SlideShare a Scribd company logo

Software Developer's Cartel - Not In The Job Description

Download as PPTX, PDF
Suzy Smith
Suzy Smith

As a senior developer, Ross McDonald has learned that some job requirements extend beyond what is explicitly stated. Developers must gain expertise in related technical areas like security, algorithms, and data structures to fully meet requirements. It is also important for developers to continuously learn about new technologies and best practices from technical communities to address increasingly complex problems and avoid potential issues. Recognizing the limitations of one's own knowledge and seeking expert advice when appropriate are important skills for developers.

Technology
1 of 10
Not in the Job Description Ross McDonald Senior Developer, FrogSlayer
Requirements • Is a website • Users can store content • Users can login • Only logged in users can modify content • User content is analyzed using client algorithm Developer knowledge Assumed Expertise Client Provided Knowledge
Probability / Random Sampling • Random vs. Pseudorandom • Correct use of PRNGs • Converting uniform distributions to non- uniform distributions
Produce a predictable sequence determined by initial seed • Seed once • Make sure its properties fit your need Pseudorandom Number Generators
PRNG Output Transformation Pitfalls • Bounding with rand()%max or similar • Producing byte-streams or floats with random ints incorrectly • Sampling more complex distributions with a uniform PRNG incorrectly
Computer Security Pitfalls • Not understanding Encryption / Authentication / Integrity • Not trusting the defaults and standards (rolling your own) • Trusting the defaults and standards
Alice Bob Authentication Integrity Encryption
Trust the Defaults e.g. .NET provides CryptoServiceProvider classes with reasonable defaults. • GenerateKey() • GenerateIV() • Sane default Mode (CBC) Original ECB Non-ECB
Don’t Trust the Defaults • No matter how self contained the library is, there is potential for misuse (e.g. Padding Oracle Attack) • PGP does not provide forward secrecy • GnuPG was slow in adopting Elliptic Curve • The NSA / RSA BSAFE debacle
Takeaways • Recognize problems are more complicated than you might think. • Never stop learning. • Immerse yourself in technical cultures (e.g. blogs, podcasts, stack exchange) • Know enough about everything to know when your client’s concerns warrant an expert

Recommended

Setting up your development environment
Setting up your development environmentSetting up your development environment
Setting up your development environment
Nicole Ryan
 
Adapter Poxy Pattern
Adapter Poxy PatternAdapter Poxy Pattern
Adapter Poxy Pattern
Philip Zhong
 
The modern view on implementation of classic design patterns in Java
The modern view on implementation of classic design patterns in JavaThe modern view on implementation of classic design patterns in Java
The modern view on implementation of classic design patterns in Java
Mikalai Alimenkou
 
Productive development with react js
Productive development with react jsProductive development with react js
Productive development with react js
Tim (dev-tim) Zadorozhniy
 
Jug dynamic languages_in_jvm
Jug dynamic languages_in_jvmJug dynamic languages_in_jvm
Jug dynamic languages_in_jvm
Dmitry Buzdin
 
Java design patterns
Java design patternsJava design patterns
Java design patterns
Brian Zitzow
 
Scala.io
Scala.ioScala.io
Scala.io
Diego Pacheco
 
JOSA TechTalks - Compilers, Transpilers, and Why You Should Care
JOSA TechTalks - Compilers, Transpilers, and Why You Should CareJOSA TechTalks - Compilers, Transpilers, and Why You Should Care
JOSA TechTalks - Compilers, Transpilers, and Why You Should Care
Jordan Open Source Association
 

Recommended

Setting up your development environment
Setting up your development environmentSetting up your development environment
Setting up your development environment
Nicole Ryan
 
Adapter Poxy Pattern
Adapter Poxy PatternAdapter Poxy Pattern
Adapter Poxy Pattern
Philip Zhong
 
The modern view on implementation of classic design patterns in Java
The modern view on implementation of classic design patterns in JavaThe modern view on implementation of classic design patterns in Java
The modern view on implementation of classic design patterns in Java
Mikalai Alimenkou
 
Productive development with react js
Productive development with react jsProductive development with react js
Productive development with react js
Tim (dev-tim) Zadorozhniy
 
Jug dynamic languages_in_jvm
Jug dynamic languages_in_jvmJug dynamic languages_in_jvm
Jug dynamic languages_in_jvm
Dmitry Buzdin
 
Java design patterns
Java design patternsJava design patterns
Java design patterns
Brian Zitzow
 
Scala.io
Scala.ioScala.io
Scala.io
Diego Pacheco
 
JOSA TechTalks - Compilers, Transpilers, and Why You Should Care
JOSA TechTalks - Compilers, Transpilers, and Why You Should CareJOSA TechTalks - Compilers, Transpilers, and Why You Should Care
JOSA TechTalks - Compilers, Transpilers, and Why You Should Care
Jordan Open Source Association
 
CARLO LEVI INCONTRA MURILLO
CARLO LEVI INCONTRA MURILLOCARLO LEVI INCONTRA MURILLO
CARLO LEVI INCONTRA MURILLO
amichemie
 
45shamiya
45shamiya45shamiya
45shamiyaSelena Hopkins
 
eSUNET Buletin informativ 4
eSUNET Buletin informativ 4eSUNET Buletin informativ 4
eSUNET Buletin informativ 4
Denise Fatulescu
 
Kursovoy
KursovoyKursovoy
Kursovoy
Pomeshickurs
 
43 trevel
43 trevel43 trevel
43 trevelSelena Hopkins
 
Mmo apk игры
Mmo apk игрыMmo apk игры
Mmo apk игры
tieliderve1987
 
áLbum de fotografías
áLbum de fotografíasáLbum de fotografías
áLbum de fotografías
Mercedes García Rodriguez
 
Iterative Development From Soup to Nuts
Iterative Development From Soup to NutsIterative Development From Soup to Nuts
Iterative Development From Soup to Nuts
Infostretch
 
44trevel
44trevel44trevel
44trevelSelena Hopkins
 
2da IMAGEN DE ENTREVISTA
2da IMAGEN DE ENTREVISTA 2da IMAGEN DE ENTREVISTA
2da IMAGEN DE ENTREVISTA
Enrique Agüera Ibáñez
 
La noción del medio
La noción del medioLa noción del medio
La noción del medio
Laura Cruz
 
Exposición sobre competencias
Exposición sobre competencias Exposición sobre competencias
Exposición sobre competencias
Yakelin Tenorio
 
HIV AIDS FINAL REPORT
HIV AIDS FINAL REPORTHIV AIDS FINAL REPORT
HIV AIDS FINAL REPORT
omotola babalola
 
IBM Watson Concept Insights
IBM Watson Concept InsightsIBM Watson Concept Insights
IBM Watson Concept Insights
Kory Becker
 
Progressivism
ProgressivismProgressivism
Progressivism
Brandeis High School
 
Usersnap and the javascript magic behind the scenes - ViennaJS
Usersnap and the javascript magic behind the scenes - ViennaJSUsersnap and the javascript magic behind the scenes - ViennaJS
Usersnap and the javascript magic behind the scenes - ViennaJS
Usersnap
 
Badneedles
BadneedlesBadneedles
Badneedles
dimisec
 
Static Analysis Primer
Static Analysis PrimerStatic Analysis Primer
Static Analysis Primer
Coverity
 
Spring framework
Spring frameworkSpring framework
Spring framework
Aircon Chen
 
CNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side ControlsCNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side Controls
Sam Bowne
 
Silicon Valley JUG - How to generate customized java 8 code from your database
Silicon Valley JUG - How to generate customized java 8 code from your databaseSilicon Valley JUG - How to generate customized java 8 code from your database
Silicon Valley JUG - How to generate customized java 8 code from your database
Speedment, Inc.
 
How to generate customized java 8 code from your database
How to generate customized java 8 code from your databaseHow to generate customized java 8 code from your database
How to generate customized java 8 code from your database
Speedment, Inc.
 

More Related Content

Viewers also liked

CARLO LEVI INCONTRA MURILLO
CARLO LEVI INCONTRA MURILLOCARLO LEVI INCONTRA MURILLO
CARLO LEVI INCONTRA MURILLO
amichemie
 
eSUNET Buletin informativ 4
eSUNET Buletin informativ 4eSUNET Buletin informativ 4
eSUNET Buletin informativ 4
Denise Fatulescu
 
Mmo apk игры
Mmo apk игрыMmo apk игры
Mmo apk игры
tieliderve1987
 
áLbum de fotografías
áLbum de fotografíasáLbum de fotografías
áLbum de fotografías
Mercedes García Rodriguez
 
Iterative Development From Soup to Nuts
Iterative Development From Soup to NutsIterative Development From Soup to Nuts
Iterative Development From Soup to Nuts
Infostretch
 
2da IMAGEN DE ENTREVISTA
2da IMAGEN DE ENTREVISTA 2da IMAGEN DE ENTREVISTA
2da IMAGEN DE ENTREVISTA
Enrique Agüera Ibáñez
 
La noción del medio
La noción del medioLa noción del medio
La noción del medio
Laura Cruz
 
Exposición sobre competencias
Exposición sobre competencias Exposición sobre competencias
Exposición sobre competencias
Yakelin Tenorio
 
HIV AIDS FINAL REPORT
HIV AIDS FINAL REPORTHIV AIDS FINAL REPORT
HIV AIDS FINAL REPORT
omotola babalola
 
IBM Watson Concept Insights
IBM Watson Concept InsightsIBM Watson Concept Insights
IBM Watson Concept Insights
Kory Becker
 
Progressivism
ProgressivismProgressivism
Progressivism
Brandeis High School
 

Viewers also liked (15)

CARLO LEVI INCONTRA MURILLO
CARLO LEVI INCONTRA MURILLOCARLO LEVI INCONTRA MURILLO
CARLO LEVI INCONTRA MURILLO
 
45shamiya
45shamiya45shamiya
45shamiya
 
eSUNET Buletin informativ 4
eSUNET Buletin informativ 4eSUNET Buletin informativ 4
eSUNET Buletin informativ 4
 
Kursovoy
KursovoyKursovoy
Kursovoy
 
43 trevel
43 trevel43 trevel
43 trevel
 
Mmo apk игры
Mmo apk игрыMmo apk игры
Mmo apk игры
 
áLbum de fotografías
áLbum de fotografíasáLbum de fotografías
áLbum de fotografías
 
Iterative Development From Soup to Nuts
Iterative Development From Soup to NutsIterative Development From Soup to Nuts
Iterative Development From Soup to Nuts
 
44trevel
44trevel44trevel
44trevel
 
2da IMAGEN DE ENTREVISTA
2da IMAGEN DE ENTREVISTA 2da IMAGEN DE ENTREVISTA
2da IMAGEN DE ENTREVISTA
 
La noción del medio
La noción del medioLa noción del medio
La noción del medio
 
Exposición sobre competencias
Exposición sobre competencias Exposición sobre competencias
Exposición sobre competencias
 
HIV AIDS FINAL REPORT
HIV AIDS FINAL REPORTHIV AIDS FINAL REPORT
HIV AIDS FINAL REPORT
 
IBM Watson Concept Insights
IBM Watson Concept InsightsIBM Watson Concept Insights
IBM Watson Concept Insights
 
Progressivism
ProgressivismProgressivism
Progressivism
 

Similar to Software Developer's Cartel - Not In The Job Description

Usersnap and the javascript magic behind the scenes - ViennaJS
Usersnap and the javascript magic behind the scenes - ViennaJSUsersnap and the javascript magic behind the scenes - ViennaJS
Usersnap and the javascript magic behind the scenes - ViennaJS
Usersnap
 
Badneedles
BadneedlesBadneedles
Badneedles
dimisec
 
Static Analysis Primer
Static Analysis PrimerStatic Analysis Primer
Static Analysis Primer
Coverity
 
Spring framework
Spring frameworkSpring framework
Spring framework
Aircon Chen
 
CNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side ControlsCNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side Controls
Sam Bowne
 
Silicon Valley JUG - How to generate customized java 8 code from your database
Silicon Valley JUG - How to generate customized java 8 code from your databaseSilicon Valley JUG - How to generate customized java 8 code from your database
Silicon Valley JUG - How to generate customized java 8 code from your database
Speedment, Inc.
 
How to generate customized java 8 code from your database
How to generate customized java 8 code from your databaseHow to generate customized java 8 code from your database
How to generate customized java 8 code from your database
Speedment, Inc.
 
Serialization and performance by Sergey Morenets
Serialization and performance by Sergey MorenetsSerialization and performance by Sergey Morenets
Serialization and performance by Sergey Morenets
Alex Tumanoff
 
JavaOne2016 - How to Generate Customized Java 8 Code from Your Database [TUT4...
JavaOne2016 - How to Generate Customized Java 8 Code from Your Database [TUT4...JavaOne2016 - How to Generate Customized Java 8 Code from Your Database [TUT4...
JavaOne2016 - How to Generate Customized Java 8 Code from Your Database [TUT4...
Speedment, Inc.
 
How to JavaOne 2016 - Generate Customized Java 8 Code from Your Database [TUT...
How to JavaOne 2016 - Generate Customized Java 8 Code from Your Database [TUT...How to JavaOne 2016 - Generate Customized Java 8 Code from Your Database [TUT...
How to JavaOne 2016 - Generate Customized Java 8 Code from Your Database [TUT...
Malin Weiss
 
Dependency Injection in .NET
Dependency Injection in .NETDependency Injection in .NET
Dependency Injection in .NET
Remik Koczapski
 
How to Destroy a Database
How to Destroy a DatabaseHow to Destroy a Database
How to Destroy a Database
John Ashmead
 
Web development tips and tricks
Web development tips and tricksWeb development tips and tricks
Web development tips and tricks
maxo_64
 
phishingwebsiteppt -presentationartificial intelligence
phishingwebsiteppt -presentationartificial intelligencephishingwebsiteppt -presentationartificial intelligence
phishingwebsiteppt -presentationartificial intelligence
AasthaDewangan
 
Scaling Databases On The Cloud
Scaling Databases On The CloudScaling Databases On The Cloud
Scaling Databases On The Cloud
Imaginea
 
Scaing databases on the cloud
Scaing databases on the cloudScaing databases on the cloud
Scaing databases on the cloud
Imaginea
 
Владимир Бронников (Senior .NET Developer, Perfectial) “Performance optimizat...
Владимир Бронников (Senior .NET Developer, Perfectial) “Performance optimizat...Владимир Бронников (Senior .NET Developer, Perfectial) “Performance optimizat...
Владимир Бронников (Senior .NET Developer, Perfectial) “Performance optimizat...
DataArt
 
Voldemort Nosql
Voldemort NosqlVoldemort Nosql
Voldemort Nosql
elliando dias
 
DEF CON 27 - CHRISTOPHER ROBERTS - firmware slap
DEF CON 27 - CHRISTOPHER ROBERTS - firmware slapDEF CON 27 - CHRISTOPHER ROBERTS - firmware slap
DEF CON 27 - CHRISTOPHER ROBERTS - firmware slap
Felipe Prado
 
How To Use Selenium Successfully
How To Use Selenium SuccessfullyHow To Use Selenium Successfully
How To Use Selenium Successfully
Dave Haeffner
 

Similar to Software Developer's Cartel - Not In The Job Description (20)

Usersnap and the javascript magic behind the scenes - ViennaJS
Usersnap and the javascript magic behind the scenes - ViennaJSUsersnap and the javascript magic behind the scenes - ViennaJS
Usersnap and the javascript magic behind the scenes - ViennaJS
 
Badneedles
BadneedlesBadneedles
Badneedles
 
Static Analysis Primer
Static Analysis PrimerStatic Analysis Primer
Static Analysis Primer
 
Spring framework
Spring frameworkSpring framework
Spring framework
 
CNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side ControlsCNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side Controls
 
Silicon Valley JUG - How to generate customized java 8 code from your database
Silicon Valley JUG - How to generate customized java 8 code from your databaseSilicon Valley JUG - How to generate customized java 8 code from your database
Silicon Valley JUG - How to generate customized java 8 code from your database
 
How to generate customized java 8 code from your database
How to generate customized java 8 code from your databaseHow to generate customized java 8 code from your database
How to generate customized java 8 code from your database
 
Serialization and performance by Sergey Morenets
Serialization and performance by Sergey MorenetsSerialization and performance by Sergey Morenets
Serialization and performance by Sergey Morenets
 
JavaOne2016 - How to Generate Customized Java 8 Code from Your Database [TUT4...
JavaOne2016 - How to Generate Customized Java 8 Code from Your Database [TUT4...JavaOne2016 - How to Generate Customized Java 8 Code from Your Database [TUT4...
JavaOne2016 - How to Generate Customized Java 8 Code from Your Database [TUT4...
 
How to JavaOne 2016 - Generate Customized Java 8 Code from Your Database [TUT...
How to JavaOne 2016 - Generate Customized Java 8 Code from Your Database [TUT...How to JavaOne 2016 - Generate Customized Java 8 Code from Your Database [TUT...
How to JavaOne 2016 - Generate Customized Java 8 Code from Your Database [TUT...
 
Dependency Injection in .NET
Dependency Injection in .NETDependency Injection in .NET
Dependency Injection in .NET
 
How to Destroy a Database
How to Destroy a DatabaseHow to Destroy a Database
How to Destroy a Database
 
Web development tips and tricks
Web development tips and tricksWeb development tips and tricks
Web development tips and tricks
 
phishingwebsiteppt -presentationartificial intelligence
phishingwebsiteppt -presentationartificial intelligencephishingwebsiteppt -presentationartificial intelligence
phishingwebsiteppt -presentationartificial intelligence
 
Scaling Databases On The Cloud
Scaling Databases On The CloudScaling Databases On The Cloud
Scaling Databases On The Cloud
 
Scaing databases on the cloud
Scaing databases on the cloudScaing databases on the cloud
Scaing databases on the cloud
 
Владимир Бронников (Senior .NET Developer, Perfectial) “Performance optimizat...
Владимир Бронников (Senior .NET Developer, Perfectial) “Performance optimizat...Владимир Бронников (Senior .NET Developer, Perfectial) “Performance optimizat...
Владимир Бронников (Senior .NET Developer, Perfectial) “Performance optimizat...
 
Voldemort Nosql
Voldemort NosqlVoldemort Nosql
Voldemort Nosql
 
DEF CON 27 - CHRISTOPHER ROBERTS - firmware slap
DEF CON 27 - CHRISTOPHER ROBERTS - firmware slapDEF CON 27 - CHRISTOPHER ROBERTS - firmware slap
DEF CON 27 - CHRISTOPHER ROBERTS - firmware slap
 
How To Use Selenium Successfully
How To Use Selenium SuccessfullyHow To Use Selenium Successfully
How To Use Selenium Successfully
 

Recently uploaded

みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Zilliz
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website
Pixlogix Infotech
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
TIPNGVN2
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 

Recently uploaded (20)

みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website20 Comprehensive Checklist of Designing and Developing a Website
20 Comprehensive Checklist of Designing and Developing a Website
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 

Software Developer's Cartel - Not In The Job Description

  • 1. Not in the Job Description Ross McDonald Senior Developer, FrogSlayer
  • 2. Requirements • Is a website • Users can store content • Users can login • Only logged in users can modify content • User content is analyzed using client algorithm Developer knowledge Assumed Expertise Client Provided Knowledge
  • 3. Probability / Random Sampling • Random vs. Pseudorandom • Correct use of PRNGs • Converting uniform distributions to non- uniform distributions
  • 4. Produce a predictable sequence determined by initial seed • Seed once • Make sure its properties fit your need Pseudorandom Number Generators
  • 5. PRNG Output Transformation Pitfalls • Bounding with rand()%max or similar • Producing byte-streams or floats with random ints incorrectly • Sampling more complex distributions with a uniform PRNG incorrectly
  • 6. Computer Security Pitfalls • Not understanding Encryption / Authentication / Integrity • Not trusting the defaults and standards (rolling your own) • Trusting the defaults and standards
  • 8. Trust the Defaults e.g. .NET provides CryptoServiceProvider classes with reasonable defaults. • GenerateKey() • GenerateIV() • Sane default Mode (CBC) Original ECB Non-ECB
  • 9. Don’t Trust the Defaults • No matter how self contained the library is, there is potential for misuse (e.g. Padding Oracle Attack) • PGP does not provide forward secrecy • GnuPG was slow in adopting Elliptic Curve • The NSA / RSA BSAFE debacle
  • 10. Takeaways • Recognize problems are more complicated than you might think. • Never stop learning. • Immerse yourself in technical cultures (e.g. blogs, podcasts, stack exchange) • Know enough about everything to know when your client’s concerns warrant an expert