Some CSS fun. Lately I've stumbled upon couple of websites with elastic hover effect on buttons. Each one was using SVG morphing, which is fine, but I was wondering how hard would it be to implement it in CSS. It ended up up being pretty easy. I created four pseudo elementsOnly two pseudo elements (::before and ::after) can be created…
19 Mar 2018
Today I learned: To upload files using fetch and FormDataFormData is supported in IE10+. you must not set Content-Type header. const fileInput = document.querySelector('#your-file-input') ; const formData = new FormData(); formData.append('file', fileInput.files[0]); const options = { method: 'POST', body: formData, // If you add this, upload won't work // headers: { // 'Content-Type': 'multipart/form-data', // } }; fetch('your-upload-url', options); Problem…
18 Mar 2018
I've been really busy lately, doing both work and pet projects. At the moment I'm playing with three.js trying to clone old DOS game to JavaScript. Games (and animations in general) need animation loop in which we are going to update the scene and re-render it. Example animations are simplified and they just move a box 60px per second. But…
17 Mar 2018
This blog post was most directly provoked by this tweet from my friend Rob Conery, explaining why he’s giving up contributing on Stack Overflow. However, it’s been a long time coming. A while ago I started writing a similar post, but it got longer and longer without coming to any conclusion. I’m writing this one … Continue reading Stack Overflow…
Abusing Exported Functions and Exposed DCOM Interfaces for Pass-Thru Command Execution and Lateral Movement
BohopsBackground Last Wednesday, I had some down time so I decided to hunt around in \System32 to see if I could find anything of potential interest. I located a few DLL files that shared an interesting export function called OpenURL: While looking for a quick win, I wanted to see if anything could be invoked […]
16 Mar 2018
On Tuesday, Wednesday, and Thursday, March 6th-8th, 2018, Clever logins failed for all customers: 1h on Tuesday, 1h15 on Wednesday, and almost 5h on Thursday. This was Clever’s single worst outage ever in length, repeatedness, and impact. This postmortem is the first of many public steps we’ll be taking to ensure Clever is a service […] The post Postmortem on…
15 Mar 2018
On March 3rd, we hosted our first hackathon with 100 members of the artificial intelligence community.
14 Mar 2018
Financial institutions across the country are sitting in the middle of a perfect storm: A Google and Boston Consulting Group report stated that digital payments in India would reach $500 billion by 2020. The digital payments industry in Asia’s third-largest economy will grow by ten times to touch $500 billion by 2020 and contribute 15% of gross domestic product (GDP).
13 Mar 2018
Editor’s Note: One of the joys of building Heroku is hearing about the exciting applications our customers are crafting. SHIFT Commerce – a platform helping retailers optimize their e-commerce strategy – is a proud and active user of Heroku in building its technology stack. Today, we’re clearing the stage for Ryan Townsend, CTO of SHIFT, […] The post Deconstructing Monolithic…
In the book club at work, we recently finished reading Exercises in Programming Style by Cristina Videira Lopes. The book consists of a simple program implemented in 33 different programming styles. It is a great way of showing the different … Continue reading →
How to get started setting up Dialogflow with Functions to create smart applications that trigger action in real time.
How to get started setting up Dialogflow with Functions to create smart applications that trigger action in real time.
The SQL standard is a nice thing. But it’s a standard. And as such, while it may provide good guidelines on how to implement some SQL features, most dialects deviate from it in one way or another (sometimes drastically, cheers, MySQL). But that doesn’t have to be a bad thing. Innovation is not driven by … Continue reading Top 10…
How to get started with Angular? What are the core libraries? Read our tips & tricks to kickstart your Angular projects, and become a front-end ninja! The post AngularJS to Angular – a brief history with some tips to get started! appeared first on RisingStack Engineering.
Everything your firm needs to know about collecting client fees by Direct Debit and how to get started.
12 Mar 2018
We held our first accessibility workshop and in this post, we highlight our approach and key takeaways.
We software developers have historically used the terms “frontend” and “backend” to describe work on client-side (e.g., browser) and server-side applications, respectively. This conceptual split has evolved into the creation of specialized developer roles for each, which is still the norm throughout the industry. In practice, this is an arbitrary split that is too often used to avoid work we…
10 Mar 2018
Introduction Two weeks ago, I blogged about several “pass-thru” techniques that leveraged the use of INF files (‘.inf’) to “fetch and execute” remote script component files (‘.sct’). In general, instances of these methods could potentially be abused to bypass application whitelisting (AWL) policies (e.g. Default AppLocker policies), deter host-based security products, and achieve ‘hidden’ persistence. […]
9 Mar 2018
Energy billing blunders hurt supplier and customer. But miscalculation is not the same as misjudgement, so the ways to prevent errors must also differ.
Watch our free webinar and learn how integrating GoCardless with your Xero accounting software can improve your cash flow and save you time.
Serverless usage stats: event sources, service structures, runtimes, and more.
8 Mar 2018
Containers, specifically Docker, are all the rage. Most DevOps setups feature Docker somewhere in the CI pipeline. This likely means that any build environment you look at, will be using a container solution such as Docker. These build environments need to take untrusted user-supplied code and execute it. It makes sense to try and securely […] The post A House…
Cindy Cutts, my wife and best friend, passed away earlier this week. While I was traveling for work recently, Cindy went to visit her family in Omaha, Nebraska. On Sunday, while enjoying time with family, Cindy started having trouble breathing. Her family quickly called 911 and paramedics took Cindy to the hospital, but Cindy lost […]
7 Mar 2018
A look at the pros and cons of Raspberry Pi boards, comparing the Raspberry Pi 3 vs the Zero/Zero W vs the 1/2.
A look at the pros and cons of Raspberry Pi boards, comparing the Raspberry Pi 3 vs the Zero/Zero W vs the 1/2.
The post Integrating legacy and CQRS appeared first on RisingStack Engineering.
We’ve developed a simple meta-learning algorithm called Reptile which works by repeatedly sampling a task, performing stochastic gradient descent on it, and updating the initial parameters towards the final parameters learned on that task. Reptile is the application of the Shortest Descent algorithm to the meta-learning setting, and is mathematically similar to first-order MAML (which is a version of the…
I started writing this blog in late 2012, partly because I felt like it would help me improve my English and my writing skills, partly because I kept having a lot of random ideas in my head and I wanted to write them down somewhere. I honestly never cared too much about finding a particular niche, I just wanted to…
How you can troubleshoot, and avoid hitting, CloudFormation's 200 resource limit
6 Mar 2018
We’re providing 6–10 stipends and mentorship to individuals from underrepresented groups to study deep learning full-time for 3 months and open-source a project.
According to NASSCOM, the Indian IT industry is currently valued at a whopping $160 billion. This should mean that a lot of people, men and women alike, constitute the four million people on the rolls of IT companies. Unfortunately, that’s not the case.
5 Mar 2018
Problem: Compute distance between points with uncertain locations (given by samples, or differing observations, or clusters). For example, if I have the following three “points” in the plane, as indicated by their colors, which is closer, blue to green, or blue to red? It’s not obvious, and there are multiple factors at work: the red points have fewer samples, but…
I am a fan of Kali Linux and AWS so I love the fact that they have an official AMI. While spinning up a Kali instance in AWS is fairly easy, I had a long flight today so I wrote a script that will spin up a Kali instance in about 60 seconds. The script does the following: Builds a…
3 Mar 2018
2 Mar 2018
Background There are three things you need to know to start with: Operations on read-only variables which are value types copy the variable value first. I’ve written about this before on this blog. C# 7.2 addresses this by introducing the readonly modifier for structs. See the language proposal for more details. I was touched to … Continue reading Implementing IXmlSerializable…
The ultimate guide to getting paid on time for SME accountancy firms. We guide you through 5 practical, low-cost, high-impact tactics that will reduce your firm's average payment times and debtor days.
1 Mar 2018
Observatory by Mozilla helps websites by teaching developers, system administrators, and security professionals how to configure their sites safely and securely. Let's take a look at the scores Observatory gives for a fairly straightforward Static Buildpack app, https://2017.keeprubyweird.com. Test Scores Test Pass Score Explanation Content Security Policy ✗ -25 Content Security Policy (CSP) header not […] The post Using HTTP…
Learn about our new "Transaction-based" pricing model and the benefits to this new model.
Learn about our new "Transaction-based" pricing model and the benefits to this new model.
Very simple way of how to display map service in QGI3 without a map server.
28 Feb 2018
Over the past month, Clever worked with CERT to address a vulnerability in our open-source SAML2 library. Clever maintains an open source library implementing the SAML protocol in Node.js known as saml2-js. We use this library internally in our SAML service provider functionality for schools using Clever SSO and the Clever Portal. It is used […] The post saml2-js and…
The post When should you use CQRS? appeared first on RisingStack Engineering.
Snippet for a rather popular requirement. Formatting a date in a nice way, using infamous "time ago" function. This is the basic version which I adapt to fit a specific project. To keep it easily customizable to your needs, I haven't packaged it up. Just pass a date to it, and function will return one of the seven possible formats:…
27 Feb 2018
Internet security is a topic that receives more attention every day. If you’re reading this article in early 2018, issues like Meltdown, Specter and the Equifax breach are no doubt fresh in your mind. Cybersecurity is a massive concern and can seem overwhelming. Where do you start? Where do you go? What do you do […]
Use your own, free API service as a data source for your front-end projects! Here's how to set it up using Docker, locally. The post Meet my Free, Local API Server for your Front-End Adventures (written in Node.js)! appeared first on RisingStack Engineering.
Sounds fancy, right? But it’s a really nice and reasonable approach to doing dynamic SQL with jOOQ. This blog post is inspired by a Stack Overflow question, where a user wanted to turn a set of values into a dynamic UNION query like this: Note, both the Stack Overflow user and I are well aware … Continue reading Map Reducing…
It was the Go 1.10 Release party - my talk was about what changed in Go 1.10.
The beauty of Agile isn’t the concept itself or the organizational changes it enables. It’s not about just reorganizing workgroups or renaming meetings. Agility is a mindset — a culture that depends on each and every one of us. It’s the belief that each person can contribute unique value to a project. This is challenging — many of us aren’t…
26 Feb 2018
Introduction Over the last few weeks, I researched and tested a few interesting namespaces/methods documented on various Microsoft/MSDN sources that dealt with executing various COM scripts/scriptlets (e.g. VBscript, Jscript, etc.). In particular, I was curious to see if there were potentially new ways to invoke remote scripts (ActiveX Objects) by leveraging some of the great […]
We’re releasing eight simulated robotics environments and a Baselines implementation of Hindsight Experience Replay, all developed for our research over the past year. We’ve used these environments to train models which work on physical robots. We’re also releasing a set of requests for robotics research.
img.otter { max-height: 220px !important; } iframe.otter { height: 800px; width: 100%; margin: 0 auto; border: 5px solid #E0F7FA; border-radius: 3px; } Before I wrote the JavaScripts, I got a master’s in AI (almost a decade ago 🙀), and wrote a thesis on a weird and new area in Reinforcement Learning. Or at least it was new then. It’s definitely…
The current best tools for serverless observability: benefits, drawbacks, and which are right for you.
23 Feb 2018
Chatbots are in your life. Humans will soon develop meaningful relationships with bots.
Chatbots are in your life. Humans will soon develop meaningful relationships with bots.
In most cases, natural sorting by sorting lexicographically is useful as a default in Java. This includes sorting file names, which are sorted lexicographically as well. However, when we have version numbers in our files (such as a set of SQL migration scripts), then we prefer the files to be sorted in a more intuitive … Continue reading How to…
I’ve been working on GoReleaser for more than a year now, and one of the things that was bothering me the most was fpm.
Nick Gottlieb shares his ServerlessConf Tokyo talk on serverless, the state of software, and ways to accelerate productivity.
22 Feb 2018
Kubernetes is a container orchestration system that originated at Google, and is now being maintained by the Cloud Native Computing Foundation. In this post, I am going to dissect some Kubernetes internals—especially, Deployments and how gradual rollouts of new containers are handled. What Is a Deployment? This is how the Kubernetes documentation describes Deployments: A […] The post Dissecting Kubernetes…
A walkthrough on how to build a robot, powered by Arduino, Alexa, and PubNub MQTT, that uses an arm and wheels to carry out tasks around the house.
A walkthrough on how to build a robot, powered by Arduino, Alexa, and PubNub MQTT, that uses an arm and wheels to carry out tasks around the house.
Come to OpenAI’s office in San Francisco’s Mission District for talks and a hackathon on Saturday, March 3rd.
Imagine - the whole family is coming over for a potluck, but no one knows what they need to bring, who is doing what, what’s already done, and that it’s dinner we’re making, not breakfast! The difference between a mediocre and memorable get together is focus.
21 Feb 2018
Distributed Ledger Technologies (DLTs) are a superset of blockchain technologies built on similar fundamental concepts. While much has been written on the technical foundation that both blockchain and DLT are built upon, the real potential lies in the possible benefits they can deliver to stakeholders.
20 Feb 2018
Tutorials using a number of IBM Watson APIs combined with Functions, including home automation, language translation, and more.
Tutorials using a number of IBM Watson APIs combined with Functions, including home automation, language translation, and more.
The post How Fintonic uses Node.js, MongoDB & Kubernetes to scale appeared first on RisingStack Engineering.
One of the biggest contributors to SQL syntax verbosity is the need to explicitly JOIN every table that somehow contributes to the query, even if that contribution is “trivial”. When looking at the Sakila database, an example could be seen easily when fetching customer data: That single access to the country information cost us 3 … Continue reading Type Safe…
We’re excited to welcome new donors to OpenAI.
We’ve co-authored a paper that forecasts how malicious actors could misuse AI technology, and potential ways we can prevent and mitigate these threats. This paper is the outcome of almost a year of sustained work with our colleagues at the Future of Humanity Institute, the Centre for the Study of Existential Risk, the Center for a New American Security, the…
Build an ETL job service by fetching data from a public API endpoint and dumping it into an AWS Redshift database.
If ‘normal’ were a circle, diversity would be that which is beyond it. The challenge of ensuring a truly diverse workforce, therefore, is to reach out further and deeper beyond the evolving circle of ‘normal’ and seek out the ‘minorities in diversity.’ This entails challenging the working definition of diversity; questioning whether the boxes we tick on recruitment forms (gender,…
19 Feb 2018
Exactly on this day, one year ago, I came back from a one month long trip to Taiwan, went straight to work from the airport and immediately moved into a new apartment after work. Since then I have cycled to work nearly every day. Fullscreen (map made with umap, routes made with GraphHopper) Alternatives and motivation Previously I lived in…
When you work with JAXB to generate Java code from XSD (or *ghasp* WSDL) files, you’re going to use the XJC tool, which is shipped with the JDK (at least until JDK 9 – with Jigsaw, it will soon be externalised into its own external dependency). Adding plugins to XJC when running it via Maven … Continue reading How to…
The benefits of Direct Debit are even greater when more customers are using it. Find out how you can maximise your Direct Debit uptake.
Every time I start a tutorial I find myself in a limbo wondering which app should I build. A to-do app? Not again!
18 Feb 2018
We spoke to agency owners and small business leaders about their top tips for success in 2018 and asked them what they wish they’d known when they were starting out. This is what they said.
17 Feb 2018
In Fall 2016 I was invited to come to Miami as part of a team that independently validated some alleged flaws in implantable cardiac devices manufactured by St. Jude Medical (now part of Abbott Labs). These flaws were discovered by a company called MedSec. The story got a lot of traction in the press at … Continue reading A few…
16 Feb 2018
On Tuesday, the SF Board of Supervisors moved to study whether a Mission laundromat is a historic resource, delaying 75 units of housing by 5 months. We wanted to look back at famous laundromats of history. Garden of Eden, 6000 BC Eating the forbidden fruit without any napkins makes quite a mess. Adam and Eve […]
Interested in learning OCaml? In the NYC area? Then this might be for you!
Not long ago, the CTO of a large organization said to us, “Innovation is not our problem. We have plenty of innovative, smart people in every department and at every level. That’s our problem. They’re disconnected. Some are off doing their own thing. Others are frustrated, and I’m concerned we may to lose them. We’re sitting on all of this…
15 Feb 2018
We’ve designed a method that encourages AIs to teach each other with examples that also make sense to humans. Our approach automatically selects the most informative examples to teach a concept—for instance, the best images to describe the concept of dogs—and experimentally we found our approach to be effective at teaching both AIs
UPDATE(2018-06-17): There are is a later blog post with newer benchmarks! One of my super nerdy interests include approximate algorithms for nearest neighbors in high-dimensional spaces. The problem is simple. You have say 1M points in some high-dimensional space. Now given a query point, can you find the nearest points out of the 1M set? Doing this fast turns out…
People often think of formal methods and theorem provers as forbidding tools, cool in theory but with a steep learning curve that makes them hard to use in real life. In this post, we’re going to describe a case we ran into recently where we were able to leverage theorem proving technology, Z3 in particular, to validate some real world…
14 Feb 2018
Deploy a crypto with crowd sale capability to the Ethereum network. Web3.js development + end-to-end testing is demonstrated with Truffle Suite.
Deploy a crypto with crowd sale capability to the Ethereum network. Web3.js development + end-to-end testing is demonstrated with Truffle Suite.
Write integration tests for a Solidity smart contract using JavaScript. A tutorial for deploying Smart contracts and creating a new Ethereum wallet.
Write integration tests for a Solidity smart contract using JavaScript. A tutorial for deploying Smart contracts and creating a new Ethereum wallet.
Build a cryptocurrency using the Ethereum Token Standard. A step-by-step guide for a Solidity smart contract with Truffle and OpenZeppelin.
Build a cryptocurrency using the Ethereum Token Standard. A step-by-step guide for a Solidity smart contract with Truffle and OpenZeppelin.
The post Event sourcing vs CRUD appeared first on RisingStack Engineering.