@magma_digital

The Lost Art ofDefensive Programming

https://pixton.com/ic:d2yrnf2h

@magma_digital

Who am I?

๏ Jeremy Coates, CEO, Magma Digital Ltd

๏ Founder of PHPNW User Group & Conference

๏ Lancashire Digital CIC Founding Director

๏ International Conference Speaker

๏ Coach of Coaches - WeCa.mp (code camp)

๏ @phpcodemonkey

๏ linkedin.com/in/jeremycoates

@magma_digital

https://upload.wikimedia.org/wikipedia/commons/8/8a/BBC_Micro_left.jpeg

BBC Micro (Model B!)8-bit, 32Kb, 2Mhz

@magma_digital

https://www.facebook.com/photo.php?fbid=10208320036025458&set=a.2962106258635.156004.1440932589&type=3&theater

@magma_digital

๏ Purpose — Prompt thought, Discussion, Reasoned argument (in the bar!)

๏ Themes — Philosophy;Professionalism; Practical examples

๏ Convey a sense / approach —not a rote-learnable technique(s)

Intro

@magma_digital

๏ Murphy’s Law: “Anything that can possibly go wrong, does.”

๏ Finagle’s Law: “Anything that can go wrong, will - at the worst possible moment.”

๏ Sod’s Law: “If something can go wrong, it will”(in British culture: “at the worst possible time”)

• “Hope for the best, expect the worst.”

Applicable ‘Laws’

@magma_digital

๏ Plan for the worst — related to Fail Fast - with klaxons!๏ Not anti-TDD, complimentary๏ Security focussed — code, privacy,

encryption, servers๏ Discipline — planning, consistency, shared

standards (team), comments!๏ Cross over point between Dev and Ops

Philosophy

@magma_digital

๏ All engineers love new shiny! and other myths:

• “New systems need new tech!”

• “Old is slow”, “It doesn’t scale”

• “It’s just not cool any more”, “It breaks when”

๏ Longevity, scale, licensing, compliance, risk, support

Philosophy: Technology Choices

@magma_digital

๏ In a war with hackers, bots, human mistakes

๏ Tactics — establish a defensible perimeter๏ Attempt to prevent

• Defacement, Malware, Linkinjection, privilege escalation

Battlefield: Internet

@magma_digital

๏ Filter Input, Escape Output — Filtering is not about preventing security vulnerabilities, it's about not populating your database with garbage. If you're expecting a date, make sure it at least looks like a date prior to storing it. @ircmaxell

๏ CSRF / XSS / CORS / SQL Injection๏ Password hashing / Nonce hashes๏ SSL — current generation — TLS 1.2+

Security basics

@magma_digital

๏ Deal with default states๏ Ambiguity in return types๏ Don’t spill errors to users

- try/catch; log

Graceful Failures“When you assume,you make an ass out of u and me”

Oscar Wilde on Assumption

@magma_digital

๏ Mixed coding styles / naming / PSR - x๏ One technique to rule them all๏ Peer review๏ Documentation๏ Architecture

Team Standards

@magma_digital

The unit tests all passWe’ve got good code coverage!

@magma_digital

๏ QA Tools —PHPMD, Code Sniffer,PHP Metrics

๏ Profiling —XDebug, blackfire.io

Quality Assurance

@magma_digital

๏ Latency varies — simulate• OS X Xcode Hardware

IO Tools: Network Link Conditioner

๏ Caches — temporary storage• Plan for failure, code

shouldn’t rely on it being there!

Infrastructure:Remove key components

Network Link Conditioner

@magma_digital

@magma_digital

๏ Low bandwidth — simulate• Hotspot to your phone and

turn off 4G!๏ File systems fail — abstract —

flysystem?๏ Server reboot — do services

restart?๏ Failover — kill the master or

slave

Infrastructure:Remove key components

@magma_digital

๏ Block third party services:

• Test socket timeouts, API error handling

Infrastructure:Remove key components

@magma_digital

๏ Narrowing down to errors

• Actually read the error message!

• Not just Googling parts of the message๏ Develop a strategy

• Be scientific, eliminate sources one at a time

Practical approaches:Debugging

@magma_digital

๏ Noisy logs - reduce / eliminate unexpected output — work with error_reporting(E_ALL) — in dev

๏ Graphite / StatsD — measure everything else about your software,method calls, keyactions, any events,deployments

Practical approaches: Logs

@magma_digital

๏ Monitoring / Alerts

• NewRelic

• Logstash / Logster / Loggly

• Chat servers / SMS etc.

Practical approaches: Visibility

@magma_digital

@magma_digital

๏ Database — indexes, field types, query optimisation

๏ Test for planned scale — ab, siege, jMeter, LoadRunner

Practical approaches: Performance

@magma_digital

๏ Automation is the key

• Rsync; Phing; Ansible; DeployHQ; Capistrano

• Symlink switching; full Atomic deploys

๏ Continous Integration — Jenkins, Bamboo etc.?

Practical approaches: Deployment

@magma_digital

๏ Upgrading libraries — justbefore deploy!

๏ Front-end — same strategyright?

• composer.lock, package.json,bower.json, Gruntfile.js

Practical approaches: Supporting Code

@magma_digital

๏ Defensive programming

• more than just code, lots of moving parts

• easier to learn with feedback from peers

• requires discipline and experience

• risk management, there’s a war on!

Summary

@magma_digital

๏ Jeremy Coates, CEO, Magma Digital Ltd

๏ Founder of PHPNW User Group & Conference

๏ @phpcodemonkey

๏ linkedin.com/in/jeremycoates

Defensive Programming:Lost Art? https://joind.in/talk/a6b65

http://bit.ly/LostArtDefensiveProgramming