Rietta.com Security logo
You are reading The Rietta Blog, a publication about the web since 2005. If you enjoy this, you may also want to subscribe via RSS.

Are You Accidentally Storing Private Data in Plain Text?

Debug logs that chronicle data about errors and other exceptions on a web application are a vital tool for any web company. It enables engineering teams to troubleshoot problems – sometimes even before a customer reports an issue to support – and thus provide excellent service to customers. But the danger of over-logging is real. When sensitive data is logged, it becomes vulnerable to misuse and abuse. In this article, I’ll show you how to prudently minimize the data collected in logs.

How to Get Fast, Accurate Code Reviews on Your Pull Request

Teams sometimes experience issues with bugs in code or pull requests not being merged in a timely manner. Even after they establish a very clear policy on code review and reviews feel like a chore.

At Rietta, we resolve code reviews quickly by making the reviews as painless as possible. We do so by making our pull requests small, single purpose, and informative.

The Soft and Cuddly Parts of Git Reset

git reset is a powerful command Rietta staff use on a daily basis. However powerful, git reset has 2 distinct features:

  • Hard resets, in which will modify the working tree
  • Soft resets, in which will modify the index

Often you’ll hear that the reset command is basically the opposite of the add command. While this is true for the default reset, there are other options to reset the index without unstaging the files as well. This blog article summarizes the subtle difference between the two different soft resets as well as provides a nice trick to view.

New Interview on Drifting Ruby

Recently, our very own Frank Rietta (yes that Rietta) had a chance to sit down (virtually of course) with Dave Kimura (@kobaltz on Twitter) of the Drifting Ruby screencast. For those who don’t know, Drifting Ruby is an educational site, blog, and screencast with all things Ruby. Drifting Ruby offers premium training with example-based content to up your dev game to the next level.

How to Calculate Age in MySQL

While PostgreSQL has a built in age() command, MySQL does not. Imagine we have a users table with a birthdate field and we need to figure out how old they are. We could accomplish this by subtracting the current date with the date the user was born on.

Applying Agile and Security in Software Development Public Appearance at KSU

Update 3/21/2019, the video of this presentation is now available on the Rietta Inc. YouTube Channel, Applying Agile and Security in Software Development.

I am going to be speaking on Applying Agile and Security in Software Development at the IS General Speaker Series #3 at Kennesaw State University on Wednesday, February 27th, from 7:00pm-9:00pm at the Burruss Building Room BB109.

There will also be a talk by Philip Andreae on Payment Card Security.

KSU students may sign up for IS Engagement Activity #ISENG.

I am Looking forward to helping some students understand a bit more about the gritty real world life of development. Please spread the word.

Storing Currency in PostgreSQL

There are different ways we can store currency in PostgreSQL, this blog post will cover the money and numeric types.

Happy New Year 2019!

As I sit here at home with my wife Danielle celebrating the beginning of 2019, I am remembering how grateful I am for my customers and co-workers. In the last year, we’ve accomplished tremendous things. Launching new products, solving critical security issues before they were a problem, and so much more. I look forward to the new opportunities in 2019!

Prevent an Outdated and Broken Bin/setup With This Simple Trick

Having a good bin/setup is very essential to having a quick onboarding time as well as getting your environment back up and going in case of emergency.

But how often do you run this bin/setup if it’s only ran when you setup your repo? Most developers setup their environment only every once in awhile. What happens when changes to the codebase happen and the bin/setup isn’t modified as well?