Notion sat down on the curb, crushed his cigarette into the pavement, put his face into his hands, and sobbed. It felt good to finally let it out.He thought back on the good times. 2020. Sure, a lot of people were dying, but with everyone working from home, it was a real heyday for guys like him.He got married to a hot, young startup. This was...
Heh, I passed Google Cloud's Cloud Digital Leader certification!I started by taking GCP for Beginners - Become a Google Cloud Digital Leader on Udemy. It was about 10 hours of video. It took me a while, though, because I wrote 95 pages of notes. I was perhaps overcompensating for my poor memory. I studied for an extra couple of days reading...
These are my takeaways from the Stack Overflow Developer Survey:Programming languages:JavaScript, HTML/CSS, and SQL are still dominant.Python is the #2 programming language, followed by TypeScript.Only 5% of developers still code in assembly.Lisp moved up two spots to 1.33% of respondents.Rust is the language that the highest number of people...
No, ChatGPT, that's not right ;) If you try solving this puzzle yourself, it's not actually that hard if you start by picking the last word first. I picked "poems on a quick snake". One of the reasons this is hard for ChatGPT is that it picks the words in order.
A lot of people use mock.patch() in their tests, but it's also sometimes useful to monkey-patch code at runtime. This blog post talks about why and how. Let's imagine that you're using some library (perhaps something big, like a web framework), and for whatever reason, you're unable to update the version you're using. Meanwhile, someone comes...
When I was first learning AppSec, my buddy, Josh Bonnett, sent me Cryptographic Right Answers. I read it 3 times and still barely understood it. But, now, it's my favorite page for figuring out the right thing to do when it comes to cryptography.Suppose you need to create a secret (i.e. a symmetric key). You need it to be long enough. That page...
This was my third time going to BSidesSF, which is a friendly, volunteer-run security conference. In the past, I've always avoided the CTF (Capture the Flag) hacking competitions because I was afraid of making a fool of myself, but, this time around, I decided to give it a go!In the last 3 years, I've spent a ton of time practicing thanks to...
People are understandably frightened by ChatGPT. They fear that it might put software engineers like me out of business. Some of my friends have even suggested that it's the beginning of a Terminator 2 situation! I'm here to put those fears to rest: First of all, Microsoft is investing in OpenAI. From their purchase of Skype to their development...
I thought of a cute way of infinitely generating prime numbers that I call the Streaming Sieve of Eratosthenes: #!/usr/bin/env python3 """ Streaming Sieve of Eratosthenes I thought of a cute way of infinitely generating prime numbers. """ from collections import defaultdict # upcoming is a defaultdict. Each key is an upcoming number. Each value...
I finished reading Web Application Security: Exploitation and Countermeasures for Modern Web Applications by Andrew Hoffman.In summary: It's not very broad. It's not very deep. It's not very complete. It's not very polished--I plan on submitting a bunch of errata.I was surprised at Hoffman's choice to rely on Chrome DevTools and JavaScript for...
I finished "Monolith to Microservices: Evolutionary Patterns to Transform Your Monolith" by Sam Newman. It was great :)There were a lot of things that surprised me in the book.He's a lot more in favor of modular monoliths than I would have expected. He doesn't believe that microservices are the one true way. He thinks startups should stick with...
I've been spending a lot of time practicing on LeetCode recently, so I thought I'd share some of my favorite intermediate-level Python tricks. I'll also cover some newer features of Python you may not have started using yet. I'll start with basic tips and then move to more advanced ones. Get help() Python's documentation is pretty great, and some...
Opening Remarks The theme this year is "from the ground up". They're focusing on community, collaboration, and education. It's a 100% volunteer team. 25 people work year-round. They had speed mentoring sessions. They really need some new volunteers. See bsides.sf/jobs. The talks will be on their YouTube channel. They have a stringent photo...
My buddy, Hy Carrel, joked that the Heisenberg Uncertainty Principle as applied to queues suggests that the more sure you want to be that an item in a queue is going to get processed, the less sure you can be of how long it'll take :-P
TL;DR A world that scrolls infinitely in any direction, an RPG-like UI, and simple, real-time fighting. My younger kids and I built this entry for PyWeek 32 based on the theme "Neverending". The key innovations are: It has a neverending world. As the player walks along, it picks up tiles and places new ones invisibly. It uses an LRUDict to...
I was wondering what percentage of passwords are pure ASCII. Hence, I threw together some code: #!/usr/bin/env python3 PASSWORD_LIST = "example.txt" num_pure_ascii = 0 num_iso_8859_1_not_ascii = 0 num_passwords = 0 with open(PASSWORD_LIST, mode="rb") as f: for line in f: password = line.rstrip(b"\n") num_passwords +=...
(I'm talking about stuff I don't understand, so feel free to ignore me.)Space isn't entirely empty. There are a few hydrogen atoms hanging out here and there.Imagine if a spacecraft was flying really fast, and it was collecting those tiny few. It could either use a massive funnel at the front of it, or it could use something electromagnetic. Once...
I was using the command line to quickly build out a file hierarchy. I wrote something that looked basically like: mkdir -p "~/dir/a b/c d" I meant for dir to be in my home directory. I should have put the ~/ outside the doublequotes. Hence, it actually ended up creating a directory called ~. I thought, "Well that was dumb. Let me delete that and...
Introduction Let’s talk about certifications, standards, controls, control frameworks, etc. Let’s start with standards. SOX Per Wikipedia: The Sarbanes–Oxley Act of 2002...more commonly called Sarbanes–Oxley or SOX, is a United States federal law that set new or expanded requirements for all U.S. public company boards, management and public...
This is a continuation of Creating Windows 10 Boot Media for a Lenovo Thinkpad T410 Using Only a Mac and a Linux Machine. I figured out that Windows 10 isn't supported on the Lenovo Thinkpad T410, so I decided to focus on getting Windows 7 running on it, which is what it came with. I know it's a security risk, but I figured it'd be okay if I...
I'm having a lot of fun with VMware on this 64 GB Mac: My main OS, obviously, is macOS running work-related stuff. Then, I have Ubuntu Linux for development. I have Kali Linux for doing security work. I have Windows 10 for practicing exploit development. And, finally, I have macOS running in a VM for my personal stuff. I could...
In this blog post, I’m going to be talking about hashing, encryption, encoding, compression, etc. All of these things are related, but they serve different purposes. Sometimes, developers confuse these things which can lead to tragic results. My goal is to provide a high-level overview without getting into the weeds. If you’re interested in the...
I decided to give Ubuntu 20.04 a try on my 2015 15" MacBook Pro. I didn't actually install it; I just live booted from a USB thumb drive which was enough to try out everything I wanted. In summary, it's not perfect, and issues with my camera would prevent me from switching, but given the right hardware, I think it's a really viable option. The...
TL;DR: Giovanni and I struggled trying to get Windows 10 installed on the Lenovo Thinkpad T410. We struggled a lot trying to create the installation media because we only had a Mac and a Linux machine to work with. Everytime we tried to boot the USB thumb drive, it just showed us a blinking cursor. At the end, we finally realized that Windows 10...