July 14, 2019
In the last few days, multiple fines related to privacy have been announced.
More specifically:
Even if I talk about them “collectively”, I would like to point out that the third one is very different in nature, in nature and in the jurisdiction, and therefore in the amount of the fine from the first two, which are fairly similar among them.
Read More 
June 20, 2019
A few days ago, Facebook presented Libra, a blockchain-based cryptocurrency project.
After the inception of Bitcoin around ten years ago, we got more and more used to new cryptocurrencies being presented every other day.
Often those projects are created by small teams of people, often anonymously.
Facebook’s announcement is very different since Facebook is a huge company and has partnered with many other huge companies for this launch.
I’m very skeptical of Libra, and I think it will not succeed in the long run.
In fact, it already starts with big challenges, including the fact that most people do not trust Facebook.
Differently from many companies, Facebook is used by many people, but it is not generally trusted, and the base requirement for the success of any kind of currency is the trust in the entity behind it.
Libra will be managed by the Libra Alliance and not Facebook directly.
Still, so far, we have seen a much more significant presence of Facebook than any other Libra Alliance member, so easily Libra will still be referred to as “the Facebook cryptocurrency” many years from now.
Read More 
May 25, 2019
One year has passed by the 25/05/2018, the day that the GDPR started to be enforced.
Today I’d like to see how this first year of GDPR went and what we could be expecting for the future given what we have seen so far.
The first consideration that I think is obvious but interesting is that the Internet did not close down on the 25/05/2018 as many were worried.
In fact, not much changed on that day.
A thing that did change a lot is the number of banners asking the authorization to give some cookies to your browser.
This increase of cookie banners is an interesting phenomenon since the differences between the EU cookie law and the GDPR on cookies are minor.
I think this phenomenon can be explained by the fact that now companies are more worried about violating those regulations than before, thanks to the massive fines that they can incur into with the GDPR.
Read More 
December 3, 2018
Today the IT world is very focused on high performance, high throughput interfaces.
In this situation, it is common to find REST and gRPC API, given their performances compared to the other solutions.
Sometimes, though, we still encounter old API written with older techniques or new API that for some reasons have been developed with outdated technologies.
One of those cases that I’ve encountered a few times over the last few months is SOAP.
Read More 
November 18, 2018
There are some pieces that you need to put in every microservice you write.
Those are for instance logging, error handling, authentication.
Over the last year, I found myself writing over and over CORS headers.
This requirement brought me to think that I should have used a Negroni middleware since we are already using Negroni for other middlewares.
I started looking online for an already written one, and I found a bunch, but I was not happy with what I found, so I decided to write my own.
Read More 
August 31, 2018
Lately, I found myself to work on an application that was communicating via SOAP with a server.
My goal was to understand how this application worked with the SOAP server to emulate its behavior.
Even if I had access to the source code of the application, I thought it would have been easier, faster and more fun to do the work without actually reading the code.
It’s important to note that actually, the application is fairly small and self-contained. Otherwise, I would have probably taken a different approach.
Read More 
July 13, 2018
If you have ever used Docker or any other Linux OCI container system, you inevitably have incurred in the following error:
x509: failed to load system roots and no roots provided
This message is remembering you that you forgot to provide Root Certificate Authorities to your application.
There are two different ways to solve this:
- mount the /etc/ssl/certs folder from the machine where the container is running
- bundling the root CAs in your image
As you may imagine from the title, I believe that the second option is by far better than the first one.
Read More 
June 27, 2018
Lately, all website are urging their users to enable second-factors.
The push for multi-factor logins is a good thing from my point of view, since the people are putting more and more details of their life online and is a good thing that companies start to understand the security implication of this and are trying to teach their users good security practices.
The real problem is what is defined as second-factor.
The possible factors are three:
Read More 
December 21, 2017
A few months ago, I posted how to create a PKI in Go.
Today I’d like to add share a useful function (at least from my point of view) that I found myself to write.
The problem arose when I had a function that required as input a *pem.Block of the public key, but all I had was the PEM file containing, as you can imagine:
- the Private Key
- the Public Key
- the CA Public Key
I think this is a typical situation, and for this, I’d like to share a function I wrote to extract it.
I know that it’s probably not perfect, but it could be a good starting point for many of you, and if you have suggestions, please leave a comment down below or send me an email, and I’ll update the post!
Read More 
November 3, 2017
Authentication factors
One of the common way to create more secure authentication in systems is adding more “factors”, creating in this way a Multi-Factor Authentication (MFA).
The idea behind MFA is that there are many different ways to authenticate a user, and those can be split in different “categories” based on the kind of challenge we require.
Generally speaking, it’s common to divide the authentication methods in mainly three categories:
Read More 
(Fabio Alessandro Locati|Fale)'s blog