2015-11-05

Preventing DoS attacks with puzzles

So when a web service is getting too much traffic it starts returning the 503 status code. Well written services also return the Retry-After header hinting the client when it should come back again. Good behaving clients then respect that or will back-off by themselves to make sure the server is not getting too much traffic. However this is not enough if there are bad behaving clients in the mix. And how do you identify the bad behaving clients?

2015-10-29

Sprint forecast over commitment

Every team I've ever been on that did Scrum (or ScrumBut) have always used the term sprint commitment when it comes to describing the result of sprint planning. Commitment is however a bad word.

2015-10-22

What is the best time of day for stand-up meetings?

Daily stand-ups. Either you love them or you don't. I have tried a lot of different times of day for it and a lot of people wonder what is the best time to do it? But before I answer that I have to remind you that daily stand-ups is the daily planning meeting for the team - not a reporting meeting.

2015-10-15

Where does the Repository belong?

Historically I've always viewed repository objects as part of the storage layer fairly deep down. But I recently had an interesting discussion that made me realize I never really meant it to be that way.

2015-10-01

Two types of lazy

I recently updated a bathroom in my house and being given my interest in agile software development and craftsmanship I always find it interesting to work with painters etc since they in theory are the role model for craftsmanship. While greatly impressed by the tile guy the painters surprised me with a new level of laziness.

2015-09-24

CQRS types

While the concept of CQRS is fairly simple to explain my experience is that it takes some time to master. The reason is that there are a lot of things to unlearn if you're used to developing your vanilla application.

2015-09-17

Stop estimating or?

I was listening to this Swedish podcast where the episode (episode 8) was titled "stop estimating" and since I hate estimates I started listening with high expectations. Naturally the title was chosen to be provocative but I was surprised that the message was actually to stop estimating.

2015-09-10

Monitoring is Testing

So a while back I was approached by DZone for some feedback on software quality. After ranting for an hour I was asked if I would mind writing an article on the topic. So I did and it got published earlier this week.

2015-09-03

Secure(r) IIS settings

If you are using IIS as a webserver you are probably interested making sure the service is configured to be as secure as possible.