TechBlog

From Laravel and AngularJS to Spring Boot and Angular: A Full-Stack Migration Field Report

Published: May 22, 2017 Reading Time: 10 min

In January I wrote about moving our frontend from AngularJS to Angular. That migration is still running — we are on Angular 4 now, which shipped in March and turned out to be a painless bump from 2.4. The bigger shift landed on the backend: our APIs used to live in Laravel, and we are rewriting them in Java with Spring Boot 1.5.3. This is my first real Java project. I have years of PHP — mostly Laravel — and a few months of TypeScript from the Angular work. I also wrote C# in college, which turns out to matter more than I expected. Java does not feel like learning a foreign language. It feels like meeting someone who speaks a dialect you half understand. ...

Continue Reading

Test Gnome on Ubuntu and Rescue Back

Published: February 9, 2017 Reading Time: 2 min

How it started A few days ago I just decided to give my Ubuntu a new look and experience. I thought KDE is not in a good situation and maybe Gnome 3 is a better option than Unity. The easiest option to try Gnome on Ubuntu (Without a clean install of OS) is to install it as a package: 1 sudo apt-get install ubuntu-gnome-desktop During the install process it asks for Display Manager, you have options to choose, gdm and lightdm, since I want to try Gnome, I select gdm: ...

Continue Reading

Six Months with Angular 2 After Years of AngularJS

Published: January 18, 2017 Reading Time: 10 min

Angular 2.0 shipped in September. We are on 2.4 now, and the release train is already moving — Angular 4 is being talked about openly. I have been building with it since October, migrating a medium-sized internal dashboard that lived in AngularJS for three years. This is not a tutorial and not a verdict. It is a field report from someone who still dreams in $scope sometimes. The context nobody warns you about If you spent years on AngularJS, you did not “upgrade.” You rewrote. Google offers ngUpgrade to run both frameworks side by side, and we tried it for two weeks before giving up. Our app had too many directives, too much implicit magic, and too many $watches buried in places nobody remembered. We picked a greenfield module, scaffolded it with the CLI, and started porting feature by feature. ...

Continue Reading

All the world's a Stagefright

Published: October 9, 2015 Reading Time: 1 min

Here’s how security vulnerabilities are supposed to be handled. One, a researcher discovers an issue. Two, the people who make the software find a solution. And three, the solution is then made available, ideally by automatic update. That’s what Windows does, and what Apple does. It isn’t always as fast as it should be, but at least once the fix exists it’s available almost instantly. Here’s how it works with Android. ...

Continue Reading

Facebook farewells flaky SHA-1

Published: June 5, 2015 Reading Time: 2 min

Facebook has set the date: on September 30, the ancient and creaking SHA-1 hashing algorithm will make its tumbril trip and get the chop. SHA-1, designed by the NSA in 1995, is a one-way algorithm: a block of data is turned into a message digest. The digest can’t be turned back into the original message, but serves as a digital signature confirming the authenticity of (for example) the software you’ve downloaded. ...

Continue Reading

What you need to know about BERserk and Mozilla

Published: September 25, 2014 Reading Time: 1 min

The Intel Security Advanced Threat Research Team has discovered a critical signature forgery vulnerability in the Mozilla Network Security Services (NSS) crypto library that could allow malicious parties to set up fraudulent sites masquerading as legitimate businesses and other organizations. The Mozilla NSS library, commonly utilized in the Firefox web browser, can also be found in Thunderbird, Seamonkey, and other Mozilla products. Dubbed “BERserk”, this vulnerability allows for attackers to forge RSA signatures, thereby allowing for the bypass of authentication to websites utilizing SSL/TLS. Given that certificates can be forged for any domain, this issue raises serious concerns around integrity and confidentiality as we traverse what we perceive to be secure websites. ...

Continue Reading

Symantec to Overhaul Its Norton Security Line

Published: August 22, 2014 Reading Time: 3 min

Symantec is overhauling its Norton security software, going from nine products to just one as the company turns its attention to smartphones and connected devices. The new product, called Norton Security, doubles down on the company’s renewed focus on subscription models. In its most recent quarter, when Symantec reported a $236 million profit on a 2% gain in revenue to $1.74 billion, the company said it planned to optimize the Norton business while streamlining product support. ...

Continue Reading

New Facebook scams in 2014

Published: August 22, 2014 Reading Time: 3 min

So many Facebook scams in 2014 have been a little worrying even though at first they all seem innocent enough, but these are social scams to lure users in to gain money or access to computers. One particular Facebook scam this year was the “Robin Williams goodbye video”, which was apparently made before his death. This fake BBC News video is a scam and no such video exists. The “Robin Williams goodbye video” started to circulate on Facebook and asks users to share the video before they can watch it, DO NOT click on it. There is no video so no point on sharing it, Symantec explains in detail that when Facebook users click on the video it asks them to either fill out a survey or install an application. When the survey is complete the scammers gain money for each one completed. ...

Continue Reading

How NBC's Russian Hack Actually Happened, According to the Security Expert Who Set It Up

Published: February 10, 2014 Reading Time: 4 min

A couple days ago, NBC News ran a report pegged to the Sochi Olympics about Russian hacking. In it, correspondent Richard Engel uses a “brand new” smartphone to test out the Russian internet while hanging out in a Moscow cafe. “Almost immediately,” he says in the segment, “we were hacked.” Naturally, as the security consultant NBC hired for the segment explained today, it’s not true. ...

Continue Reading

Gates spends entire first day back in office trying to install Windows 8.1

Published: February 7, 2014 Reading Time: 1 min

REDMOND, WASHINGTON (The Borowitz Report)—Bill Gates’s first day at work in the newly created role of technology adviser got off to a rocky start yesterday as the Microsoft founder struggled for hours to install the Windows 8.1 upgrade. The installation hit a snag early on, sources said, when Mr. Gates repeatedly received an error message informing him that his PC ran into a problem that it could not handle and needed to restart. ...

Continue Reading