Академический Документы
Профессиональный Документы
Культура Документы
Dinis Cruz
This book is for sale at http://leanpub.com/generation-z
This is a Leanpub book. Leanpub empowers authors and publishers with the Lean Publishing process.
Lean Publishing is the act of publishing an in-progress ebook using lightweight tools and many
iterations to get reader feedback, pivot until you have the right book and build traction once you do.
This work is licensed under a Creative Commons Attribution 4.0 International License
Also By Dinis Cruz
Practical Git and GitHub
Practical AngularJS
Practical Eclipse Plugin Development
Practical Jni4Net
Thoughts on OWASP
Exploiting MVC Model Binding
Practical O2 Platform Tools
SecDevOps Risk Workflow
Hacking Portugal
Contents
I Generation Z Developers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1 Generation Z . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.2 How to get a job . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2. What is this . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1 Docker . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
3. Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.1 Books . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.2 Pen and Paper . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
3.3 Brain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.4 Hugo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3.5 Machine Learning and AI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
3.6 Jira . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
4. Life Patterns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
4.1 Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
4.2 Be a founder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
4.3 Backup your life . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
4.4 The future needs you . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
II Draft Chapters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
5. What is this . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
5.1 Creative Commons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
5.2 Open Source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
5.3 CPU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
5.4 Copyright . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.5 EFF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.6 Free Sofware Foundation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.7 OWASP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
5.8 Python . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
5.9 Slack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
5.10 WallabyJS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
5.11 XCode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
CONTENTS
5.12 google . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
5.13 linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
5.14 raspberry-pi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
6. Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
6.1 AST (Abstract Syntax Tree) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
6.2 AWS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
6.3 DSL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
6.4 Dopamine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
6.5 Dot Language . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
6.6 IOT (Internet of Things) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
6.7 Node JS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
7. Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
7.1 BDD (Behaviour-Driven Development) . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
7.2 TDD (Test-Driven Development) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
7.3 FDD (Feedback-Driven Development) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
7.4 Agile and Kanban . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
7.5 CV Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
7.6 Change . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
7.7 Change Engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
7.8 Chaos Engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
7.9 Continuous Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
7.10 Facts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
7.11 Functional Programming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
7.12 GDPR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
7.13 Gamification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
7.14 Inventing on Principle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
7.15 Karma Points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
7.16 Legacy Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
7.17 Micro-Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
7.18 Netflix Culture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
7.19 Pair Programming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
7.20 REPL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
7.21 Recursive Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
7.22 Serverless . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
7.23 graphs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
8. Your CV . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
8.1 Blogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
8.2 Future Self . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
8.3 Git . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
8.4 Github . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
8.5 LinkedIn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
8.6 Upwork . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
8.7 leanpub . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
8.8 twitter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
9. Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
9.1 3rd-party-modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
CONTENTS
11. Misc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
11.1 Diagrams to add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
11.2 Generation Z Research . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
11.3 O2 Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
11.4 Stories to tell . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
CONTENTS 1
All content related to this book is hosted at the GitHub DinisCruz/Book_Generation_Z_Developer1 repo.
This repo not only contains all text (in Markdown), but also all pending issues and ideas2 . I’m using the
exact workflow and ideas presented in this book in the development of this book :)
You can read more about GitHub and Git in the respective chapters, but if you want to be involved in an
open source and Creative Commons project, this would be a good place to start.
Here are the current list of issues (as of the last time this book was generated) that you can help out
Issues list
Using GitHub api on 05 Mar 2018 the following 5 issues had the show-in-book label:
1
https://github.com/DinisCruz/Book_Generation_Z_Developer
2
https://github.com/DinisCruz/Book_Generation_Z_Developer/issues
3
https://api.github.com/repos/DinisCruz/Book_Generation_Z_Developer/issues/6
4
https://api.github.com/repos/DinisCruz/Book_Generation_Z_Developer/issues/5
5
https://api.github.com/repos/DinisCruz/Book_Generation_Z_Developer/issues/4
6
https://api.github.com/repos/DinisCruz/Book_Generation_Z_Developer/issues/3
7
https://api.github.com/repos/DinisCruz/Book_Generation_Z_Developer/issues/2
I Generation Z Developers
1. Introduction
Hi Generation Z Developer, if you are passionate developer who wants to learn as much as you can about
your craft, this is the book for you.
I decided to write this book after doing a series of presentations to Gen Z audiences, where I realised
a number of key gaps in your generation is understanding of the history behind a number of key
technologies that underpin the technological revolution that we are the in middle of.
Here is the slide that started it all, how many do you recognize?
My presentation started by me asking the audience if they recognized those logos, and then realising
that not only they didn’t recognised most of the logos, they didn’t knew the history behind them. More
importantly why they where created, and what was the problem (or itch) they addressesed
All these icons where ’catalysts of change’ and it is important to understand the history behind them, why
they occured, and what happened next
Each one of these icons changed the world of technology, and the paradigms shifts that they created and
still impacting our world today.
For example one of these changes/revolutions was the Creative Commons copyright license, which was
one of my ’WFT you don’t know what that means’ realizations. Creative Commons gives a number
of rights to the consumer of creations. This book is release under an ’Creative Commons Attribution-
ShareAlike 4.0’ license, which basically means you are free (as in freedom) to use all the materials and
content from this book (only requirements are that you provide some acknoledgement of the source and
that you use a similar license). You can even sell books based on content from this book.
As you will seen thorough the book, what I find interesting, is not that that a particular technology or
ideas allowed X to happen. What matters to me are the ways those ideas change how we act, how we
think and how we behave.
We are in the middle of a massive technological and cultural revolution and you need to decide if you
want to be a pawn, a player or even a play-maker in this new world. If you don’t understand the past, you
are bound to not only repeat past mistakes, but you will not even understand what game is being played.
Introduction 4
Please join me in this interesting trip down memory lane, where I will try to explain how I understand
and learned from a multitude number of technologies, ideas and events.
Be involved and contribute
If you have never contributed to an Open Source (or Creative Commons) project, then what about using
this book as your first experiments?
You can find all content for this book in this GitHub repo1 and you can submit ideas and issues (you found
when reading this book) here2
Please share your views, suggestions and criticisms and don’t hesitate to reach out to me on @DinisCruz3
1.1 Generation Z
Generation Z is the generation that was born after 19964 and represents a very interesting mix of great
values and digital capabilities.
The older members of this generation at about 22 years old at the moment (2018), they where 11 when
the first iPhone come out (2007) and are the first real digital/online generation (they never experienced a
world without internet or without google). This is the generation that is entering the market place at the
moment.
In addition to having personal experience with this generation (I have two daughters aged 12 and 14), I
have been involved (professionally) in a number of projects with this generation (for example teaching
High School kids in the UK how to ’hack’ and working with projects that aim at teaching developers
coding skills usable in the real-world).
The reason I’m focusing on this Generation, due to my realization that they missed a number of
key revolutions (in the technology space) whose history understanding is fundamental (in order to be
competitive in the market place).
In hindsight this is normal, since we (as a society) still don’t do a very good job at explaining why things
happened and why did they where needed in the first place.
Without an understanding of the past, we only learn from shadows and curated versions of reality.
I’m worried about Gen Z
Although Gen Z have some spectacular features and values (for example they are much more tolerant
and diverse than previous generations), they have a lack of intellectual curiosity that worries me
We need to learn from the past (in order not to repeat it), but lots of key technological revolutions and
paradigm shifts seem to be not understood by Gen Z
Ironically, in an age when information and knowledge is a click (or google search) away, in conversation
after conversation with Gen Z teenagers, I’ve found that they have a very thin understanding of the history
of particular technologies, why they occurred in the first place and what problem they tried to solve.
My hope with this book is to break through those gaps, and provide context and references, so that better
informed decisions can be made by members of this generation (who will need to save the world from
the mess the previous generations are creating)
1
https://github.com/DinisCruz/Book_Generation_Z_Developer
2
https://github.com/DinisCruz/Book_Generation_Z_Developer/issues
3
https://twitter.com/DinisCruz
4
https://twitter.com/PaoliCGPI/status/961121404048601088
Introduction 5
Overwhelming curiosity
What I hope to provide is a couple moments where you get this overwhelming curiosity to just learn more
about topic, where you start to follow link after link about a particular topic, and that you get a number
of ’WOW, that is fr**** awesome!’ moments
If you are lucky enough to find yourself in this place, congratulations, you just found ’the zone’ which is
this amazing enviroment when you are single minded and 100% focused learning (which is the best way
to learn)
Whenever you find yourself with this headspace, dont stop! Fololow it as long as your brain allows it, and
don’t stop for anything (namely social events, eat or sleep). This ’zone’ is a magical place to be , so learn
to recognize when you are inside it and explore it as much as you can.
One of my objectives with his book is to help you to find a great job, one that you will love to go everyday,
one where you are in a steep learning curve and one that aligns what you passionate about with what
your employeer is happy to pay for.
It is very important to realise that if you are in an job (or school) where your learning curve is not off-the-
charts, you are short-changing your life and your career. Nobody cares as much about your carer as you
do, and you are the only one that has full control over your attitude to learning. You can chose everyday
on how engaged and receptive you are to learn and to help others to help you learn. It is not exaggeration
to say that you decide your future’s direction and path with every decision that you make everyday.
There is a lot of competition out there and if you look at what is coming next (namely AI and the next
billion of internet users), you need to maximise your changes and opportunities.
I really like the Gen Z realization that a job is something that should be rewarding and not just a way
to make money. After all the best job is when you are paid to do something that you would do for free.
Although I am very fortunate to be in that situation, where I love my job and what I do every day, that
didn’t happened by accident. I made a number of key decisions in my life (some with very short-term
negative implications) that allowed me to align what I love to do with what the market wants to pay.
Being passionate and love your job
Find what you are passionate for, what you really care about, and align your carrer with those ideas. The
best part is that this is a massive win-win situation, since the more passionate you are about a particular
topic, the more you care about it, and the more valuable you are the company that is employing you to
work on those topics.
Having one competitive advantage
The best way to get a job is to have 1 (one) competitive advantage. One activity or task that you can do
better than the person/company hiring you. For example in the 1990s for a lot of companies it was using
a computer, in the 2000s is was using the internet. For development or security, for a while all it took
was good programming or hacking experience. Although it might look that the bar was lower those days,
the reality is that the ones that could do it, where the ones that proactively embraced those technologies
and learned them agaist all odds (at the time when most companies, including technological companies,
where ignoring it). These days, it is thinks like: ML/AI, Graphs, Chaos Engineering, GitHub, Git, Jira,
Creative Commons, Continuous Integration, AWS, WallabyJs and the other technologies/ideas covered in
this book :)
Own your carer development
Introduction 6
You are the one that is in change of your carer. Don’t let anybody tell you what you should be doing and
what paths to follow. You need to discover these paths by yourself (via trial and error), and a great way
to do that is to work for companies that are alligned with those paths
And how do you start working with those companies?
Easy, start collaborating on their Open Source projects. Act like you are part of the company (understand
their values, and behave in ways that that add value to that company, namely the tech stack)
Start by meeting offline and online the key individuals (and developers) from those companies and
communities in a way that adds value to them . Build relationships that will teach you a lot, and potentially
lead to very interesting job offers (or references). Start learning how to add value and how to become
really good at proactively solving problems (which is one of the most valuable assets you can bring to a
company)
What is interesting is that there is nothing stopping you from doing this!
So why don’t you?
After all you have nothing to lose? (and all to gain)
2. What is this
Important ideas and technologies to understand what they are that why they where created in the first
place.
2.1 Docker
As a developer it is critical that you understand how docker works and how it became so successful and
widely used.
The first time I saw and used docker, I was massively impressed by its simplicity and its potential to
change how not only applications are deployed, but how applications are developed and sandboxed.
To understand Docker and its power, the first concept to master is how docker is a ”process that exposes
a multi-layered file system as an fully isolated OS”
It is easy to see Docker as just a faster VM environment or a faster Vagrant (which is a way to
programmatically create VMs). I’ve seen companies that because they had automated VM deployments to
such an extent (i.e. they become really good at automating the creation and deployment of multi-gigabyte
VMs) they dismissed Docker as just another IT fad.
The problem is that Docker is much more than just a faster VM. Btw, by fast, I mean super-fast. normal
VMs book in minutes, Docker can give you a fully working Ubuntu box with Node installed in sub second
start time.
Docker starts in second(s) because it is just a process. The magic sauce is created by:
1. a number of linux kernel technologies that are able create a sandboxed environment for that process
(for files and network access)
2. a layered (i.e. docker images) file system, where each layer contains a diff with the previous
layer.This is a powerful graph db, where each file location is dynamically calculated when you
are inside the docker image.
From a security poing of view, Docker has massive advantages. Finally it is possible to run 3rd party code in
isolated (i.e. sandboxed) environments, where any malicious code running inside those docker containers,
would not have access to the current host user’s data. This is actually the future of desktop and server-side
apps. where easy external (or even missing critical) service/code is executed inside containers.
–
Topics to cover and ideas
• What is happening is that each layer is immutable, and when a file is changed inside docker it is
either a) lost when the docker image stops or b) saved a new docker image
– rewrite paragraph (above) that tries to explain how docker file system works and how new
images are created)
• why docker image development environment is so powerful and fast (explain the concept of images
commits)
What is this 8
– if you don’t understand git and virtual file systems you will struggle to understand git
Kubernetes
• add some technical examples of how to use docker (and how easy it is)
Testing Docker - repeatable bash scritps - testing of docker images and builds is still a very imature space
(no good tools, IDEs and Test Runners). I played with BATS but it wasn’t very good - we need TDD for
docker development - big comptetitive advantage in the market place if you understand these concepts
where to focus
• a very good research area is the visualisation and mapping or docker environment
1
https://vimeo.com/49392667
2
https://www.youtube.com/watch?v=F-ZskaqBshs
3
https://vimeo.com/7395079
4
https://www.amazon.co.uk/Trillions-Thriving-Emerging-Information-Ecology/dp/1118176073
3. Technologies
Another important technologies to know.
3.1 Books
I love books, the ‘real world’ physical ones, the BookBook1 (s). Not the digital alternatives who are a
shadow of a book and are not good technologies to consume knowledge.
I love books, and for a while I too had the a guilty feeling of ’holding on to legacy technology’, as the
world moved into consuming more and more digital content (including digital books).
For reference I buy hundreds of books per year and spend far too much money than I should on books.
Have I read them all, no of course not! Have I found amazing books to read every year that improved
my skills and knowledge, absolutely yes!!! The reason I buy so many books (multiple per topic) is because
until I start reading them, I don’t know which one is perfect (at that moment in time)
After looking closely at why I liked books so much, I had the epiphany2 that ”Books are actually the best
technology to consume and process information”.
There is also a growing body of research that shows that the use of digital technologies are also affecting
kid’s learning capabilities (see ”students find it easier to read and learn from printed materials3 ”)
Basically, if you don’t use books or printed materials to read and review the information you are
consuming (and creating), you are missing a massive trick.
The digital world is really good at promoting group think4 and to present the previous technologies as
’legacy’ and old-fashioned.
My experience is that books (and printed materials) are much better technologies for the consumption
of information. One area where the advantages of the digital books can be significant are novels and
fictional stories (namely the conveinience of access and the weight difference), in this case the books are
just a transient medium that is being used to tell a story, just like in a movie (in most cases, what the
reader is getting are emotional connections with the characters/story, and not really learning from the
text)
The reality is if you want to learn, you are better of using a book or printed materials.
The same happens with reviewing materials. It not coincidence that we all have experiences of writing
content in a digital medium (i.e. the computer) and while reading it on a screen it kinda looks ok. Then
once we print it, and enjoy the unidirectional, offline and 100% focused activity experience that is ’reading
a piece of paper’, we find tons of errors and ’WTF was I thinking when I wrote that!’ moments. In fact
making notes on printed versions of digital content, is exactly how I am writing and reviewing this book’s
content.
Yes, the fact that books are offline is one of the book’s main competitive advantanges!
1
https://medium.com/r/?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DMOXQo7nURs0
2
http://blog.diniscruz.com/2013/09/physical-books-are-best-technology-for.html
3
https://twitter.com/nicolekearney/status/963946721662267392
4
https://en.wikipedia.org/wiki/Groupthink
Technologies 10
The boook’s ’features’ of not being interrupted by a constant stream of apps/websites notifications and
not having a browser at hand, does wonders for your ability to focus and to consume information.
Another powerful feature of books (in addition of rendering contentin HD with real-time refresh rate), is
that they allow your brain to consume information in a 3D format and with more senses. For example,
notice how when you flick back pages looking for a particular passage or diagram, your eyes will be
looking at a particular section of the page. This means that your brain not only is capturing the content
that it is reading, it is also capturing (and storing) the location of that content, and how it relates to the
rest of the page. One of the reasons that lead me to the epiphany of the value of books was how I noticed
that it was bothering me the fact that the kindle reorders paragraphs and pages when you flick back (and
how it was affecting my ability to find content I’ve already read)
Environmental impact of books
My undestanding (and please correct me if I’m wrong) is that most books these are are printed from either
recycled paper or from sustainable forrests (i.e. forests where they plant at least as many new trees as they
cut).
This mean that these days, the impact of books on the environment is minimal.
Another powerful technology that seems to be going out of fashion is the pen and paper (pencil is also a
great option).
As covered in the ’Book’ chapter, analogue techniques like the pen and paper are actually better
technologies for creating and capturing ideas.
The fact that a piece of paper (or notebook) is not ’online’ and one cannot easily change its contents, are
actually some of its best features.
What is really important is to capture the ideas and thoughts that you have. There are also studies that
shows that just the fact that you write something, will make it easier for you to remember and to process
that information.
I have so many examples of situations when I started writing just some ideas, and after a couple pages, the
real interesting ideas come out (due to the hyperlinked nature of how ideas are generated in the brain).
What is important is the realisation that those 2nd or 3rd generation of ideas would had not been captured
without the first batch of ideas and notes. I’ve also found that my brain retains the location of where I
made some notes, and I’m able to go back to those notebooks and remember what where those ideas (even
after a couple years).
These days, to keep track of what I have reviewed and processed, I have the workflow/habit or crossing-
over the ideas or texts that I moved to a digital format or delegated.
The reality is that you will forget the ideas you are having today!
The only way to make sure that your future self has access to those ideas, is to capture them now!
It is great when you review your older notebooks (could be from last week or year) and not only remember
an idea you had since forgotten, but you are able to expand that idea and take it to the next level.
My favourite are the Moleskin books5 plain A5 notebooks, since they represent a nice balance of white
space and portability ( I use them everyday)
5
https://www.amazon.co.uk/Moleskine-Sapphire-Large-Plain-Notebook/dp/B015NG45Q0/
Technologies 11
A nice site effect of having mobile phones with cameras, is that it’s easy to share a picture of one of the
notebook’s pages.
3.3 Brain
How well do you know your brain? Do you know how it works? What areas it is really strong at, what
areas it is weak and how to maximise its capabilities?
The human brain is one of the world’s great wonders and we live in a age where we now know a
tremendous amount of details on how it works.
You need understand how your brain work, so that you understand it’s blind spots and why we behave
in the way we do.
How do you think? How do you remember? How do you see? How rational are your decisions? Who is
actually making the decisions in your head?
If you have not looked at this topic before, you will be very surprised with the answers to these questions.
This is where you need to apply your logical and computing side of the brain and reverse engineer how
your own brain works.
I’ve always found the brain fascinating and the more I learned about it, the better I become at
understanding how I and others think.
A good place to start is the Freakonomics: A Rogue Economist Explores the Hidden Side of Everything6
book, which uses economic techniques to answer a number of very interesting questions.
The Predictably Irrational: The Hidden Forces That Shape Our Decisions7 takes that to another level,
where it shows example after example how we are not rational at all in a number of decisions we make
everyday
The best one I’ve read is the Incognito - The Secret lives of the brain8 which not only explains really well
how the brain works, it really challenges our understanding of how the brain works.
How you think
When self analysing how I think (from an engineering point of view), I found that I have two types of
thinking techniques.
• A slow(ish) type of thinking - where I’m basically taking to myself in my head. This is also how I
tend to read (I heard the text I’m reading in my head)
• A fast type of thinking - where I ’somehow’ am making a large number of analysis and decisions,
and ’know’ what I’m thinking without really needing to articulate in my head all the explanations
of what I’m doing. This is the kind of thinking that one tends to get when in ’the Zone’ (which is
that magical place where ideas ’just flow’ and we are hyper productive)
I’ve also found that although my brain is able to hold a large amount of hyperlilnked information (creating
a graph of linked data that I’m working on), it is not good at all at multi-tasking (i.e. working on multiple
domain problems at the same time).
6
https://www.amazon.co.uk/Freakonomics-Economist-Explores-Hidden-Everything/dp/0141019018
7
https://www.amazon.co.uk/Predictably-Irrational-Hidden-Forces-Decisions/dp/0007256531
8
https://www.amazon.co.uk/Incognito-Secret-Lives-Brain-Canons/dp/1782112464
Technologies 12
This is why is so important to be able to spend concentrated time on a particular topic, since it takes a
while to upload all relevant data to the parts of the brain focused on the task at hand.
Switching content and interruptions
A reason why even a 1 second interruption can be massively disruptive (for example a text message, or
slack/snapchat/instragram/facebook/twitter notification) is because it breaks the mojo of your brain and
destroys a number of those hyperlinked graphs you had created in your head.
It is even worse when the interruption actually requires some extra activity (for example a question from
somebody at the office).
One area that these interruptions happen a lot in the normal developer’s coding workflow is Testing.
The simple fact of having to manually run a test (either via the command line, or by clinking on a web
browser), will break your mental models and make you ’switch context’
I can’t explain (you need to experience it yourself) how productive is it to code in an environment where
the context switching is minumal (which is what happens when coding using tools like wallbyjs9 or
NCrunch10 )
3.4 Hugo
Hugo IO11 is a Static Website Generator (SWG) and represents a very interesting twist on the development
stack of a website (another popular Static Website Generator is Jekyll12 )
In addition to having a great environment to create content (and to maintain it), what hugo represents is
a completely different paradigm shift on how to create and publish websites.
Basically what SWG (Static Website Generators) do, is to pre-create all possible web pages during a build
stage, and to place them all in a single folder that can be easily deployed to any server or service that is
able to host static files (for example AWS S313 )
In practice this means that you can have a website running from valina web pages, with no backend
and no moving parts. Not only this is massively secure (no server-side code to hack), this has amazing
performance implications (i.e. the site is super fast, when compared with dynamically generated sites).
Ask yourself the question: ”Why do you need a database?”
It is amazing how in tons of cases a database is not actually needed (specialy when it is possible to pre-
generate all pages programmatically).
In fact Hugo is using a very efficient and scalable database and cache: The file system :)
I really like the pattern of using the file system as a database, specially when combined with git for
deployment.
Hugo is also a great case-study of how modern development techniques, technologies, and open source
innovation create products/apis that are miles ahead of the competition (with killer features)
I use Hugo a lot these days, in all sort of internal and external sites, and after using (and developing)
all sorts of CMS (Content Management Systems), I have to say that it provides me a spectacular and
highly-productive content creation/editing workflow.
9
wallabyjs.com
10
http://www.ncrunch.net/
11
https://gohugo.io
12
https://jekyllrb.com/
13
https://aws.amazon.com/s3
Technologies 13
This book for example has a companion websites that is created using Hugo, and I’ve created a number
of extra pages that help to improve my productivity (for example search and print pages)
One of the most important areas that you need to gain a strong understaning in the next 5 years is Machine
Learning and Artificial Intelligence (AI).
This is not about an Skynet14 kinda scenario where an super-intelligence singularity15 is going to take
over the world and destroy humanity.
This is about the next major revolution in technology and whether you are going to be a player or a pawn
in what is happening next.
I highly recomend that you read Kevin Kelly’s The Inevitable: Understanding the 12 Technological Forces
That Will Shape Our Future16 book where he provides a really clean mapping of what (most likely) will
happen next.
One area that Kevin talks in detail and you can already see it happening around us is the introduction of
AI capabilities in all sort of devices and business activities.
This is where you need to take a proactive approach and start learning about how all this works and how
to program it.
The great news is that in the last couple years the major cloud providers have been investing really hard
on these technologies and are now providing environments where you can easily play around and learn
how machine learning and AI works
See for example all the different tools and technolgies that AWS is already offering in the machine
learning17 space (Microsoft is also providing some really cool capabilities on Azure18 )
As a developer, you will be soon be asked to write code that integrates with Machine Learning technology
to process large amounts of data or to integrate an app with AI services like voice, image recognition or
domain-specific analysis (for example in medicine)
Where are we going
For a nice view of what could be happening next see - Life 3.0: Being Human in the Age of Artificial
Intelligence19 - Homo Deus: A Brief History of Tomorrow20 - What Technology Wants21
3.6 Jira
Jira22 is a web application that is widely used by development, engineering and technical teams to manage
they day to day tasks/activities.
14
https://en.wikipedia.org/wiki/Skynet_(Terminator)
15
https://en.wikipedia.org/wiki/Technological_singularity
16
https://www.amazon.co.uk/Inevitable-Understanding-Technological-Forces-Future/dp/0525428089
17
https://aws.amazon.com/machine-learning/
18
https://azure.microsoft.com/en-gb/overview/machine-learning/
19
https://www.amazon.co.uk/Life-3-0-Being-Artificial-Intelligence/dp/024123719X/
20
https://www.amazon.co.uk/Homo-Deus-Brief-History-Tomorrow/dp/1910701874
21
https://www.amazon.co.uk/What-Technology-Wants-Kevin-Kelly/dp/0143120174
22
https://www.atlassian.com/software/jira
Technologies 14
We (at Photobox Group Security) use Jira extensively in our day-to-day activities, where not only it helps
us to track our tasks and risks, we create tons of custom Jira Workflows and write custom applications.
We basically use JIRA as an graph database (see Creating a Graph Based Security Organisation23 ) and
Confluence24 as a way to display the information stored in JIRA.
The key point I want to make here is that the tools that we use in the enterprise need to be customised
and extended (in order to make them work).
Being able to write these customisations and understanding at a much deeper level (when compared to
’normal’ or ’power’ users) what is possible with these tools, is a massive competive advantage.
In fact if you are able to write custom JIRA workflows that are usable by a development team, that is a
massive competitive advantage for you, and it will make you highly employable today.
Use Jira in your life
Create Jira projects for your life activities (with Epics to track group of tasks)
Create a Kanban board for your personal tasks and Epics.
Create custom workflows and learn how to manage Jira. This will give you tons of confidence when using
Jira in the real world (or when intervewing)
And since Atlassian has evaluation version for their cloud version of Jira, there isn’t any cost to try this.
Now you have no excuse to not having used Jira before (at a level more advanced that most corporate
users and the developers interviewing you)
23
https://www.slideshare.net/DinisCruz/creating-a-graph-based-security-organisation-devseccon-keynote-81345667
24
https://www.atlassian.com/software/confluence
4. Life Patterns
….
4.1 Learning
4.2 Be a founder
The single thing that you personally control when you go to work, is your attitude to your work and how
you approach it.
One of the concepts that I really like is the idea that you should ”act like one of the founders of the
business”.
Image you where employee #4 and you really cared deeply about the company you currently are working
on!
Ask yourself:
”If I was a founder of the company/department/section I work now, with the responsibilities that
I have at the moment: ?”
Hopefully you will get some interesting ideas and actions (from this mental exercise)
The question now is: ”what is stopping you from doing just that?”
How is telling you ”Don’t do it”?
At the moment it is just you!
You can even do this for companies that don’t employ you. You can contribute to their open source projects,
you can write blog posts about them (and use twitter to reach out to key individuals)
You can choose to care about the team that you are currently in, and the work that needs to be done.
The irony is that the more you care and the more you behave like a founder, the more value you usually
add and the more valuable you will become for that company.
Backing up your code (and ideas) is one of the most important patterns that you must master. Your current
approach to backups will depend on how much have you lost, and how painful it was.
The reality is that sometime and somewhere in the future, you will lose some of your data (and ideas).
This could be something as simple as a lost laptop, or some data that was deleted by accident, or even an
ransomware attack that encrypted all the files in your devices or servers. If you don’t have a good strategy
and habits for how you do your backups, it is just a matter of time before you have a catastrophic event.
Trust me, there are few things in life more soul destroying and demotivating, than having to re-create
something again (that you were happy with and you had spent a lot of time creating). Even worse when
you are not able to recreate it, which in a business environment can easily lead to you being fired for lack
of due-diligence or negligence.
The solution is to think about where you classify and store your data (and ideas), so that you can come
up with strategies that work in your day-to-day activities.
I’m going to provide a number of examples of how I do it, which hopefully will give you some ideas:
Life Patterns 17
• Secrets Minimisation - From a security point of view, the less secrets you have the better (and the
easier it is to backup the rest). This is where the more you embrace the idea to publish as much of
your data (and ideas) as possible, the easier it is to use web based services as your backup medium.
• Passwords - A clearly important piece of data not to lose or disclose. My strategy is to pick
formulas that I can remember and to use 2FA authentication (like SMS) as much as possible (which
dramatically reduce the importance of passwords)
• Future Self - Part of my drive to share, is to think that one day in the future, my future self will
need it. This is also why I like to Open Source as much as as possible, since it makes sure that as
I move jobs, I don’t have to start from scratch (for example what happened with me and the O2
Platform research or the Maturity Model tool I developed recently)
• Git - Git is not just a version control which you use when you want to commit to the main repo.
I’ve seen developers that code for days before doing a commit. This is missing a massive trick. Not
only during those periods between commits there is a high risk of data loss, the developer is also
missing the opportunity to go back to a version created a couple hours ago (which was better than
the current one). Basically there is only so much Ctrl-Z can help you. Note that you should be
using git to store as much data (and ideas) as possible, since this workflow is not just for source
code (another reason why I like to use markdown for content and DOT for graphs)
• Autosave and Commits - When using git as a data store, I always enable auto-save on the IDEs
so that I never have unsaved text in memory. I then use git commits (and git staging) to really
understand what has been changed (and to double check those changes before committing to the
target branch). This is very empowering and liberating, since I don’t really worry about losing
anything
• GitHub - I push as much code (and ideas) on GitHub as possible. For example I have repos (some
private) that act like document storage and (literally) backups. My expectation is that GitHub’s
backup strategy is sound and better than mine.
• DropBox and GDocs - Same thing for DropBox and Google Docs. I use them to store data and
rely (as most companies do) on their security and backups (very important to have 2FA on these
accounts and to pay for the commercial versions, which provide features like version control and
much more storage)
• Twitter - I use twitter as my personal search engine, and use it to store all sort of links and ideas
that I might be interested in the future
• Google - A great site effect of putting your data (and ideas) online on a public and hyperlinked
location (for example on a blog or slideshare), is that Google (and Web Archive2 project) will
eventually index it (and keep a copy for ever). I actually have used these service’s caches to recover
ideas that I published ages ago, on a platform or site that has since disappeared!
• Simulate disaster - Ask yourself, if you lost your laptop now, how painful it would be? For example
at this very moment, the only thing I would lose if my laptop disappeared (or was stolen) would
be the text in this chapter (and in about 30m, I wouldn’t lose anything, since I will have committed
this text into Git and GitHub)
• External Drives - For large files and VM (not really much these days) I also have a number of
external drives in my house that hold it (although some of the most interesting research VMs, like
the ones I was using when developing the O2 Platform, have been moved to dropbox)
Finally, you probably noticed that every time I mentioned code I also added a note about ’ideas’. The
reason is that you also need to backup your ideas so that your future self has access to them. The reality
is that you will forget about those ideas and the connections that got you there. The only way to make
sure they are not lost forever is to publish them into an hyperlinked medium.
2
https://web.archive.org/
Life Patterns 18
Sometimes the future just doesn’t happen! It needs people like you to make the difference.
Re-enforcing the concept that what matters is not ideas but energy and focus in execution, there are a
number of ideas that although brilliant, we still need the right individuals at the right place in order for
them to become a reality.
This happens in all fields (for example there is a great interview by Elon Musk where he talks about how
the concorde and moon landings are good examples of us going backwards in technological capabilities).
On the developing/coding world, in addition to the WallbyJS (real-time unit test execution and code-
coverage visualisation) that I cannot understand why all IDEs do not replicate and deeply integrate those
capabilities in their engines, another amazing example is the Zoetrope (Interacting with the Ephemeral
Web) research by Adobe.
This research was published in this YouTube video3 , and it shows a working real-time time machine for
web pages (and other content).
This research transformed the Ephemeral4 and ’no-past’ nature of web pages, into a multi-dimensional
graph, where the previous versions of a page’s content can be visualised, transformed and analysed in all
sorts of ways (check out the video and you will be blown away).
Given how powerful this idea is, the interesting question is ”Why hasn’t it evolved!”.
My view is that because there is a significant amount of research and technology required to reach the
workflow shown in that video, and the fact that the technology and ideas where not released under an
Open Source license (or Creative Commons), any new attempts would have to start from scratch (since it
clearly looks like Adobe did not continued the research projects)
Also important is that an individual’s vision and an sustainable economic model matter (i.e. someone
who understand the problem and someone who is funding the research). Although the key concepts are
clearly shown in the video and easy to understand, in the last 10 years we had not had an individual (or
team) with the right energy and drive that has decided to replicate this research into an Open Source
environment, and built a strong community around it.
I’m very frustrated by this lack of development, since there are tons of areas in Application Security where
this kind of anti-ephemeral technology would be massively important.
Gen Z dev, if you are looking for a place to start replicating this idea, here is one for you:
Create a tool/website to search and visualise the git files history (for example how to do a search
across previous versions of files)
That is not a problem that has been solved today, and not only you would let a lot about how git works,
you would be creating a tool very useful to you and the development community. As an example that
would allow for the easily discovery of secrets stored in git repos that have been ’deleted’ using commits
(which means that the secrets still exist in that repo and are available to anybody that can clone it)
3
https://www.youtube.com/watch?v=7C-B7qdClak
4
https://en.wiktionary.org/wiki/ephemeral
Life Patterns 19
https://en.wikipedia.org/wiki/Creative_Commons
These licenses allow creators to communicate which rights they reserve, and which rights they waive for
the benefit of recipients or other creators)
Topics to cover and ideas
• ”For a typical author, obscurity is a far greater threat than piracy.” Tim O’Reilly on Piracy is
Progressive Taxation, and Other Thoughts on the Evolution of Online Distribution1
• how CC is changing research
– for example collaboration of code and datasets on cancer research
• the amount of data that is being shared today is hugo
– show examples from the multiple visualisation’s books (and websites)
– show example of data released by the UK
* https://data.gov.uk/ which uses http://www.nationalarchives.gov.uk/doc/open-govern-
ment-licence/version/3/ (compatible with Creative Commons Attribution License 4.0 )
• more and more there is an moral and techical argument that all data created by government should
be released under an creative commons license, and all code paid by the government should be
released under an open source license
• publishing your research under an CC license is harder than it looks. It means that you have made
the paradigm shift from close to open.
– It means that you now view your value as someone who can execute ideas (and are happy to
share your creations)
– anybody can have ideas, the execution is the hard part
* in fact deciding what NOT to do is that hard part (what ideas to say NO is one of the
most important decisions to do)
· this is easy when you have a good vision of the journey ahead.
• I was called a communist many times (in early open source conversations)
• ”Open source as won, but Gen Z is not aware of it”
• When you open source an app or code, what will happen next is : Nothing!
– it is veru hard to create a community around an open source project
– what you will have done (with adding the license file to your code (which is all it takes,
assuming you wrote all the code so far)), is to create future opportunities for that code and
sent a strong message about your agenda (i.e. you are not going to lock in the future the users
that are using your current code today).
* you are allowing somebody (which could be you) in the future to use your code
* you are also protecting your research, so that if you move companies, you can still use that
code (there is nothing worse for a programmer than to having to rewrite something that
was working ok (specially when it is a framework that supports a particular workflow)
• big success of companies collaborating internally externally (i.e. internal collaboration between
different teams via open source code)
– although most devs have access to all code, the number of cross-team pull requests is very
low (open source license help a lot with this)
– allowing other to use your code is a great way to find programmers to hire or companies to
buy
– the myth of the company that will take your code and just run with it (they will be massive
locked to your code)
* example of team that created a fork of Chrome (to add security features) and couldn’t
keep up with Chrome’s development speed
* the open source tax (when you don’t contribute back your changes)
• companies should pay developers to work on open source apps/modules that are used in the
company.
– my experience with helping an open source project (that we used), and then getting help from
a key developer from that project in a hard problem that we were having
• Question: ”Why don’t you open source your code?”
– I bet the answer is a combination of:
* ”I don’t think my code is good enough”
* ”I’m embarrassed about my code”
* ”Nobody will want to use my code”
– the first thing to understand is that I have heard these same excuses from all sorts of developers
and companies, for code in all sorts of quality and completeness.
– this is your Lizard brain3 in action (making excuses of why you shouldn’t do something)
– the key is to just do it (add the license and slowly staring building the community)
• https://en.wikipedia.org/wiki/The_Cathedral_and_the_Bazaar
• In this book/essay Raymond provides 19 lessons which are still as relevant today (2018) as when
they were published (1998)
– Every good work of software starts by scratching a developer’s personal itch.
– Good programmers know what to write. Great ones know what to rewrite (and reuse).
– Plan to throw one [version] away; you will, anyhow. (Copied from Frederick Brooks’ The
Mythical Man-Month)
– If you have the right attitude, interesting problems will find you.
3
https://facilethings.com/blog/en/lizard-brain
What is this 23
– When you lose interest in a program, your last duty to it is to hand it off to a competent
successor.
– Treating your users as co-developers is your least-hassle route to rapid code improvement and
effective debugging.
– Release early. Release often. And listen to your customers.
– Given a large enough beta-tester and co-developer base, almost every problem will be
characterized quickly and the fix obvious to someone.
– Smart data structures and dumb code works a lot better than the other way around.
– If you treat your beta-testers as if they’re your most valuable resource, they will respond by
becoming your most valuable resource.
– The next best thing to having good ideas is recognizing good ideas from your users. Sometimes
the latter is better.
– Often, the most striking and innovative solutions come from realizing that your concept of
the problem was wrong.
– Perfection (in design) is achieved not when there is nothing more to add, but rather when
there is nothing more to take away. (Attributed to Antoine de Saint-Exupéry)
– Any tool should be useful in the expected way, but a truly great tool lends itself to uses you
never expected.
– When writing gateway software of any kind, take pains to disturb the data stream as little as
possible—and never throw away information unless the recipient forces you to!
– When your language is nowhere near Turing-complete, syntactic sugar can be your friend.
– A security system is only as secure as its secret. Beware of pseudo-secrets.
– To solve an interesting problem, start by finding a problem that is interesting to you.
– Provided the development coordinator has a communications medium at least as good as the
Internet, and knows how to lead without coercion, many heads are inevitably better than one.
5.3 CPU
5.4 Copyright
…
Topics to cover and ideas
• What is it
• understand its history
• Why was it created
• Is it working
• Positive side effects and Negative side effects
• Copyleft
• Opensource and Creative Commons are copyright licenses
• Music and its relationship with copyright
– what happens when the cost of distribution goes to zero
– customers will still buy (if the product and distribution is right)
5.5 EFF
…
Topics to cover and ideas
• history
• Richard’s s story
• copy left
4
http://www.ollydbg.de
5
https://www.hex-rays.com/products/ida/
What is this 25
5.7 OWASP
Part of building you brand and carrer is the participation in Open Source community groups like OWASP
OWASP (the Open Web Application Security Project) is a world wide organisation that is focused on
Application Security.
Topics to cover and ideas
• Great community
– chapters, conferences, guidance, tools, books, summit
• be involved
• make of companies that are hiring now!
• dramatic need for application security professionals
• security is a key skills for developers (add AWS CTO quotes)
• owasp summits
• working sessions
• chapters, join or start one
• projects
– JuiceShop
– Top 10
– mobile testing guide
5.8 Python
…
Topics to cover and ideas
5.9 Slack
Slack is how we communicate daily (just like we used to using ICQ, MSN Messenger, Skype, Phone, Smoke
Signals, etc…)
Topics to cover and ideas
• Slack bots
• Why slack one
• Integrations
• Copy and paste of images
5.10 WallabyJS
5.11 XCode
…
Topics to cover and ideas
• Write your own mobile app today (now easy with Swift)
6
https://vimeo.com/36579366
What is this 27
5.12 google
5.13 linux
• linux history (it all started by Linus Torvalds inspired by a MINIX system)
– mention some of Linus views
• Linux patch submitted by an 4 year old7
• most complex software in the world
– git was created to manage the linux code development
• you need to learn it, how to install kernel drivers, how to hack it, how to rebuilt it
• power of raspberry pi is that it gives you a linux environment for you to play with
• Mac is ’just about’ linux under the hood (same heritage), but with a better UI and integrations
5.14 raspberry-pi
7
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=690b0543a813b0ecfc51b0374c0ce6c8275435f0
8
https://www.theguardian.com/education/2012/jan/09/raspberry-pi-computer-revolutionise-computing-schools
6. Technologies
6.1 AST (Abstract Syntax Tree)
• Why is so important
• How they work
– object model of source code
– amazing paradigm shift when one can ’see code as a graph’
• Using AST to write tests
• Powerful AST abstractions (specially when added the code refactoring mappings)
• how code refactoring works
• source code is not the best medium to consume code
– explain how O2Platform’s Method Streams work and how they are a lot more effective
– what you want to see is all the code relevant to the path you are looking at
• we also need the equivalent of AST and static complilation for all the ’coding’ that exists in all the
cloud environments and between services (i.e. we need a DSL)
– for example for AWS lambdas and how they behave
6.2 AWS
• What is it
• History
• How it made Amazon the powerhouse it is today
• Key technologies
– route 53
– EC2
– S3
– Container Service
– Lambda
• why the cloud revolution happened (why were they so successful)
– the failure of sysops data centers to modernise
* no scalability, failed to modernise, no shared resources, tool expensive, no shared
learnings, insecure
Technologies 29
The amazon machine - how amazon become one of the best development houses in the world
- https://www.ben-evans.com/benedictevans/2017/12/12/the-amazon-machine (great article that talks
about the Amazon machine, which is the real power behind it)
6.3 DSL
6.4 Dopamine
1
https://upload.wikimedia.org/wikipedia/commons/thumb/2/2f/Dopamine.svg/220px-Dopamine.svg.png
Technologies 30
Do you know what Dopamine is? Do you know why mobile phone notifications are so addictive?
• https://en.wikipedia.org/wiki/Dopamine
…
Topics to cover and ideas
• Graphs as code
• Why is this such a big deal, major paradigm shift required
• Why visio and other diagram tools don’t scale
• the fact that you can’t control the diagram layout (in the same way you do in visio) is actually a
major feature
…
Topics to cover and ideas
• why it is big
• what it means for programmers
• massive job opportunities
• the power of software vs hardware
2
https://www.psychologytoday.com/blog/brain-wise/201209/why-were-all-addicted-texts-twitter-and-google
Technologies 31
6.7 Node JS
…
Topics to cover and ideas
3
https://www.shodan.io/
4
https://www.linkedin.com/pulse/my-2020-vision-ai-edition-taras-novak
5
https://www.kickstarter.com/discover/advanced?ref=nav_search&term=arduino
7. Concepts
7.1 BDD (Behaviour-Driven Development)
• what is it
• great evolution
• where is works
– when it works well it is amazing
• great connection with business
• can create bit white elaphants (like like Selenium)
– requires quite a lot of discipline and investment to keep up to date
• explain Gherkin language
• the most coverage you get, the more changes you are happy to make, the better the code is because
you have the confidence to make the hundreds of small changes that the only way to create a high
quality and scalable application
• be a craftsman
• explain history
• key challenges
• why the TDD community created dogma and lost the plot
• if you don’t have 100% code coverage, what are those bits of code not covered by tests? (what
happens if that code changes)
• everything should be tested
– history of a site that went down for hours because of a one char (pipe) change in a nginx
config file
** bugs as features**
• history
• why it worked
• agile manifesto
– https://www.agilealliance.org/agile101/the-agile-manifesto/
* Individuals and interactions over processes and tools
* Working software over comprehensive documentation
* Customer collaboration over contract negotiation
* Responding to change over following a plan
• Software Craftsmanship1
– Not only working software , but also well-crafted software
– Not only responding to change , but also steadily adding value
– Not only individuals and interactions , but also a community of professionals
– Not only customer collaboration , but also productive partnerships
• Anton cords
• explain concepts (with diagrams)
• how agile become dogma and created environments where agile teams where not agile at all
– processes become more important than understanding why something was being created in
the first place, to much effort was put on estimates, to much focus was placed on what could
be done in 2 weeks
• Scrumbam is a nice alternative
• The Mythical Man-Month2
1
http://manifesto.softwarecraftsmanship.org/
2
https://en.wikipedia.org/wiki/The_Mythical_Man-Month
Concepts 34
7.5 CV Testing
…
Topics to cover and ideas
7.6 Change
…
Topics to cover and ideas
• what is it
• see my slideshare presentation
references:
• why it matters
• how it works
• key technologies
• build your CI pipeline now
– from your laptop to deployed site (push to production in seconds) - Hugo is a great way to see
this in action
– key paradigms shifts occur when one see this in action
– Give example of EC2 environment with:
* vulnerable website
* ZAP (to generate attack traffic)
* ELK (to visualise traffic)
* Write security tests that execute against site
• compare with CD (Continuous Delivery)O
6
https://medium.com/chaos-toolkit/the-language-of-chaos-experiments-in-chaos-toolkit-bd55a5c04057
7
https://medium.com/russmiles/chaos-engineering-why-the-label-matters-35ddbb974fa5
8
https://medium.com/russmiles/chaos-engineering-for-the-business-17b723f26361
9
https://medium.com/russmiles/are-you-ready-for-chaos-engineering-59b859091281
10
https://www.codibly.com/2017/05/chaos-engineering-paradigm/
11
https://www.slideshare.net/sbodiu/from-resilient-to-antifragile-chaos-engineering-primer-devseccon
Concepts 36
7.10 Facts
…
Data-driven decisions
…
Topics to cover and ideas
7.12 GDPR
7.13 Gamification
• Game Theory
• add Ted talk on it
• You (Gen Z) see this everyday in your digital interactions (the badges, the nudgets, the rewards, the
streaks)
– you are being manipulated into being hooked into the apps your used
– you are the product, not the client
– there are teams that their job is to find more ways to hook you (and your time) into their
platform
* supported by lots of Science and Research (into how we consciously and unconsciously
behave)
– understand when you are being played (or brains are not designed to control the stimulus we
receive)
• the power of nudges and FOMO (Fear Of Missing Out)
• that said, as a developer this is a really powerful skil to have
– when developing gamification systems quick feedback loops are critcal
…
Topics to cover and ideas
• SecDevOps Legacy - and the opportunity of legacy applications (and why it might be a good idea
to work on them)
– best features: ”no new features”, ”very low expectations of changes”, ”changes are supposed
to be hard”, ”lots of low-hanging-fruit for refactoring”
– add link and references to this presentation
7.17 Micro-Services
…
Topics to cover and ideas
• explain concepts
• where they work great
• Swagger.io
• problem of understanding how they work together
• move from a ’blob of code’ (the monolith app) into a ’large blog’ (the constlation of Micro-services
that nobody really has a good understanding of all moving parts and inter-dependencies)
– this is where Chaos Monkey is a great tool to understand side effects
The best companies are (or will be) following these concepts, not because its ’cool’ but because it makes
companies more productive, more nimble and more profitable.
• https://en.wikipedia.org/wiki/Pair_programming
• idea that pair programming is not optimal at the moment
• When I code in a ’real-time coding environment’ I am pair programming with myself
• a much more interesting pair programing model is one where programmer A codes and programmer
B writes the test
– this is a situation where we actually want the more experienced programmer to be writing
the code, since for code to scale we want ’coding excellence as BAU’
– the more powerful and effective code the code written by the less experienced developer, the
more scalable and effective the current development environment is
– specially important, given the current skills shortage with developers and the companies
preference to use an XYZ budget to hire 2x less experienced developers vs 1x more experience
developers
7.20 REPL
…
Topics to cover and ideas
7.22 Serverless
7.23 graphs
…
Topics to cover and ideas
-
8. Your CV
8.1 Blogs
…
Topics to cover and ideas
– image
– image
8.3 Git
– git deployment also works great for binaries (for example we one setup an git deployment
workflow for .Net binaries). Upgrades and rollbacks become a simple fact of doing a git
checkout
• use Git everyday
8.4 Github
8.5 LinkedIn
• Your cv
• connect to people so that you can reach them
• build your network
• get recommendations
• Graph database
• bought by Microsoft
• low signal/noise ration (and they have a really bad email/messaging system)
Your CV 44
8.6 Upwork
• what is it
• how it works
• how we use it
• success stories in finding talent in Upwork
• on demand economy (not just a race to the bottom)
• can be used to hire any type of professional
• Upwork and Upwork enterprise (good to get a monthly bill)
• use upwork to scale up your tasks
– make good ecoconmic decisions (who is faster and more cost effective to do particular task)
– delegating to a freelancer is really hard (and one that you need to learn)
8.7 leanpub
8.8 twitter
…
Topics to cover and ideas
…
Topics to cover and ideas
9.3 Defcon
• Defcon
• relation with Blackhat
– list other important security conferences (including OWASP)
• attendees got arrested , bit clashes with companies
• this was before bug bounties
• my experience at presenting at DefCon (how my research was done over there). Talk some details
about the vulnerability we discovered and how it was exploited
• ’why you should go to defcon’ -
9.4 Pointers
…
Topics to cover and ideas
…
Topics to cover and ideas
• How it blew up my home’s telephone systems trying out BBS (I had to manually disconnect the
phone line and recreate the plug to connect to the modem)
• story on my first connections to an BBS (with sync communications) and the files I downloaded
from them
• story of the first BBS we published and the first couple users we had
• expand on other network concepts
– TCP vs UDP
– Routers
– NAT
• publish your own server on your own broadband connection (easy to do)
• see this video Warriors of the net1 published in 20022 which is a brilliant explanation of the internet,
tcp packets and even security. I remember being the first time I actually visualised how the internet
and its multiple components work (now take a step back and realise that all of that happens in
milliseconds around the world in today’s technology)
– these are really important concepts to understand
…
Topics to cover and ideas
10.3 Ideas
Impostor syndrome (also known as impostor phenomenon, fraud syndrome or the impostor experience) is
a concept describing individuals who are marked by an inability to internalize their accomplishments and
a persistent fear of being exposed as a ”fraud”. wikipedia3
This happens all the time to a lot of people, and can be very damaging to your career.
You really need to understand that everybody as doubts about their capacities and everybody makes
mistakes. Your value is on your ability to execute and it is key that you learn to share what you do and
be confortable with what you create.
Topics to cover and ideas
• find post about what can happen (quickly) after Impostor Syndrome
– Fraudster Syndrome (or something similar)
* ”I’m past it”
* ”it was a good run, but now I can’t do it anymore”
…
Topics to cover and ideas
• don’t assume that because a lot of people are doing, doesn’t make it right or that it cannot be
changed
• my barefoot walking story
– mainly social
– hard on the mind
– I liked it a lot
– ”it is not because 99.9% of others don’t do it, that makes it wrong”
• every major changes in our culture or society started with a small number of ’rebels’
• our industry (IT, development, security) is very receptive and encouraging of different ways of
thinking
10.7 Mentors
…
Topics to cover and ideas
• find them
• you will be surprised by how approachable they are
– if you have the right attitude, the mentors will see themselves in you (which is why most have
a soft spot to help)
• Books and publications are great mentors
• use the ones that you can physically or digially reach
• push your company or school to create mentor network (based on Slack for example)
– this is what we did at Photobox Group Security
• What 5,000 Gen Z’ers Tell Us About the Future of Work4 - see reference on importance of mentoring
4
https://medium.com/@doorofclubs/what-5-000-gen-zers-tell-us-about-the-future-of-work-6dd00f796e8f
Life Patterns 51
10.9 Refactoring
• What is it
• How to apply to your life {{% /panel %}}
…
Topics to cover and ideas
10.13 Workflows
…
Topics to cover and ideas
articles - Why Generation Z will change the world1 -If you’re over 25, you’re probably wrong about
Generation Z. They’re the best crop of teenagers America has ever produced.2
videos
11.3 O2 Platform
…
Topics to cover and ideas
• explain what is it
• o2platform.com , https://github.com/o2platform
• fluentnode and fluentsharp
• REPL
• how this was my php
– spent a year coding it
– unlucky to come out of it when the economy crashed
• what I’ve learned