Wednesday, December 07, 2016

My view on Security

People in the Software Industry seem to be quite a bit bothered by the notion of Security. Security seems to be this ooh-so-magical castle that's innately "more important" than anything else that your company does and any and all pain and sacrifice demanded at the altar of security is justified (because oooh! Users! & Privacy!!!). Well, let's face it - security is a pain... a massive pain that provides very little reward in return.

Security is like brushing. Do it once everyday and you'll be happy, your teeth will be healthy and you'll have a long life. And that's all the importance it deserves. 

ACLs are like flossing. You know you should be doing it, but you keep putting it off as long as possible. ACLs give you a sense of security, a warm fuzzy feeling of being in control. An easy way of saying - yeah, we know what we're doing - look! ACLs! And every single day, an engineer's creativity dies a little bit when he or she spends 3 hours trying to get permission to look at just one, just one instance of the data that you're trying to protect so that you can write just one line of code. 

And then there's security "best practices". Ooh, I just cry a bit every single time someone in security says "no, you can't do this" without providing a half-decent, reasonable technical alternative to the egregious hack that's already in the system to work around some other limitation of some other security system. Half-assed security systems do no good to anyone. 

There are only 2 reasonable threat models in the world: you're either being attacked by a Nation state or you're being attacked by a script kiddie. Nothing you can do will stop a determined Nation state. Electronic security be damned. They're just going to pick you up from your neighborhood coffee shop and you're going to quietly give up your passwords and hope to get your life back. If they're trying to be a bit subtler, you're just going to get key-logged. 

If you're getting attacked by a script kiddie, reasonable passwords, https, instructions about phishing and 2 factor authentication is all that you need. 

This entire hoopla about "insider threats" being a reasonable threat model in enterprise just doesn't work. If you can't trust your employees with the broadest of powers, they just can't work with each other or with the data that you're working so hard to protect. There's just no way you can protect against the exponential possibilities of compromise. The *ONLY* reasonable alternative is "trust but verify". Put in auditing, look for patterns, look for data exfiltration but for heaven's sake, just don't make daily life hard. Because your average engineer is working really, really hard to move your company forward. Making your productive workers jump through hoops kills productivity and at the end of the day, talent leaves a non productive organization and with it, your long term future disappears.

Saturday, June 25, 2016

I love my lawyer lyrics - Ofelia K

Black suit... morning... wakes up... window... 
His face... got it covered... bouquet.

I want your pheromones, messing with my hair on my time.
Feeling self destructive, I want someone who wants to fight.
Nervous bloody nose, smiling for a poloroid again.
Let me be your witness, everybody is looking for a way out, I want in.

I wanna lose control x 4

I love my lawyer, my angel in a black suit.
Looks like he's mourning, everytime he wakes up.
If you were my age or close to my age, anywhere near my age,
I would marry you.... You, whoo oo ou.

I want you in the shadows, want you in the blinding light of day.
Nothing fricking matters, tell me do you feel the same way.

I wanna lose control x 4

I love my lawyer, my angel in a black suit.
Looks like he's mourning, everytime he wakes up.
If you were my age or close to my age, anywhere near my age,
I would marry you.... You, whoo oo ou.

I wanna lose control,
Do you ever feel the same way.
Oh yeah, I gotta know... You didn't say.
I've got a night time jones, it never goes away
I wanna lose control. Tell me, do you feel the same way.

I love my lawyer, my angel in a black suit.
Looks like he's mourning, everytime he wakes up.
I love my lawyer, my angel in a black suit.
Looks like he's mourning, everytime he wakes up.

Like when the window shuts, and lands on his face,
He gets it covered like a sweet cake on a bouquet.

If you were my age or close to my age, anywhere near my age,
I would marry you. I would marry you.

Black suit... morning... wakes up... 
I would marry you... 
Window... His face... Got it covered... Bouquet.
I would marry you....
You, whoo oo ou.

I love this song! Let me know if you find any mistakes in the comments.

Friday, April 08, 2016


"Never base your life decisions on advice from people who don't have to deal with the results."
"Don't make a permanent decision for your temporary emotion."
"The people with the best advice are usually the ones that have been through the most."
"Sometimes we need to be hurt in order to grow, fail in order to know, lose in order to gain, some lessons are best learnt through pain."
"When you say yes to others, make sure you're not saying no to yourself."
"Forget what hurt you in the past, but never forget what it taught you."

Thursday, April 07, 2016

The Principles of Leadership

You know... over the past many years in software development, I've seen and gone through several projects and seen a bunch of teams do their work. I've worked with several managers and directors and I've learnt a few golden principles of leadership:

1. You need to be a master of the area relevant area that you're going to be working on.
2. Lead by example: set high standards and then meet them. The second part is critical.
3. Be the hardest worker on your team.
4. Have a clear vision and work towards it.
5. Know your goals.
6. Do not get sidetracked. Sidetracking is a killer disease.
7. Have a heart. A leader doesn't remain a leader if he / she doesn't have a heart.


Thursday, March 24, 2016

What is Software Quality?

"Software quality isn't really getting 90% code coverage, test cases for the domain, formal proofs or conforming to APIs and specs. Software quality is defined by the sustained rate of change a codebase can support through the promotion of clarity of thought and fluency of execution."

Monday, March 21, 2016

About me

I love to create beautiful things with elegant code. I particularly like low-level optimisation for bare metal performance and systems programming, but I also enjoy high-level functional programming. I prefer a strong type system over excessive unit testing and I prefer common sense over agile development methodologies. I am mildly allergic to buzzwords. Data should be immutable.
-- Ruud van Asseldonk,
Sums up my feelings completely.

Wednesday, March 09, 2016

Features that I wish C++ had out of the box

As some of you might know from my last post, I've recently joined LinkedIn after 4 years at Google. LinkedIn is a Java company through and through. It's not a bad thing: it allows the company to consolidate its efforts and spend its resources wisely. The flip side is that everything assumes that Java will be around. I've spend the past month ramping up on the tooling, infrastructure and code. Coming from C++, I've been pleasantly surprised by a few things:

Refactoring Support
Java has a mature IDE ecosystem. IntelliJ is an awesome IDE, *much* better than Eclipse. Even though I'm coming from the Vim / Emacs world and I'm used to high productivity editors, there are things that IDEs can do for you much faster than you can do yourself (the big one is of-course extracting, moving and renaming methods). C++ needs to get its act together and expose ASTs for C++ code. There's a dire need to write tools that can automatically refactor parts of C++ code (string-replace should not cut it anymore in 2016). Even though I'll never give up Vim / Emacs, I do want to be able to do automated code refactoring with 100% guarantee of 1:1 transformations across the entire C++ project.

Dependency management and Build Systems
Java dependency management is more robust. There's a clear ecosystem of versioned build artifacts that you can drop into your application and a uniform way of referencing third party code (I'm talking about JAR files). 

The C++ build landscape is a mess. Including third party code involves setting up an entire build environment corresponding to your dependency and then building it with your compiler and with your compile flags to maintain compatibility. Static and Dynamic libraries exist (.dll, .so, .a files) but the requirement to have header files compatible with the exact version of the library that you're linking against pretty much means that it's more reliable to build with all your dependencies present in your source tree (partial binary + source builds are impossible). 

People in the C++ ecosystem try to avoid this mess by shipping header only libraries that cuts a few steps out of the way at the cost of increased compile time. Make + Autotools don't cut it anymore these days, Bazel and Buck aren't well adopted yet (but are the future), CMake's ghastly language is currently filling the gap as the "state of the art" but we really really need a standard build system for all of C++.

Uniform Instrumentation, Profiling, Debugging
Java's instrumentation profiling and debugging is fairly uniform. The JVM handles several aspects of profiling and debugging for you. This means that there's a uniform way to get information about the currently running threads, the memory structure and code hotspots *regardless of the running application*. There's also structure in the J2EE specification on how "web-applications" are expected to expose internal metrics to the outside world. There's also an active community around Java profilers and debuggers since these tools end up being widely used in a uniform manner across enterprises. 

If anyone's done C++ profiling extensively, you'd know how hard it is to get a C++ application to disgorge metrics about its internal state (call-counts, hotspots, memory allocations etc.) and the things that get in the way. The Google Profiling Tools are amazing for C++ code and provide a lot of what you'd need but they're not used uniformly across the community. 

The killer feature that Java has here is that you can simply pass in a command line argument to any modern JVM and it can load up specific profiling code (either inbuilt or provided as a native library) that instruments *all* the running code and exports debugging information from a "debug-port" that you can simply attach a debugger or profiler to. You can then proceed to put your application under load and see changes to its metrics (gc, threads, hotspots, allocations) in real time (this takes a ton of time to do correctly for each C++ project and works magically in Java). Call me impressed.

C++ today has its blind spots just as it has its strengths. We're now reaching the point where the actual language structure isn't the most important thing, it's the ecosystem and the developer productivity tools that are starting to matter. The C++ ecosystem just needs to get its act together and it doesn't look like we're going far enough with new proposals. I'd like to see this level of maturity in the C++ tooling system and I hope I see it sooner rather than later. 

If you've read so far, I'd like to leave you with a small nugget: try out Go. It's got horrible syntax at first glance but the underlying principles are excellent. It's still an immature language but it's worth taking a look. Let me know what you think about it in the comments.