Web development has evolved faster than nearly every other software engineering discipline. The pace of innovation has been relentless, and front-end developers are confronted with new frameworks, tools, and standards for “modern” web development constantly. Framework fatigue is real thing. Even the languages of the web (HTML, CSS, and ECMAScript) have gone through a major modernization effort (and the pace of change increased):

• HTML > HTML5 > HTML 5.2
• CSS 3 > CSS 4 + SCSS, PostCSS, autoprefixer, etc.
• ECMAScript 5 (2009) > ECMAScript 2015, ECMAScript 2016, ECMAScript 2017, ECMAScript 2018

The positive aspects of all the “churn” in the web development ecosystem are some truly incredible innovations that have fundamentally changed web development to enable much richer, engaging, and performant web “applications”.

A year ago I wrote about how big data, collected from social media sites, and machine learning was used to influence voting in the United States in The man least likely to succeed in politics. Collecting big data, and more specifically social data about each of us, has been described as the “new goldrush”. Yet many of us are unaware of how technology is enabling the use (and misuse) of our personal data. As a technologist I find this area fascinating and evolving rapidly.

In the article I discussed how the Trump campaign used a firm named Cambridge Analytica to identify potential voters and to influence them. It was shown that by harvesting and studying a person’s Facebook profile and “likes” researchers can know them better than their spouse.

Now, Facebook announced that it has suspended Cambridge Analytica over concerns that it and other parties improperly obtained and stored users’ personal information. Facebook admits it knew about this issue in 2015, prior to the election.

In 2015, we learned that a psychology professor at the University of Cambridge named Dr. Aleksandr Kogan lied to us and violated our Platform Policies by passing data from an app that was using Facebook Login to SCL/Cambridge Analytica, a firm that does political, government and military work around the globe.

— Facebook, “Suspending Cambridge Analytica and SCL Group from Facebook”, March 16, 2018

I have already described the “inside out” corporation here.

It imagines a world where:

• Corporate networks no longer exist (so VPNs and other remote access solutions are no longer needed)
• There is no concept of “in” or “outside” the corporate network.
• All corporate services are accessible anywhere over the Internet securely.
• Corporate network costs are reduced appropriately.

Do you want to become invincible? I mean “rock solid”; impenetrable; bullet-proof? The answer is simple: strive to be the truth.

In every organization I have worked with managing user authentication and passwords was a huge challenge. The key issue was that the “old” password best practices were failed attempts to fix the user, not the system.

In order for passwords to be difficult to crack they should be both long and complex. Since people have a very hard time remembering long passwords we have accommodated shorter passwords - by adding rules to ensure a minimum level of complexity. Unfortunately this makes the resulting password challenging for a person to remember.

Length is actually more relevant to cracking difficulty than complexity. For short passwords we can literally try every possibility, thus complexity does not even matter. It is much better to have longer passwords (with less enforced complexity), i.e. a “pass phrase”. E.g. “ilovewatchingthesopranos” is much more secure than “Xc$1>”.