These real world experiences with Azure are now available in the Pluralsight course "Modernizing Your Websites with Azure Platform as a Service" [http://www.pluralsight.com/courses/modernizing-websites-microsoft-azure]Almost without exception, every week I will have one if not both of the following two discussions: Discussion 1: Illusory superiority of website scale The whole idea of illusory superiority [http://en.wikipedia.org/wiki/Illusory_superiority] is that people get around overestimati...

I just moved all my DNS things from GoDaddy to DNSimple. The reasons are self-evident; here’s the visual journey. The public face Danica Patrick: Model, racing driver who can go fast in circles and attractive promo face: Anthony Eden: Coder, open source contributor, founder of DNSimple and rocks a mean beard and pipe: Signup Step 1: Step 2 (she’s also quite pretty – not sure she has a lot to do with domains though): Step 3: Step 4: Step 5: Step 6 (any moment now they’re goi...

Why do we bother with SSL? I mean what’s the risk that we’re trying to protect against by using certificate authorities and serving up traffic over HTTPS? Usually it’s men (or possibly even women) in the middle or in other words, someone sitting somewhere between the client and the server and getting their hands on the data. Do we all agree with this? Yes? Good, then why on earth would you possibly say this? [https://twitter.com/HoytsAustralia/status/478320507402465281] This was in response t...

For some years now, one of the first things I’ve dropped into any new project has been ELMAH [https://code.google.com/p/elmah/]. Grab it from NuGet, provision yourself a SQL database table and watch magic happen as every unhandled error gets dumped into the DB and is reviewable via a handler which exposes the original stack trace amongst other info such as server variables and POST data. In theory, you also secure this. In practice, many people don’t [https://www.google.com/search?q=inurl%3Aelma...

Here was the original plan: propose two talks for NDC, travel over to the other side of the world and do them both then make the long trek home (each trip taking about 33 hours, thank you very much). That was pretty much how it went except that only one of the proposed talks made the cut (I later learned that they seemed too similar which is a perfectly reasonable assessment). So I did the only sensible thing and took the very best parts out of the talk that didn’t make the cut and rolled them i...

If you’re an Aussie with an iPhone, there’s a chance you’ve been woken up in the middle of the night by this: Oh boy. What we’re looking at is an iPhone that has been remotely locked by “Oleg Pliss”. What we’re looking at is a modern incarnation of ransomware [http://en.wikipedia.org/wiki/Ransomware] executed via Apple’s iCloud and impacting devices using the “Find my iPhone” feature. Perplexingly, this is predominantly impacting Aussie iCloud users and to date, there’s no clear reason why, r...

I’m used to seeing short-sighted responses on Twitter when it comes to security, but admittedly this one took me by surprise: [https://twitter.com/vBZachery/status/471161211401555968] This was from a vBulletin “Tech Support Guy” as part of a thread about the security profile of the website MMO Champion [http://www.mmo-champion.com/], a World of Warcraft discussion site. This is a site that allows you to register with a username and password, store your date of birth (and hide it from public v...

Be honest now – how many of you are metaphorically shackled to your PCs day in and day out? Keeping in mind that I largely speak to an audience that earns a living by spending the majority of their day in front of screens, a great deal of people reading this just aren’t making enough time to literally see the light of day. Admittedly, I’m one of those screen-bound people that puts in a whole lot of hours coding, blogging, recording, emailing and partaking in all sorts of other byte-driven activi...

Last month I headed over to the totally awesome conference that was Codemania in Auckland, New Zealand (for international readers, it’s like Australia but with stranger accents and more hobbits). I spoke on… security! Imagine that? More specifically, I spoke about “Hacking Yourself First” which is all about teaching developers to identify risks in their own software before someone else does! If this sounds interesting (and if you’re building software for the web, it should), the talk is based...

Here’s how it usually works: someone big gets hacked or a serious risk gets disclosed then all sorts of articles pop up with journos quoting people like myself on all the same questions that inevitably get asked. I’ve been doing a bit of that today in the wake of the eBay attack so I thought that rather than just have these one on one conversations which then get dispersed all over the place, I’d capture a bunch of responses from discussions I’ve had here. Just one more thing – it’s very early...