Need someone to lead product management at your software company? I build high-craft software and the teams that build it. I'm looking for my next opportunity. Check out my resume and get in touch.

This is the blog of Adam Kalsey. Unusual depth and complexity. Rich, full body with a hint of nutty earthiness.

Security & Privacy

Secure Code

4 Mar 2002

I read a review of what sounds like an interesting book, "Writing Secure Code" by Michael Howard and David LeBlanc. Unfortunately, the review was in an email newsletter and there isn’t a Web version, so I can’t link to it, but here’s an excerpt.

In later chapters, like those on "The Buffer Overrun", "Determining Access Control", "Running with Least Privilege," "Storing Secrets" and others, they deal with what you might call the 10 demons of modern software—the weak coding practices which make the end product vulnerable to attack.

Recently Written

Decoding Product Leadership Titles: Mar 18: Not all product leadership titles mean what they sound like. ‘Head of Product’ can mean anything from a senior PM to a true VP. Here’s how to tell the difference.
What branding can teach about culture: Jan 8: Culture is your company’s point of view in action—a framework guiding behavior, even in the unknown. You can’t copy it; it must reflect your unique perspective.
Think Systems, not Symptoms: Dec 15: Piecemeal process creation frustrates teams and slows work. Stop patching problems and start solving systems. Adopting a systems thinking approach helps you design processes that are efficient, aligned with goals, and truly add value.
Your Policies Aren’t Your Culture: Dec 13: Policies guide behavior, but culture is the lived norms and values of your team. Policies reflect culture -- they don’t define it. Netflix’s parental leave shift didn’t change its culture of freedom and responsibility. It clarified how to live it.
Lighten Your Process Burden: Dec 7: Everyone hates oppressive processes, but somehow we keep managing to create them.
Product Add-Ons Are An Expansion Myth: Dec 1: Add-ons can enhance your product’s appeal but won’t drive significant market growth. To expand your customer base, focus on developing standalone products.
Protecting your Product Soul when the Same Product meets New People.: Nov 23: Expand into new markets while preserving your product’s core value. Discover how to adapt and grow without losing your product’s soul.
Building the Next Big Thing: A Framework for Your Second Product: Nov 19: You need a first product sooner than you think. Here's a framework for helping you identify a winner.

Older...

What I'm Reading

223. On the Toll of Being a Disruptor at hardcoresoftware.learningbyshipping.com
228. DeepSeek Has Been Inevitable and Here's Why (History Tells Us) at hardcoresoftware.learningbyshipping.com
Seniority Matrix: Forget counting years and creating intricate skill matrices! at medium.com
Tiny Habits: The Small Changes That Change Everything by B.J. Fogg
Retrieval Augmented Generation (RAG) for LLMs | Prompt Engineering Guide at promptingguide.ai
The Ideal Team Player: How to Recognize and Cultivate The Three Essential Virtues (J-B Lencioni Series) by Patrick Lencioni
How to send progress updates - Slava Akhmechet at spakhm.com
Exploring LoRA — Part 1: The Idea Behind Parameter Efficient Fine-Tuning and LoRA at medium.com
His Startup Is Now Worth $62 Billion. It Gave Away Its First Product Free. at wsj.com
How to Turn a Competitor's Strength into a Weakness at aprildunford.substack.com
“Founder Mode” and the Art of Mythmaking at charity.wtf
Clever Hans, Plato, and Large Language Models at aalokbhattacharya.substack.com
Bringing Elon to a knife fight at eatingpolicy.com
Netflix’s Extraordinary Parental Leave Was Part of Its Culture. That’s Over. at wsj.com
The secret tricks hidden inside restaurant menus at bbc.com
Storing times for human events at simonwillison.net
Tesla’s Big Bet: Cameras over LiDAR for Self Driving Cars at viksnewsletter.com
The Advantage: Why Organizational Health Trumps Everything Else In Business by Patrick Lencioni
Stories Sell: Storyworthy Strategies to Grow Your Business and Brand by Matthew Dicks
Soft matter mechanics of baseball’s Rubbing Mud | PNAS at pnas.org
bureaucracy at dhruvmethi.substack.com

Secure Code

Related Reading

Recently Written

What I'm Reading