Kevlin Henney

A lot of security is based on trust. Trust relies on competence. The security theatre I get from a lot of sites and apps, sometimes elaborated through MFA, does not inspire such trust.

That device you tell me is unrecognised? It's the one I've used to access the app every day for at least the last year.

If you want to convince me your app is secure, start with competence. Poorly engineered products don't do that. KPI-driven product staff don't do that.

WordFriday: noctcaelador

Emotional attachment to, adoration of or love of the night sky.

https://www.tumblr.com/wordfriday/809045202349309952/noctcaelador-noun
https://www.facebook.com/WordFriday/posts/pfbid02NuwcWshh12v2bFQmeoq55wizer88cmAm8Z7tJzSwRQ9bdWf7n6rFt1QVQEB7QwZUl

25 years since the Zero Wing meme went viral and 25 years since the Manifesto for Agile Software Development #TwoForOneCommemoration

For anyone interested in a talk or workshop for their company (online or in person), I have a couple of days here and there from the end of March into April, plus some availability in June.

I'll be talking about Principle Misunderstandings at C++ Online @cpponline@mastodon.social

Join me with a 10% discount code: CPPONLINE2026S

https://cpponline.uk/registration

Where you can find me over the next few weeks:

I'm on a panel at NorDevCon in Norwich on 27th February
https://nordevcon.com/

I'm speaking at @ama_conf@mastodon.tech Agile Meets Architecture in Berlin on 10th March
https://www.agile-meets-architecture.com/2026/home

I'm giving the opening keynote at Future Tech in Utrecht on 11th March
https://futuretech.nl/

I'm speaking at @umbracospark@umbracocommunity.social Umbraco Spark in Bristol on 20th March
https://umbracospark.com/