• Show me your settings and I will tell you who you are

    • Translation
    Today we will discuss the silver bullet of software development: the program settings.

    Everybody understands what settings are, more or less. Every computer user is going to stumble upon them, eventually. But the user does not always end up a winner in this encounter. There are 3 major problems to tackle: it's hard to find the right setting, the required setting does not exist, and it's unclear what this or that setting's responsible for.

    To understand this, let's first think about the origin of settings. In theory, settings provide a way for the developer to adapt a program to a certain use case. The users are different though, one wants it his way, another demands her own, and even though the differences are miniscule, the decision is left up to the user. As a result, you must know about user tasks and their goals to create the right settings window.

    That's the theory so far. What about the practice?
    Continuing is optional
  • Ugly API

      In this article, I’d like to talk about the problems I faced while integrating an API for the HTTP protocol and share my experience in solving them.

      - REST vs Non REST architecture

      - Ignoring Header Accept: application/json

      - Mixing JSON keys case types

      - Different response to the same request

      Читать далее
    • Algorithms in Go: Bit Manipulation

        This article is a part of Algorithms in Go series where we discuss common algorithmic problems and their solution patterns.

        In this edition, we take a closer look at bit manipulations. Bit operations can be extremely powerful and useful in an entire class of algorithmic problems, including problems that at first glance does not have to do anything with bits.

        Let's consider the following problem: six friends meet in the bar and decide who pays for the next round. They would like to select a random person among them for that. How can they do a random selection using only a single coin?

        The solution to this problem is not particularly obvious (for me:), so let's simplify a problem for a moment to develop our understanding. How would we do the selection if there were only three friends? In other words, how would we "mimic" a three-sided coin with a two-sided coin?

        Read more →
      • GDB Tutorial for Reverse Engineers: Breakpoints, Modifying Memory and Printing its Contents

        • Tutorial

        GDB is THE debugger for Linux programs. It’s super powerful. But its user-friendliness or lack thereof can actually make you throw your PC out of the window. But what’s important to understand about GDB is that GDB is not simply a tool, it’s a debugging framework for you to build upon. In this article, I’m gonna walk you through GDB setup for reverse engineering and show you all of the necessary commands and shortcuts for your debugging workflow.

        Читать далее
      • Pitfalls in String Pool, or Another Reason to Think Twice Before Interning Instances of String Class in C#

          As software developers, we always want our software to work properly. We'll do everything to improve the software quality. To find the best solution, we are ready to use parallelizing or applying any various optimization techniques. One of these optimization techniques is the so-called string interning. It allows users to reduce memory usage. It also makes string comparison faster. However, everything is good in moderation. Interning at every turn is not worth it. Further, I'll show you how not to slip up with creating a hidden bottleneck in the form of the String.Intern method for your application.

          Read more
        • Ads
          AdBlock has stolen the banner, but banners are not teeth — they will be back

        • 11 Kubernetes implementation mistakes – and how to avoid them

            I manage a team that designs and introduces in-house Kubernetes aaS at Mail.ru Cloud Solutions. And we often see a lack of understanding as to this technology, so I’d like to talk about common strategic mistakes at Kubernetes implementation in major projects.

            Most of the problems arise because the technology is quite sophisticated. There are unobvious implementation and operation challenges, as well as poorly used advantages, all of those resulting in money loss. Another issue is the global lack of knowledge and experience with Kubernetes. Learning its use by the book can be tricky, and hiring qualified staff can be challenging. All the hype complicates Kubernetes-related decision making. Curiously enough, Kubernetes is often implemented rather formally – just for it to be there and make their lives better in some way.

            Hopefully, this post will help you to make a decision you will feel proud of later (and won’t regret or feel like building a time machine to undo it).
            Read more →
          • Go Quiz

              In this series, we will be discussing interesting aspects and corner cases of Golang. Some questions will be obvious, and some will require a closer look even from an experienced Go developer. These question will help to deeper the understanding of the programming language, and its underlying philosophy. Without much ado, let's start with the first part.

              Value assignment

              What value y will have at the end of the execution?

              func main() {
                  var y int
                  for y, z := 1, 1; y < 10; y++ {
                      _ = y
                      _ = z

              According to the specification,

              Read more →
            • Build (CI/CD) of non-JVM projects using gradle/kotlin

                In some projects, the build script is playing the role of Cinderella. The team focuses its main effort on code development. And the build process itself could be handled by people who are far from development (for example, those responsible for operation or deployment). If the build script works somehow, then everyone prefers not to touch it, and noone ever is thinking about optimization. However, in large heterogeneous projects, the build process could be quite complex, and it is possible to approach it as an independent project. If however you treat the build script as a secondary unimportant project, then the result will be an indigestible imperative script, the support of which will be rather difficult.

                In the previous post we looked at what criteria we used to choose the toolkit, and why we chose gradle/kotlin, and in this post we will take a look at how we use gradle/kotlin to automate the build of non-JVM projects. (There is also a Russian version.)

                CI/CD (opensource.com)


                Gradle for JVM projects is a universally recognized tool and does not need additional recommendations. For projects outside of the JVM platform, it is also used. For instance, the official documentation describes usage scenarios for C++ and Swift projects. We use gradle to automate the build, test, and deployment of a heterogeneous project that includes modules in node.js, golang, terraform.

                Read more →
              • Building projects (CI/CD), instruments

                  In some projects, the build script is playing the role of Cinderella. The team focuses its main effort on code development. And the build process itself could be handled by people who are far from development (for example, those responsible for operation or deployment). If the build script works somehow, then everyone prefers not to touch it, and no one ever is thinking about optimization. However, in large heterogeneous projects, the build process could be quite complex, and it is possible to approach it as an independent project.If you treat the build script as a secondary unimportant project, then the result will be an indigestible imperative script, the support of which will be rather difficult.

                  In this note we will take look at the criteria by which we chose the toolkit, and in the next one — how we use this toolkit. (There is also a Russian version.)

                  CI/CD (opensource.com)

                  Read more →
                • Distributed Artificial Intelligence with InterSystems IRIS

                    Author: Sergey Lukyanchikov, Sales Engineer at InterSystems

                    What is Distributed Artificial Intelligence (DAI)?

                    Attempts to find a “bullet-proof” definition have not produced result: it seems like the term is slightly “ahead of time”. Still, we can analyze semantically the term itself – deriving that distributed artificial intelligence is the same AI (see our effort to suggest an “applied” definition) though partitioned across several computers that are not clustered together (neither data-wise, nor via applications, not by providing access to particular computers in principle). I.e., ideally, distributed artificial intelligence should be arranged in such a way that none of the computers participating in that “distribution” have direct access to data nor applications of another computer: the only alternative becomes transmission of data samples and executable scripts via “transparent” messaging. Any deviations from that ideal should lead to an advent of “partially distributed artificial intelligence” – an example being distributed data with a central application server. Or its inverse. One way or the other, we obtain as a result a set of “federated” models (i.e., either models trained each on their own data sources, or each trained by their own algorithms, or “both at once”).

                    Distributed AI scenarios “for the masses”

                    We will not be discussing edge computations, confidential data operators, scattered mobile searches, or similar fascinating yet not the most consciously and wide-applied (not at this moment) scenarios. We will be much “closer to life” if, for instance, we consider the following scenario (its detailed demo can and should be watched here): a company runs a production-level AI/ML solution, the quality of its functioning is being systematically checked by an external data scientist (i.e., an expert that is not an employee of the company). For a number of reasons, the company cannot grant the data scientist access to the solution but it can send him a sample of records from a required table following a schedule or a particular event (for example, termination of a training session for one or several models by the solution). With that we assume, that the data scientist owns some version of the AI/ML mechanisms already integrated in the production-level solution that the company is running – and it is likely that they are being developed, improved, and adapted to concrete use cases of that concrete company, by the data scientist himself. Deployment of those mechanisms into the running solution, monitoring of their functioning, and other lifecycle aspects are being handled by a data engineer (the company employee).

                    Читать далее
                  • Paper-based TOTP tokens

                      Enterprise policies are different, and in some cases weird. In this article, we will describe a very unusual problem raised by one of our customers. In a nutshell, the organization does not allow bringing any devices onsite, no smartphones, no mobile phones, and even no hardware tokens are allowed on-premises. At the same time, the organization is using Office 365 services from Microsoft and has enforced multi-factor authentication for all users to be activated.

                      To address this issue, our research and development team has spent some time and found a solution, which is a paper-based TOTP token. We are hereby presenting the solution, which is available for free (well, if you don't count the paper and ink cost).

                      Our solution is a web-based tool that generates the list of one-time passwords (OTPs) for an arbitrary seed. The list can be printed out and handed over to the end-users to serve as their second factor for authenticating in Azure AD with multi-factor authentication enabled. To associate this paper TOTP token with a user, you can follow the same procedure as with the regular TOTP tokens.

                      The procedure is simple, you enter the seed and click on submit to get the list generated. You will get a printable list similar to the one shown below for the next few days. By changing the number of future OTPs you can make the list longer or shorter.

                      Read more
                    • PVS-Studio Team's Kanban Board. Part 1: Agile

                        This article could have been born about a year ago – that's when the PVS-Studio team decided to try agile. However, we wanted to experience it hands-on before we told the world about it. Aside from introducing agile, we decided to switch from Bitbucket to a new task tracker. We also wanted to upgrade many of our internal development processes. No time for an article!

                        Read more
                      • How to Configure BitLocker Encryption For an Internal HDD or External USB Drive in Windows

                          Read this article to find out how to protect your internal or external storage from unauthorized access by encrypting it. How to configure and use the integrated Windows feature – BitLocker encryption. The operating system lets you encrypt local disks and removable drives with the integrated encryption tool – BitLocker. When the TrueCrypt team closed their project suddenly, they recommended their users to switch to BitLocker.

                          Read more →
                        • Twilio vs Sendbird vs CONTUS MirrorFly Feature Comparison | Twilio vs Competitors

                            Looking out for the best in app chat solution providers to enhance your business.

                            Getting confused with so many options to choose among  Sendbird and Twilio competitors. 

                            Then, let’s have some clarity with a detailed discussion over the feature comparison to go for the best Twilio and Sendbird alternative.

                            Read more
                          • High-Quality Text-to-Speech Made Accessible, Simple and Fast


                              There is a lot of commotion in text-to-speech now. There is a great variety of toolkits, a plethora of commercial APIs from GAFA companies (based both on new and older technologies). There are also a lot of Silicon Valley startups trying to ship products akin to "deep fakes" in speech.

                              But despite all this ruckus we have not yet seen open solutions that would fulfill all of these criteria:

                              • Naturally sounding speech;
                              • A large library of voices in many languages;
                              • Support for 16kHz and 8kHz out of the box;
                              • No GPUs / ML engineering team / training required;
                              • Unique voices not infringing upon third-party licenses;
                              • High throughput on slow hardware. Decent performance on one CPU thread;
                              • Minimalism and lack of dependencies. One-line usage, no builds or coding in C++ required;
                              • Positioned as a solution, not yet another toolkit / compilation of models developed by other people;
                              • Not affiliated by any means with ecosystems of Google / Yandex / Sberbank;

                              We decided to share our open non-commercial solution that fits all of these criteria with the community. Since we have published the whole pipeline we do not focus much on cherry picked examples and we encourage you to visit our project GitHub repo to test our TTS for yourself.

                              Read more →