Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Lost Art of Defensive Programming

If, like me, you grew up before the internet was a commercial affair, then you will have learned, mostly the hard way, to make code more robust through experience and battle scars. Those of you who grew up with the internet and have always been ‘online’, have the benefits of growing up with fantastic new languages, techniques and ways of thinking, however it has been observed that somehow in all the rush towards this new world, we’ve somehow lost some of the art of earlier generations.

In this talk we’ll explore the art of defensive programming, from both philosophical and practical perspectives, highlighting how it can be added to our repertoire of tools to enable us to add value and reduce failures in our code.

  • Login to see the comments

The Lost Art of Defensive Programming

  1. 1. @magma_digital The Lost Art of Defensive Programming
  2. 2. @magma_digital Who am I? ๏ Jeremy Coates, CEO, Magma Digital Ltd ๏ Founder of PHPNW User Group & Conference ๏ Lancashire Digital CIC Founding Director ๏ International Conference Speaker ๏ Coach of Coaches - (code camp) ๏ @phpcodemonkey ๏
  3. 3. @magma_digital BBC Micro (Model B!) 8-bit, 32Kb, 2Mhz
  4. 4. @magma_digital
  5. 5. @magma_digital ๏ Purpose — Prompt thought, Discussion, Reasoned argument (in the bar!) ๏ Themes — Philosophy; Professionalism; Practical examples ๏ Convey a sense / approach — not a rote-learnable technique(s) Intro
  6. 6. @magma_digital ๏ Murphy’s Law: “Anything that can possibly go wrong, does.” ๏ Finagle’s Law: “Anything that can go wrong, will - at the worst possible moment.” ๏ Sod’s Law: “If something can go wrong, it will” (in British culture: “at the worst possible time”) • “Hope for the best, expect the worst.” Applicable ‘Laws’
  7. 7. @magma_digital ๏ Plan for the worst — related to Fail Fast - with klaxons! ๏ Not anti-TDD, complimentary ๏ Security focussed — code, privacy, encryption, servers ๏ Discipline — planning, consistency, shared standards (team), comments! ๏ Cross over point between Dev and Ops Philosophy
  8. 8. @magma_digital ๏ All engineers love new shiny! and other myths: • “New systems need new tech!” • “Old is slow”, “It doesn’t scale” • “It’s just not cool any more”, “It breaks when” ๏ Longevity, scale, licensing, compliance, risk, support Philosophy: Technology Choices
  9. 9. @magma_digital ๏ In a war with hackers, bots, human mistakes ๏ Tactics — establish a defensible perimeter ๏ Attempt to prevent • Defacement, Malware, Link injection, privilege escalation Battlefield: Internet
  10. 10. @magma_digital ๏ Filter Input, Escape Output — Filtering is not about preventing security vulnerabilities, it's about not populating your database with garbage. If you're expecting a date, make sure it at least looks like a date prior to storing it. @ircmaxell ๏ CSRF / XSS / CORS / SQL Injection ๏ Password hashing / Nonce hashes ๏ SSL — current generation — TLS 1.2+ Security basics
  11. 11. @magma_digital ๏ Deal with default states ๏ Ambiguity in return types ๏ Don’t spill errors to users - try/catch; log Graceful Failures “When you assume, you make an ass out of u and me” Oscar Wilde on Assumption
  12. 12. @magma_digital ๏ Mixed coding styles / naming / PSR - x ๏ One technique to rule them all ๏ Peer review ๏ Documentation ๏ Architecture Team Standards
  13. 13. @magma_digital The unit tests all pass We’ve got good code coverage!
  14. 14. @magma_digital ๏ QA Tools — PHPMD, Code Sniffer, PHP Metrics ๏ Profiling — XDebug, Quality Assurance
  15. 15. @magma_digital ๏ Latency varies — simulate • OS X Xcode Hardware IO Tools: Network Link Conditioner ๏ Caches — temporary storage • Plan for failure, code shouldn’t rely on it being there! Infrastructure: Remove key components Network Link Conditioner
  16. 16. @magma_digital
  17. 17. @magma_digital ๏ Low bandwidth — simulate • Hotspot to your phone and turn off 4G! ๏ File systems fail — abstract — flysystem? ๏ Server reboot — do services restart? ๏ Failover — kill the master or slave Infrastructure: Remove key components
  18. 18. @magma_digital ๏ Block third party services: • Test socket timeouts, API error handling Infrastructure: Remove key components
  19. 19. @magma_digital ๏ Narrowing down to errors • Actually read the error message! • Not just Googling parts of the message ๏ Develop a strategy • Be scientific, eliminate sources one at a time Practical approaches: Debugging
  20. 20. @magma_digital ๏ Noisy logs - reduce / eliminate unexpected output — work with error_reporting(E_ALL) — in dev ๏ Graphite / StatsD — measure everything else about your software, method calls, key actions, any events, deployments Practical approaches: Logs
  21. 21. @magma_digital ๏ Monitoring / Alerts • NewRelic • Logstash / Logster / Loggly • Chat servers / SMS etc. Practical approaches: Visibility
  22. 22. @magma_digital
  23. 23. @magma_digital ๏ Database — indexes, field types, query optimisation ๏ Test for planned scale — ab, siege, jMeter, LoadRunner Practical approaches: Performance
  24. 24. @magma_digital ๏ Automation is the key • Rsync; Phing; Ansible; DeployHQ; Capistrano • Symlink switching; full Atomic deploys ๏ Continous Integration — Jenkins, Bamboo etc.? Practical approaches: Deployment
  25. 25. @magma_digital ๏ Upgrading libraries — just before deploy! ๏ Front-end — same strategy right? • composer.lock, package.json, bower.json, Gruntfile.js Practical approaches: Supporting Code
  26. 26. @magma_digital ๏ Defensive programming • more than just code, lots of moving parts • easier to learn with feedback from peers • requires discipline and experience • risk management, there’s a war on! Summary
  27. 27. @magma_digital ๏ Jeremy Coates, CEO, Magma Digital Ltd ๏ Founder of PHPNW User Group & Conference ๏ @phpcodemonkey ๏ Defensive Programming: Lost Art?