Slides from my presentation to FFSTechConf (https://ffstechconf.org/). The full transcript is available at https://docs.google.com/document/d/e/2PACX-1vQUGG28baEuS7RgpPpexNbxRxJfjzc6r43yhZoLF_56n7aacke-uVEdNVQxvkPf1NxsEuJfkMK0MCvi/pub
A function is a reusable block of code that can be called from different parts of a program. Functions accept parameters as input and may return a value. When a function is called, its parameters and local variables are stored on the stack. Each function call creates a stack frame that contains its parameters, local variables, and return address. This allows functions to maintain separate variable scopes while sharing the call stack.
The Context API is a new feature in React 16.3 that allows components to share state globally without having to pass props down through intermediate components. It solves the problem of "prop drilling". The API works by creating a Context object that allows a component to subscribe to changes in a parent component. Any component can consume the Context to access the shared state without being nested inside the parent component. The document provides an overview of how to create Context objects, consume context in child components, update context values, and best practices for using Context including avoiding unnecessary re-renders and keeping code DRY with higher-order components.
PHP is a server-side scripting language commonly used for web development. It allows developers to write scripts that can output dynamic web page content, collect form data, store and retrieve data in databases, and send emails. PHP scripts can be embedded within HTML pages or outputted directly. Key PHP features include variables, conditional statements, loops, functions, and arrays which allow complex tasks to be broken down into simple steps. PHP scripts can connect to databases like MySQL to dynamically display, insert, and update data in databases.
The document provides information about the AdRotator control in ASP.NET, which randomly selects banner graphics from an external XML advertisement file. It describes the basic syntax for adding an AdRotator, and details the structure and elements of the advertisement XML file, including the properties of the AdRotator control and the events it can raise.
JavaScript straight from the Oracle DatabaseDimitri Gielis
The document provides an overview of using JavaScript in the Oracle database. It discusses using the Nashorn JavaScript engine to run JavaScript code directly in the database. Examples are provided that show connecting to database tables from JavaScript, running SQL queries, and returning and displaying results. Additional examples demonstrate parsing JSON data and using templating libraries like Mustache. Benefits mentioned include achieving new database capabilities, reusing existing JavaScript skills and code, and faster processing of JSON documents directly in the database.
This document discusses JavaScript engines and event loops. It explains key concepts like the call stack, event queue, microtasks vs macrotasks, and how JavaScript creates the illusion of being asynchronous through the event loop. The event loop constantly checks the call stack and queue, executing functions to give the appearance of multithreading on a single thread. Web APIs also provide asynchronous capabilities that interact with the event loop.
A function is a reusable block of code that can be called from different parts of a program. Functions accept parameters as input and may return a value. When a function is called, its parameters and local variables are stored on the stack. Each function call creates a stack frame that contains its parameters, local variables, and return address. This allows functions to maintain separate variable scopes while sharing the call stack.
The Context API is a new feature in React 16.3 that allows components to share state globally without having to pass props down through intermediate components. It solves the problem of "prop drilling". The API works by creating a Context object that allows a component to subscribe to changes in a parent component. Any component can consume the Context to access the shared state without being nested inside the parent component. The document provides an overview of how to create Context objects, consume context in child components, update context values, and best practices for using Context including avoiding unnecessary re-renders and keeping code DRY with higher-order components.
PHP is a server-side scripting language commonly used for web development. It allows developers to write scripts that can output dynamic web page content, collect form data, store and retrieve data in databases, and send emails. PHP scripts can be embedded within HTML pages or outputted directly. Key PHP features include variables, conditional statements, loops, functions, and arrays which allow complex tasks to be broken down into simple steps. PHP scripts can connect to databases like MySQL to dynamically display, insert, and update data in databases.
The document provides information about the AdRotator control in ASP.NET, which randomly selects banner graphics from an external XML advertisement file. It describes the basic syntax for adding an AdRotator, and details the structure and elements of the advertisement XML file, including the properties of the AdRotator control and the events it can raise.
JavaScript straight from the Oracle DatabaseDimitri Gielis
The document provides an overview of using JavaScript in the Oracle database. It discusses using the Nashorn JavaScript engine to run JavaScript code directly in the database. Examples are provided that show connecting to database tables from JavaScript, running SQL queries, and returning and displaying results. Additional examples demonstrate parsing JSON data and using templating libraries like Mustache. Benefits mentioned include achieving new database capabilities, reusing existing JavaScript skills and code, and faster processing of JSON documents directly in the database.
This document discusses JavaScript engines and event loops. It explains key concepts like the call stack, event queue, microtasks vs macrotasks, and how JavaScript creates the illusion of being asynchronous through the event loop. The event loop constantly checks the call stack and queue, executing functions to give the appearance of multithreading on a single thread. Web APIs also provide asynchronous capabilities that interact with the event loop.
The document discusses JapanTaxi's taxi dispatching system. It describes the system's architecture including its use of Android and Java for the taxi control unit and Android Bluetooth for communicating with an IRIS Bluetooth module. The system manages taxi dispatching and payments and collects trip and vehicle diagnostic data for analysis.
Building RESTful applications using Spring MVCIndicThreads
REST is an alternate and simpler approach for implementing WebServices. It is based on the HTTP protocol and hence leverages a lot of existing infrastructures. It uses an uniform interface thus making it easy to build client applications. In this session we will look at the fundamental concepts behind REST (Resource, URI, Stateless Conversation ..) and how to apply it in the context of a real applcation. We will also discuss the pros & cons of RESTful vs Soap based webservices. We will discuss the design of RESTful application and then look at how to implement it using Spring MVC.
This document provides an overview of Spring Batch, a framework for building batch applications in Java. It discusses batch processing characteristics and domains. It also summarizes the Spring Batch programming model of item readers, processors and writers. The document outlines how to configure and run Spring Batch jobs and provides best practices for batch application development.
Flux is an architecture for building JavaScript applications that promotes unidirectional data flow. The key elements of Flux are the Dispatcher, Stores, and Views. The Dispatcher centralizes the flow of data and dispatches actions to the Stores. Stores contain application state and logic. Views are React components that subscribe to Stores and listen for changes to re-render. Actions define activities and are dispatched by action creators through the Dispatcher to the Stores to update state.
The document discusses the Context API in React, including what it is, how to use it, when not to use it, nesting multiple providers, and how it relates to other state management tools like Redux.
The Context API allows components to subscribe to changes in context without having to pass props down manually at every level. It helps solve the problem of prop drilling. It can be used to pass common data like theme, authentication info, or locale throughout the component tree without passing props down manually at every level. When there are multiple providers, components can be wrapped with multiple contexts using tools like react-compose. While Context API is useful for smaller state management, Redux is still useful for centralized application logic and development
Array Basics
Copying Arrays
Passing Arrays to Methods
Returning an Array from a Method
(Optional) Variable-Length Argument Lists
The Arrays Class
Two-Dimensional Arrays
(Optional) Multidimensional Arrays
The document discusses various approaches to debugging software systems in a structured manner. It outlines steps like understanding the system architecture and components, using compiler and linker options for instrumentation, designing test cases to uncover bugs, following debugging rules like making failures reproducible and isolating changes. The document also mentions tools that can help with debugging like static checkers, code instrumentation tools, and maintaining a set of regression tests.
This document discusses space complexity in data structures and algorithms. It defines space complexity as the amount of memory space an algorithm or problem takes during execution. Calculating space complexity is important for analyzing algorithm efficiency and ensuring algorithms can run within the memory constraints of real-world systems. The document provides examples of calculating space complexity for different algorithms like sorting, searching, and recursion, showing how space complexity can be constant, linear, or other orders of complexity depending on the algorithm.
The latest slide deck about Java NIO.2 from *instinctools Java developer Alexandr Brui. You can find here Java NIO.2 design, work with data, selector & channels, reading & writing and many more.
String objects are stored in the constant string pool and are immutable. StringBuffer and StringBuilder objects are stored in the heap and are mutable. StringBuffer is thread-safe while StringBuilder is non-thread-safe but faster than StringBuffer. The key differences are that String objects cannot be modified, while StringBuffer and StringBuilder can modify their character sequences via append and insert methods. String concatenation involves more steps than StringBuffer concatenation via the append method.
Docker allows developers to package applications with all of their dependencies into standardized units called containers that can run on any infrastructure regardless of the underlying operating system. It provides isolation and security so that many containers can run simultaneously on a single host. The document discusses how to set up both new and existing Magento projects using Docker, including downloading necessary files, importing databases, and using important Docker commands.
The document provides an overview of the React Context API, including what it is, when to use it, and how to use it. It explains that the Context API was introduced by React to solve the problem of prop drilling and make state management simpler for developers. It describes the key aspects of using the Context API, such as creating contexts with React.createContext, rendering context providers with Context.Provider, and subscribing to contexts within components using Context.Consumer. Examples and additional resources on the Context API are also provided.
The document discusses React patterns and hooks. It covers topics like inheritance, composition, mixins, render props, higher order components (HOCs), and React hooks. Some key points:
- Inheritance and composition are approaches to code reuse in object-oriented programming. React uses composition over inheritance.
- Mixins were introduced in 2015 for code reuse but are now deprecated due to issues. Render props and HOCs are preferred patterns.
- Render props and HOCs allow code and state to be shared across components. Render props have fewer levels of nesting while HOCs are better for applying multiple concerns.
- Hooks were introduced to overcome class component limitations and support functional components with local state and lif
Juergen Hoeller outlines plans for Spring Framework 6.0, which will mark the beginning of a new generation with Java 17 and Jakarta EE 9 as the new baseline. It will include foundational support for native executables and AOT processing via Spring Native as well as unified observability APIs. Some outdated features will be pruned or deprecated to future-proof the framework. An initial milestone release is planned for late 2021 with a general availability target of October 2022. Community feedback on target infrastructure, configuration preferences, and relevance of EE APIs is sought to guide the roadmap.
JDBC provides a standard Java API for connecting to different relational databases. It defines four types of JDBC drivers and outlines the basic steps to connect to a database which include defining a connection URL, establishing a connection, creating statements, executing queries, processing results, and closing the connection. The documentation provides examples for connecting to databases like Oracle and MySQL.
The document discusses the evolution of annotation support in Spring frameworks over different versions. It summarizes key annotations introduced in Spring 2.0, 2.5, 3.0 and beyond. It also explains how annotations like @Autowired, @Qualifier, @Component, @Repository, @Service and @Controller work and provides examples of their usage. The document additionally covers concepts like stereotype annotations, configuration classes, @Bean and JSR-250 annotations like @Inject, @Named and @Resource.
The document discusses Redux Toolkit, a framework for building Redux applications. It introduces key Redux concepts like actions, reducers, and middleware. It explains how Redux Toolkit simplifies Redux setup with utilities like thunk and Immer.js. It demonstrates Redux Toolkit APIs like configureStore, createAction, createReducer, and createSlice that generate action creators and reducer logic to update state in response to actions.
This talk introduces and discusses a novel, mostly unpublished technique to successfully attack websites that are applied with state-of-the-art XSS protection. This attack labeled Mutation-XSS (mXSS) is capable of bypassing high-end filter systems by utilizing the browser and its unknown capabilities - every single f***** one of them. We analyzed the type and number of high-profile websites and applications that are affected by this kind of attack. Several live demos during the presentation will share these impressions and help understanding, what mXSS is, why mXSS is possible and why it is of importance for defenders as well as professional attackers to understand and examine mXSS even further. The talk wraps up several years of research on this field, shows the abhorrent findings, discusses the consequences and delivers a step-by-step guide on how to protect against this kind of mayhem - with a strong focus on feasibility and scalability.
The document discusses emerging web technologies for developers such as WebRTC for real-time communications, WebSockets for full-duplex connections, and WebVR for accessing virtual reality devices from a browser. It also covers concepts related to virtual reality like stereoscopic vision and head tracking. The presentation encourages developers to get involved with communities and share their knowledge of these new technologies.
The document discusses JapanTaxi's taxi dispatching system. It describes the system's architecture including its use of Android and Java for the taxi control unit and Android Bluetooth for communicating with an IRIS Bluetooth module. The system manages taxi dispatching and payments and collects trip and vehicle diagnostic data for analysis.
Building RESTful applications using Spring MVCIndicThreads
REST is an alternate and simpler approach for implementing WebServices. It is based on the HTTP protocol and hence leverages a lot of existing infrastructures. It uses an uniform interface thus making it easy to build client applications. In this session we will look at the fundamental concepts behind REST (Resource, URI, Stateless Conversation ..) and how to apply it in the context of a real applcation. We will also discuss the pros & cons of RESTful vs Soap based webservices. We will discuss the design of RESTful application and then look at how to implement it using Spring MVC.
This document provides an overview of Spring Batch, a framework for building batch applications in Java. It discusses batch processing characteristics and domains. It also summarizes the Spring Batch programming model of item readers, processors and writers. The document outlines how to configure and run Spring Batch jobs and provides best practices for batch application development.
Flux is an architecture for building JavaScript applications that promotes unidirectional data flow. The key elements of Flux are the Dispatcher, Stores, and Views. The Dispatcher centralizes the flow of data and dispatches actions to the Stores. Stores contain application state and logic. Views are React components that subscribe to Stores and listen for changes to re-render. Actions define activities and are dispatched by action creators through the Dispatcher to the Stores to update state.
The document discusses the Context API in React, including what it is, how to use it, when not to use it, nesting multiple providers, and how it relates to other state management tools like Redux.
The Context API allows components to subscribe to changes in context without having to pass props down manually at every level. It helps solve the problem of prop drilling. It can be used to pass common data like theme, authentication info, or locale throughout the component tree without passing props down manually at every level. When there are multiple providers, components can be wrapped with multiple contexts using tools like react-compose. While Context API is useful for smaller state management, Redux is still useful for centralized application logic and development
Array Basics
Copying Arrays
Passing Arrays to Methods
Returning an Array from a Method
(Optional) Variable-Length Argument Lists
The Arrays Class
Two-Dimensional Arrays
(Optional) Multidimensional Arrays
The document discusses various approaches to debugging software systems in a structured manner. It outlines steps like understanding the system architecture and components, using compiler and linker options for instrumentation, designing test cases to uncover bugs, following debugging rules like making failures reproducible and isolating changes. The document also mentions tools that can help with debugging like static checkers, code instrumentation tools, and maintaining a set of regression tests.
This document discusses space complexity in data structures and algorithms. It defines space complexity as the amount of memory space an algorithm or problem takes during execution. Calculating space complexity is important for analyzing algorithm efficiency and ensuring algorithms can run within the memory constraints of real-world systems. The document provides examples of calculating space complexity for different algorithms like sorting, searching, and recursion, showing how space complexity can be constant, linear, or other orders of complexity depending on the algorithm.
The latest slide deck about Java NIO.2 from *instinctools Java developer Alexandr Brui. You can find here Java NIO.2 design, work with data, selector & channels, reading & writing and many more.
String objects are stored in the constant string pool and are immutable. StringBuffer and StringBuilder objects are stored in the heap and are mutable. StringBuffer is thread-safe while StringBuilder is non-thread-safe but faster than StringBuffer. The key differences are that String objects cannot be modified, while StringBuffer and StringBuilder can modify their character sequences via append and insert methods. String concatenation involves more steps than StringBuffer concatenation via the append method.
Docker allows developers to package applications with all of their dependencies into standardized units called containers that can run on any infrastructure regardless of the underlying operating system. It provides isolation and security so that many containers can run simultaneously on a single host. The document discusses how to set up both new and existing Magento projects using Docker, including downloading necessary files, importing databases, and using important Docker commands.
The document provides an overview of the React Context API, including what it is, when to use it, and how to use it. It explains that the Context API was introduced by React to solve the problem of prop drilling and make state management simpler for developers. It describes the key aspects of using the Context API, such as creating contexts with React.createContext, rendering context providers with Context.Provider, and subscribing to contexts within components using Context.Consumer. Examples and additional resources on the Context API are also provided.
The document discusses React patterns and hooks. It covers topics like inheritance, composition, mixins, render props, higher order components (HOCs), and React hooks. Some key points:
- Inheritance and composition are approaches to code reuse in object-oriented programming. React uses composition over inheritance.
- Mixins were introduced in 2015 for code reuse but are now deprecated due to issues. Render props and HOCs are preferred patterns.
- Render props and HOCs allow code and state to be shared across components. Render props have fewer levels of nesting while HOCs are better for applying multiple concerns.
- Hooks were introduced to overcome class component limitations and support functional components with local state and lif
Juergen Hoeller outlines plans for Spring Framework 6.0, which will mark the beginning of a new generation with Java 17 and Jakarta EE 9 as the new baseline. It will include foundational support for native executables and AOT processing via Spring Native as well as unified observability APIs. Some outdated features will be pruned or deprecated to future-proof the framework. An initial milestone release is planned for late 2021 with a general availability target of October 2022. Community feedback on target infrastructure, configuration preferences, and relevance of EE APIs is sought to guide the roadmap.
JDBC provides a standard Java API for connecting to different relational databases. It defines four types of JDBC drivers and outlines the basic steps to connect to a database which include defining a connection URL, establishing a connection, creating statements, executing queries, processing results, and closing the connection. The documentation provides examples for connecting to databases like Oracle and MySQL.
The document discusses the evolution of annotation support in Spring frameworks over different versions. It summarizes key annotations introduced in Spring 2.0, 2.5, 3.0 and beyond. It also explains how annotations like @Autowired, @Qualifier, @Component, @Repository, @Service and @Controller work and provides examples of their usage. The document additionally covers concepts like stereotype annotations, configuration classes, @Bean and JSR-250 annotations like @Inject, @Named and @Resource.
The document discusses Redux Toolkit, a framework for building Redux applications. It introduces key Redux concepts like actions, reducers, and middleware. It explains how Redux Toolkit simplifies Redux setup with utilities like thunk and Immer.js. It demonstrates Redux Toolkit APIs like configureStore, createAction, createReducer, and createSlice that generate action creators and reducer logic to update state in response to actions.
This talk introduces and discusses a novel, mostly unpublished technique to successfully attack websites that are applied with state-of-the-art XSS protection. This attack labeled Mutation-XSS (mXSS) is capable of bypassing high-end filter systems by utilizing the browser and its unknown capabilities - every single f***** one of them. We analyzed the type and number of high-profile websites and applications that are affected by this kind of attack. Several live demos during the presentation will share these impressions and help understanding, what mXSS is, why mXSS is possible and why it is of importance for defenders as well as professional attackers to understand and examine mXSS even further. The talk wraps up several years of research on this field, shows the abhorrent findings, discusses the consequences and delivers a step-by-step guide on how to protect against this kind of mayhem - with a strong focus on feasibility and scalability.
The document discusses emerging web technologies for developers such as WebRTC for real-time communications, WebSockets for full-duplex connections, and WebVR for accessing virtual reality devices from a browser. It also covers concepts related to virtual reality like stereoscopic vision and head tracking. The presentation encourages developers to get involved with communities and share their knowledge of these new technologies.
Learn how to get small teams to embrace both using and contributing to open source in a healthy way. See case studies of open source projects and how they have contributed to the growth of a small team.
Simplicity - develop modern web apps with tiny frameworks and toolsRui Carvalho
You have learned for years how to do big enterprise applications with big enterprise frameworks. Sometimes it was good, but sometimes it was over-engineered, rarely fun. It changed a lot a few years ago with Asp.Net Mvc and with a lot of impulse of the community. But today, the web moves faster and faster, and people want tools that do the job in a simple way and that just works. Today we have these tools in .Net and they grow every day for our pleasure.
Get an overview of why you should care about Simplicity and how you can build great web apps in a simpler way with small frameworks and tools "that just work" (with pieces of NancyFx, SimpleData, RavenDb, Nuget, jQuery, Markdown, Bootstrapper, ...)
Slides of my #Web.Net conference 2012 in Milano
cheers!
This document provides an overview of popular JavaScript libraries including Dojo Toolkit, YUI, Prototype, and jQuery. It discusses problems they aim to solve like cross-browser inconsistencies. Key features of each library are mentioned like Dojo's widgets, YUI's controls, Prototype's Ruby-like syntax, and jQuery's chaining and node selection. The document also covers ideas from the libraries like progressive enhancement, animation APIs, and leveraging hosting on CDNs.
The document discusses various tips, tricks, and tools that every Eclipse user should know. It covers new features in Eclipse Kepler like installation remediation support, improvements to EGit and Mylyn Reviews, and performance enhancements. Various code editing tips are provided like smart semicolons and braces, as well as debugging techniques like step filtering and heap walking. Advanced code completion options from plugins like Codetrails are demonstrated.
Modern javascript localization with c-3po and the good old gettextAlexander Mostovenko
This document summarizes a presentation about localization in modern JavaScript applications using GNU gettext. Some key points:
- GNU gettext is recommended over ICU due to better tooling and compatibility with existing backend formats.
- C-3po is an open source library that improves on gettext by allowing extraction and resolution of translations directly from JavaScript code using tagged template literals.
- It implements an extraction/merge/resolve workflow that allows developers and translators to work independently and precompiles translations for faster loading.
Evolving as a professional software developerAnton Kirillov
This is second edition of my keynote "On Being a Professional Software Developer" with slide comments (in Russian) which contain main ideas of the keynote.
I hope the slides could be used as a standalone reading material.
Flutter is a mobile app SDK for building high-performance, high-fidelity, apps for iOS and Android, from a single codebase.
The goal is to enable developers to deliver high-performance apps that feel natural on different platforms. We embrace differences in scrolling behaviors, typography, icons, and more.
An Abusive Relationship with AngularJS by Mario Heiderich - CODE BLUE 2015CODE BLUE
Some voices claim that "Angular is what HTML would have been if it had been designed for building web applications". While this statement may or may not be true, is certainly accounts as one of the bolder ones a JavaScript web framework can ever issue. And where boldness is glistening like a German Bratwurst sausage in the evening sun, a critical review from a grumpy old security person shouldn’t be too far away. This talk will have a stern, very stern look at AngularJS in particular and shed light on the security aspects of this ever-popular tool. Did the super-hero framework do everything right and follow its own super-heroic principles? Does AngularJS increase or rather decrease the attack surface of a web application? How does AngularJS play along with the Content Security Policy, and was it a good idea to combine this kind of security with futuristic feature creep? And what about AngularJS version 2.0? Beware that we won’t stop at glancing at the code itself, investigating security best practices, and verifying compatibility and other common things that contribute to robust security (or lack thereof). We will cross the moral border and see if the AngularJS team could notice rogue bug tickets. A pivotal question that everyone is wondering about is: Have they successfully kept evil minds like yours truly speaker here from introducing new security bugs into the code base? This talk is a reckoning with a modern JavaScript framework that promises a lot and keeps even more, not necessarily for the best for developers and users. We will conclude in deriving a general lesson learnt and hopefully agree that progress doesn't invariably mean an enhancement.
This document discusses using MongoDB for social analytics at BuddyMedia. It describes how BuddyMedia started with Cassandra but found it too complex, so they chose MongoDB which was simpler to develop with. Raw events are collected and processed to update metrics in MongoDB aggregated at different resolutions (minute, hour, day). Examples of queries on the metrics data are provided to retrieve metrics for specific clients or time periods.
История одного успешного ".NET" проекта, Александр СугакSigma Software
The document describes an IoT project built using an unconventional technology stack. It discusses the current status quo of typical .NET projects using standard Microsoft technologies. It then presents a case study of an IoT project built using non-standard technologies like F#, Suave, ReactJS, and running on Linux. It outlines the principles used in selecting the technology stack, including preferring less magic frameworks, ensuring predictable and reproducible builds, shortening feedback loops, and focusing on reusable skills and knowledge.
How To Build And Launch A Successful Globalized App From Day One Or All The ...agileware
Significant compromises are often made taking a product to market that cause downstream pain—success can mean endless hours re-architecting and retrofitting to go global, get past 508 compliance at universities or integrate partners. The good news is there are freely available technologies and strategies to avoid the pain. Learn from Zimbra’s experiences with ZCS and Zimbra Desktop (an offline-capable AJAX email application) including a checklist of do’s and don’ts and a deep dive into: i18n and l10n, 508 compliance (Americans with Disabilities Act), skinning, templates, time-date formatting and more.
From http://en.oreilly.com/oscon2008/public/schedule/detail/4834
"Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ...PROIDEA
Banking Trojans have been part of the financial cybercrime landscape for over a decade, causing losses measured in billions of dollars. On the flip side, the constant evolution of defenses against this type of malware has forced Trojan operators to adjust to security controls designed to keep them out. As a result, many Trojan operators have either disappeared or considerably narrowed their activity scope, but more interestingly, are using novel techniques to achieve their goals. In this talk, we will present three top malware operators active in the wild and their use of automated scripts to tackle their challenges: The notorious Gozi (ISFB) malware used to run its own executable files. Nowadays, it avoids storing malicious payloads on disk and instead, writes a Powershell script to the Windows registry and executes it using a special regex-based run-key. Ramnit, a dated foe that focuses on UK banks, encrypts its payload using a Windows API function with a device-unique key. In every system reboot, it decrypts the payload in-memory and runs it with a Visual Basic script that runs Powershell. This allows Ramnit to avoid running a detectable, executable file as it used to do in the past. BackSwap is a new banking Trojan that attacks financial institutions in Spain. Its dropper is a JavaScript Encoded (JSE) file. When decoded, the dropper results in a 30k lines-of-code script which downloads a binary sample from a remote Command-and-Control server. Together with our audience, we will walk through the research process and share our findings along with our (sometimes) quick-and-dirty solutions. We aim to enhance our participants’ knowledge of today’s bankers and help them get deeper into current-day scripting-related techniques cybercriminals use.
Slides from my DevOpsExpo London talk "From oops to NoOps".
They tell you in these conferences that DevOps is not about tools, but about culture. And they are partially right. I am going to tell you that it’s not only about culture or tools but also abstractions.
It is a lot about how you see software and its value. About our mental model of what software is: how it runs, evolves, and interacts with the other facets of an enterprise.
We used to view software as code. As a state of code. Now we think about software as change, as a flow. A dynamic system where people, machines, and processes interact continuously.
At Platform.sh we spend a bunch of time asking ourselves not “How do you build?” - or even “How do you build consistently?” - but rather “What does it mean to consistently build in a world where change is good?” A world that lets you push security fixes into production as soon as they’re available because you don’t want to be an Equifax but you do want stability.
In this presentation, I will go over what we think software is and why having the right ideas about software will help you get your culture right and your tooling aligned, as well as gain in productivity, and general happiness and well-being.
A quick starter for prototyping in Aframe. Designers often find it difficult to communicate their VR design ideas to fellow developers. This is the presentation prepared for a VR design meetup in Bangalore wherein I gave hands on workshop to prototype in aframe for VR
Building frameworks: from concept to completionRuben Goncalves
What are considerations when building a framework/library? How does that apply to OutSystems components? In this session, we’ll do a deep dive into the importance of addressing certain concepts like code granularity, and architecture, in order to create useful, future-proof and coherent frameworks that deliver the best possible developer experience.
Beyond Breakpoints: A Tour of Dynamic AnalysisC4Media
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/2dXUUTG.
Nathan Taylor provides an introduction to the dynamic analysis research space, suggesting integrating these techniques into various internal tools. Filmed at qconnewyork.com.
Nathan Taylor is a software developer currently employed at Fastly, where he works on making the Web faster through high performance content delivery. Previous gigs have included hacking on low-level systems software such as Java runtimes at Twitter and, prior to that, the Xen virtual machine monitor in grad school.
This document provides guidance on running a blockchain pilot project. It outlines an agenda for an interactive workshop, including breaks and lunch. The workshop covers finding opportunities, articulating problems, designing technical architecture, and incentives. Participants brainstorm use cases, map stakeholders, design smart contracts and UIs, and deploy on testnets. The goal is to provide a framework to discover how blockchain can solve problems and transform existing products and business models in a hands-on pilot project. Attendees are encouraged to contact the workshop organizers for future dedicated blockchain project design sessions.
Similar to FFS The Browser and Everything In It Is Wrong - We've Ruined Software Engineering for Generations to Come (20)
Compose is a Kotlin library for building user interfaces across platforms like Android, Desktop, and Web. It provides a declarative programming model that allows describing UI as composable functions of pure data. The Compose compiler plugin handles calling these functions and managing the underlying UI component tree efficiently as data changes over time. Compose uses techniques like positional memoization and gap buffers to optimize caching of UI nodes and state for each call site in a composable function. This allows Compose to rebuild the UI incrementally based on changes in input data.
The document discusses various Kotlin language features and how they are compiled down to bytecode. It explains concepts like lowering, de-sugaring, and decompiling Kotlin programs. Specific language features summarized include free functions, nested functions, extension methods, data classes, object declarations, companion objects, and lambdas with receivers. The document shows how each feature compiles by decompiling example Kotlin code.
TypeScript has a larger and more established community compared to KotlinJS. While Kotlin's coroutines are more powerful than TypeScript's async/await, JSX is simpler than Kotlin's React DSL. TypeScript also has a more advanced type system with features like union, intersection and mapped types. However, Kotlin has more elegant syntax with expressions like when and if being expressions. Overall, both languages are good but TypeScript is better suited as a JavaScript superset while Kotlin shines in its multiplatform capabilities.
The document provides 10 lessons learned from the 1990s about software development:
1. Draw diagrams to design systems at different levels of abstraction.
2. Conduct design reviews focused on algorithms and patterns, not just syntax.
3. Prioritize stable frameworks and tools over constantly changing options.
4. Develop internal libraries and tools instead of solely relying on external dependencies.
5. Learn all aspects of testing, not just unit tests, and the role of testers.
6. Master development tools and optimize workflows through shortcuts and automation.
7. Focus on fundamentals like performance, data structures, and asynchronous programming.
8. Take responsibility for work and focus on principles over blindly following process.
The document discusses how the Kotlin compiler fakes or lies about certain Kotlin language features by decompiling the bytecode produced by the Kotlin compiler. It provides examples of how free functions, nested functions, primary constructors, extension methods, destructuring, object declarations, companion objects, enumerations, delegated properties, lambdas with receivers, and more are implemented under the hood by the compiler through bytecode tricks and deception. The document is intended to look under the hood of the Kotlin compiler and Java bytecode to understand how certain Kotlin features are implemented that don't have a direct mapping to Java.
Kotlin's coroutines are more powerful than TypeScript's async/await for asynchronous programming. Coroutines are more general and can be used with other patterns besides just asynchronous code. In KotlinJS, coroutines work easily with Promises. They allow suspending functions without needing to explicitly "await", and can be applied to other patterns beyond just async code. Kotlin's coroutines are therefore superior to TypeScript's async/await for asynchronous programming in JavaScript.
The Kotlin compiler provides many features of Kotlin that do not exist natively in the JVM by generating bytecode that emulates these features. It uses various techniques like generating additional classes and methods, passing implicit parameters, and implementing functional interfaces to achieve this. The summary decompiles some Kotlin code examples to Java bytecode to illustrate how specific Kotlin features are implemented under the hood.
Generics On The JVM (What you don't know will hurt you)Garth Gilmour
Talk delivered to the London Kotlin Users Group. Covering how generics is implemented on the JVM and the different approaches taken by Java and Kotlin to co/contra variance and the lack of reified types.
Using Kotlin, to Create Kotlin,to Teach Kotlin,in SpaceGarth Gilmour
Talk delivered at the Kotliners 2020 conference. Covering how Instil used the Kotlin Space DSL to automatically populate Space instances used in coding workshops.
1) The document discusses whether software engineers can be considered professionals by examining the traditional definitions of a profession, which include belonging to a professional culture, having apprenticeships and lifelong careers, and following a code of conduct.
2) It reviews software engineering against these criteria and finds it lacking in some areas such as not having a strong professional culture or union.
3) The document also questions whether professionalism necessarily leads to competence, success, or growth in the field, providing some examples and arguments on both sides of this issue. It concludes that while ethics are important, professional status may not be critical for software engineering currently.
Social Distancing is not Behaving DistantlyGarth Gilmour
This document discusses strategies for effectively delivering training remotely during the COVID-19 pandemic. It outlines lessons learned from initial attempts at virtual training, including that it is difficult to engage students and maintain focus without in-person interaction. It recommends adopting a combined approach using multiple instructors, flexible scheduling of material, and specialized online tools to help facilitate collaborative learning and make remote training feel more personal.
Transitioning Android Teams Into KotlinGarth Gilmour
Talk delivered with Eamonn Boyle at GOTO Copenhagen in 2019. Covering how best to move from delivering Android projects in Java to writing the code in Kotlin.
Simpler and Safer Java Types (via the Vavr and Lambda Libraries)Garth Gilmour
This document provides an overview of functional programming concepts in Java using the Vavr and Lambda libraries. It begins with an introduction to the libraries and examples of common FP data structures and patterns like currying, tuples, Either, and pattern matching. It then demonstrates examples of collections, grouping, filtering and combining data using the Vavr library. The document aims to showcase how these libraries can provide cleaner FP abstractions compared to Java's built-in Streams API.
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...XfilesPro
Wondering how X-Sign gained popularity in a quick time span? This eSign functionality of XfilesPro DocuPrime has many advancements to offer for Salesforce users. Explore them now!
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsPeter Muessig
The UI5 tooling is the development and build tooling of UI5. It is built in a modular and extensible way so that it can be easily extended by your needs. This session will showcase various tooling extensions which can boost your development experience by far so that you can really work offline, transpile your code in your project to use even newer versions of EcmaScript (than 2022 which is supported right now by the UI5 tooling), consume any npm package of your choice in your project, using different kind of proxies, and even stitching UI5 projects during development together to mimic your target environment.
The Key to Digital Success_ A Comprehensive Guide to Continuous Testing Integ...kalichargn70th171
In today's business landscape, digital integration is ubiquitous, demanding swift innovation as a necessity rather than a luxury. In a fiercely competitive market with heightened customer expectations, the timely launch of flawless digital products is crucial for both acquisition and retention—any delay risks ceding market share to competitors.
Using Query Store in Azure PostgreSQL to Understand Query PerformanceGrant Fritchey
Microsoft has added an excellent new extension in PostgreSQL on their Azure Platform. This session, presented at Posette 2024, covers what Query Store is and the types of information you can get out of it.
8 Best Automated Android App Testing Tool and Framework in 2024.pdfkalichargn70th171
Regarding mobile operating systems, two major players dominate our thoughts: Android and iPhone. With Android leading the market, software development companies are focused on delivering apps compatible with this OS. Ensuring an app's functionality across various Android devices, OS versions, and hardware specifications is critical, making Android app testing essential.
Liberarsi dai framework con i Web Component.pptxMassimo Artizzu
In Italian
Presentazione sulle feature e l'utilizzo dei Web Component nell sviluppo di pagine e applicazioni web. Racconto delle ragioni storiche dell'avvento dei Web Component. Evidenziazione dei vantaggi e delle sfide poste, indicazione delle best practices, con particolare accento sulla possibilità di usare web component per facilitare la migrazione delle proprie applicazioni verso nuovi stack tecnologici.
Mobile App Development Company In Noida | Drona InfotechDrona Infotech
Drona Infotech is a premier mobile app development company in Noida, providing cutting-edge solutions for businesses.
Visit Us For : https://www.dronainfotech.com/mobile-application-development/
E-commerce Development Services- Hornet DynamicsHornet Dynamics
For any business hoping to succeed in the digital age, having a strong online presence is crucial. We offer Ecommerce Development Services that are customized according to your business requirements and client preferences, enabling you to create a dynamic, safe, and user-friendly online store.
UI5con 2024 - Bring Your Own Design SystemPeter Muessig
How do you combine the OpenUI5/SAPUI5 programming model with a design system that makes its controls available as Web Components? Since OpenUI5/SAPUI5 1.120, the framework supports the integration of any Web Components. This makes it possible, for example, to natively embed own Web Components of your design system which are created with Stencil. The integration embeds the Web Components in a way that they can be used naturally in XMLViews, like with standard UI5 controls, and can be bound with data binding. Learn how you can also make use of the Web Components base class in OpenUI5/SAPUI5 to also integrate your Web Components and get inspired by the solution to generate a custom UI5 library providing the Web Components control wrappers for the native ones.
Artificia Intellicence and XPath Extension FunctionsOctavian Nadolu
The purpose of this presentation is to provide an overview of how you can use AI from XSLT, XQuery, Schematron, or XML Refactoring operations, the potential benefits of using AI, and some of the challenges we face.
Most important New features of Oracle 23c for DBAs and Developers. You can get more idea from my youtube channel video from https://youtu.be/XvL5WtaC20A
5. Where Things Were Better…
Did you know that the original
4GL’s were designed to be an
ideal coding environment for
GUI’s? Where no one would
suffer, and everyone could
leave the office at 5pm?
15. All we need to do is:
• Learn a new programming language (TypeScript)
• Learn two new module systems (ES6 and NG Modules)
• …and a packaging platform (Node.js, NPM and Webpack)
• Learn about reactive streams (for every form of I/O)
Then we can write an Angular component
• Once we understand how to manage Dependency Injection
• …and the syntax for writing components and services
• …and the syntax for data binding in template files
Of course eventually we will need to:
• Decide what kind of forms we want (regular or reactive)
• Use an external state container like Ngrx Store or Redux
A Quotations Editor in Angular 2