who are upset about their lack of meaningful MFA Controls, and then Snowflake reporting that they are now going to force MFA controls on all user accounts. If I’m an administrator at a larger organization, and I’m adding applications to my organization’s SaaS footprint, the baseline is that SSO is a hard requirement.…
Read more ⟶