im good! was just eating dinner (chicken and pasta), and have had a great rest day today with my dogs. i did nothing of note! yippee!

how are you?

echo -n "meo" && while [ 1 ]; do echo -n "w"; done

- @sed-official

MEOWWWWWWWWWWWWWWWW

hi sed how are you

You've studied computer science, is there anything I ought to know before I start?

Use git!!!!! Use git from the start for all of your programming projects, and probably also for everything else! I was using fucking google drive to sync my work between my laptop and desktop for the first few semesters of college and it fucking sucked! If you don't already know how to use git, learn it now or very soon, cuz there will probably be later classes that require it and it'll be so incredibly useful to already know how to use it! Also if you're not comfy putting your coursework on like github or gitlab, go check out Keybase, there's free private git repo storage in there, it's neat

Anyway, as far as like actual coursework or general CS knowledge that'll be useful? I feel like that's highly dependent on the particular program you're in tbh. Like if you were going to my alma mater, (doubtful, it's in upstate New York and you say "university" instead of "college" so I assume you're in the UK or otherwise non-American,) I'd give you all sorts of advice about specifically the Data Structures course, which is the course after CS 1 that's notorious for the sheer difficulty of its assignments and tests. We used C++ there. I hear many other programs have data structures courses taught in Java or Python that are just a complete walk in the park. So who knows!

That said, something that was very generally useful for me was to come in with a more-or-less solid understanding of how code is actually executed in hardware, how assembly/machine code works and how higher-level languages map to it. I spent the summer before my freshman year working through Hacking: The Art of Exploitation by Jon Erickson, so I was comfy writing low-level C and using a debugger, and had a pretty decent understanding of how software could fail. That was all tremendously helpful. (Also that book fucks really hard and you should definitely give it a look at some point in the future!)

On the more theoretical side of things, I think you might already be ahead of my freshman self! Certainly you already know Haskell, with which I wasn't acquainted until like my fourth or fifth semester as part of the programming languages course. If you're not already familiar with the concepts of formal systems/languages/syntax and computability/decidability, maybe give Gödel Escher Bach a read (or at least the first few chapters where he introduces all that stuff). I think that was the most generally useful theoretical knowledge I had going in. Certainly that was about half of the subject matter of my introductory Foundations of Computer Science course (the other half being combinatorics and finite automata/Turing machines).

Have fun with it! ❤️

Blockchain and Cryptocurrency Security

Why Audit?

FP Complete now does blockchain audit services. Why have we chosen to work in this field, and what are we aiming to accomplish?

Our corporate mission is to drive the successful adoption of better IT engineering tools and practices.

Experience shows us again and again: quality and productivity are driven more by these substantive improvements than by simply deciding to try harder. Any engineer, and any team, can be more successful using the right tools and best practices. This was true when I built and ran Microsoft’s Productivity Tools Team (for Windows and Office engineering), and when I was in charge of Visual C++ and parts of Visual Studio. And it remains true today as we see with powerful tools like Stack for Haskell, or Kubernetes, or a wide range of corporate projects FP Complete has worked on.

How To Succeed In FinTech

5 Killer DevOps Strategies

In this eBook you will learn the unique challenges facing FinTech and software development:

Data and Information Integrity

Data Security

System Integration

Compliance and Regulations

Click the "Download Now" button below to learn how to conquer these unique challenges.

Download Now!

Blockchain Now Needs Stronger Engineering

Good engineering involves a lot of pieces beyond just having a strong algorithm paper: coding standards, continuous integration, automated test coverage, documentation management, reproducible cloud deployment, dependency tracking, and more. The stronger the engineering infrastructure, the more likely you can expect a reliable and secure result that works as intended under a wide range of conditions—in other words, quality.

The blockchain field, including cryptocurrency, is of course fairly new. And these technologies are of course very sensitive to quality. Unfortunately as we have all seen, they don’t all live up to their promises. Engineering teams, perhaps feeling the pressure to get to market quickly, sometimes overlook valuable opportunities to improve quality. To be blunt, a lot of blockchain implementation work needs improvement.

We believe over the next few years the bar for engineering excellence is going way up. People are staking their money, their privacy, their businesses on the correct operation of these systems. So we’ve been asking directly: what can be done to increase the quality of engineering in the whole blockchain industry?

More even than other open technologies, blockchain relies upon community trust. We need to give blockchain groups a way to earn that trust by actually doing proper work, with an independent inspection that it’s being done right. A cryptocurrency cannot be a hack job—and if it is done right, users want to know. Thus the audit, an inspection to verify that the project lives up to good engineering standards. By making these standards clear, we give teams something specific to shoot for and give credit to those who've got it right. For users and investors, knowledge is power.

Months ago Cardano announced their decision to appoint us as the auditors of their cryptocurrency engineering. This cryptocurrency has a market capitalization over US$ 4 Billion, and they want users to know that the system can be trusted. We’ve already provided them with interim results which are being published, and the work is ongoing.

At the same time, we’re working on several other non-published cryptocurrency projects, and in talks with more. So we decided it was time to formalize the audit program and announce it publicly.

Learn More!

Blockchain Success Program

Think you know what you are doing, but need a little support? This program is designed for you along with your company in mind! FP Complete's Success Programs are packed with the necessary tools and techniques designed to guide your team's Blockchain project towards success at a fraction of the industry standard pricing.

Offering 3 strategic program levels.

Engineer to engineer mentoring that pays for itself!

Accelerate your IT team's expertise in cloud tools and automation.

Free your team to use their talents.

Enroll Today!

Levels of Auditing

We hope to encourage a great many blockchain and cryptocurrency projects to seek an outside engineering audit, whether from FP Complete or another qualified firm. We look forward to the day when users expect to see an audit on any sensitive cryptocurrency or blockchain work. And that means we need to provide people with a path to get started.

Therefore we’ve chosen to offer several audit plans, using different amounts of labor (and thus, costs) to achieve different amounts of scrutiny and certification. For ease of understanding by general audiences we are calling these Bronze, Silver and Gold; and we will use “stars” to further summarize how well the project is doing. We will be publishing the criteria for each level; obviously the more auditing work is done, the more parts of the engineering can be checked and potentially certified. What's crucial right now is to get every project on the path to verifiable quality.

Auditing is not the same as a 100% inspection. Given that all blockchain projects are moving targets, our goal is to achieve a reasonable level of scrutiny with sampling, and report accurately on whether each audited project appears to be living up to a reasonable standard of engineering practices. As part of any public certification we will report on the nature of what we’ve inspected, what standards it met, and exceptions we’ve found.

At a basic level of scrutiny, we will focus on the tools, development processes, and quality control processes in use: are good engineering systems used, in line with best practices for predictable results? At a higher level of scrutiny we will delve much deeper into a larger percentage of the source code, tests, and so on, greatly increasing the density of checks that can be done. Are the software and the distributed system being built in a way that is most likely to operate as specified? Or is the team operating on just caffeine and hope?

Clearly, signing up for an audit is no guarantee of a passing grade: a project may fail an audit and earn no certification at all. In such cases, our intention is to provide the team with as much constructive feedback as possible on how they can improve. We hope in such cases the chance to work up to a certification will serve as a “carrot,” an incentive to implement improvements that would lead to a passing grade or better.

As you probably know, FP Complete offers extensive services in FinTech software engineering, cloud engineering, and DevOps. To avoid any conflict of interest, of course we will not issue an audit grade for a project where we ran the engineering. In any such case we will bring in an outside firm to compare the engineering work with the published criteria and determine the grade.

Learn More!

Raising the Standards

Right now we see a wide range of engineering quality levels on blockchain projects. Frankly, I don’t expect to see many Gold or even Silver certifications in the short term. However, we hope to see some. Moreover, as industry standards rise (as they must), we expect to add further criteria, increasing the bar for each level of certification. Even a Bronze certification in 2020 may involve far more requirements than one in 2019 or 2018. This will be spelled out in the published criteria for each level at any given time.

FP Complete does not have the capacity to audit the over 1600 cryptocurrencies already in existence, plus all of the other blockchain projects and wallets. We certainly hope to make a dent, but realistically other companies will need to enter this space as well. We will welcome them to use criteria modeled on our own, or to create their own lists of what constitutes proper engineering. What’s important is that they not lower the bar, but raise the bar, for quality in this industry. The blockchain engineering audit field needs to grow rapidly for the public good, and we will promote its growth in a constructive and timely manner.

Note that a technology audit will never be the same thing as a financial audit. Technical excellence doesn’t mean that a particular cryptocurrency is a good investment, or that a particular blockchain is suited for some particular use. But it should mean that the implementation team is following best practices to bring their implementation in line with what’s been described and specified.

We hope the day will come when consumers of any blockchain will ask: where’s the audit? It’s long been expected in the stock market, and crypto users deserve no less. Home and business users alike deserve to know if they can trust the technology on which they are staking so much. By demanding evidence of excellence, we give providers the backing they need to invest more in quality, safety, and security.

Learn More!

For further reading

How to select the right level of QA for your project

Best practices: multifaceted testing

Best practices: DevOps priorities for FinTech

DevOps to prepare for a blockchain world (video presentation)

From my colleague Steve Bogdan: getting past IT operations into DevOps

From my colleague Niklas Hambüchen: the Haskell language and cryptocurrencies

Details on our blockchain auditing services

Monday, April 23, 2018

post #105

main points:

- CSDS demo for lab3b

- crypto class (super shortened)

- lunch

- prog lang homework

- CSDS group project meeting

- hackathon organizer meeting

- OW elections / demo for mario emulator thing!!

today i:

- woke up around 9:45am to my alarm, snoozed until like 10:30am. got out of bed, typed up yesterday’s blog post. then grabbed a banana and took the T to CSDS discussion. 

i did my demo for lab 3b. i only got 2 out of the 6 test cases passing and the TF seemed disappointed in me and i felt bad. but he understood my difficulties after i showed him the issues i had with the verified raft code. he said if i have time to redo it, i can do so. that motivated me to want to try to redo it because he genuinely seems to want me to succeed. i just have a tight schedule the next week before the end of classes and my motivation to keep going has been depleted. i spent so long wrestling with the verified raft code that trying to start the whole thing again with my own implementation might take forever... idk, i might try it again if i have time just as a principal type of thing

- went to crypto lecture. it was being done by the TF on password based key derivation functions. it was a really short guest lecture, and ended after like 30 minutes...

so me ryan brian and mark went to the GSU for lunch at 1pm instead of 2pm. tyrone joined us shortly after. he had to miss crypto lecture cause of something else. we had mostly finished eating by the time he had come, and me brian and ryan needed to start on prog lang homework. 

we headed out and walked back home, deciding to meet at brian’s place cause he doesn’t have haskell on his laptop. ryan went to stuvi, i went back to my apt to grab my charger and dimitri’s laptop/charger since he also was gonna work with us. i penny boarded from my place to brian’s and got there around 2:40pm. 

we all started working on the hw from 3pm-5:30pm. there were two problems. the first problem was 12 points and was 1 point for each. basically we had to rewrite haskell list comprehensions using map and filters. then other functions like length, append, using foldr and maps. 

the first part was a bit tricky but eventually we got the hang of it and finished all of problem 1

at 5:40pm, i penny boarded to east campus (IT WAS SO NICE OUT IT’S LIKE 60 DEGREES) to meet with my CSDS group. we met up in CAS in a random room on the 2nd floor. we discussed what else we needed to finish, and then we did a demo on shreya and ken’s laptop. IT WORKED. it was so cool to see. the two of them did all the networking and server stuff which was awesome. they’ve done some great work. me michael and mark seemed to have issues setting up our go build due to our GOPATH, but it was working on ken and shreya’s laptop over the same network so at least we know it works. we had our meeting 6-6:30pm

then went upstairs to 3rd floor where we had our hackathon organizer meeting with potential new recruits. we did some icebreakers with “what emoji would you be if you were an emoji?”. then split off into our teams and discussed with prospective recruits what their thoughts were / group discussion / interview type of thing. i was with sarah on the marketing team cause lucas wanted at least one senior per team (i’m usually on tech/logistics). overall, it was pretty chill and fun, ending around 8:15pm. 

then we went downstairs to OW meeting. i ran to subway real quick to get a 6 inch sub for my dinner cause i hadn’t had a chance to eat since it was back to back meetings from 6-10pm

we had our eboard elections. we have a brand new eboard!! more or less. everyone gave their speeches for a certain position, they leave the room, we do a blind vote, then they come back in and find out. 

then we did demos. there were five of us going today and i volunteered to go second. i demoed my slack plays mario thing and it was so fun!! everyone seemed to enjoy playing together and i’m really happy that it went well. note to future self, i took a video of it and saved it for memoriez. it was a fun and wholesome time

throughout the meeting i was chipping away a bit at my CSDS reading cause it was also due at 10pm tonight. after the last demos finished at 9:45pm i finished the rest of my reading assessment and submitted at like 9:57pm. last reading assessment done! it was on bitcoin-NG

then i hung around for a bit with kailin and explained how the mario thing worked. and then we talked about stock trading/cryptocurrency trading. then AI/machine learning. sho was also hanging around, and we got a chance to see his progress on his own project. IT LOOKS SUPER PRETTY AND COOL

- took the T back with kailin. a guy approached us at the stop and asked us for money in a sketchy way (it sounded like a scam). so we talked on the T about a scam i experienced near warren (i didn’t actually fall for the scam). then talked about some random tangents and then he got off after a few stops and i got off and went home

- did some logistical things, like creating github issues for the reamining CSDS group project tasks. uploading my mario thing code to github cause a lot of people were interested in seeing how it worked. then just kind of messed around and relaxed for a bit. i did this from like 10:30~11pm - 1am. then i showered and now i’m typing this at 1:46am. now i’m gonna go to sleep

i’m so happy about the mario demo thing ahhh

okay good night