Wyncode Ft Lauderdale Cohort 5 Pitch Day

Video summary of my cohort’s experience on our last day where we pitched the applications we worked on for the last two weeks of the program. It can be very rewarding to dedicate yourself to an intensive program and make it through to the end.

Wyncode Bootcamp Experience

Ft Lauderdale Cohort 5

There are a few experiences that can help you reinvent your career. Wyncode Academy is in the business of helping people do just that. I was one of the students that participated in the Ft Lauderdale Cohort 5 program as part of their nine week intensive coding bootcamp. I feel the experience has certainly made a difference in acquiring the knowledge to build sophisticated applications based on Ruby, Rails, and JavaScript. Towards the end of the program the class gets two weeks to work on a final project which we all present to the community during Pitch Day. My team presented Sensoree; a web application that gathers sensor information from Internet of Things devices in order to automate your life. My contribution to the app consisted of pitching the initial idea, working on the backend, integrating with Twilio, and integrating with the Raspberry Pi. I would like to thank Wyncode Academy and the panel of judges for selecting us as the winning app for Ft Lauderdale Cohort 5. Visit the winning app at www.sensoree.net


From the Premise to the Cloud

Global communications

Have you been wondering what benefits there are in moving some of your infrastructure to the cloud? Why are so many businesses talking about it and making the move? This decision can be particularly difficult if you have an environment that is paid for and running smoothly. But let’s explore some of the initial basic questions that come up while considering this question:

  • Are any of your business applications mission critical? If so, do you have a disaster recovery or any other kind of mitigation plan?
  • Is the underlying OS supporting your mission critical apps being properly maintained and patched?
  • What are your on-going IT operational expenses (including hardware and software maintenance, support contracts, and in-house staff)?
  • Is your IT staff spending a large amount of time doing routine maintenance and other operational jobs which could be automated (such as patching, upgrading, doing backups, etc.)?
  • Does your website or any web applications you have suffer from slow performance due to a bottleneck in your data center Internet connection?
  • Can your mission critical applications scale up properly and automatically whenever you have peak demand? And scale down to reduce costs?

This kind of initial assessment can help in realizing if you are a good candidate to migrate your environment. From a business point of view, one should also consider how often you are incurring capital expenses (such as replacing servers or hard drives) that would disappear after migrating to the cloud.

Finally, once the current cost structure is well understood, one can compare that model to an OPEX cloud based cost structure. Amazon Web Services, for example, does an excellent job of publishing their cost structure. These days, most enterprises are realizing that the benefits of moving to the cloud are more obvious than ever and that there are far greater costs in keeping their environment in-house.

Why is AI freaking people out?

By: Keoni Cabral
By: Keoni Cabral

It seems lately like a lot of smart people are talking about the potential future role that Artificial Intelligence will have in our lives. As usual, the bad news is the one that always gets the most attention and that means everyone highlights the expectation that AI will eventually lead to our doom. But what is different now in regards to our future expectation of AI’s capabilities? After all, we have been overly optimistic about its future capabilities ever since the movie 2001: A Space Odyssey came out; that was 1968 in case you are wondering. Most people might agree that even in 2015 Google, Siri, or IBM’s Watson are nowhere close to HAL’s capabilities in the movie (remember HAL lip-reading?). We were way off back then in forecasting our achievements in AI. Why do people like Elon Musk and Stephen Hawking think this is the time to consider the perils of out of control Human-level AI?

Tim Urban’s Part 1 article, The Road to Super intelligence, is a great read where he describes the reason why we need to start thinking about this now. One important reason why: the scale of human progress is now growing exponentially and most people don’t even realize it. Follow the link for the full article:


Abusing the Sharing Economy

The sharing economy is one of the hot new trends of the tech industry. The hottest participants in this new trend are Uber and Lyft, Both are ride-sharing platforms focused on connecting you with  a driver directly. The difference between using these apps and calling a taxi service are mostly in convenience. Whether you use a taxi or one of these services, you’ll likely get from A to B safely but the difference in convenience really adds up. Things like scheduling a pick-up, knowing how far away your driver is, receiving a confirmation, pre-arranging payment, having a picture of your driver, and requesting a specific type of vehicle are only a few of the added conveniences. All of these add up to a very compelling alternative. Although these services are also skirting the law in a lot of cases by not providing adequate driver insurances, background checks, and licenses these issues will eventually work themselves out.

Sadly, there are also examples of the sharing economy that provide questionable benefits  and are basically abusing the system. Recently in the news, Monkey Parking, and app that helps you bid for on-street parking is one that provides questionable value. The key advantage being that you can more easily find parking in areas that have parking problems such as San Francisco. This app has already been deemed illegal by the SF city attorney because people are basically making money off of public property.

The latest entrant: Reservation Hop. This app apparently makes restaurant reservations under fake names and then sells those reservations to you. Really? Where is the value to consumers here? This app appears more like it is making itself a meddlesome middleman in a situation where it adds no value. Worse than that, it is basically abusing a system of reservations based on an honor system. Restaurants will likely start asking for credit cards or will ask for a form of ID to get rid of this abuse. Hopefully we’ll start giving less attention to these junky apps and get back to rewarding innovation rather than sleazy business tactics.

The biggest bug in recent history: Heartbleed

heartbleedHeartbleed is a bug that was recently found on OpenSSL, which is basically a piece of open-sourced software used by websites which offer encrypted logins (the little green lock on your browser). If you routinely visit banking, email, and some social media sites, you have seen this lock and assumed that you are safe when you put in sensitive information. That is basically the idea behind that icon on your browser – the information is secure and encrypted and only you and the trusted server at the other end can see it. During your surfing session, your browser may send a heartbeat message periodically to the far-end server to ensure that the connection remains open. This is basically the portion of code that has the bug and it is interesting to note how this bug can be exploited because it is not like the typical type of attack a user might be warned about.

A web user is usually told to avoid surfing banking sites using untrusted or questionable hotspots or internet cafes. Also you are told not to trust someone else’s computer because it could have a virus that could grab your keyboard strokes. Out of these two warnings the second is the most important one, but easy enough to avoid. If you are at a public internet cafe, there are still mechanisms in place to protect you even from packet sniffers or man-in-the-middle attacks (where you inadvertently connect to a middle man impersonating your intended website). Encryption protects you from packet sniffers and a website’s Certificate protects you from a man-in-the-middle attack. A valid certificate is what turns on that green lock on your browser. The information provided by Heartbleed can offer a hacker the necessary information to perform these attacks easily without a user realizing it.

To get this information, a hacker performs an SSL connection to the target website just as you would. They then write a script that sends the SSL heartbeats to the target. Instead of sending the two-byte packets which are part of the specification, the hacker sends the two byte data along with a 64KB payload length variable. Because of the bug, the server never checks the payload length variable and because of this, allocates that amount of memory for your two bytes of data. The extra space is the memory leak information that is invaluable to the hacker. As part of the heartbeat protocol, the server replies back but instead of just sending back your two bytes, it sends back 64KB of information from its memory.

So what is in this memory and could this have any of your information? It could if you have visited the site recently. Your credentials along with other types of juicy stuff could be in there. The crown jewel would be the server’s private key which is also stored in the same memory space and is also a candidate in this memory leak. With the private key, the hacker can now decrypt any and all past and future communications to this server. With the private key, the hacker can now impersonate the website and you would never receive a warning from your browser, you would get a green lock even when visiting the hacker’s website.

This is why the steps to fix this problem are the following: the website admins have to patch OpenSSL to stop the memory leak, they have to get new certificates with new keys (their existing private keys might have been compromised), and finally they have to ask (and likely force) all users to change their passwords. By the way, OpenSSL has an estimated market share of over 66%. That’s a large part of the Internet, and that is why this bug is such a big deal.


Is your Klout Score important?

KloutLogoYour Klout score is social media’s version of your credit score. The closer to 100, the more influential you are. It basically scores your status in the social media world summarizing down to one number how influential you are. But is this score really important to you and me or is it simply something that is relevant to obscure marketing insiders that measure things for a living? A lot of people criticize Klout as simply more proof that we are overly-obsessed with social media. But regardless of your industry, chances are there are a good number of people for whom a good Klout score can be valuable. If you are looking for any type of job that involves some level of marketing, having a good Klout score can be helpful. Indeed there have been many stories about how recruiters are using Klout score as one factor in some job interviews, some even going so far as to immediately discard any candidate with a low score. But even if you are not in marketing, eventually you could benefit from being an influencer in social media in some way. Although most of us use Facebook or Twitter in a casual way, at some point you will consider using these powerful platforms to talk about a cause you care about. When that happens, whether you are looking for a job, promoting cancer awareness, or simply looking for a lost pet, your level of influence could be of great benefit to you. For most, your Klout score is not worth obsessing over. But if you use social media in any way for personal or professional reasons, you should know it may be a number worth keeping your eye on.  For more on what the Klout score means, follow the link to Wendy Frink’s article below.



David Karim, Cloud Guru