The document discusses various programming language concepts and how they are implemented in C# compared to other languages like C++. It provides code examples of concepts like namespaces, operator overloading, optional arguments, structs, properties, and delegates in C# and compares them to their implementation in C++ or other languages. It emphasizes finding the similarities between languages but also pointing out differences or potential "false friends" where the implementation or semantics have drifted from the original.
Undefined Behavior and Compiler Optimizations can result in programs that display surprising behavior. In this presentation we look at some examples, and I hope to convince you that you should not reason about Undefined Behavior and that you should take care and use your tools.
Thoughts On Learning A New Programming LanguagePatricia Aas
How should we teach a new language to folks that already know how to program?
How do we use what we already know to leapfrog the learning process?
Based on my personal experience and snippets of natural language theory, we will try to explore the cheats and pitfalls when learning a new programming language, but also dig into how we can make it easier.
Reading Other Peoples Code (NDC Copenhagen 2019)Patricia Aas
Someone else's code. Even worse, thousands of lines, maybe hundreds of files of other peoples code. Is there a way to methodically read and understand other peoples work, build their mental models?
In this talk I will go through techniques I have developed throughout 18 years of programming. Hopefully, you will walk away with a plan on how to approach a new code base. But even more, I hope you walk away with a feeling of curiosity, wanting to get to know your fellow programmers through their code.
Reading Other Peoples Code (Web Rebels 2018)Patricia Aas
Someone else's code. Even worse, thousands of lines, maybe hundreds of files of other peoples code. Is there a way to methodically read and understand other peoples work, build their mental models? In this talk I will go through techniques I have developed throughout 18 years of programming. Hopefully you will walk away with a plan on how to approach a new code base. But even more I hope you walk away with a feeling of curiosity, wanting to get to know your fellow programmers through their code.
Secure Programming Practices in C++ (NDC Oslo 2018)Patricia Aas
Bjarne Stroustrup, the creator of C++, once said : “C makes it easy to shoot yourself in the foot; C++ makes it harder, but when you do it blows your whole leg off.” He has also said : “Within C++, there is a much smaller and cleaner language struggling to get out.” Both are true.
This talk is for programmers wishing to feel more comfortable navigating the C++ landscape. Motivated by going through well known vulnerability patterns that have been used in exploits for decades, we will explore the programming culture that has developed around the C++ language. Specifically, we will look at programming patterns that navigate around or through some of the dangerous parts of the C++ language. The goal is to build a set of programming practices based in the “smaller and cleaner language” inside C++. And by doing so, we will also build an awareness around code constructs that can potentially “blow your whole leg off”.
Secure Programming Practices in C++ (NDC Security 2018)Patricia Aas
This talk is for programmers wishing to feel more comfortable navigating the C++ landscape. We will explore the programming culture that has developed around the C++ language. Specifically, we will look at programming patterns that navigate around or through some of the dangerous parts of the C++ language. The goal is to build a set of programming practices based in the “smaller and cleaner language” inside C++. And by doing so, we will also build an awareness around code constructs that can potentially “blows your whole leg off”.
Software Vulnerabilities in C and C++ (CppCon 2018)Patricia Aas
What does a vulnerability using signed integer overflow look like? Or a stack buffer overflow? How does code like this look and how can we change the way we program to reduce our risk? The first half of this talk will show examples of many different vulnerabilities and describe how these are combined to make the first steps of an exploit. Then we will discuss what kind of programming practices we can employ to reduce the chances of these kinds of bugs creeping into our code.
Reading Other Peoples Code (NDC London 2019)Patricia Aas
Someone else's code. Even worse, thousands of lines, maybe hundreds of files of other peoples code. Is there a way to methodically read and understand other peoples work, build their mental models?
In this talk I will go through techniques I have developed throughout 18 years of programming. Hopefully you will walk away with a plan on how to approach a new code base. But even more I hope you walk away with a feeling of curiosity, wanting to get to know your fellow programmers through their code.
Undefined Behavior and Compiler Optimizations can result in programs that display surprising behavior. In this presentation we look at some examples, and I hope to convince you that you should not reason about Undefined Behavior and that you should take care and use your tools.
Thoughts On Learning A New Programming LanguagePatricia Aas
How should we teach a new language to folks that already know how to program?
How do we use what we already know to leapfrog the learning process?
Based on my personal experience and snippets of natural language theory, we will try to explore the cheats and pitfalls when learning a new programming language, but also dig into how we can make it easier.
Reading Other Peoples Code (NDC Copenhagen 2019)Patricia Aas
Someone else's code. Even worse, thousands of lines, maybe hundreds of files of other peoples code. Is there a way to methodically read and understand other peoples work, build their mental models?
In this talk I will go through techniques I have developed throughout 18 years of programming. Hopefully, you will walk away with a plan on how to approach a new code base. But even more, I hope you walk away with a feeling of curiosity, wanting to get to know your fellow programmers through their code.
Reading Other Peoples Code (Web Rebels 2018)Patricia Aas
Someone else's code. Even worse, thousands of lines, maybe hundreds of files of other peoples code. Is there a way to methodically read and understand other peoples work, build their mental models? In this talk I will go through techniques I have developed throughout 18 years of programming. Hopefully you will walk away with a plan on how to approach a new code base. But even more I hope you walk away with a feeling of curiosity, wanting to get to know your fellow programmers through their code.
Secure Programming Practices in C++ (NDC Oslo 2018)Patricia Aas
Bjarne Stroustrup, the creator of C++, once said : “C makes it easy to shoot yourself in the foot; C++ makes it harder, but when you do it blows your whole leg off.” He has also said : “Within C++, there is a much smaller and cleaner language struggling to get out.” Both are true.
This talk is for programmers wishing to feel more comfortable navigating the C++ landscape. Motivated by going through well known vulnerability patterns that have been used in exploits for decades, we will explore the programming culture that has developed around the C++ language. Specifically, we will look at programming patterns that navigate around or through some of the dangerous parts of the C++ language. The goal is to build a set of programming practices based in the “smaller and cleaner language” inside C++. And by doing so, we will also build an awareness around code constructs that can potentially “blow your whole leg off”.
Secure Programming Practices in C++ (NDC Security 2018)Patricia Aas
This talk is for programmers wishing to feel more comfortable navigating the C++ landscape. We will explore the programming culture that has developed around the C++ language. Specifically, we will look at programming patterns that navigate around or through some of the dangerous parts of the C++ language. The goal is to build a set of programming practices based in the “smaller and cleaner language” inside C++. And by doing so, we will also build an awareness around code constructs that can potentially “blows your whole leg off”.
Software Vulnerabilities in C and C++ (CppCon 2018)Patricia Aas
What does a vulnerability using signed integer overflow look like? Or a stack buffer overflow? How does code like this look and how can we change the way we program to reduce our risk? The first half of this talk will show examples of many different vulnerabilities and describe how these are combined to make the first steps of an exploit. Then we will discuss what kind of programming practices we can employ to reduce the chances of these kinds of bugs creeping into our code.
Reading Other Peoples Code (NDC London 2019)Patricia Aas
Someone else's code. Even worse, thousands of lines, maybe hundreds of files of other peoples code. Is there a way to methodically read and understand other peoples work, build their mental models?
In this talk I will go through techniques I have developed throughout 18 years of programming. Hopefully you will walk away with a plan on how to approach a new code base. But even more I hope you walk away with a feeling of curiosity, wanting to get to know your fellow programmers through their code.
Isolating GPU Access in its Own ProcessPatricia Aas
Chromium's process architecture has graphics access restricted to a separate GPU-process. There are several reasons why this could make sense, three common ones are: Security, Robustness and Dependency Separation.
GPU access restricted to a single process requires an efficient framework for communication over IPC from the other processes, and most likely a framework for composition of surfaces. This talk describes both the possible motivations for this kind of architecture and Chromium's solution for the IPC framework. We will demonstrate how a multi-process program can compose into a single window on Linux.
Reading Other Peoples Code (NDC Sydney 2018)Patricia Aas
Someone else's code. Even worse, thousands of lines, maybe hundreds of files of other peoples code. Is there a way to methodically read and understand other peoples work, build their mental models?
In this talk I will go through techniques I have developed throughout 18 years of programming. Hopefully, you will walk away with a plan on how to approach a new code base. But even more, I hope you walk away with a feeling of curiosity, wanting to get to know your fellow programmers through their code.
The Anatomy of an Exploit (NDC TechTown 2019)Patricia Aas
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through simple exploit attempts, and finally a simple stack buffer overflow exploit, how it’s developed and how it’s used.
The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as just another programming practice. We will mainly be looking at C and x86_64 assembly, so bring snacks.
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through a simple exploit, how it’s developed and how it’s used. The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as another programming tool. We will mainly be looking at C and x86_64 assembly, so bring snacks.
C++ for Java Developers (JavaZone Academy 2018)Patricia Aas
Introduction to Modern C++ for programmers with a Java background. Maps key C++ concepts to Java concepts and dives into how C++ programmers deal with and think about memory. This intersection is interesting whether you are learning or teaching C++.
C++ for Java Developers (SwedenCpp Meetup 2017)Patricia Aas
Introduction to Modern C++ for programmers with a Java background. Maps key concepts to Java concepts and dives into how C++ programmers deal with and think about memory. This intersection is interesting whether you are learning or teaching C++.
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through simple exploit attempts, and finally a simple stack buffer overflow exploit, how it’s developed and how it’s used. The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as just another programming practice. We will mainly be looking at C and x86_64 assembly, so bring snacks.
A few general pointers for Perl programmers starting out to write tests using Perl6. This describes a few of the differences in handling arrays vs. hashes, comparing objects, flattening, and value vs. immutable object contents.
ITT 2014 - Eric Lafortune - ProGuard, Optimizer and Obfuscator in the Android...Istanbul Tech Talks
Eric presents ProGuard - the open-source optimizer and obfuscator that is integrated in the Android SDK. ProGuard reduces the size of applications, improves their performance, and makes them more difficult to reverse-engineer. Eric presents some typical results on what to expect from ProGuard, discuss the latest developments and provide some background that should help mobile developers get the best out of ProGuard.
Elvis Collado
This talk is about how an unauthenticated heap-based buffer overflow vulnerability was discovered and exploited within a router distributed by a market-leading ISP. Despite the targeted process utilizing mitigations such as DEP and ASLR, it still fell prey to known exploitation techniques. This talk will go over the thought process, failures, and road-blocks that were encountered and how they were overcame.
Richard wartell malware is hard. let's go shopping!!Shakacon
Writing a successful, protected, targeted, malicious binary is a software development task that requires great skill. A well-written piece of targeted malware should evade anti-virus solutions, hide its network communications, protect itself against reverse engineering, and clean up any forensic evidence of its existence on the system. However, writing a mediocre piece of targeted malware that works most of the time is easy. There are many publicly available backdoors, downloaders, and keyloggers that require little to no expertise to use, and poorly trained malware authors try to roll their own all the time.
Working in malware detection and reverse engineering, I see some of the intelligent choices malware authors make, but more often I see the hilariously poor code they write. During this talk I will demonstrate how to reverse engineer real world malware. I will focus on samples with interesting and comical mistakes, as well as samples that are impressive and well written.
This presentation is on advanced debugging using Java bytecodes (presented in Core Java meetup on 1st October in Accion Labs). If you are a Java developer and are interested in knowing advanced debugging techniques or understanding bytecodes, this presentation is for you.
Isolating GPU Access in its Own ProcessPatricia Aas
Chromium's process architecture has graphics access restricted to a separate GPU-process. There are several reasons why this could make sense, three common ones are: Security, Robustness and Dependency Separation.
GPU access restricted to a single process requires an efficient framework for communication over IPC from the other processes, and most likely a framework for composition of surfaces. This talk describes both the possible motivations for this kind of architecture and Chromium's solution for the IPC framework. We will demonstrate how a multi-process program can compose into a single window on Linux.
Reading Other Peoples Code (NDC Sydney 2018)Patricia Aas
Someone else's code. Even worse, thousands of lines, maybe hundreds of files of other peoples code. Is there a way to methodically read and understand other peoples work, build their mental models?
In this talk I will go through techniques I have developed throughout 18 years of programming. Hopefully, you will walk away with a plan on how to approach a new code base. But even more, I hope you walk away with a feeling of curiosity, wanting to get to know your fellow programmers through their code.
The Anatomy of an Exploit (NDC TechTown 2019)Patricia Aas
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through simple exploit attempts, and finally a simple stack buffer overflow exploit, how it’s developed and how it’s used.
The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as just another programming practice. We will mainly be looking at C and x86_64 assembly, so bring snacks.
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through a simple exploit, how it’s developed and how it’s used. The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as another programming tool. We will mainly be looking at C and x86_64 assembly, so bring snacks.
C++ for Java Developers (JavaZone Academy 2018)Patricia Aas
Introduction to Modern C++ for programmers with a Java background. Maps key C++ concepts to Java concepts and dives into how C++ programmers deal with and think about memory. This intersection is interesting whether you are learning or teaching C++.
C++ for Java Developers (SwedenCpp Meetup 2017)Patricia Aas
Introduction to Modern C++ for programmers with a Java background. Maps key concepts to Java concepts and dives into how C++ programmers deal with and think about memory. This intersection is interesting whether you are learning or teaching C++.
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through simple exploit attempts, and finally a simple stack buffer overflow exploit, how it’s developed and how it’s used. The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as just another programming practice. We will mainly be looking at C and x86_64 assembly, so bring snacks.
A few general pointers for Perl programmers starting out to write tests using Perl6. This describes a few of the differences in handling arrays vs. hashes, comparing objects, flattening, and value vs. immutable object contents.
ITT 2014 - Eric Lafortune - ProGuard, Optimizer and Obfuscator in the Android...Istanbul Tech Talks
Eric presents ProGuard - the open-source optimizer and obfuscator that is integrated in the Android SDK. ProGuard reduces the size of applications, improves their performance, and makes them more difficult to reverse-engineer. Eric presents some typical results on what to expect from ProGuard, discuss the latest developments and provide some background that should help mobile developers get the best out of ProGuard.
Elvis Collado
This talk is about how an unauthenticated heap-based buffer overflow vulnerability was discovered and exploited within a router distributed by a market-leading ISP. Despite the targeted process utilizing mitigations such as DEP and ASLR, it still fell prey to known exploitation techniques. This talk will go over the thought process, failures, and road-blocks that were encountered and how they were overcame.
Richard wartell malware is hard. let's go shopping!!Shakacon
Writing a successful, protected, targeted, malicious binary is a software development task that requires great skill. A well-written piece of targeted malware should evade anti-virus solutions, hide its network communications, protect itself against reverse engineering, and clean up any forensic evidence of its existence on the system. However, writing a mediocre piece of targeted malware that works most of the time is easy. There are many publicly available backdoors, downloaders, and keyloggers that require little to no expertise to use, and poorly trained malware authors try to roll their own all the time.
Working in malware detection and reverse engineering, I see some of the intelligent choices malware authors make, but more often I see the hilariously poor code they write. During this talk I will demonstrate how to reverse engineer real world malware. I will focus on samples with interesting and comical mistakes, as well as samples that are impressive and well written.
This presentation is on advanced debugging using Java bytecodes (presented in Core Java meetup on 1st October in Accion Labs). If you are a Java developer and are interested in knowing advanced debugging techniques or understanding bytecodes, this presentation is for you.
This talk was give for Elixir Montreal Meetup to talk about how the elixir formatter works and how it compiles the source code to generate a pretty format
The why and how of moving to php 5.4/5.5Wim Godden
With PHP 5.5 out and many production environments still running 5.2 (or older), it's time to paint a clear picture on why everyone should move to 5.4 and 5.5 and how to get code ready for the latest version of PHP. In this talk, we'll look at some handy tools and techniques to ease the migration.
Practical JavaScript Programming - Session 1/8Wilson Su
JavaScript is one of the most popular skills in today’s job market. It allows you to create both client- and server-side applications quickly and easily. Having a solid understanding of this powerful and versatile language is essential to anyone who uses it.
“Practical JavaScript Programming” does not only focus on best practices, but also introduces the fundamental concepts. This course will take you from JavaScript basics to advanced. You’ll learn about topics like Data Types, Functions, Events, AJAX and more.
The why and how of moving to PHP 5.4/5.5Wim Godden
With PHP 5.5 out and many production environments still running 5.2 (or older), it's time to paint a clear picture on why everyone should move to 5.4 and 5.5 and how to get code ready for the latest version of PHP. In this talk, we'll migrate an old piece of code using some standard and some very non-standard tools and techniques.
"How was it to switch from beautiful Perl to horrible JavaScript", Viktor Tur...Fwdays
I use JavaScript since 2006. That time I did single-page applications for IE6 in JS (it was ES3) and backend in Perl. JS was a pain. Does it better now? During my talk, I would like to show the fundamental difference between modern JS and Perl. How the same problems can be solved in different ways. Hope to give you a broader view on what programming languages can provide. Be prepared for interaction and to help me with simple tasks/problems in JavaScript :)
What every beginning developer should knowAndy Lester
"What every beginning developer should know", from Codemash, January 10, 2019
Here's an article that's a sort of companion to the presentation: https://blog.newrelic.com/culture/10-secrets-learned-software-engineering-degree-probably-didnt/
Six Feet Up's senior developer Clayton Parker will lead you on a journey to become a Python zen master. Your code should be as fashionable as it is functional. To quote the Zen of Python, "Beautiful is better than ugly". This talk will teach you about the Python style guide and why it is important. The talk will show you examples of well written Python and how to analyze your current code to make Guido proud.
From session at http://www.lambdalounge.org.uk/ on 18th April 2016. Here's the original blurb:
So, Haskell is "an advanced purely-functional programming language" which supports writing "declarative, statically typed code". It may be optimized for academic buzzwords you've never heard of but... is it any good for writing code in the way that you'd write Perl, Python, or Ruby?
What are strong types, and why are we so frightened of them anyway? Can you develop interactively in Haskell, the way you would in a dynamic language?
Does Haskell have "whipuptitude" (being able to get things done quickly) as well as "manipulexity" (being able to manipulate complex things)? And perhaps most importantly, can writing Haskell be *fun*?
Haskell is founded on decades of the finest mathematical and computer science research. Perl, quite demonstrably isn't... but why do so many Perl programmers also love Haskell?
Audrey Tang wrote the first prototype for Perl 6, Pugs, in Haskell, and coined the phrase "lambdacamel" for the substantial crossover between the languages.
What does a Perl programmer make of Haskell? What are the lessons that can be learned (in either direction). And do the languages have more in common than you might have thought?
Similar to Trying to learn C# (NDC Oslo 2019) (20)
NDC TechTown 2023_ Return Oriented Programming an introduction.pdfPatricia Aas
Return Oriented Programming (ROP) is an exploitation technique that folks have often heard of, but don't know the mechanics of. In this talk you will learn how it works, and we will go through some examples to show how it can be used to execute code in contexts where the stack is not executable.
Return Oriented Programming, an introductionPatricia Aas
Return Oriented Programming (ROP) is an exploitation technique that folks have often heard of, but don't know the mechanics of.
In this talk you will learn how it works, and we will go through how it can be used to execute code in contexts where the stack is not executable.
I can't work like this (KDE Academy Keynote 2021)Patricia Aas
Making software products can be fraught with conflicts, where people in different roles may feel sabotaged by others. In this talk I present a model for thinking about the problems we solve and how we solve them, and using that I hope to convince you that team excellence comes from our differences, rather than in spite of them. Hopefully you'll walk away with a deeper understanding of that colleague that never writes tests, or the one that constantly complains that all you do is "make bugs".
Dependency Management in C++ (NDC TechTown 2021)Patricia Aas
C++ has been slow to settle on standardized tools for building and dependency management. In recent years CMake has emerged as the de facto standard for builds, but dependency management still has no clear winner. In this talk I will look into what dependency management might look like in modern C++ projects and how that relates to security.
Introduction to Memory Exploitation (Meeting C++ 2021)Patricia Aas
Stack based exploitation has gotten all the fame, but many platform and compiler mitigations have made it very hard to exploit stack vulnerabilities. Heap based exploits are still very relevant, and since this is black magic for most developers I will here give an introduction to the field.
We keep on thinking we are living in the future, but native exploitation has a rich history, and many times the vulnerabilities and exploitation techniques are decades old. We'll look at some of these, how they have surfaced in recent years and how prepared we are today, armed with modern tooling, to find and fix "classic" vulnerabilities.
We keep on thinking we are living in the future, but native exploitation has a rich history, and many times the vulnerabilities and exploitation techniques are decades old.
We'll look at some of these, how they have surfaced in recent years and how prepared we are today, armed with modern tooling, to find and fix "classic" vulnerabilities.
Introduction to Memory Exploitation (CppEurope 2021)Patricia Aas
Stack based exploitation has gotten all the fame, but many platform and compiler mitigations have made it very hard to exploit stack vulnerabilities. Heap based exploits are still very relevant, and since this is black magic for most developers I will here give an introduction to the field.
Trying to build an Open Source browser in 2020Patricia Aas
A lot of things have been developed over the last 15 years that should make the process of making a browser easier. In this talk we will explore a bunch of different tools, platforms and libraries that could go into making a browser in 2020.
We will also see a live demo of a simple browser built with these OSS projects. We will also discuss the limitations and future work needed to make this work in practice.
Trying to build an Open Source browser in 2020Patricia Aas
A lot of things have been developed over the last 15 years that should make the process of making a browser easier. In this talk we will explore a bunch of different tools, platforms and libraries that could go into making a browser in 2020.
We will also see a live demo of a simple browser built with these OSS projects. We will also discuss the limitations and future work needed to make this work in practice.
DevSecOps for Developers, How To Start (ETC 2020)Patricia Aas
How can you squeeze Security into DevOps? Security is often an understaffed function, so how can you leverage what you have in DevOps to improve your security posture?
Often the culture clash between Security and Development is even more prominent than between Development and Operations. Understanding the differences in how these functions work, and leveraging their similarities, will reveal processes already in place that can be used to improve security. This fine tuning of tools and processes can give you DevSecOps on a shoestring.
Elections: Trust and Critical Infrastructure (NDC TechTown 2019)Patricia Aas
Free and correct elections are the linchpin of democracy. For a government to be formed based the will of the people, the will of the people must be heard. Across the world election systems are being classified as critical infrastructure, and they face the same concerns as all other fundamental systems in society.
We are building our critical infrastructure from hardware and software built by nations and companies we can’t expect to trust. How can this be dealt with in Election Security, and can those lessons be applied to other critical systems society depends on today?
The Anatomy of an Exploit (NDC TechTown 2019))Patricia Aas
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through simple exploit attempts, and finally a simple stack buffer overflow exploit, how it’s developed and how it’s used.
The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as just another programming practice. We will mainly be looking at C and x86_64 assembly, so bring snacks.
Elections, Trust and Critical Infrastructure (NDC TechTown)Patricia Aas
Free and correct elections are the linchpin of democracy. For a government to be formed based the will of the people, the will of the people must be heard. Across the world election systems are being classified as critical infrastructure, and they face the same concerns as all other fundamental systems in society.
We are building our critical infrastructure from hardware and software built by nations and companies we can’t expect to trust. How can this be dealt with in Election Security, and can those lessons be applied to other critical systems society depends on today?
Survival Tips for Women in Tech (JavaZone 2019) Patricia Aas
Being the only woman on your team can be hard. Many times it’s difficult to know what is only your experience and what is common. In this talk we’ll go through 24 tips (and a few bonus tips) based on well over a decade of experience being the only woman in several teams. If you’re a woman hopefully you’ll walk out with some ideas you can put to work right away, if you’re a man hopefully you’ll walk out with a new perspective and start noticing things in your day-to-day that you didn’t notice before.
https://patricia.no/2018/09/06/survival_tips_for_women_in_tech.html
More and more we see technology, both hardware and software, intersect with fundamental issues like privacy, democracy and human rights. The opaqueness of tech makes it a handy instrument of oppression and manipulation. We have taught the population to trust us. We have constructed a world in which they have to exist, with little to no oversight or transparency. We build critical infrastructure on hardware and software that even we cannot audit. How can we wield that responsibility? How do we protect those that speak up? How do we protect the population?
Chromium Sandbox on Linux (NDC Security 2019)Patricia Aas
The Linux Security and Isolation APIs have become the basis of some of the most useful features server-side, providing the isolation required for efficient containers.
However, these APIs also form the basis of the Chromium Sandbox on Linux, and we will study them in that context in this talk.
Keynote: Deconstructing Privilege (C++ on Sea 2019)Patricia Aas
Can you describe a situation that caused you to realize you were privileged?
I have asked many people that question now, and what I have learned is that privilege is an Unconscious Incompetence. Being privileged is a non-event. When we become conscious of it we realize that our privileged experience is not applicable to less privileged people. What happens to them does not happen to us. Only when we become Consciously Incompetent do we realize the need to listen. We need to learn.
In this talk I hope to make you realize that we all have privilege and to start a journey through self reflection to becoming Consciously Incompetent. I hope also to give some indicators and patterns that you can look for in your daily lives to recognize and maybe even to correct imbalances you see.
Trying to prepare your project or organisation to be able to receive vulnerability reports is a daunting task. And often far more complex and cross disciplinary than one first expects.
This talk describes some of the most common challenges and how to counteract them.
How to Position Your Globus Data Portal for Success Ten Good PracticesGlobus
Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?XfilesPro
Worried about document security while sharing them in Salesforce? Fret no more! Here are the top-notch security standards XfilesPro upholds to ensure strong security for your Salesforce documents while sharing with internal or external people.
To learn more, read the blog: https://www.xfilespro.com/how-does-xfilespro-make-document-sharing-secure-and-seamless-in-salesforce/
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...informapgpstrackings
Keep tabs on your field staff effortlessly with Informap Technology Centre LLC. Real-time tracking, task assignment, and smart features for efficient management. Request a live demo today!
For more details, visit us : https://informapuae.com/field-staff-tracking/
Advanced Flow Concepts Every Developer Should KnowPeter Caitens
Tim Combridge from Sensible Giraffe and Salesforce Ben presents some important tips that all developers should know when dealing with Flows in Salesforce.
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
Modern design is crucial in today's digital environment, and this is especially true for SharePoint intranets. The design of these digital hubs is critical to user engagement and productivity enhancement. They are the cornerstone of internal collaboration and interaction within enterprises.
Enhancing Research Orchestration Capabilities at ORNL.pdfGlobus
Cross-facility research orchestration comes with ever-changing constraints regarding the availability and suitability of various compute and data resources. In short, a flexible data and processing fabric is needed to enable the dynamic redirection of data and compute tasks throughout the lifecycle of an experiment. In this talk, we illustrate how we easily leveraged Globus services to instrument the ACE research testbed at the Oak Ridge Leadership Computing Facility with flexible data and task orchestration capabilities.
Into the Box Keynote Day 2: Unveiling amazing updates and announcements for modern CFML developers! Get ready for exciting releases and updates on Ortus tools and products. Stay tuned for cutting-edge innovations designed to boost your productivity.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Globus Connect Server Deep Dive - GlobusWorld 2024Globus
We explore the Globus Connect Server (GCS) architecture and experiment with advanced configuration options and use cases. This content is targeted at system administrators who are familiar with GCS and currently operate—or are planning to operate—broader deployments at their institution.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
33. @pati_gallardo
TurtleSec
[C++] Operator Overloading Use
1. Box first = new Box(new Point(1, 1), 3, 2);
2. Box second = new Box(new Point(3, 4), 3, 3);
3. Box boundingBox = first + second;
@pati_gallardo 33
Some constructs are quite elegant
with operator overloading
35. @pati_gallardo
TurtleSec
[C++] Operator Overloading Definition
1. public static Box operator +(Box left, Box right) {
2. Point top =
3. new Point(Math.Min(left.top().x, right.top().x),
4. Math.Min(left.top().y, right.top().y));
5. Point bottom =
6. new Point(Math.Max(left.bottom().x, right.bottom().x),
7. Math.Max(left.bottom().y, right.bottom().y));
8. int width = bottom.x - top.x;
9. int height = bottom.y - top.y;
10. return new Box(top, width, height);
11. }
@pati_gallardo 35
36. @pati_gallardo
TurtleSec
[C++] Optional Arguments
1. public class OptionalArguments {
2. private static int increase(int x, int y = 2) {
3. return x + y;
4. }
5.
6. [Test]
7. public void TestNamedParameters() {
8. Assert.AreEqual(5, increase(3));
9. }
10. }
@pati_gallardo 36
37. @pati_gallardo
TurtleSec
[Objective-C] Named Parameters
1. public class NamedParameters {
2. private static int named(int x, int y) {
3. return x + y;
4. }
5.
6. [Test]
7. public void TestNamedParameters() {
8. Assert.AreEqual(5, named(y: 3, x: 2));
9. }
10. }
@pati_gallardo 37
38. @pati_gallardo
TurtleSec
[C++] Struct - value type
1. struct Point {
2. public int x;
3. public int y;
4. }
@pati_gallardo 38
Similar in meaning to C++Drift in Form
In C++ structs are classes with default
public access - in C# structs are
classes that don’t allow inheritance
In C++ all types
are value types
Cognates
40. @pati_gallardo
TurtleSec
[Qt?] Properties
1. public class Properties {
2. public string ReadWriteProperty { get; set; } = "Hello";
3. public string ReadOnlyProperty { get; }
4. // Auto-implemented properties must have get accessors.
5. // public string WriteOnlyProperty { set; }
6. public string PrivateReadWriteProperty { private get; set; }
7. public string ReadPrivateWriteProperty { get; private set; }
8.
9. private string PrivateReadWriteField;
10. public string WrapField {
11. set => PrivateReadWriteField = value;
12. get => PrivateReadWriteField;
13. }
14. }
@pati_gallardo 40
Magic “value”
41. @pati_gallardo
TurtleSec
[C & C++] (Inline) Out Parameters
1. private static int outParam(int x, int y, out int mod) {
2. mod = x % y;
3. return x / y;
4. }
5.
6. [Test]
7. public void TestOutParameters() {
8. int quotient = outParam(25, 5, out var remainder);
9. Assert.AreEqual(0, remainder);
10. Assert.AreEqual(5, quotient);
11. }
@pati_gallardo 41
Passing int
by ref
42. @pati_gallardo
TurtleSec
[] Null-conditional operators ?. and ?[]
1. int GetCoffee(List<Shop> coffeeShops, int index) {
2. // If there are any coffeeShops and
3. // if there is a shop at that index,
4. // please get me that coffee,
5. // if not, just get me 0
6. return coffeeShops?[index]?.Coffee ?? 0;
7. }
@pati_gallardo 42
45. @pati_gallardo
TurtleSec
[C++ & Java] Destructor / Finalize
1. public class DestroyMe {
2. ~DestroyMe() {
3. // Might be called by the
4. // Garbage Collector
5. }
6. }
@pati_gallardo 45
More like Java
finalize
Drift in Meaning
48. @pati_gallardo
TurtleSec
[Java & C++] IDisposable
1. public class DisposeMe : IDisposable {
2. private FileStream fileStream;
3.
4. public void Dispose() {
5. fileStream?.Dispose();
6. }
7. }
@pati_gallardo 48
Similar to Javas
Closeable
Drift in Form
Same semantics
Different syntax
61. @pati_gallardo
TurtleSec
[JavaScript] Anonymous Types
1. var gilmoreGirls =
2. new[] {
3. new { Name = "Loralai", Age = "36" },
4. new { Name = "Rory", Age = "20" }
5. };
@pati_gallardo 61
If you squint it looks
a bit like JS objects
62. @pati_gallardo
TurtleSec
[JavaScript] ExpandoObject
1. public delegate void printMe();
2.
3. [Test]
4. public void Test() {
5. dynamic expando = new ExpandoObject();
6. // Add a field
7. expando.GilmoreGirl = "Rory";
8. Assert.AreEqual("Rory", expando.GilmoreGirl);
9. // Add a function
10. printMe order = delegate { Console.WriteLine("Coffee!"); };
11. expando.getCoffee = order;
12. expando.getCoffee();
13. }
14.
@pati_gallardo 62
Full on JS!