Skip to main content

Posts

Showing posts from January, 2014

windows server 2012 missing flash player Internet explorer 10

I was trying to get selenium tests working on IE10 on a windows server 2012 box in EC2. The IE10 kept saying that flash player is not installed and gave get Adobe flash player link  but when I click it Adobe site says that IE 10 has flash installed. It gave me steps to go to Manage addons and enable Shockwave Flash or disable ActiveX filtering. But when I went to Manage addons I didnt found Shockwave Flash. I even tried installing the windows 8 update for flash player but that said this is not a valid installer for your machine. Finally I found that I had to install windows server 2012 "Desktop experience" from add roles and features. Installing it solved the issue.

Encrypting stored passwords in spring web application

We take security very seriously and have taken steps to harden our services so if some one has ssh access to the box he wont be able to read the files but the webapp has to be able to read the spring config which has passwords to database so we need to protect it from any file download vulnerability. So the plan was to encrypt passwords stored in spring files and decrypt it at runtime. As we had to decrypt the passwords back this has to be a symmetric encryption but with salt.  After doing some research I found jasypt library that would be able to do this. The steps I followed were: 1) move all passwords to a separate  file called as XXX_passwords.properties 2)changed spring xml to use property placeholders like ${mysql.user.password}. 3) added spring beans to load the password and decrypt them using the ENV variable ENCRYPTION_PASSWORD and added two jars to class path jasypt-1.9.1.jar and jasypt-spring31-1.9.1.jar     <bean id="encryptablePropertyPlaceholderConfigurer

Offsite

Last week I attended first offsite in my carrer. I had no idea what offsite meetings were so it was an interesting experience for me. Honestly I was skeptical that about entire offsite thing and thought it would be a waste of time. I work from home and I vist Bay area may be twice a year. I have a 4 year old and going for these one week trips are not fun for the family as wife has to manage the kid alone along with her hectic job. So I try to avoid a trip to Bay area as much as possible. Also these bay area trips are not at all productive for me, I somehow feel productive if at the end of the day I deliver some tangible code and in bay area trip as I am pulled into all sorts of meetings its not at all suitable to write any kind of code, there are too many distractions.  The max amount of code that I am able to write is on the 4 hour aeroplane ride back and forth.  Anyway coming back to offsite, we did it over 2 days in 4 sessions. In the first session marketing,sales,and management pre

ubuntu 12.04 freeze

so I was getting random freezes on ubuntu where mouse keyboard or anything wont work.  The probability of freeze increases if I start youtube.  Ultimately my colleague recommended upgrading linux kernel following http://www.unixmen.com/linux-kernel-3-12-2-available-download-installation-instructions-ubuntu-linux-mint/ 5 days after the kernel upgrade and no more crash even if youtube is running in background for almost 3-4 hours. The only thing I had to for was reinstall virtualbox. Now yesterday I had to install guest additions and unfortunately the ubuntu package tried installing virtualbox-guest-additions-iso with old kernel compatibility and it didnt worked.  Anyways for now its not itching me that much and I will scratch it if it become unbearable, due to this I am unable to copy paste between ubuntu host and guest even though I had enabled bidirectional clipboard sharing.

Lost trust in manual QA

At my employer's startup the product footprint has grown so big that I have lost trust in manual QA.  Take an e.g. of today,  last night QA found an issue and then my team mate fixed it, before I woke up I saw that QA passed the ticket in flying colors and they did tested many things like update user, bulk update user. As there is a release today night, I did a detailed code review of the fix and immediately within 2 minutes I see an issue in the bulk update and the problem was that original developer didnt used DRY. So the team mate had fixed update user and from UI the bulk action would still call updateUser. The other bulk update would be called only when you do import CSV or some other public api. The point being I have lost trust in manual QA because they really cant regress a ticket using all possible combinations in the short amount of time. We do a release every 3 weeks and in 2 week is dev and 2 week is QA (2nd week is overlap), but in those 2 week we are always scra

Courage and change in focus

It takes courage to acknowledge product issues. Hats off to evernote CEO to acknowledge and pledging to focus on core product issues on the blog post. http://blog.evernote.com/blog/2014/01/04/on-software-quality Some times you are aware of issues in the product but unable to put dedicated focus on it as you have to add new features fast and I guess sometimes all you need is an external push to again align dedicated focus on quality rather than features. startup path to success is not a hocket stick growth but it looks more like a zig zag mountain hike.

0,1, 5,20,50,100

Heard an interesting comment that 50% of the people who are at MVP($0 revenue) to 1M revenue, from 1M to 5M, from 5M to 20M revenue, 20M to 50M and 50m to 100M will need replacement or needs augmentation in the company. Interesting comment and now that I think about it, I had observed something similar in the startup I am employed at (although not at 50% but I have seen as the revenue grows in few areas people constantly gets replaced or consultants gets replaced by motivated and sharp employees). another intersting observation I saw was at how to figure out revenue of a competitor http://saastr.quora.com/How-to-Figure-Out-Your-Competitors%E2%80%99-Revenues-in-About-70-Seconds   this one was almost accurate.