Security & convenience

     

Last week I needed to change my defective French SIM card, from Free (who as an aside are an awesome ISP and equally good mobile provider). I happened to be in Paris so I decided to go to the Free shop, as I thought it'd be easier then getting a new SIM card send to my address on file (my parent's address in France) given I now live in the UK.

OVH: Database quota exceeded

     

OVH emailed me a few weeks back telling me that my shared database for the plan that powers uponmyshoulder.com was approaching its (huge!) quota of 25MB, and then again last week to tell me that this time, the quota was reached. Once you reach the quota, the DB is placed in read-only mode, although SQL DELETE commands do go through correctly, as we'll see later. So my first instinct was to see what was wrong, by going into the PhpMyAdmin that OVH gives to each shared DB owner.

"They use some weird padding..."

     

A few days ago, a colleague was telling me about a project where she needs to implement a crypto scheme from an external vendor in order to talk to their API over HTTP. For complicated (and probably wrong) reasons, they decided to eschew TLS and develop their own system instead, relying on DES –not even triple DES! Basic DES, the one from the ‘70s that is horribly insecure today– and RC4, which isn't great either.

Updating a tiny Rails app from Rails 3.1 to Rails 4.2

         Programming      rails · ruby · upgrade

In 2011 I wrote a small Rails app in order to learn Ruby better and see what all the fuss was about – this was Antipodes, a website that shows you the antipodes of a given point or country/state using google maps. I built it using the latest and greatest version of Rails available at the time, which was 3.2. It has since fell to various security issues and has been superseded by newest version, and is currently unsupported.

remaildr.com is back!

     

So, remaildr.com had been in a pretty sorry state for a couple of months now, and I kept thinking I should go have a look into it and get to the bottom of the issue. And the bottom of the issue was the 6000 spam emails sitting in the inbox, making the server crash at startup. They're now deleted, and everything is back up and happy. I'm currently thinking about different monitoring options, but given it's all email-based, no solution that I know of seem overly practical to me.

No Content Found

         Programming

“So, the tests sometimes fail inexplicably” is a sentence you probably hear pretty often if you're running any type of full-stack, browser-driven integration tests over a large-enough code base, especially when customising on top of an existing product. Today's instance was puzzling at first - the tests would sometimes fail to log in at all. That is, open the login page, fill in the username and password, wait until the URL change and assert that we're now on the dashboard - nope, failure.

In Maven, LESS is less

         Programming      java · less · maven

Sorry, this is a rant. I was recently investigating Maven plugins for LESS compilation. The use-case is pretty run-of-the-mill (I think?): I want to be able to write a .less file anywhere in my project src/ folder and have Maven compile it to CSS in the corresponding folder in target/ at some point of the build pipeline. I first looked into lesscss-maven-plugin, a short-and-sweet kind of tool that looks perfect if you have one (and only one) target folder for all of your CSS.

Pushing bookmarklets to their limits

         Programming

I recently had to implement a new functionality for an internal web application: a button to download a specially-formatted file. The right way to do it is, of course, to deploy server-side code generating the needed file in the backend and make it accessible to the user via the front-end. The application in question is an important company-wide production system and I was on a hurry, so I decided to go the Quick way rather than the Right way 1.

Simulating bad network conditions on Linux

         UNIX

Sometimes, your network is just too good. Today I ran into this issue as I was testing an application running off a VM in the local network. Latency and bandwidth were excellent, as you'd expect, but nowhere near the conditions you'd encounter over the internet. Testing in these conditions is unrealistic and can lead to underestimating issues your users will experience with your app once it's deployed. So let's change that and add artificial latency, bandwidth limitations, and even drop a few packets, using tc.

On overflowing stacks

         Programming      c · stack overflow

I recently set out to implement a few basic data structures in C for the hell of it (and to reassure myself that I can still code C), and ran into an interesting compiler wart… I was trying to instantiate a static array of 10 million integers (who doesn't?), in order to test insertions and deletions in my tree. However, as you can astutely deduce from the title of this post, this was too much for the stack of my poor program and ended up in a segfault - a textbook stack overflow.