I hope to communicate to developers of web apps, especially of those handles payment information, that they should be aware of what they trust when developing an app. This should make the app more secure and make the developers aware of when to update gems or certs.
A rabbit*1 presentation presented as a Lighting Talk at RubyKaigi 2015*2.
- *1 http://rabbit-shocker.org/
- *2 http://rubykaigi.org/2015/presentations/lt
URLs
- https:/www.hyuki.com/cr/
- https://blog.mozilla.org/security/2014/09/08/phasing-out-certificates-with-1024-bit-rsa-keys/
- https://ja.wikipedia.org/wiki/SHA-1
- https://aws.amazon.com/security/security-bulletins/aws-to-switch-to-sha256-hash-algorithm-for-ssl-certificates/
- https://googleonlinesecurity.blogspot.com/2015/10/sustaining-digital-certificate-security.html
Video presentation: https://www.youtube.com/watch?v=jLAFXQ1Av50
Most applications written in Ruby are great, but also exists evil code applying WOP techniques. There are many workarounds in several programming languages, but in Ruby, when it happens, the proportion is bigger. It's very easy to write Ruby code with collateral damage.
You will see a collection of bad Ruby codes, with a description of how these codes affected negatively their applications and the solutions to fix and avoid them. Long classes, coupling, misapplication of OO, illegible code, tangled flows, naming issues and other things you can ever imagine are examples what you'll get.
The document discusses testing practices for the Ruby programming language. It provides details on how to run various test suites that are part of the Ruby source code repository, including:
1. Running the "make test" command which runs sample tests, known bug tests, and tests defined in the test/ directory.
2. Running "make test-all" which runs core library and standard library tests under the test/ directory.
3. Running "make check" which builds encodings and extensions, runs all test tasks including test frameworks like Test::Unit and Minitest.
4. It also discusses strategies for merging test changes from external repositories like RubyGems and RDoc back into the Ruby source code
Talk at RubyKaigi 2015.
Plugin architecture is known as a technique that brings extensibility to a program. Ruby has good language features for plugins. RubyGems.org is an excellent platform for plugin distribution. However, creating plugin architecture is not as easy as writing code without it: plugin loader, packaging, loosely-coupled API, and performance. Loading two versions of a gem is a unsolved challenge that is solved in Java on the other hand.
I have designed some open-source software such as Fluentd and Embulk. They provide most of functions by plugins. I will talk about their plugin-based architecture.
Rhebok, High Performance Rack Handler / Rubykaigi 2015Masahiro Nagano
This document discusses Rhebok, a high performance Rack handler written in Ruby. Rhebok uses a prefork architecture for concurrency and achieves 1.5-2x better performance than Unicorn. It implements efficient network I/O using techniques like IO timeouts, TCP_NODELAY, and writev(). Rhebok also uses the ultra-fast PicoHTTPParser for HTTP request parsing. The document provides an overview of Rhebok, benchmarks showing its performance, and details on its internals and architecture.
I hope to communicate to developers of web apps, especially of those handles payment information, that they should be aware of what they trust when developing an app. This should make the app more secure and make the developers aware of when to update gems or certs.
A rabbit*1 presentation presented as a Lighting Talk at RubyKaigi 2015*2.
- *1 http://rabbit-shocker.org/
- *2 http://rubykaigi.org/2015/presentations/lt
URLs
- https:/www.hyuki.com/cr/
- https://blog.mozilla.org/security/2014/09/08/phasing-out-certificates-with-1024-bit-rsa-keys/
- https://ja.wikipedia.org/wiki/SHA-1
- https://aws.amazon.com/security/security-bulletins/aws-to-switch-to-sha256-hash-algorithm-for-ssl-certificates/
- https://googleonlinesecurity.blogspot.com/2015/10/sustaining-digital-certificate-security.html
Video presentation: https://www.youtube.com/watch?v=jLAFXQ1Av50
Most applications written in Ruby are great, but also exists evil code applying WOP techniques. There are many workarounds in several programming languages, but in Ruby, when it happens, the proportion is bigger. It's very easy to write Ruby code with collateral damage.
You will see a collection of bad Ruby codes, with a description of how these codes affected negatively their applications and the solutions to fix and avoid them. Long classes, coupling, misapplication of OO, illegible code, tangled flows, naming issues and other things you can ever imagine are examples what you'll get.
The document discusses testing practices for the Ruby programming language. It provides details on how to run various test suites that are part of the Ruby source code repository, including:
1. Running the "make test" command which runs sample tests, known bug tests, and tests defined in the test/ directory.
2. Running "make test-all" which runs core library and standard library tests under the test/ directory.
3. Running "make check" which builds encodings and extensions, runs all test tasks including test frameworks like Test::Unit and Minitest.
4. It also discusses strategies for merging test changes from external repositories like RubyGems and RDoc back into the Ruby source code
Talk at RubyKaigi 2015.
Plugin architecture is known as a technique that brings extensibility to a program. Ruby has good language features for plugins. RubyGems.org is an excellent platform for plugin distribution. However, creating plugin architecture is not as easy as writing code without it: plugin loader, packaging, loosely-coupled API, and performance. Loading two versions of a gem is a unsolved challenge that is solved in Java on the other hand.
I have designed some open-source software such as Fluentd and Embulk. They provide most of functions by plugins. I will talk about their plugin-based architecture.
Rhebok, High Performance Rack Handler / Rubykaigi 2015Masahiro Nagano
This document discusses Rhebok, a high performance Rack handler written in Ruby. Rhebok uses a prefork architecture for concurrency and achieves 1.5-2x better performance than Unicorn. It implements efficient network I/O using techniques like IO timeouts, TCP_NODELAY, and writev(). Rhebok also uses the ultra-fast PicoHTTPParser for HTTP request parsing. The document provides an overview of Rhebok, benchmarks showing its performance, and details on its internals and architecture.
39. Structure and Interpretation of
Computer Programs (SICP)
Gerald Sussman
Schemeの生みの親
Harold Abelson
MIT/GNU Schemeの生みの親
40. Structure and Interpretation of
Computer Programs (SICP)
世界的に高評価
世界中の多くの大学で教
科書として採用
MIT150年の歴史の中で最も重要な発明の一つ
(Boston Globe紙)
41. Structure and Interpretation of
Computer Programs (SICP)
“Harold Abelson and Gerald Jay Sussman, a pair of MIT computer science
professors, wrote “Structure and Interpretation of Computer Programs,” which
remains a classic for encouraging the teaching of not one specific programming
language, but big-picture themes students could apply across a range of
programming scenarios.”
“MITのCSの教授であるAbelsonとSussmanはSICPを書いた。
これは特定のプログラミング言語ではなく、学生が様々な
プログラミングのシナリオに適用できる大局的なテーマを
教えることを促す古典であり続けている。”
(Boston Globe紙)