What is Yow! ?
From Yow!'s website:
The aim of YOW! is to bring together internationally recognised speakers and developers to encourage excellence and innovation in the local development community. We cover the emerging technologies and best practices in the software industry – regardless of technological platform or language – without commercial hype.
I have know Yow! a couple of years ago when I have been sent there with a colleague (a QA engineer) when working at SBS On Demand and I got a very good experience out of it and learned quite a few interesting things I could bring back and discuss with the team.
This year, I suggested to my manager that the department should send the whole dev team out so that everyone can benefit of it and we can be on the same frequency when discussing the points that were presented. It was a very nice to see that the suggestion has been approved and the four of us got a ticket for the two conference days.
Day1
The conferences being held in Sydney means that me and my colleague have to leave home 30 minutes earlier. The sky was covered by a thick screen of smoke as you can see the orange haze in the photo above. It's been like this almost every day as the bushfires have not stopped for weeks! It's so bad that a group of 21 firefigthers in Canada volunteered to give up Christmas with their family to come and help Australia after the call for help! Thank you guys, really 💖
After the registration and breakfast, we went to the introduction and first key note. I went on the "Evolving Chaos Engineering" talk by Casey Rosenthal and "Frictionless Frontends for Backend Developers" by Mandy Michael. Both talks were very good although the Mandy's talk was too basics for me but it was supposed to be.
During lunch time, we went around the different stands setup by sponsor companies to get our freebies (T-shirt, thermos, pens etc... some of them are quite cool actually) and register for the big prizes raffles organised by each of them. There were some really awesome prizes to be won, check this 7500+ Star Wars LEGOs for instance:
Or this Nintendo Switch inside a bock secured by a padlock.
Now here is a funny / disappointing (for me) story. See that instructions panel on top of the box? It says in big "Crack the Code to Win".
Having spotted "Crack the Code" from afar and seeing the padlock, I thought to myself, "Ooooh, a contest for cracking the combination of a padlock?! That's original! And they must have bought a good one", so I went there and started messing with it and unlocked the lock in less than a minute, it took me a bit long because there was not many angle I could hold the padlock due to the fact that it was attached to a light weight box. I happily showed the feat to the organisers who were not expecting the code to be cracked that early in the day. Oh well...
The prize was taken out of the box and as we were re-packaging the console into its box, another member of Auth0 asked me about the code and how I found it. When I explained that I did it by feeling she was like ...wait a minute, so you didn't go on the website and solve the puzzle..., me: "no", her: "that's cheating" and continued saying to her colleague "I'm not giving this to him, he does not even know the code...". So the console was put back into the box to be then opened again 10 minutes later by another person who solved the puzzle.
Well, did you notice the QR code in the panel above? I was supposed to scan it, go to their website, fill the form with my personal details, get the puzzle from the result page, solve it and do one single attempt at entering the code to try open the lock... 🤦♂️@gandalf, upon hearing my story said "That's absolutely brilliant illustration on how the security is often approached by the dev industry." He might want to come around and elaborate on this in the comment section for all to hear but here is my take on this anecdote.
Thinking about it again, yea not everyone has padlock cracking skills and it was fairer for everyone that the challenge to be won by solving a puzzle. But really, the instructions should have been clearer. "Crack the code to win" well, I did crack the code didn't I? Literally... This reminds me of how some websites don’t give clear instructions to their users on how to perform certain actions, UX & D is important. If the user have to guess how to do something or if they need to dig for the info then the design needs improvement.
But as @gandalf said, this is showing flaws in security similar to what you can encounter in software development. The box is locked by a good size padlock so it must be really secure. It has 4 digits which means 10000 possible combinations, even a brute force (trying all possible codes one by one in sequence) might take a while when done manually. But give it to someone who knows what they are doing and they can open it in no time. On the second day of the conference, they changed the code and at the end of the day, I tried to crack it again for fun and it took me only 10 seconds. This is to say that an app that has a login screen with login and password does not necessarily is not necessarily secured. As several talks mentioned it in day 2, even 15 year old kids in their bed room were able to breach into system of very large corporation or government's systems.
Anyway, I went outside with a colleague to get some drinks as the queues were too big and this is what we saw:
That's no fog, that's smoke! The smell of it went up into the conference rooms... sigh...
The afternoon went great with some good talks especially the last keynote from James Lewis about "Scale, flow and microservices".
Day 2
The second day started with an amazing keynote "Rise of the Breaches" by Troy Hunt:
Data breaches are the new normal. We’ve created ecosystems with so many moving parts and so many complex units, it’s little wonder that we so frequently see them go wrong. A combination of more systems, more people, more devices and more ways than ever of producing and publishing data stack the odds in favour of attackers breaching more systems than ever.
Troy delivers his presentation with such energy and humour it was a really easy to go through it. The information he shared was eyes opening and scary at the same time with stories such as being able to control a car remotely from any computer in the world due to security negligence from the software developers.
Another one I did enjoy was "Automating operations with Machine Learning" by Matt Callanan who talked about how Machine Learning (Artificial Intelligence) can help monitoring for signals that tells that a system is going to break soon and remediate to it by removing a lot of manual tasks.
Lunch time. This morning in the train, as I was uploading all the photos for the top part of this blog, I realised that Steemit multiple image upload was buggy (yea, this is a new feature I added that is not out yet 😜) so I started to fix it during the trip down to Sydney. I took few minutes to complete the job during the lunch break and found a spot on the floor near a power socket and submitted the extra code to GitHub while sipping my Yerba Mate to give me some caffeine kick.
After more talks, most of which have a strong focus on security, it was a very exciting time for all the attendees: the raffle! There were Nintendo Switch, PS4 Pro, Star War Legos, Wireless NR headphones, skateboards and even a 3D printer, etc... to be won!
Two of my colleagues have even won twice! Lucky bastards!
The day ended with more great talks to attend like this one called "Does agile make us less secure?" by Michael Brunton-Spall
Conclusion
This year, Yow! has again organised a very cool and interesting conference with so many great speakers. I'm very happy that my whole dev team was able to attend together, thank you SBS On Demand!
Some talks are OK but in general I think they were very interesting and it's great to see what others are doing. It makes you think about practices within your own team or organisation. Will we be able to apply them back at work? Maybe some, maybe it will take time to do so but at least we have learned something different.
What I did not like so much: this lanyard was noisy, everytime you moved, the clips were clinking
What I found cool: The Cognitive Pinball project by Microsoft. A camera at the top monitors the game while another one on the side monitors the score. In the morning, the machine does not know how to play but with Machine Learning it then progressively learns how to play properly.
Previously on my blog:
- Update on GINAbot new Web Portal development - 2019-12-04
- Witness Earnings Weekly Report - 2019-12-02
- Adding contextual menus to Steem Keychain
Vote for my witness
On Steem, Witnesses are playing the important role of providing a performant and safe network for all of us. You have the power to choose 30 trusty witnesses to package transactions and sign the blocks that will go in the Steem blockchain. Vote for me via SteemConnect to help me do more useful projects for the communities.
Credits
- The image at the top has been generated with the Canva app using my own photo.
Banner by @josephlacsamana
Protect your money against Phishing Scam!
Cryptos accounts are the target of international scammers because they want your hard earned money!
Those people are very clever and in a moment of inattention, you've given them your login and password!
I've created a Chrome extension that can help you detecting scam links!
Install Steemed Phish Chrome desktop browser extension now!
Password and Private Keys security
You all know that your Steem password is the access to all your STEEM, SBD, posting, transferring, everything... right?
So, please, follow these simple steps and keep yourself safe:
- Apart from the initial setup of your account, NEVER use your password ANYWHERE, if stolen, it will give full control to your Steem account.
- Backup your password and keep it somewhere safe. Use a password manager like Lastpass, print it on paper and put it in a safe (no kidding). If you forget your password, no one can help you out.
- To login for creating content and curating, use your Private Posting Key
- To make transfers and account operations, use your Private Active Key
- To encrypt and decrypt memos, use your Private Memo Key
I think you really deserved to receive this Nintendo box as a bounty for showing them twice how flawed their game was!
Kudos for this brilliant demonstration of how weak a system can be when these designers think it is bulletproof. Security is a matter of paranoia and perpetual questioning. There will always be someone out there with a brighter mind or a different way of thinking.
And you were that one!
Thank you @arcange.
You are right, and as the several talks who mentioned security are showing, we are getting more and more data breaches so coding should always be done with security in mind, always monitor and regularly do audits
Posted using Partiko iOS
The last time I attended a dev conference was when I was in college (2014) and I'm already working for 3 years. I hope I can be able to attend a conference like this next year. By the way, your story about code-cracking is funny but very disappointing, you deserve the prize! haha
Welcome on Steem. I wish you good luck and hope you will be to attend the conference of your choice soon.
Posted using Partiko iOS
@quochuy, It's always important to attend Knowledgeable Sessions. Specially Developer Sessions because this is one space where new Creators rise. Stay blessed.
Posted using Partiko Android
Thank you. Those sessions have big values, not only in the talks themselves but also in meeting other developers from other sectors.
Posted using Partiko iOS
Welcome. This can lead to effective Collaborations too. 👍👍
This is a really amazing write up. I've been getting into gaming for the first time, and it has luckily been Dapp or blockchain related gaming. I'm super happy to have read this, and bookmarked it for later when I'm out of the office (lol). Thanks again!
What game are you developing?
Posted using Partiko iOS
Im trying to Dev. a few old school replicas utilizing either an existing coin focused on blockchain gaming--or creating a new one on ETH. Id like to utilize NFT's though, and am not sure how to create value (original, nontested, unique value).
Old school replicas, sounds cool. As for a coin, maybe you can create a new one by using STEEM’s native SMT (Smart Media Token) when it gets released (soon I hope) or by using https://steem-engine.com
Posted using Partiko iOS
def cool and so much more simplistic in design. Nostaglia effect would be great to capture, ya know?
Really a good posting! Cheers
Good post man!
Thanks mate
Posted using Partiko iOS
what is Private Memo Key
The private memo key is used to send encrypted MEMO along with a transfer.
Posted using Partiko iOS
I understand
This conference is really nice.. First time I heard YOW! conf.. Thanks for sharing
Posted using Partiko Android
Yes they have organised a great event
Posted using Partiko iOS
Wow..nice post
🙏
Posted using Partiko iOS
Nice work done by yourself that you attended the conference and share it with us that we are feeling we are also in conference.
Indeed!
@tipu curate
Upvoted 👌 (Mana: 10/20 - need recharge?)
Please @contrabourdon friend nominate me as a curator.
Hi, @quochuy!
You just got a 1.27% upvote from SteemPlus!
To get higher upvotes, earn more SteemPlus Points (SPP). On your Steemit wallet, check your SPP balance and click on "How to earn SPP?" to find out all the ways to earn.
If you're not using SteemPlus yet, please check our last posts in here to see the many ways in which SteemPlus can improve your Steem experience on Steemit and Busy.
Yow yow
Congratulations @quochuy! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :
You can view your badges on your Steem Board and compare to others on the Steem Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOP
Vote for @Steemitboard as a witness to get one more award and increased upvotes!
Oh that was cool!
This is so new to me!
Nice
Congratulations @quochuy!
Your post was mentioned in the Steem Hit Parade in the following category:
Great post! I'm impressed with what you can do! I really hope there's someone able to solve the economy of steem. SBD price is in haywire now and so does the steem price. I really hope steem will take off but even the fundamental economy is with flaw.. Hope there's a team can be assembled to solve this.
Thanks for the post.