Tes Engineering Blog

At the end of last year I attended my first remote conference; the Women in Technology World Series, the highlight of which was the talk: “The Ethics Crisis in Tech – how to protect public trust in a world of increasing disruption” from decision scientist Nicole Helmer. The basis of this talk was to stress the urgency in exacerbating ethical concerns that have emerged as a result of corporations…

Did you know that the HTTP Strict Transport Security (HSTS) policy enabled a form of supercookie? I didn't, until recently. So I decided to dig into it a bit more to really understand what's what. HSTS - security vs privacy HSTS was invented to protect users against downgrade hacking attacks like SSL stripping. It's meant to help keep users safe. However, an unintended side-effect is that it can…

I recently completed the JavaScript Security: Best Practices course by Marcin Hoppe and wanted to share some key practical take aways I learnt on how to write more secure JavaScript. As well as reading this blog, I'd also highly recommend completing the course. It's short and sweet and hands on! JavaScript Threat Environments It's worth noting that there are two different threat environments…

Inspirations I joined Tes in October as Principal Engineer. In the same week I joined, my new team gained another new member. Some introductory meeting with our new team was expected sooner rather than later. Fortunately, a useful idea for how we approach this popped-up in one of the company's Slack channels, where Dan Abel mentioned an article about building empathy in teams by Emily Webber…