Quora.com hacked

Another one bites the dust“, this time Quora.com has been hacked and information for all the users exposed.

As you can read in their security update blogpost this was the information exposed:

  • Account information, e.g. name, email address, encrypted (hashed) password, data imported from linked networks when authorized by users
  • Public content and actions, e.g. questions, answers, comments, upvotes
  • Non-public content and actions, e.g. answer requests, downvotes, direct messages (note that a low percentage of Quora users have sent or received such messages)

What happened

Last Friday the Quora.com team discovered that some user data was compromised by a third party who gained unauthorized access to one of their systems.

They’re conducting an investigation and while that investigation is still ongoing, in their own words “we have already taken steps to contain the incident, and our efforts to protect our users and prevent this type of incident from happening in the future are our top priority as a company”.

What’s Quora doing

Meanwhile they’re doing the investigation and working together with some external security and digital forensics firms they’re taking some steps to improve security and minimise the impact, such as:

  • Notify users whose data has been compromised.
  • Logging out all Quora users who may have been affected, and, if they use a password as their authentication method, we are invalidating their passwords.

They “believe” they’ve identified the root cause and taken steps to address the issue, although the investigation is ongoing and they’ll continue to make security improvements.

Conclusion

We as software engineers, sysadmins, DevOps, or whatever cool name appears in the near future, should take seriously the security of our applications and the privacy of our users.

This won’t be the last security issue we’ll see in this cloud world.

Does Switching Jobs Make You a Worse Programmer?

Today I was doing some personal research for my new role in my company team and while I was looking for some topic about productivity and team management I found quite interesting this comment from Slashdot.org.

I decided to quote it directly to not cause confusion so you can directly read it as it is and get your own conclusion.

For me, it’s clear, it doesn’t make you a worse programmer, you just simply need some time to perfectly fit in the new team, you’ll learn new tools, concepts, languages and you’ll adapt to the way of working, after that your experience will help to improve those aspects. However take in consideration the big amount of time and energy you’ll need to keep up in the new team, in the new company. Because looking for a new job / starting in a new job, is a job itself.

Slashdot reader theodp shares some thoughts from Virginia-based cloud architect Forrest Brazeal, who believes that switching jobs or teams makes you — at least temporarily — a worse programmer:“When you do take a new job,” Brazeal writes, “everybody else will know things you don’t know. You’ll expend an enormous amount of time and mental energy just trying to keep up. This is usually called ‘the learning curve’. The unstated assumption is that you must add new knowledge on top of the existing base of knowledge you brought from your previous job in order to succeed in the new environment.

“But that’s not really what’s happening. After all, some of your new coworkers have never worked at any other company. You have way more experience than they do. Why are they more effective than you right now? Because, for the moment, your old experience doesn’t matter. You don’t just need to add knowledge; you need to replace a wide body of experiences that became irrelevant when you turned in your notice at the old job. To put it another way: if you visualize your entire career arc as one giant learning curve, the places where you change jobs are marked by switchbacks.”

He concludes, “I’m not saying you shouldn’t switch jobs. Just remember that you can’t expect to be the same person in the new cubicle. Your value is only partly based on your own knowledge and ingenuity. It’s also wrapped up in the connections you’ve made inside your team: your ability to help others, their shared understanding of your strengths and weaknesses, and who knows what else. You will have to figure out new paths of communication in the new organization, build new backlogs of code references pertaining to your new projects, and find new mentors who can help you continue to grow. You will have to become a different programmer.

“There is no guarantee you will be a better one.”
This seems counter-intuitive to me — but what do Slashdot’s readers think? Does switching jobs make you a worse programmer?

GitHub + Microsoft

Confirmado, Microsoft adquirió GitHub, y lo hizo por 7.500 millones de dólares, una de las operaciones económicas más costosas de su historia.

Según ha puntualizado Microsfot: “GitHub mantendrá su marca y operará de forma independiente.”

La operación es la tercera adquisición más importante en cuanto al montante económica de la misma. Microsoft pagó 26.200 millones de dólares por LinkedIn en diciembre de 2016 y 8.500 millones de dólares por SKype en mayo de 2011.

Al igual que hizo con LlinkedIn, Microsoft no influirá en la forma de operar de GitHub, por lo que inicialmente el servicio seguirá funcionando igual y GitHub seguirá operando de forma independiente “proporcionando una plataforma abierta para todo tipo de desarrolladores e industrias”.

Donde parece que habrá cambios es en la parte directiva de GitHub.

Dentro de un tiempo veremos como nos afecta esto al resto de desarrolladores que utilizamos GitHub.

 

Un español inventa un sistema para mandar mensajes de texto sin cobertura

No pierden la esperanza, pierden la cobertura del móvil. Eso es lo primero que les pasa a aquellos que tienen la mala suerte de perderse en el mar, en la alta montaña o que se ven envueltos en una catástrofe natural. Y justo eso, la telefonía, es precisamente lo que más necesitan, porque los mensajes de texto les podrían salvar la vida. Pero estas situaciones de tremenda vulnerabilidad están a punto de desaparecer. Y todo, gracias a un invento de un español.

Continue reading “Un español inventa un sistema para mandar mensajes de texto sin cobertura”

How to create, publish and use private NPM packages

After a long time working with different package systems I decided to migrate all my packages and dependencies to NPM. And the result couldn’t have been better.

When NPM reached the 5.x version they included a lot of things that improved the performance, speed and security of the packages.

There’re two commands that I specially like a lot.

npm outdated
npm audit

Continue reading “How to create, publish and use private NPM packages”

Exploring ES6 – From jQuery to ES6 #1

Recently I started to migrate all my code from ES5+jQuery to ES6 for different projects. I discovered a lot of cool things. Of course, I also faced some issues and I thought would be great to share all the stuff I’m learning and fixing with the rest of the people planning to migrate to ES6 as well.

I’m gonna write a serie of small articles covering all the new ES6 features and how to migrate your code from previous ECMAScript versions or from jQuery code.

Continue reading “Exploring ES6 – From jQuery to ES6 #1”

Kubernetes with Fluent Bit to send logs to Loggly

I’m going to show you how easy is to deploy Fluent Bit into your Kubernetes cluster. I’ll configure Fluent Bit to work together with Loggly, an external logging tool to manage all your cluster logs.

But first, some quick concepts about the tools we’re going to use.

Kubernetes, in short, is a tool that allows you to manage, in a better organized and simpler way, your containerized applications.

Continue reading “Kubernetes with Fluent Bit to send logs to Loggly”

Y Flash sigue vivo!

El otro día andaba navegando por internet… buscaba un operador de telefonía móvil que ofrezca una tarifa de datos barata, porque en realidad últimamente es para lo único que utilizo mi teléfono, seguramente como nos pasa a todos.

De pronto hice una de esas maravillosas búsquedas en Google que me tanto me encantan y esto fue lo que me encontré.

Continue reading “Y Flash sigue vivo!”

Cancelando cuentas en Twitter y Facebook

Recientemente leí un artículo sobre un fallo grave de seguridad que afectaba a Github y Twitter. Aquí puedes leer el anuncio sobre este, en mi opinión, gravísimo fallo de segurdad.

Plaintext passwords in internal logs at Twitter and Github

  • Github notified a small subset of users that their passwords were visible in internal logs: link
  • Twitter asks for a password reset after discovering a similar issue: link

Continue reading “Cancelando cuentas en Twitter y Facebook”

Vagrant Ignoring ffi-1.9.14 because its extensions are not built. Try: gem pristine ffi –version 1.9.14

If you’re like me and don’t want to see errors or warnings every time you work with some tool in your system I  have something for you.

Have you ever seen these kind of warnings when working with Vagrant ?

Ignoring ffi-1.9.14 because its extensions are not built.  Try: gem pristine ffi --version 1.9.14
Ignoring ffi-1.9.10 because its extensions are not built.  Try: gem pristine ffi --version 1.9.10
Ignoring nokogiri-1.6.7.1 because its extensions are not built.  Try: gem pristine nokogiri --version 1.6.7.1
Ignoring nokogiri-1.6.3.1 because its extensions are not built.  Try: gem pristine nokogiri --version 1.6.3.1
Ignoring unf_ext-0.0.7.2 because its extensions are not built.  Try: gem pristine unf_ext --version 0.0.7.2
Ignoring unf_ext-0.0.7.1 because its extensions are not built.  Try: gem pristine unf_ext --version 0.0.7.1

Continue reading “Vagrant Ignoring ffi-1.9.14 because its extensions are not built. Try: gem pristine ffi –version 1.9.14”

Las leyes de la robótica propuestas por Europa

 

La Eurocamara pide poner en marcha una serie de normas de seguridad, éticas y legales para regular los avances en Inteligencia Artificial y robots.

Los avances en Inteligencia Artificial son imparables y los expertos hablan ya de la cuarta revolución industrial en la que las personas podrían ser sustituídas por robots en ciertos empleos.

Por esta razón, la comisión de Asuntos Jurídicos del Parlamento Europeo insta a la Unión Europea a armonizar normas de seguridad, éticas y legales para regular los importantes avances que se están logrando en el campo de la robótica y de la inteligencia artificial.

Continue reading “Las leyes de la robótica propuestas por Europa”

Software libre para predecir la producción energética de sistemas fotovoltaicos

Un equipo de investigadores del Instituto de Energía Solar de la Universidad Politécnica de Madrid ha desarrollado un modelo para predecir la producción de energía de un sistema fotovoltaico partiendo de una mínima información meteorológica.

El modelo permite predecir la producción de energía de un sistema fotovoltaico disponiendo solamente de los doce valores mensuales de la radiación solar, la turbidez de Linke (transparencia de la atmósfera), y la temperatura ambiente.

Continue reading “Software libre para predecir la producción energética de sistemas fotovoltaicos”

La UCM desarrolla una red social para el aula basada en software libre

Usando el micro-blogging o micro-anotaciones, ingenieros de la facultad de Informática de la Universidad Complutense de Madrid han desarrollado Bolotweet.

Basada en un software libre, la herramienta quiere contribuir a implantar el Proceso de Bolonia y conseguir una evaluación continua de los alumnos, provechosa tanto para estudiantes como para profesores.

Continue reading “La UCM desarrolla una red social para el aula basada en software libre”

Create a website or blog at WordPress.com

Up ↑