I’ve heard it said that Slack is the elephant in the room when it comes to security. From my personal experience, it’s very true. Unless one is very informed on security and takes privacy seriously there are serious security issues that arise from convenience.

When I worked for a digital agency, working across many different client projects, it was very common to get Slack messages with passwords. There are clearly better solutions to password management, but since there are agencies still not using them I thought that this would be a fun idea to run with.

Requesting passwords in Slack is a common and insecure way to share secrets. Photo by JESHOOTS.COM
Requesting passwords in Slack is a common and insecure way to share secrets. Photo by JESHOOTS.COM
Secrets in Slack aren’t secret.

Choosing an Architecture

An important step is determining the architecture with respect to user experience. I want my users to be able to easily encrypt data, their data can only be decrypted by specific individuals, and the owner of the data can quickly add or remove user’s access. Finally, as an application developer, I want a separation of concerns and don’t want to have the burden of maintaining encryption keys or controls. …


Technology is a tool — people are the engine.

We develop to express our inner creativeness. It is one of the best feelings when someone uses and enjoys our work. Likewise it is a terrible feeling when they don’t. However as a project grows it can grossly overshadow the developers. Demanding hours of time while giving nothing to creativity or joy. It becomes production oriented.

Especially in some form of leadership at some level within development process this production machine can really blind you. Whether you directly profit from its work or its just your duty it can warp your humanity. …

About

Ryan Schumacher

Sr Software Engineer at Virtru, open source hobbyist, with a love for mycology 🍄, and father of two awesome boys.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store