Safety first – Belgian eid card login on public websites

Recently I visited “CM Ziekenfonds” website where foreseen the user authentication using Belgian eid card. During login, the popup window appears with request to allow Java applet run in unsafe mode:

eid login javaThus, for secure login I have to lower security settings for Java, knowing that in general the usage of Java applets is not secure at all.

Most of the official Belgian eid cards software is written in Java. The only way for using eid card in the browser is via Java applet. Nowadays, when most of the people using smartphones and tables for browsing Internet this solution becomes really not acceptable.

There is another alternative solution which becomes more and more popular – Itsme: https://www.itsme.be/en. This solution replaces eid card login with smartphone app.

Unfortunately, it doesn’t solve the problem of eid card usage, when it’s really needed, for example for qualified signature of PDF documents.

Advertisements

ORM Is an Offensive Anti-Pattern

ORM is a terrible anti-pattern that violates all principles of object-oriented programming, tearing objects apart and turning them into dumb and passive data bags. There is no excuse for ORM existence in any application, be it a small web app or an enterprise-size system with thousands of tables and CRUD manipulations on them. What is the alternative? SQL-speaking objects.

Source: ORM Is an Offensive Anti-Pattern – DZone Java