Crack me

Don’t hate the hacker, hate the code.

These are some excerpts from a presentation I gave at a ladies who linux meetup in San Francisco. 

***************************

I have always really enjoyed puzzles and games. Building forts, making indestructible cars from k’nex, rock climbing, even backpacking and trying to figure out how to make a fire in the pouring rain with only one match. There are so many things in our daily lives that force us to think critically and break apart a bigger problem into a bunch of smaller, more manageable problems. My love for puzzles was one reason why I wanted to explore the tech world. What I assumed and what I have found to be true is that the tech world is really just a giant playground of puzzles. So since I have you all right here, I thought we could do a little puzzle here together.

If you recall, our topic for the evening is security. Less than two weeks ago I moved into a new place on Treasure Island. I share a house with a few others who I didn’t know previously. My sister happened to be in town for the weekend, so on Friday night I picked up the keys to the space, dropped off a handful of things and headed up to Napa to meet her and some friends for a few days. I didn’t think much of it. When I got back I started to move the rest of my things in. I got up to my room and quickly realized that a brand new pair of running shoes I had just purchased two days previous were missing, along with a few things I had purchased from IKEA. weird right? I didn’t want to assume the worst, so I checked my car for the shoes, but to no avail. Why am I telling you about my stolen shoes? I am supposed to be talking about security. I’m telling you this story because when I first thought about security, I dove right into the deep. I started researching the seven layers of OSI, about TCP vs UDP, network mapping and the list goes on. But I just told you all, I’m a beginner – I have no experience with any of those things – and the story of my shoes reminded me of some very basic fundamentals of security. When we think of security, we often go right for the hard stuff and forget about the basics. When I moved into my new space, It’s not that I should have been overly cautious or paranoid about the living situation – but I should have taken precautions to better set myself up for success. All I really needed was a simple lock on my door.

Security does not need to be complicated, you just have to make sure you cover your bases. Make sure to password protect your accounts, cell phone, and computer. Don’t use the same password for multiple things (although I’m pretty sure we are all guilty of this one).  Make sure to use two-step verification for important logins like work emails, online banking, etc. Before you worry about the deeper levels of security, make sure you have taken care of the basics.

So – on to our little puzzle.

The is a copy of this project on github under Holberton school – so you are all welcome to clone it and try it yourself at home. Check it out here.

Before we start, I am going to open up a VM. Since we don’t know what exactly these files could contain, we want to protect ourselves by doing all this little puzzle on a VM. Things are a little more contain on a VM.

vagrant up

vagrant ssh

First I am going to clone it from github – you can see that there are a few files in this repo, we are only going to be dealing with a.out tonight, but feel free to explore the others on your own time, each one increases in difficulty and not all are solvable.

Change directory to our newly cloned repo.

cd don_hate_the_hacker_hate_the_code 

Check to see what files are here

ls

README.md a.out     crackme   crackme2  crackme3

I am going to make a copy of a.out because I know from experience that if we try to execute the program with the wrong password the file will delete itself – that feature was built into the program.  So I am going to save us time and hassle .

cp a.out ladies.exe

Now we have ladies.exe

ls 

README.md  a.out      crackme    crackme2   crackme3   ladies.exe

Okay – we are all set up to start cracking. If you haven’t guessed it already, we are going to be attempting to crack the password to this file. Like I mentioned earlier, this first one is pretty easy and if you want a challenge you can try any of the others.

First thing we want to do is to gather some information about the file we are dealing with – it’s a simple command

file  ladies.exe

We can learn a lot about our puzzle at hand by learning about the file type.

ladies.exe: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, not stripped

We can see that it is ELF which means it is in an executable and linkable format – and even that it’s not stripped.

If someone wanted to cover their tracks a little bit better, they could have stripped the file.

nm ladies.exe

You get somethig that looks like this.

0000000000601058 B __bss_start

0000000000601058 b completed.6973

0000000000601048 D __data_start

0000000000601048 W data_start

0000000000400550 t deregister_tm_clones

00000000004005c0 t __do_global_dtors_aux

0000000000600e18 t __do_global_dtors_aux_fini_array_entry

0000000000601050 D __dso_handle

0000000000600e28 d _DYNAMIC

0000000000601058 D _edata

0000000000601060 B _end

When you use nm, you are listing the symbols from object files. You can strip that infomration quite easiy though. Run these commands and see what happens.

strip ladies.exe

nm ladies.exe

file ladies.exe

Now if we wanted to know a little more about the file type, despite the fact that we are the ladies who linux, we all need a man in our lives. Just man file to find out a bit more about the file command.

man file

Okay, so we have gathered some information about our file. What’s next…? Run the file?

Maybe we can read the file and find out more.

emacs ladies.exe

Woof – that’s rough. That’s not going to be of  much help. Welp – I have a few other tricks up my sleeve. How about ltrace.

man ltrace

ltrace is a program that simply runs the  specified  command  until  it exits.   It  intercepts and records the dynamic library calls which are called by the executed process and the signals which  are  received  by that  process.   It  can also intercept and print the system calls executed by the program. – Basically it will show us what library functions are being used in this file. When you use trace,  make sure to use the executable format since it actually executes the program when you run it. 

ltrace ./ladies.exe

__libc_start_main(0x40060d, 1, 0x7fff775943a8, 0x400760

printf(“Usage: %s password\n”, “./ladies.exe”Usage: ./ladies.exe password

)   = 29

puts(“See you next time hacker!”See you next time hacker!

)                = 26

You can see it’s using printf  and puts. But it looks like printf was looking for the file along with a password, so lets try it with a password now.

ltrace ./ladies.exe password

__libc_start_main(0x40060d, 2, 0x7fff451bbfe8, 0x400760

strcmp(“password”, “#cisfun”)                    = 77

strcmp(“password”, “passw0rd”)                   = 63

puts(“Access denied :(“Access denied 😦

)                         = 17

puts(“See you next time hacker!”See you next time hacker!

)                = 26

Now we see that it’s using strcmp – lets checkout what strcmp does…

man strcmp

The strcmp() function compares the two strings s1 an s2. It returns an integer less than, equal to, or greater than zero if s1 is found, respectively, to be less than, to match, or the be greater than s2.

You can see the program comparing the password we put in with two other strings, #cisfun and passw0rd. That gives us a pretty good hint that maybe one of these strings is the password. You can try them both.

Since #cisfun starts with a special character, make sure to include quotation marks around the password when you type it in.

ltrace ./ladies.exe “#cisfun”

__libc_start_main(0x40060d, 2, 0x7fff98524a78, 0x400760

strcmp(“#cisfun”, “#cisfun”)                     = 0

puts(“YES it is fun isn’t is? :)”YES it is fun isn’t is? 🙂

)               = 27

puts(“But this is not the right passwo”…But this is not the right password.

)      = 36

puts(“See you next time hacker!”See you next time hacker!

)                = 26

We get something different that time, but it’s still not right. So go ahead and try the other possibility.

ltrace ./ladies.exe passw0rd

__libc_start_main(0x40060d, 2, 0x7fff70c8f778, 0x400760

strcmp(“passw0rd”, “#cisfun”)                    = 77

strcmp(“passw0rd”, “passw0rd”)                   = 0

puts(“Access granted \\o/”Access granted \o/

)                      = 19

+++ exited (status 0) +++

It looks like it worked!

Okay let’s try something else. In programing, there are always lots of ways of solving a problem. Strings is another tool we can use.

man strings

Okay, strings – print the strings of printable characters in files. That seems like it could be useful. If there is a password in this file, it may be contained in a string.

strings ladies.exe

It looks a little bit different from ltrace. Here you can see some of the strings used in the program.

Usage: %s password

See you next time hacker!

/bin/rm

#cisfun! :);

Try again later

#cisfun

YES it is fun isn’t is? 🙂

But this is not the right password.

passw0rd

Access granted \o/

Access denied 😦

;*3$”

Now – we could write a bash script to brute force the password. We are programmers after all, so why not? This is a short program written by a fellow student at Holberton School.

#!/bin/bash

for passwrd in $(strings ./ladies.exe)

do

 cp ladies.exe tmp2.exe

 ladies=$(./tmp2.exe $passwrd | grep -v “Access denied :(“)

 echo “Trying: $passwrd”

 if [ “$ladies” != ” ]

 then

   printf “\nThe password is: %s\n” “$passwrd”

   exit 0

 fi

done

 

Yet another way to go about this is with assembly code.

objdump -d -j.text -M intel ladies.exe

I am not going to go through the assembly code now for times sake. But essentially you just have to follow one clue to another.
That’s the basics of cracking a password. If you enjoyed this, head on over to Holberton school’s github and try the others.

Advertisements

Definitely does compute

The other night I joined dozens of other women and supportive men for an event hosted by Marin Software. The event was the Bay Area Girl Geek Dinner, and it was aptly scheduled on International Women’s day 2016. Catriona Fallon, the EVP and CFO of Marin Software was the keynote speaker, and her topic of the evening was negotiation. Negotiations is a super applicable topic for those of us in the technology industry, and it was so useful to spend an evening hearing from such an accomplished woman. I gleaned a lot from what she had to say, and below are some snippets and shards from her presentation.

***

3 Questions you need to know the answer to before an interview

What are you interests? If you have managed to get an interview,  you should by this time have an idea of what kind of work you want to do – that’s great (and you’ve now surpassed me, as I have no idea what I want to do with my software engineering skills), but it’s not quite good enough. By the time that you walk into an interview, you need to know what your interests are. I’m not talking about your hobbies, or what you are currently binge watching on Netflix, not those kind of interests. I’m talking about what you want to get out of the job, if it’s offered to you. What is it that you want to accomplish? What new skills can tis job offer give you that other jobs, which you are qualified for, can’t? What can this job, this company, or this boss help you achieve? Make sure you know the answers to these questions before you walk in.

If you don’t know what your interests are in this company, why are you even sitting in that chair being interviewed? How do you even know the job would be a good fit? You have to figure out what it is that you want to do, and also where you want to go. Make sure your interests align with the company.

What is your best alternative? I can’t stress this one enough. Have an alternative. Even if what you are interviewing for is your dream job, make sure you have a plan B. If all of your hopes and dreams are riding the wave of that one interview, it’s going to quickly become a much more stressful satiation than it needs to be. You can never think clearly when you are stressed out. You can start to stress out, and the thought pattern tends to look something like this…

“They are not offering me what I want in pay, but it’s the only offer I have on the table right now”

“The company ethos seems a little stressful, but who knows when something else will come along”

There are countless studies on the effects of stress and decision making, Science Daily says it like this

“This means when people under stress are making a difficult decision, they may pay more attention to the upsides of the alternatives they’re considering and less to the downsides. So someone who’s deciding whether to take a new job and is feeling stressed by the decision might weigh the increase in salary more heavily than the worse commute.”

When you fail to have a backup plan in place, thoughts like the before mentioned tend to drive your decisions, rather than your logic. If you have a backup plan or two, you are more level headed and objective. One of the worst things you can do is take a job knowing it’s not the right fit, solely because it’s the only thing on the table.

What is your walk away price? Before you ever walk into an interview you need to know what your walk away price is (your W.A.P.). Do your research ahead of time and know what you are worth. This can be really hard sometimes, not the research, but assigning a number to your worth. Talk with friends (although this sometimes can be not quite reliable), check out glassdoor.com, and talk to others in the role you are applying for. The walk away price does not just include your salary  – it could also include, but is not limited to – vacation time, job flexibility (working remotely etc), time commitment, stock options, and much more.

It’s not just you who has a walk away price in this whole endeavor. The company you are interviewing also has a W.A.P. They have a cap at what the are willing to offer for the position they are interviewing for. Between your W.A.P., and the company’s W.A.P. there is a space of negotiation. There are a lot of things possible in that space, it just necessitates an aligning of intentions between you and your possible future employer.

Walking away can be super hard  – but in some situations it might be the right answer. So you need to prepare for it.  It can be particularly  hard when much of the offer seems attractive, but a few things stick out as red flags. With diligent preparation, you will hopefully be able to gauge when it is appropriate to walk away.

***

Go to the balcony.  The previous tips about negotiations were specifically targeted at the interview environment. This tip, ‘going to the balcony’ is targeted more towards negotiations once you are in the thick of the work space. Negotiations are thrust upon us all of the time, and the worst feeling is finding yourself in the middle of one and not fully prepared. Just like you need to be prepared to walk into an interview, you need to be prepared for workplace negotiations. Whether you are a project manager, developer, engineer or what-not, if you have an arsenal of responses to negotiations, you will find yourself getting what you need more often than not. One thing Catriona advised was a tactic she calls ‘go to the balcony’. It’s the idea, that when you find yourself in the middle of a negotiation – maybe you feel your temper start to heat up because things are not going the way you wanted, or planned, it can be super helpful to visualize yourself on a balcony looking down on the negotiation happening below. This can be partially helpful if the negotiation situation gets catty or a little disrespectful (as can happen when people start to loose their whits and revert to elementary tactics).

Once you’re in a workspace, a lot of the negotiations you find yourself in may have absolutely nothing to do with you personally. Maybe it’s a budget reform, or new policies and procedures – you need to be prepared to take a step back and and not take the negotiations personally. If things start to heat up, ‘go to the balcony’, finish the negotiation in a professional manner, and carry on with your day.

Don’t get mad, get what you want. If the situation starts to deviate away from what you are trying to achieve in the negotiation, don’t get mad, don’t react negatively, don’t throw a hissy fit. Cool down, step away (maybe get a drink, or feign a phone call) – focus on your breath. When you are ready you can return to the negotiation and continue the conversation. After all, we are professionals, and we all have a job to do. Fight for what is right, and don’t give up until you get it.

***

post script –

I love attending events like this, I sometimes feel like women come out of the woodwork, and I get to meet so many people that I never would have had the chance to otherwise. I do struggle with events that only target women though, I don’t want to live in a technology world where men and women operate on separate parallel lines, both working towards innovation, but never crossing paths. It IS important to create spaces where women and men feel comfortable and supported to talk about whatever need-be – and this sometimes necessitates that we put ourselves in separate rooms. I just want to stress that we can’t just keep those conversations in those separate rooms. We need to be able to regroup – men, women, and everything in-between and have those conversations together. That’s actually one of the very reasons why I really enjoyed this event. It was called ‘Girl Geek Dinner’ and we still had men in the room playing the role as advocate. If women want to make big waves in the technology field, we need men on our side (and they need us on theirs). I don’t advocate for more women in the tech industry, I am an advocate for more diversity in the tech industry, women just happen to be part of that diversity that is lacking.

 

 

Pillars of Strength

My posts had been a bit on the emotional side as opposed to the technical side, mainly because this journey has been just about as much an emotional one as it has been a technical one. It’s all part of the journey I suppose. So prepare yourself for a tear jerker.

IMG_0715

They have the best smiles, right?

The other morning my grandma gave me a call. When I saw her name come up on the phone I hesitated picking it up. I always look at the I.D. before I pick up the phone mainly because I dislike talking on the phone. This time, however, I mainly hesitated picking up the phone because I didn’t want to cry… and I knew if I heard her voice the water works would be inevitable. Our conversation was brief, but within minutes were were both crying. That’s jus the way the two of us are I guess. I think there is this part of us that is like kindred spirits. Separated by a few decades, but I think had we been the same age we would have been the best of friends. The night before I was leaving to drive out to California, I stopped by her place to say goodbye for now. She was hanging with some of her friends (she is SOOOO popular and always has friends around her, she has an infection personality like that). Our visit was short and bittersweet, and on my way out she handed me some trail mix for the long drive ahead.

 

Later that night I was at my parents house cleaning up after dinner, and we got a call from grandma. My mom picked up, then handed the phone to me saying “grandma forgot to tell you something.” I held the phone up to my ear and she proceeded to say “I, meant to sing this to you when you were here, but we were both crying too much, so I’ll sing it now… (in her crackling, but oh-so-sweet singing voice, she starts singing that classic Roy Rogers song well all know too well) …Happy trails to you, until we meet again, Happy trails to you, keep smilin’ until then…” That’s about all she could get out before we were both sobbing again.  There is only one verse of the song, and it goes like this…

Some trails are happy ones,
Others are blue.
It’s the way you ride the trail that counts,
Here’s a happy one for you.

 It’s supper campy, I know. But I think there is also something really important there. We are all given this one life to live – there are parts that are awesome and make us feel great about ourselves and the world around us… but there are also a lot of things that are heavy and can feel like a permeant gray cloud hovering above our head. Life throws us all sorts of curve balls, it’s up to us to decide how to handle them. We can focus on the gloom and gore and forever have our lives tinted with sadness, or, we can make the decision to ride the trail however we want.

IMG_2252

One of my favorite mugs – would wouldn’t want to be reminded of this lady with every sip of coffee?

I’m riding this trail, and even though it’s not always easy, I’m going to try my darnedest to make it count. My grandmother is a pillar of strength, and I know this without a shadow of a doubt because she is supporting me from halfway across the country,… and she’s 80-something years old (grandma, I’m not telling everyone your exact age, because I’m trying to be somewhat polite). That’s close not 3 thousand miles – a pillar that that covers that distance has to be strong itself and have a strong foundation. Just try to fathom the engineering you would have to master to create a man-made pillar that strong – I’m pretty sure it’s impossible (after reading this I kind of realize this is kind of a terrible engineering joke/pun, but I’m also deciding to leave it in here – I guess that tells you a lot about how poor my judgment skills can be sometimes).

So thanks grandma for all of your strength, and until we meet agin…happy trails to you!

 

A little R&R

 

IMG_1992

Lake Del Valle

IMG_1967-1

One of my biggest blessing also happens to be one of my biggest curses (well, it’s more of a struggle then a curse). When I was thinking of coming out to California for school, one the biggest questions I had to wrestle with was what I would do about housing. If I was going to school full time, I wouldn’t have any income any more, and to make it worse, San Francisco is the most expense city to the U.S. right now. I had some savings, but not enough to live off of for the next two years. During the application process, I had been consulting with a web developer friend of mine; he was a huge encouragement during this process. He was my ‘rubber duck’ when I got stuck on something and needed to talk through the bugs in my code. Sean is just one of my many friends who meet every Monday for a dinner of rice and beans, aptly named O.R.B. (the Order of Rice and Beans). Sean’s parents were visiting Chicago during my application process and came along for our weekly dinner. During that meal, Sean and I were talking about the application process and his parents overheard. They interjected “you know, if you get accepted, you are welcome to stay with us”. I thanked them politely and replied saying “that’s so kind, but I don’t really think I’ll get in, it’s very competitive”. And I left it at that.

You can guess what happened next – but humor me for a moment. It was Thanks Giving and the majority of my family was up at the family lake house in Bethany Beach (Michigan) – by far my most favorite place on the face of this earth. I had brief conversations with family members about how I had been applying to this school, but the likely-hood of me getting in was slim to none. There I was, sitting on the couch next to my dad, and my phone gives off a little ping vibration. I glance at it, and to my surprise I got an acceptance letter from Holberton. I was in utter shock.

One of myIMG_1964 biggest questions – if I decided to go to Holberton, where would I live? I know that Sean’s family had offered me housing, but I had assumed that it was most likely just a polite jester – not an actual standing offer. I reached out to Sean to see if he thought his parent’s offer was still on the table; and he assured me it was. Just a few short weeks later I was moving my stuff into Sean’s old room.

I am so grateful to be hosted by the Zellmers. They are gracious and kind, and it’s such a relief to come home to a family setting at the end of a long hard day. They share their meals with me, and since they they live in wine country, I have benefited from their extensive knowledge in the subject and their superior taste.

The only drawback, is the distance between Livermore and Holberton. School is in the financial district downtown and it’s 47 miles from where I am staying. This mainly means a long commute to and from school. But it also means that I don’t get to do some of the more spontaneous activities with my fellow students. Most of the other students live near the school, either because they were previously residents of SF, or they live in dorm style housing the school helped find. On Sunday’s they have gotten in the habit of goring for a hike or small adventure – but I lack the close proximity to them, so I usually just end up staying in  Livermore. This past week some of the students went on a trail hike through Muir Woods just across the bridge. I wanted to go, Muir woods is beautiful and hard to pass up on. But adding another day of commuting did not sound appealing, so I passed on the opportunity. Instead, I went on my own tail hike in Livermore. I headed to Del Valle for some fresh air after Church. I am so glad I made the decision to stay in the East Bay instead of heading into the city, because it allowed me to have time to myself…completely by myself.IMG_1937

Between the time I wake up in the morning, and when I go to bed, I am surrounded by people. I leave the house within 20 minutes of waking up, and quickly find myself on a crowded commuter train. Then its 12 hours of school with 32 other students, another crowded train back home, a chat with Leanne and Steve over dinner, and then bed. I don’t get much time alone with my thoughts. I feel like I spend the whole week learning and soaking up as much as possible, it is only healthy to take a few hours or a day and let myself unwind.

I don’t know if I can stress this enough. As human beings, we cannot go full throttle all of the time for long amounts of time without a break. And…if you find yourself silently contradicting me, let me make an amendment. One cannot go full throttle all of the time for long amounts of time without a break without putting your mental health at risk. It’s sort of like a workout. You can do a super intense workout, giving it 110%, but you do it in reps (usually) and you take short breaks in-between sets. Going to school is a workout for your brain, and showing up six days a week is a set, after that set, you need to take a break, reset and recuperate to come in better prepared for the next set.

Del Valle Regional Park is a park of the East Bay Regional Park District in unincorporated Alameda County. It’s over 4,000 acres of trails, wildlife, and some spectacular views. Because of all of the rain fall, there the landscape was lush and full of color. As I lay in my hammock, I saw hummingbirds, woodpeckers, and quite a few lizards.

IMG_1949

The recent rain may have provided for some green grass, but you could still see the effects of the sever drought  from the past few years. The docks were all dried up, and a completely dried up river bed (I don’t think anyone has swam in this particular part of Del Valle recently).

I plan to go on a lot more hikes and find ways to unwind outside of school. I want to work hard and learn as much as I can in the short time I have here in San Francisco, I need to remember to take care of my mind and body in order to get as much as I can from Holberton.

IMG_1977.JPG

This is a few from the middle of the lake. It has been so dry that I could walk between the sand bars and get to the middle without getting my feet wet.

 

Bootcamps, Tech Schools, and their dirty little secrets

Deciding to do an intensive program like Holberton School inherently means sacrifice. Most of us in the program have left our friends and family and traded them in (only for the meantime, not forever mom and dad) for long hours of sitting in front of a computer. The program asks a lot of us, and the only option is to keep up with the fast pace . We are all in an intense and stressful situation…but it could be worse.

This past week I had the opportunity to attend two different conferences; Developer Week – just a few blocks away at pier 27, and Container World – down in Santa Clara. As I was walking around the different booths, I found myself explaining the basis of Holberton School to just about every one I engaged with. Bootcamps and other tech schools are common place in the Silicone Valley, but Holberton is a bit of an anomaly. Caught in the realm between bootcamp and a four year university – we seem to take up previously unoccupied space. The idea of this school was intriguing to most, and seemed to spur on the conversation.

IMG_1997

Holberton School – San Francisco California

Holberton School is not really based off of any other school, despite some rumors saying it derives some of its personality from a school in France named 42 and its predecessor Epitech. Like Holberton School, 42 is open all (well between ages of 18-30 for 42, which is not the case for Holberton). 42 is free  and the program runs between 3 and 5 years (thank goodness ours is only 2 years). The teaching styles are very much the same, peer to peer training being a key component. But quickly the two diverge – 42 initiates about 4,000 students but is quickly whittled down, and only 1,000 remain (more on that later). This creates a super competitive atmosphere only allowing the crème de la crème (sorry about the shameless french cliche) to continue on. There are a lot of bootcamps here in San Francisco who do similar things. They will let go of the bottom third of its cohort after the first three weeks or so. OR worse…they will let go of anyone who is under performing right before graduation to beef up their numbers of job placement.

Bootcamps these days are hiding some dirty little secrets. There is such a huge need for qualified employees in the tech field; bootcamps and schools are beginning to cut corners to churn out as many graduates as possible. There are are some major flaws revealed when you start to cut corners though. The majority of these fast paced bootcamps are focusing on the newest technologies, but not teaching its students how to problem solve and become a self-sufficient programers. They teach just one language, or one aspect of the tech industry – forcing their students to become pigeon holed – lacking the flexibly and ability to deal with ambiguity the industry necessitates.  Another myth – the job placement rates that schools advertise. Oh boy, don’t get me started on this one. The moment that any school looses focus on its students and starts to focus only on its numbers – it begins to write its own eulogy. If a school is working the way it should, focusing on making sure students are understanding key concepts and helping them learn how to problem solve creatively, the job placement numbers will follow. Instead of keeping that focus on the students, bootcamps are letting go of their underperforming students right before graduation making it easy to place only their very top performing students. Doing this ill-represents the program and give incoming students unrealistic expectations.

Bootcamps are just one approach at training up the next germination of software engineers. Another approach would be what Epitech and 42 are doing. Epitech is a well established school in France that specialized in Information technology, and it’s pedagogy is project-based.

Epitech does not teach technologies, but instills behaviors that allow each student the capacity to evolve, to learn independently, to comprehend business practices, to work in teams and to convince decision-makers.”

It sounds amazing…right. Almost too good to be true…maybe? There are some hidden flaws in the design of this school. One that stands out is the fact that they only teach C. The problem being, everyone in the software engineering industry should know C (I can’t stress this enough), but they should know how to work and write in other languages as well. If you only know one langue, by the time you graduate (if you graduate) you have had no experiences of adapting your tools based on the project at hand. Depending on what you are woking on, C may not be the right tool for the job. 42 derives it’s structure a bit from Epitech. Like Epitech, it only takes the best of the best. By the end graduates are professionals in C, but they have no soft skill training, no web experience, and no system administration experience. This doesn’t even take into account the application process; its a grueling adventure. A basic break down of it is as follows. It begins with an application on line. If you make it through that round, the pressure only increases. The next step to admittance is essentially a month long technical interview. The school takes waves of a thousand students, each wave lasts a month. By the end of four waves or so, they look at the grades and they only accept the top 25%. And those that can actually stick with the program until the very end are even fewer. Another remarkable flaw is it’s lack of structure and instructors. There is no-one on site to go to for help when you need it. You have your peers, and that can be super helpful, but when you and your peers can’t solve a problem, you don’t have the resources of teachers or mentors to help point you in the right direction.

There are a lot of problems with these two ends of the spectrum. It’s as if schools are forcing students through an extruder treating them like palydough. Those who can mold themselves into the perfect shape will make it through to graduation- while those who fail to fit are doomed to become yet another statistic in the ever growing drop-out rates. This industry is growing exponentially, and because of that we cannot afford to only train up the Einsteins and Beethovens of the tech world. That’s not to say that we don’t need those fiercely ingenious people, please, by all means if that’s you…come and change this industry for the better…but big changes can’t be done alone. We are not all destine to be the best-of-the-best, we will not all become the next Marie Curie (or better yet, the next Betty Holberton)…but we can make a difference, and we all have something to offer. Holberton School is setting itself apart because it is not looking to ONLY educate the best-of-the-best. Well, it will educated SOME of the best-of-the-best, but it also hopes to retain the other 85% of students that would otherwise become dropout statistics at most other schools. It just requires appropriate training and support.

IMG_1999

 “This is not a function”

 

So where does this lave us? Holberton is just getting it’s feet of the ground, so there are a lot of unknowns about the future of the program. There is one thing that is already sitting this school up for success, and that’s its holistic approach to teaching the ins and outs of this industry. Software engineering is not two demential, it has a lot of nuances and intricacies that can only be taught though dedication and an ever adapting curriculum.

 

Ladies who Linux

Silicon Valley is an interesting place to be studying software engineering. Patricianly if you don’t come from a tech background…(like me). I live about 45 miles from where I attend school; so every morning I have to take a commuter train into the city.  By 6 a.m. that train is filled with every tech badge imaginable – some I saw this morning, Salesforce, Oracle, Pinterest, Slack, Uber…just to name a few. How do I know…? Because it’s embroidered on everyones jacket, backpack, or other form of branded apparel. It’s a density of no comparison. It can be overwhelming most of the time, but sometimes I get to reap the benefits of of this close proximity to so many resources.

Last night I attended a Meetup at Dropbox. The theme of the night was ‘Ladies who Linux’. The Meetup caught my attention by the title. Not because it was specially for women, but because it was from a line from one of my favorite musical, song by one of my favorite actresses. The song is directly poking fun at women who are pursuing very little in life – the crux of their day being brunch. It’s funny and ironic choosing that for a title of a Meetup for women who are in fact doing the opposite, pursuing the world.

“Here’s to the ladies who lunch–
Everybody laugh.
Lounging in their caftans
And planning a brunch
On their own behalf. “

Elaine Stritch, from Stephen Sondehim’s “Company”

I joined a group of women who are working in the industry, and who all really enjoy Linux. That is an opportunity that only proximity can give you. All of these women, ranging in experience and personality, had such so much to bring to the table. Tammy Bütow, formally with DigitalOcean, now with Dropbox, organized the evening. She recently ran a similar group in New York when she was living there, but now that she has relocated to San Francisco, she decided to help create the space for women to come together and share experiences and knowledge based around the topic of Linux.

My biggest highlight was talking with Jessica McKellar – currently  an engineering manager at Dropbox (although, she tends to wear many hats at the same time). Jessica is quite impressive, and she filled the space with an air of composure and strength. She has worked hard to get to where she is today, and I believe that her passion for low-level systems has been her driving force. Jessica is a director of the Python Software Foundation, and won the O’Reilly Open Source Award for here contributions to Python back in 2012.  She’s written a few books on the subject as well. It’s women like her that give me the confidence to burst through walls when I come face to face with them. Right now Jessica is working on a video series on an introduction to Python. You better believe that I will be following that series to soak up as much as I can from a women who knows what she’s talking about.

I asked her for some advice for a beginner programer. Her one tip… contribute to open source projects. That is now on the top of my priority list.

– So here’s to the Ladies who Linux –

Changing the world one line of code at at a time.

IMG_1829

 

 

To all of my Valentines

You may not be all that into Valentine’s day – I certainly never have been. This Valentine’s day has been a bit different for me though. I am out West, and all of my Valentines are back in Illinois. No…I’m not in a relationship, but it just so happens that I have quite a few Valentines.

Before coming out to California, I had a full time job, but more importantly, I also helped look after some girls out in Wheaton every Monday. Some background – After I graduated from school, I was given the opportunity to go along with a Professor and his family on their fourth adoption. They where heading to China to pick up Sadie, and they needed a third person to come along and help look after their older girls so they could focus on the newest addition to the family. I jumped at the opportunity. After that, I was welcomed as an extended part of the family. Soon after Sadie joined the family, we welcomed Sena just a few months later, making that a total of five girls. After being grafted into that family, I quickly learned that Valentine’s day happened to be one of Mary’s (the mother) favorite holidays. It seemed a bit odd to me at first; the only people I know that claim Valentine’s day as their favorite holiday are sappy romantics. Mary had never seem a sappy romantic to me. She explained though, that Valentine’s day is really about showing those you love just how much they mean to you. For Mary, that meant her husband, of course… but it also meant all of her girls. Mary has never taken for granted how lucky she is to be able to nurture and watch her five girls grow up. Children are a gift, they force your heart to grow bigger then you ever though was imaginable. Why not celebrate that on Valentine’s day?

I had never thought much of Valentine’s day before, but it started to grow on me. It’s weird because Valentine’s day seems to be a very dividing day. If you are in a relationship, people like to go all out – chocolate, roses, romance…the whole nine yards; but if you are not in a relationship, it’s a day of turning up noses in an air of “I don’t need a relationship to be happy”. Neither camp is a bad one – honestly – both are very valid places to set up a tent and call it a day. But I still prefer Mary’s approach – it’s a great day to stop and appreciate all of the people in your life that you love. For me, that’s my parents, my closets friends who have been with me though thick and thin (and still FaceTime me from halfway across the country), and the five girls that stole my heart away. These are the people who have made me who I am today, and I love them all the more for that. This has been my first Valentines’s day without the before mentioned people, and it makes me all the more grateful of them.

So happy Valentine’s day – to all the sappy romantics and stoics alike. If you have people in your life that have commandeered space in your heart, take some time to celebrate that.

 

Numbers are not just symbols on a page

The above was the title of a project we had to work on this week. We have had a few projects in C before, but all of the previous projects were mainly an introduction to the language. This new project was very different. See, Holberton School’s goal is to shape us in to ‘full stack’ engineers.

mmmm… but that term is a little vague, and is used loosely in this industry. In fact when I was thinking about heading west to attend Holberton School, I was weary of the term. Before coming out to San Francisco, I was planning on attending Mobile Makers in Chicago, a boot camp for iOS. Don Bora, co-founder and chief instructor of Mobile Makers, and a friend of my father, was excited when he heard I was going to attend Holberton, but was weary of how the school train up ‘full stack’ engineers. Full stack is a very broad term, and it morphs into a lot of different things deepening on how people want to use it. You might run into people who call themselves ‘full stack’ engineers because they can do both front-end and back-end. Cool, great… glad you can do two things…. but ‘full stack’ at it’s core means something very different. Look at it this way – lets take for example a a webpage to purchase a flight to California (this being an open invitation for my Chicago friends to come visit…hint…hint). You have the front-end, the part of the webpage that you are interacting with, where you put in your personal information and your select a destination of California. The back-end deals with servers, an application and a database, so that when you log back into that webpage, you can check your flight status and see that unfortunately it is delayed because of bad wether in Chicago (more reason to visit California).  So there you have it- front-end and back-end… but wait… there is so much more to software engineering then just that. What about all the other parts like security, and the construction of the very languages that everything is written in?  I haven’t even mentioned the soft skills like marketing , or other behind the scene things like system administration. There are so many layers when it comes to software engineering. With a humble and realistic understanding that nobody can be and expert in all areas of the full stack, Holberton’s goal is to make us all at lest proficient enough to peel away each layer and deal with bugs no matter how deep down they go. To be able to do that, you do not need to master every aspect of software engineering, you just need to have a solid understanding of how each part fits together and have the tools in your tool box to figure it out from there. And that is why we are solving algorithms in C.

SO back to the top of this post. Our task was to ‘Write a function that takes an integer in parameter and prints it’. Sounds easy right. Just write a function that takes ‘n’ number and prints it on the screen. HA. NOPE. Not easy at all. This was a restriction among many others.

  • You are not allowed to use the standard library. Any use of functions like printf, puts, etc… is totally forbidden.

WOOF. The only function we could use was ‘print_char’, which prints a single character. Not super helpful when a six long digit is passed into the parameter. We needed to figure out an algorithm that would take a given number, figure out how many digits were in that number, from that extract each individual integer that makes up that number and print them in order. Figuring out the algorithm was daunting. After the task was posted, a bunch of us were still stumped… so we shoved ourselves into the only meeting room with a white board to hash out the problem. A few hours later, we had a semblance of an algorithm, with no code attached. Some of us felt like, “oh, great… we haven’t gotten anywhere”. But Julien, one of our co-founders, wanted to make a point with that. He said, the hardest part of this task was figuring out the algorithm, the code part is easy (well, maybe once I am better at C it will be the easy part). He wanted us to realize that when we are faced with a problem like this, you can not start with the code – you have to first figure out how to solve it with pen and paper. Let me make myself clear, pen and paper will never be antiquated. It’s a hard lesson to learn when you have been spending upwards of twelve hours a day typing way on a computer.

Algorithms are not going away. We are learning to use our brains and the tools at hand to solve problems. And that is exactly what a ‘full stack engineer’ should be able to do with confidence an ease. I’m not there yet, but conquering algorithms and C are a few of the tools in that tool box.

Queue the metamorphoses – the cusp of deep learning

I currently have three windows up on my computer, this web page, terminal, and Rick and Morty playing in the background.

I absolutely love Rick and Morty (thanks Kyle for introducing it to me). The tech industry take itself very seriously sometimes, and this TV show manages to lighten the mood. One of my favorite snippets is in an episode from season 2 – Rick and Morty want Summer to stay in the car while they go and take care of something. Rick proceeds to instruct the car  ‘to keep summer safe‘. The parameters ‘keep summer safe’ then proceed to break all convention in an attempt to fulfill that one goal. Watch the clip and you will know what I’m talking about. The short scene is almost a synopsis of the movie ‘A Space Odyssey’ – adhering to these three rues (in this order)… 1. do not harm humans, 2. obey humans, 3. protect yourself. Put in the hands of un-conscience beings, these parameters do not seem to work in a world of conscious ones.

Lets start by establishing that we are ALL very well acquainted with deep learning. YES – YOU – you have a lot of experience with deep learning. Here are some everyday, concrete examples… Google allows us to find information based algorithms, Netflix recommends shows and movies based on what you have enjoyed in the past, and Amazon suggests products based on what is currently in your shopping cart. These are all examples of machine learning, or more specifically deep learning. Right now a lot of us are entranced with the idea of deep learning. Wether it is body augmentation, or the dream of owing a self driving car, we all have ideas about how deep learning could improve our lives – make us more productive while at the same time making our lives easier.

This past week Louis Monier and Gregory Renard gave a seminar on deep learning at Holberton School. They covered everything from the ethics of deep learning to hands on projects allowing us to see how machine learning happens first hand. At the very end we had a fire side chat about some of the ethical implications, both good and bad, of deep learning. There was mention of the possibility of improving elderly care, or those with disabilities, but we kept coming back to this one issue… what will happen when deep learning has to make moral decisions?

Let me give you a specific example. In about fifteen years when self driving cars have become the norm (and yes, that is inevitable at this point), what happens when the car is in a situation where it needs to make a moral decision? Lets say the car is driving down a busy city side street and out of nowhere, a small child runs in front of the car chasing after a ball. The car does not have enough time to make a complete stop without hurting the child. To the right of the car is a cement barrier and to the left is someone on a bicycle. The car needs to decide how to react to the situation. If it goes straight, the child is harmed, if it goes right the passenger is harmed, and if it goes left the bicyclist is harmed. How should it proceed? Now, this might be a hypothetical situation – maybe a little unrealistic… but humor me. How do you program a car to make a decision like that. One might argue, well, people find themselves in situations like that all of the time, and we always have to make moral decisions like this every day. If self driving cars did not exist, the passenger would be the driver, and they would have to make that decision in a split of a second  – harm the child, harm the bicyclist, harm herself. Moral decisions are made by every singe one of us every single day. The big question being ‘How do you program morals’? This isn’t a new question, and the discussion is going to be around in the foreseeable future. Deep learning integrating into our lives is inevitable, but it brings along some very difficult questions. Get your thinking caps ready, because we are in for some trough conversations.

IMG_1605

(Greg getting our fireside chat going)

If you are behind in your A.I. media – watch these to catch up

  • Rick and Morty (pretty much any episode)
  • A Space Odyssey (one of the most classic examples of deep learning)
  • Terminator (deep learning gone wrong)
  • Eureka – (season 1 episode 2 – the next steps in home automation – or the internet of things)
  • Her (but be prepared to be depressed about the future of our relationships with technology)
  • Transcendence (Johnny Depp uploads his brain to a computer – can you take human intelligence and transfer it to another object)
  • Ex machina (who can we trust, humans … or technology)

Impossible Octopus Fitness

 

One of the things that I am really loving about Holberton School is how they iterate on projects to give us a full emersion experience of what it is like to be a software engineer in the real tech world. We are most recently working on a simple web page. Part of the application to get into Holberton School was to create a web page, so it’s nice to be able to revisit front-end development now that we have some experience under our belts. The first part of the project was simply to create a web page with very specific guidelines – all designed to force us to learn specific skills. Elements like, float, clear, and myriad css statements. Once we finished that project, we were given an iteration based on SEO (search engine optimization). The same web page is now a small competition in web marketing. The goal – get the highest ranking on google for a given query. What’s the query you ask… if you haven’t guessed already “impossible octopus fitness”. The website was made in about two days, and it was the only the second one I have ever made, so it is by all means, not a great site, but do me a favor and check it out, maybe Rona (my partner on this project) and I will raise in our rankings when you do a google search of impossible octopus fitness.

impossible octopus fitness