A lot of security is based on trust. Trust relies on competence. The security theatre I get from a lot of sites and apps, sometimes elaborated through MFA, does not inspire such trust.

That device you tell me is unrecognised? It's the one I've used to access the app every day for at least the last year.

If you want to convince me your app is secure, start with competence. Poorly engineered products don't do that. KPI-driven product staff don't do that.

"We can't afford understanding the code we're deploying to production because that way we can't keep up with the pace at which LLMs generate code."

That's a tail wagging the dog instead of the opposite.

Hi everyone! I'm hiring another XP (Extreme Programming) senior software engineer to come work with us at OpenSesame. This is a fully-remote position and we're looking for folks in Canada or Latin America in Eastern or Central time zones.

You'll help mentor a team in using XP practices such as TDD, pairing, and continuous integration. Most of your work will involve leading by example as the team adds features and tests to our legacy PHP codebase.

1/

If I walked into someone's kitchen and saw that there was no cooker, no microwave, no hob, no air fryer etc, I might conclude that they don't cook and therefore have no need of such things.

If I see a dev using an IDE and/or a programming language with little or no automated refactoring support...