startups, investing, and miscellaneous thoughts

Slack Hide Typing

I’ve written a very simple Chrome extension that prevents the Slack site from sending typing indications while you’re typing. My primary use case is so that I can type longer messages and use the text as a scratch pad without making others think that a message is incoming immediately. .. (more) →

Startups often “move fast and break things” to get to market faster and test assumptions. However, they also often do not take security seriously enough. I’ve responsibly disclosed web vulnerabilities in sites such as Pinterest, Amazon, IMDB, and many more smaller startups. Typically, the issues were very simple and avoidable by having a culture of security. Recently, I was sent a link of a site that broke many of the guidelines below. Within three minutes, I had their database credentials. The site had many flaws, but I never even had to mangle query parameters... (more) →

Gambler's Verity?

Flip a fair coin four times. Consider the cases, if any, after a heads. Since you’re flipping a fair coin—you reason—you should notice no significant patterns in the flips after a heads, because flips are independent. However, you have heard of “hot streaks” or how random events become “due”, so you record your results. You flip H T H H, and record “tails” and “heads” (bolded the flips after a heads). You flip T T H T and record “tails” from the 4th position... (more) →

Occasionally, you may need to interface with Java Futures in Scala. Unfortunately, it is “an abomination”. Several older Java libraries, like Amazon’s SDK, provides asynchronous interfaces using Java’s Futures. java.util.concurrent.Future only provides a .get, and no mechanism to react to completion. The best solution to avoid blocking a thread checking for completion (or simply .geting inside another thread) is to periodically check for completion. .. (more) →

Since many asynchronous APIs in Scala use Futures, if you prefer using Task, you’ll need to convert between the two. Here are two simple classes that enhance scalaz.concurrent.Task and scala.concurrent.Future: .. (more) →