Tuesday, August 11, 2015

Managers Making Mess

The time it takes to code a feature is consist of the following formula MMMf(D(x)+Q(x))

x - feature
D(x) - Time to develop (this include CI/CD in it)
Q(x) - Time to test outside of automation
MMMf(...) - Managers Making Mess factor - this is the amount of noise introduced by additional layer in the organization

What surprise me me every day, is the large factor of noise introduced by other parties outside of the dev unit.

Think where would we be if we only needed to implement it without the extra noise... everything would be so simple !

So what do you do to reduce the MMMf to 1.0 ?

Monday, July 20, 2015

Prevent the installer from displaying passwords or other confidential information in the log file.

Most of us know about the article that talks about how preventing Confidential Information from Being Written into the Log File, but few more questions are raised in that area:

  1. Can we pass the list of properties we want to hide (e.g. MsiHiddenProperties property) using the command line (instead of changing our MSI) - Surprising the answer is NO, this has to be built inside the MSI as new property and compile it
  2. If we follow all the steps identified in the main article, Will the Windows Installer hide all the sensitive information we request from being written to all log lines - NO, for example if you saved the sensitive info to registry, the operation will be in the log (But than again, WHY would yo save clear text)
    Another example is that if your code writes to log than you will have to manage it
as a rule of thumb, you should NEVER persist the password as clear text in any area and I would even question the need to persist it in any case, find alternative like delegation / SSO / SSH keys and other which will be more robust (cost more) and more secure 

Hope this helps

Saturday, June 27, 2015

Relocating ? (some TIPS for you)

So you think about relocating, below is a list that I am arranging  that should help you in the process

Contract

Temporary accommodation

  1. Should be for period of 30 or until the container arrive to the target (this can be higher)
  2. Should NOT be restricted to origin/target only (don't think you can spend more because of it)

Bonus

  1. You must review the bonus policy and if it has any differences than what you have now! 
  2. Bonus policy can change every year - so highly suggested you try to have the bonus % as low as possible and moved it to the base salary (dah)

Home leave

  1. If there is a limit of days - it shouldn't be lower than 3 weeks.
  2. Transportation from and to air port should be included
  3. Check if your home leave is taxable! (this will impact your yearly calculations)

Return home

  1. Size of container should be proportional to the size of the family - e.g. if you came with 20" but doubled the size of family --> container will be larger.
  2. Air cargo 100kg - is important and if not sued than can be used for other things(like bigger container) 

The stuff

Packing

  1. If you don't need, give away!
  2. Make each box contain items ONLY from the target location in the house - this will make the unpacking easier, in our case our movers decided to mix rooms in the boxes and caused us delay of one week when we unpacked and organized the house 
This will be updated with more

Tuesday, April 14, 2015

POODLE Attack!



Save a binary file using REQUEST module in Node the right way

I was trying to save some PDF from an output of a request, and I always got a corrupted file.

Initially I found that I saved my file as UTF-8 while it was ascii (took almost double), so I added the ASCII encoding to the file fs,fileWrite command, this helped a bit but still corrupted.

Eventually I read some more about the request module and identified that i was missing the "encoding: 'binary'" in the options!

This is the final code:


Monday, February 16, 2015

Running KIBANA 4 as a service on windows

Currently to run Kibana, you need to run .\bin\kibana.bat from command line. But I needed a more robust way that doesn't require me to do anything manually every time

There are many solutions on how to run a batch file as a service, such as "scheduled task" but in this case I decided to use a more "managed" way using NSSM

The process is very easy

  1. Just download NSSM from their site or like me use the chocolatery way ("choco install nssm")
  2. Install the service using "nssm install Kibana"
  3. In the GUI select the running folder as the bin folder and command line as the kibana.bat
  4. I chose the defaults
Simple tweak that does the trick till now


Wednesday, January 28, 2015

Facebook - getting user's friends - mission impossible

Assuming you application would like to get all the user's friends, so that you can send them message with a nice selection - you probably used FB.API('/user/friends') to get list of all friends

Above solution is great and will work ONLY for V1.0 of facebook, If you are using V2.0 and above the behavior was changed, and now it will return ONLY friends who logged into the application!

So you might be saying, no worries I will just continue using V1.0 API - Sorry the following constrains and terms applies:

  1. Application who were created after April/2014 MUST use v2.0+
  2. V1.0 API is deprecated and will be removed on April/2015 (so Enjoy your last few months)
Facebook is offering , invitable_friends API but this is ONLY allowed for application that are marked as GAME and include CANVAS (e.g. run under Facebook).
If you think of marking your app as Facebook and than in the website put script that will change location and kill the IFRAME - Don't, since this is yet another violation of term!

You can use taggable_friends API but you can only get names and pictures - and can ONLY TAG the friends and not do anything else with their ID, Additionally to be able to use this edge - FaceBook must review and approve your app :(

So as it seems you are stuck with share/write on user feed only!

Sunday, January 25, 2015

Google rejected simple ionic app and I just don't understand why ?

Why would google reject hybrid app which is pretty simple UI that shows list of video from a channel and than shows the video in embedded iframe ( all using the google API v3 and NO tweaks )

Google sent an email saying that:

REASON FOR REMOVAL: Violation of section 4.4 of the Developer Distribution Agreement.

After a regular review, we have determined that your app downloads, monetizes, or otherwise accesses YouTube videos in violation of the YouTube Terms of Service or YouTube API Terms of Service. Accessing content, a product, or service in an unauthorized manner is a violation of the Developer Distribution Agreement, and is not allowed on Google Play.

Even trying to appeal got reply that the review has the same results without clearly providing what actually wrong ...

The app is VERY simple and is using API key to get channel content, so I don't really understand what's wrong ( it is authenticated but without client user )...

Anyone can provide me some more info ?