It is crucial for democracy to work every time and we can’t guarantee that with an online system.

Photo by Tiffany Tertipes on Unsplash

At last year’s DEF CON, I wandered into a panel with voting industry leaders from the public and private sectors. Towards the end, the facilitator asked the room filled with 200 or so security experts and hackers if they thought the US should have online voting.

Three brave souls raised their hands. They were booed. One put his hand down, looking embarrassed.

Article was last updated 11/08/20

Read the EFF’s concise position on this topic:

Read this Letter to Governors and Secretaries of State on the insecurity of online voting, signed by over 50 (at time of writing, others may…


This is what 2008 was like

In my defense, I was 12 and very excited about unicorns

When I was a kid growing up on the internet, I played a lot of online resource management games. I hung out on Tumblr and was one of those annoying forum posters who couldn’t spell and put Dragon Cave eggs in their signatures. Ah the nostalgia!

This is the story of the first time I encountered a hacker, and learned what hacking really is. Thinking back on this, I’m pretty certain the attack was an XSRF.

Horsing Around With Cross-Site Request Forgery

During my horse phase, I enjoyed a game that will remain unnamed which involved training and breeding digital…


I made an AQI to cigarettes converter in React to find out

On September 10th I left my bedroom and the safety of my air purifier to have lunch with my housemates. An hour later I was having my first asthma attack in years. That night the AQI in Portland dipped into the purple zone. The next day, on 9/11, I had 6 people spend the day in my room huddled around my air purifier while the AQI slipped off the charts.

Spending the weekend refreshing the evacuation maps and PurpleAir.com, I realized I know very little about the AQI or Air Quality Index. …


How to crack passwords and speed up your code, all with the power of hashing.

Hashing is an important topic for programmers and computer science students to be familiar with. This article is specifically targeted to students, and programmers with a few months to a year of coding experience.

What Hashing Is

Hashing: generating a value or values from a string using a mathematical function

Hashes are mostly used for three things:

  1. Storing stuff without actually knowing what it is
  2. As a convenient way to remember where you put something
  3. To make sure the thing you received is the thing you wanted

That’s super confusing but bear with me.

How it works

Hashing is otherwise described as doing a non-reversible operation…


Tips to get your stories to rank on the first page of Google

Photo by Gaia Armellin on Unsplash

I recently started to get into a good momentum with publishing on Medium. Around half of my articles show up on the first page of a relevant Google search, but two of them in particular do very well.

“3 Security Pitfalls Every React Dev Should Know” pretty consistently ranks first to third for “react security,” and Google uses my diagrams from “A Gentle Explanation of Logarithmic Time Complexity” to illustrate the search for “logarithmic time complexity.”

Since I’m a tech writer, most of this applies to tech writing. If you’re not a tech writer, there may be some useful information…


Understand how shell scripting works to save yourself time and reduce bugs

Photo by Sereja Ris on Unsplash.

Recently, I refactored an entire deployment setup for a diverse array of apps. That means a big pile of Docker images that all have to be flexible but stable. Some web applications also needed to be restarted in a user-friendly way that displays helpful error messages to developers with a range of skill levels.

It was a lot of work but I sure did get better at Bash scripting. I’m in a good position to write this article because during this project, I wrote down every weird little thing that cost me debugging time.

Bash is so weird that not…


Learn what the different user models are in Django and how to use them correctly

The Django project donations icon: a pink pixel art heart.
The Django project donations icon: a pink pixel art heart.

Django has solid docs and strong opinions. One thing it has strong opinions on is user models. There are a few important tips and best practices for starting these off on the right foot. Follow them to avoid migration headaches as your project grows.

This article is meant to be read all the way through. It is especially for beginners but may have some helpful references for more advanced Django developers. If you’re looking for copy-pasteable code snippets instead of an explanation, check out this blog post or look at an example app.

If you’re already experienced with AbstractUser and…


Photo by Hubert Mousseigne on Unsplash

Common React vulnerabilities, how to patch them, and how to spot them in a code review

React is my favorite library for making interactive interfaces. It is both easy to use and quite secure! However, That doesn’t mean it’s completely safe. It’s easy to get complacent and think “we don’t have to worry about XSS because we use React” — that’s not the case.

React vulnerabilities most often happen when you think you’re using the library but aren’t. It’s important to know what React does and doesn’t handle for you.

The following are the most common specific mistakes you are likely to make as a React developer. …


Don’t worry, it’s simpler than it sounds

Photo by Harry Sandhu on Unsplash

If you’re new to computer science, you’ve probably seen a notation that looks something like O(n) or O(log n). That’s time complexity analysis or big-O notation!

It’s a super important concept to understand, at least on an intuitive level, in order to write fast code. There’s also space complexity. It defines how much memory a program might use but we’ll leave that for the next article.

This concept is one of the reasons higher education thinks it needs to make computer science undergrads take years of math classes. …


A few months ago I was looking for an easy way to make my computer unusable for anyone who isn’t me. Petty, maybe, but I know I’m not the only person who hates it when people touch my stuff. It is also satisfying to watch someone grab my laptop without asking, only to have no idea how to use it.

don’t touch my stuff :) Photo by Andrew Le on Unsplash

After re-wiring some keyboard shortcuts, I wrote aliases to make bash commands do weird stuff. Like making ls display the contents of the wrong directory or act like the user made a typo when they hadn’t. …

Jasmine Webb

Developer and appsec researcher living in Portland, Oregon.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store