I’ve recently worked on a project where we had to have some documents that needed to be kept reasonably secure, and on the clients computers for our project. We needed our developers to have some access to the documents, to visually inspect them, and to be able to run code on them, but we didn’t want the developers to have copies on their local laptops or computers.
posted on 2020-04-28 10:00:00 +0000
In a conversation the other day, I was trying to explain why some data couldn’t be collected and processed under “legitimate interests”. I wrote the following to try to outline the different types of legal basis that data can be collected or processed.
posted on 2019-02-25 12:39:45 +0000
Post brexit, there may or may not be a problem with data being transferred across borders. But all of the guidance and people talking about this seem to have some very confused concepts of terms and the processes involved, making it really hard to get clear guidance for organisations.
posted on 2019-02-21 16:10:15 +0000
This seems to have come up again, with discussions about what the purpose of a discovery, alpha beta actually is, and when you should build your MVP.
posted on 2018-12-09 12:00:42 +0000
Have you always wanted to program? Have you been interested in the dark and mysterious ways of development? Maybe you’ve done some reading, done a bit of practice, but haven’t been able to find the motivation or the right kind of thing?
posted on 2018-12-03 10:47:29 +0000
If only we could apply patches, then we could do more interesting security work.
posted on 2018-11-07 23:06:44 +0000
Should you nudge your users into better behaviour, a small microaction at a time or do you need large sweeping changes to change behaviours?
posted on 2018-11-06 20:49:23 +0000
When I worked at GDS, I worked with a lot of people who got very specific about their language. We talked about users, not customers; user needs not requirements and clear plain english where possible.
posted on 2018-11-06 01:14:10 +0000
Does Google value your privacy? How about Facebook? Your bank cares about you we are told.
posted on 2018-11-04 22:23:01 +0000
You’ve spent days crafting the perfect bit of code, and you are ready to put it in front of real users.
posted on 2018-11-03 23:39:41 +0000
“I said bimodal in a meeting and I feel dirty”
posted on 2018-11-02 22:56:42 +0000
“Have you raised a ticket for that?”
posted on 2018-11-01 12:24:11 +0000
When we talk about using SaaS or PaaS (or IaaS or even the new Serverless or FunctionAsAService, FaaS) it’s important that we understand that security concerns change.
posted on 2018-07-02 16:30:55 +0000
There’s been a lot written about the death of GDS or the decline of GDS, but very little of it seem to be articulate what GDS should stand for, what it should be doing and how it should go about it.
posted on 2018-02-27 15:20:20 +0000
posted on 2018-01-09 18:14:36 +0000
I’ve always felt like the diagram that shows the linear progression of a project from discovery through to live, which GDS constructed to demonstrate the lifecycle of an agile project had a pretty critical mistake in it.
posted on 2017-11-06 21:22:46 +0000
According to news reports, the UK, among over 90 other countries has just been hit by a large malware campaign which has taken down various services, including a number of health based services.
posted on 2017-05-13 08:06:57 +0000
A schoolteacher friend asked recently whether I knew anything about Agile, and whether any of those agile or lean methods would work for helping to organise projects and people in an education environment.
posted on 2017-02-24 10:27:53 +0000
Digital transformation is what I’ve been doing for over 3 years in Government.
posted on 2016-10-18 22:04:09 +0000
What is the best way to build your code? How can you ensure repeatable deploys? What does build and deployment look like in a devops, continuous delivery kind of world?
posted on 2016-08-23 23:18:42 +0000
I lost — again!
posted on 2016-08-09 22:03:49 +0000
If you want security to be taken seriously by your development team, then you need to deliberately adjust your organisational structure to ensure that security not in a silo by itself, but instead considered part of the team.
posted on 2015-11-02 12:42:46 +0000
One of the much vaunted benefits of microservices is the claim of heterogeneous development environments. Because we agree that microservices should interact via well known or standardised protocols (like HTTP, Thrift, RPC), it means that different microservices can be written in completely different technology stacks.
posted on 2015-04-04 23:09:00 +0000
What is the point of doing agile development? We’re told that we will be more efficient, higher quality software that matches what the user wants, but is that really the best reason to do it?
posted on 2014-06-24 07:11:00 +0000
Part of the problem with the debate around microservices is that we aren’t always arguing about the same definition of microservice, probably because not enough of them have read James Lewis’s defining post on microservices. So when two people disagree on the implementation details of the microservice, they can be speaking at cross purposes because they haven’t agreed what they are talking about.
posted on 2014-05-21 20:47:34 +0000
The rule is simple. You should never tie database migrations to application deploys or vice versa. By minimising dependencies you enable faster, easier and cleaner deployments
posted on 2014-05-06 19:20:24 +0000
I find myself increasingly being worried about the way that us technologists view our value to the organisations that we work in. Part of that is a strong lack of understanding of the purpose of the business and an over identification of technology and technology choices to the value of an organisation.
posted on 2014-05-03 09:00:00 +0000
In organising the upcoming Scale Summit unconference, I’ve been reflecting on the history of Scale Camp, and what the purpose and point of running these events was to me.
posted on 2014-01-31 09:44:23 +0000
It’s the new year, and as should be typical, it’s probably time to write an update on my blog about what I’ve done this year.
posted on 2013-12-31 18:56:10 +0000
Writers Block by flickr.com/PhotoSteve101
posted on 2013-08-05 22:54:39 +0000
[EDIT: Note, I have absolutely no inside knowledge here whatsoever. I haven’t seen anything except via the stuff the Guardian has published publically.] You may have read this morning that the Guardian and the Washington Post announced that they had an authenticated NSA training presentation on PRISM which claimed that they had access to multiple large companies servers and were able to spy on any and all communications.
posted on 2013-06-07 12:10:02 +0000
Google IO Keynote was watched by nearly a million people, six thousand of them in the auditorium, and the sense of disappointment in some cases was palpable.
posted on 2013-05-18 10:16:10 +0000
I’m embarking on a program to build up my management skills and learn more about what the business that I work in actually does. To achieve that I’m reading some classic management books. Why?? Because I’ve realised that I have a hole in my education. I know surprisingly little about Sales and Marketing; Business Management, Facility management; Supply chains; procurement and the various other things that happen in a business. I’m trying to fix that, and I’m trying to build respect for the people in my organisation who do those jobs.
posted on 2013-04-30 13:32:13 +0000
Are you at a conference and bored? Do you start using the backchannel to start sniping at the presenters taste in clothing, presentation background, or speech idiosyncrasies? What you should be doing is asking yourself one very important question - What is this presenter doing that is not keeping your attention, or rather what could they do to keep your attention? See as a sometime presenter I find myself analysing what good and poor presenters do. I find myself looking to see what is irritating me, whether it be the presenters suit, or the way she keeps swearing, or the number of times he says “Um”.
posted on 2012-11-17 11:07:05 +0000
How can you authenticate a user in a web system with a “Shared-Nothing” architecture when you are not sure what webserver you’ll come back to for any given request?
posted on 2012-11-08 23:38:14 +0000
At its core, pragmatic development is about getting code written, getting it deployed and getting it out there. Pragmatism should lead us towards minimum viable products, and releasing the minimum that we do have as early as possible to garner the quickest and best feedback.
posted on 2012-11-04 22:21:33 +0000
posted on 2012-11-03 23:15:46 +0000
We’ve managed to build up a certain amount of experience over the last few years with building API’s.
During the building of our latest Content, Identity and Discussion systems, we realised that we have learnt some things that are worth sharing, especially since the reasoning behind these common practices might not be as well understood.
Today’s story is about why calling our Content API in JSONP format results in a 200 OK response for invalid urls, and why we littered our json response with a seemingly pointless status field.
posted on 2012-08-02 13:31:35 +0000
So I’ve been getting a little rotund of belly of late, and my family had started making jokes about my waistline and the jelly like qualities of my stomach.
I’m not terribly keen on this for all the reasons that you might expect, but I’ve been putting it down to lack of exercise (I do about 15 minutes walking to a from work every day, that’s it), and a natural aging spread effect.
This leaves me only three choices, join a gym, start a diet or accept being that fat geek!
posted on 2012-04-09 14:57:47 +0000
I’ve spent the last two weeks at conferences, and for some reason people keep assuming that I work in operations. I can kind of understand why, but it’s also started a number of conversations about DevOps, and the complete misunderstanding of the term. It seems that DevOps is a confusing movement for people, and lots of people are assuming that some of the practices that might come with organisations embracing DevOps are themselves what make you DevOps.
Defining what devops is can be hard, so instead I thought I’d feature a few of the things that devops isn’t.
posted on 2012-03-13 12:13:14 +0000
Charles Arthur meets the man behind Anobii.com, a social network for your bookshelf. Plus the curious case of Rupert Murdoch and Wendi Deng’s Twitter accounts. Are they real?
posted on 2012-01-09 11:20:16 +0000
One of the things I like about Scala is it’s collections framework. As a non CS graduate I only very lightly covered functional programming at university and I’d never come across it until Scala. One the benefits of Scala is that the functional programming concepts can be introduced slowly to the programmer. One of the first places you’ll start to use functional constructs is with the collections framework.
posted on 2011-12-02 10:56:39 +0000
Are your friends sharing links to the Guardian Facebook app in their twitter feeds but you don’t use Facebook and want to see the original guardian page?
posted on 2011-11-12 15:26:26 +0000
A quick one, this morning I’ve added the plus url to my website, so http://www.brunton-spall.co.uk/+ now redirects to my Google+ profile.
posted on 2011-11-12 12:55:02 +0000
“I am not a number, I am a free man”
posted on 2011-09-24 12:13:14 +0000
I’m currently rewriting the deployment system at the guardian in Scala, and although I’d say I know Scala, I’m learning lots of things as we go. I’m lucky enough to be pairing with Graham Tackley, our platform team lead and someone who knows Scala far better than I do, and this means that we often write a bit of code, then go back and improve it and so forth.
posted on 2011-09-01 17:08:22 +0000
So a couple of days ago Google launched Google+, a product that did not slip out quietly it seems despite Google’s intentions.
posted on 2011-07-01 21:48:59 +0000
Search giant’s browser gets automatically updated, yet there’s a hint that it might be shifting towards the territory that made Internet Explorer so divisive
posted on 2011-06-14 12:30:38 +0000
I’ve been thinking about the AV question a lot recently, partly because it’s happening here and now, partly because it’s naturally been the talk of the office and partly because I find the whole area quite fascinating.
posted on 2011-04-28 00:10:24 +0000
When you launch a high profile website, it sometimes will spectacularly fail for reasons of scale. Since this is an area of professional interest I thought I’d have a look to see whether there was anything obvious, and it was apparent that the developers didn’t appear to think at scale (and still haven’t fixed the issues).
posted on 2011-02-04 14:01:16 +0000
I love python. I have really started to get into python in a big way since I was a beta tester for Google’s App Engine, and I’ve used it for a number of production projects now. It is probably my go to quick language.
posted on 2011-01-26 21:30:51 +0000
We’ve made some changes to improve how the tweet button on guardian.co.uk works
posted on 2011-01-25 16:10:27 +0000
The hijacking by hackers of US gossip site Gawker is a timely reminder to check your internet security
posted on 2011-01-25 12:10:22 +0000
On December 10th 2010 we will be hosting Scale Camp 2010, a chance for people interested in scaling and performance to get together and chat.
posted on 2010-12-09 12:08:03 +0000
So I’m going to talk about the XOR trick, but first I’m going to say where I came across it.
posted on 2010-09-07 10:46:29 +0000
There have been a number of incidents recently where a public website I've been using has gone wrong shown me a nice server provided stack trace on the screen. The most recent of these examples was the Cineworld website.
posted on 2010-08-03 18:19:02 +0000
Note: This post was written when this blog was hosted on a custom written blog engine. I’ve since moved back to wordpress so some details refering to this site may no longer be accurate. - MBS
posted on 2010-04-14 22:40:54 +0000
posted on 2010-02-03 17:48:56 +0000
So as 2009 draws to a close, I look back over the year and consider what has happened. With this being the end of the decade for everyone but pedants (that will be another year yet), I've also thought about the previous decade.
posted on 2010-01-01 15:13:46 +0000
I'm not a big fan of regular expressions. They can be powerful, but for anything remotely complicated they can be a nightmare to maintain and re-read. I had an idea recently for an easy to use chaining regular expression building library but I can't find anybody doing it, so I've created one myself.
posted on 2009-12-18 22:57:30 +0000
What do you do when you are at a conference and bored? Do you start using the backchannel to start sniping at the presenters taste in clothing, presentation background, or speech idiosyncrinisities? I've seen this at a number of conferences and I find this to be extremely unprofessional behaviour, especially in a public forum. If you see my twitter feed, you will see that I might object to the content of a presentation, for example my dislike of Objective-C as a language. However to object to a presentation because of the presenters choice of words to describe a fuzzy topic, or the quality of photography in their slides as I saw at a recent conference, is the epitome of rudeness. When somebody who is an expert in their field, has given up their time to attempt to share with you, picking holes in the format of the message rather than the content of the message is small-minded and rude.
posted on 2009-11-10 15:24:28 +0000
I've been to a fair few conferences recently, and something that has struck me is the large number of people who are dealing with similar issues. How to deal with large numbers of users. how to scale their website to handle peak loads, how to identify what capacity they have for peak loads and so on. The problem here is that although people are talking about it at conferences, and there are a few books around, there isn't anything dedicated entirely to performance and scalability. The only thing I could find was the Velocity conference, run by O'Reilly over in the states, but over here in London? Nothing that I could find.
posted on 2009-11-04 16:56:49 +0000
posted on 2009-10-26 19:49:17 +0000
I am a christian and I am proud of the fact. My faith makes it clear that I should be willing to share my faith whenever and wherever I can, but sometimes that can be made hard. Not because of beligerant athiests (most of the most hardcore athiests I know are lovely) but because there are some supposedly Christian organisations that portray the Christian faith in such a bad light that it makes me feel ashamed to be branded as a Christian.
posted on 2009-10-21 12:52:20 +0000
The more I think about Facebook Connect and identity the more worried I get. Lets start with my basic premise, your online identity is much too valuable to be controlled by a single company. We've been there before, we've seen what happens to the internet when a core technology is controlled by a single company, and Internet Explorer 6 was the result.
posted on 2009-10-19 23:45:48 +0000
So I've finally added a couple of new features, so thought I'd pop up a quick explanation of what I did and why.
posted on 2009-10-10 01:07:18 +0000
One of the requested articles on this site was a comprehensive diary of what went into building this website, and why I did so. Since for shits and giggles wasn't exactly the answer you wanted, I thought I'd elucidate on why I built this and how I went about it.
posted on 2009-10-09 23:18:57 +0000
So what was the highlight of the second day of FOWA for me? Believe it or not the marketing stuff. We were exhorted, repeatedly, that listening to your customers is the most important thing in business. Something that I've forgotten, and something that can be applied to all areas of Software Development. The customer is king, fail to understand what he/she wants and you may as well be building sandcastles for all the good it will do when the tide comes in.
posted on 2009-10-06 21:28:03 +0000
So today I've been down to London to attend the Future of Web Apps conference, and it has been a fascinating day for me.
posted on 2009-10-01 22:44:45 +0000
Most people for their 30th birthday do something to recapture their youth. I went paintballing and created this site.
posted on 2009-09-28 19:52:30 +0000