A couple of years ago it was very easy to DoS attack .Net web services as the headers were added to a dictionary. Back then the hash of the key was predictable so using a bunch of machines in azure and a few days it was possible to generate enough strings that resulted in the same hash value that you then could make a fake request with a lot of headers (a few hundred is typically enough) that caused the web server to spend 100% of CPU searching and updating the header dictionary. Since I recently started doing some work using go (aka golang) I immediately started to wonder how this worked in this language.
2016-02-18
2016-02-11
ET/U/LP over MVP
Well sometimes my life is easy. Or you could say I'm cheating because today I'll just hand it over to somebody else...
2016-02-04
Books, Mocks and Open Source
So time to look back again and update some old opinions from May 2008. This time I'd like to talk about three old articles.
2016-01-28
What does a good exception message look like?
Today I have to bring up a great article that is over a year old. They topic is what exception messages really should look like. As bonus I would like to increase the scope of the discussion to also include log messages and test failures.
2016-01-21
Alternatives to hydrating IEnumerables
You should know that whenever you get an IEnumerable you should only enumerate it twice as some implementations don't allow you to enumerate it twice. Normally you don't get an error the second time - just no more items. But what is really the best way to handle this?
2016-01-14
Assigning vs picking tasks
If you have followed this blog for a while you know how important I think the choice of words are. But the difference between assigning and picking tasks within a team might be bigger than than you think.
2016-01-07
Don't hold me accountable for old opinions
Once in a while I get a comment about something I wrote a long time ago and sometimes that is embarrassing as the opinion I expressed a while back might not be how I feel today on that subject. Hence I decided to look into some old blog posts and see how bad it is...
2015-12-31
Linux performance investigation in 60 seconds
Since it is new year's eve I'm going to make it easy for myself.
2015-12-24
Your new BFF
I think it was a few years ago when Netflix blogged about how each client had their own server component and how this made the client development easier. A few weeks ago I read about this again in the context of micro services. The term Backend For Frontend (BFF) was coined.
2015-12-17
Yet Another Code Coverage Rant
Instead of me ranting over why code coverage measurements can be good but in general are used in the wrong way; why don't I let somebody else do it for me...
Subscribe to:
Posts (Atom)