Author Archives: Ajitesh Kumar
Tips to Load Your Webpage Faster based on Google’s Pre-* Recommendations
The article recommends 4 simple tips to load your webpage in faster manner based on Google Pre-* technology recommendations. These tips are based on suggestions by Google Engineer, Ilya Grigorik in his presentation that could be found on this page. Do note that most of these (such as pre-fetch, pre-resolve etc) are also part of their PageSpeed initiative. While I was reading the presentation, it struck me as to check out on who is leading the internet browser share in the market. Following is the plot I could come up with data based on browser usage statistics. And, the winner is Google Chrome. Thus, I found it relevant enough to …
What are API Managament Platforms & Why are They Needed?
The article describes API management platforms and why are they needed at all. What are API Management Platforms? As businesses start exploring about taking the API route to integrate their applications in one line of business (LOB) with applications from other LOBs or, expose their APIs to external partners, the need for one of these API management platforms start cropping up. Even before we go further, lets understand as to why an enterprise considers adopting the API strategy in the first place? Well, one full article could be written as an answer to this question. However, briefly speaking, APIs primarily allow enterprise and its different LOBs to achieve following objective: Extend/share …
Tips for Setting up Application Security Education/Training Plan
The article represents one of the education model that could be used to regularly educate your IT organization/team about latest security updates, attack patterns, mitigation techniques, security-related libraries and infrastructure, best practices and guidelines, etc . Now that application security is becoming an important aspect to take care, while laying out plan for application design and development, it becomes much more important to put a plan in place for educating application developers & testers. The primary objective is to create a security-aware development team (organization at large). Following is one of the model that could be used to achieve the above said objective: Security Awareness Training: Security awareness training to all …
Developers Take Away from Gmail App Enhancement on iOS 7
The article reflects on the developers take away from recent enhancements of Gmail App on iOS 7 platform (iPhone, iPad). The latest enhancements consist of background app refresh of email thus avoiding users to manually refresh and get new emails. Following is the description of technology behind background refresh feature. Background App Refresh using Pre-fetching The new update released for Gmail App for iOS 7 platform makes use of the iOS background app refresh feature. This would mean that iOS users are no longer required to manually refresh the app to get the new emails. Following is the excerpt from Gmail blog post: “The app now fully supports background app refresh, which means …
Technical Architect Interview Questions – Part 2
Following is the list of questions that were discussed by me with some of the guys appearing for the position of technical lead or architect, in last few months. Please feel free to share your opinion on them. Architecture Define the roles and responsibilities of technical architect, application architect, solution architect and an enterprise architect? The reason I asked this question was that the interviewee ended up mentioning all of these roles while introducing himself. And, while answering the question, he was unable to clearly define these roles. As an advice, please take care of mentioning about your role when attending the interview for the role of an architect. For …
Design Tips for Developers to Secure Cloud Applications
If you are a developer working on one or more cloud applications and want to know design and coding tips to make sure that you take care of appropriate security concerns, following represents some of the important areas to consider: Data Design: Data design is one of the key areas of concerns when one is developing cloud applications. This is primarily because cloud service model such as SAAS (Software-as-a-service) allows data related with different customers to be hosted on same database server. And, if data model, primarily related with multi-tenancy, is not designed in the nice manner, there are high possibilities of data breach wherein the attacker could get access …
Samsung Fingerprint Scanning API & Mobile Wallet Security?
This article explores the recently released Samsung fingerprint scanning API also termed as “Pass API” in light of security for mobile wallets. Pass API is released as part of the Samsung Mobile SDK 1.5 beta1 during the launch of Samsung Galaxy S5 mobile phone. One of the key feature of Samsung galaxy S5 is fingerprint reader. The application could use fingerprint reader to scan user fingerprints and verify against the users’ stored fingerprints on the device. This article presents an overview on the PASS API and, then, talks about how it could be used for mobile wallets’ security. What is Pass API? As mentioned on Samsung Developers Page for Pass API, …
Google PACO for Tracking Trends on Personal Stuff
The article talks about features & benefits of Google PACO mobile app that one could use for tracking analytics data in relation with personal stuff. Thanks for reading it further. Ever wanted to check on how are you doing in relation with some of the following habits on the personal front: Software Developer: How much time are you devoting on some of the following: Learning new technologies by reading one or more webpages/books Trying out/evaluating new tools & frameworks (this could be tracked on weekly basis rather than daily basis) Physical Training (PT): How much time are you spending daily on doing one or more PT exercises such as running? In …
OWASP Security Misconfiguration Example from PayPal.com
The article represents some of the examples of OWASP security misconfiguration vulnerabilities that I could figure out by spending sometime on the Paypal.com website. The article is just an educational one and is not written with any other intention. If you are from Paypal reading this, please get it right. Accessing PayPalObjects.com with URL, https://www.paypalobjects.com/ displays the fact that it is hosted on Apache Server. Take a look at the picture below. It looks like paypalobjects.com server hosts static resources such as CSS, JS and images file as I could figure out several of such resources link with base URL as paypalobjects.com. Password Recovery Module seems to be using Spring Webflow …
Tips to Quickly Get Started with Android Hello World!
The article is written for those curious ones (Java developers at all level) who want to quickly get started with Android programming. This is what I did and got started with few hiccups (in relation with starting ADB server) to get the hello world done. Download right set of tool: Visited the android SDK download page where I got option to download appropriate libraries/tools based on whether I am using one of the existing supported IDE such as eclipse. Although, I am an experienced Java developer and use Eclipse, I rather went with downloading entire ADT bundle consisting of eclipse and SDK platform/tools. Choosing System Type: While I downloading I …
Tools & Frameworks That Were Used to Build WhatsApp (Android)
The article talks about the tools & frameworks that got used to build WhatsApp mobile application for Android platform. The reason why I decided to write this article is the acquisition of WhatsApp by Facebook in $19 billion and, my curiosity on what could have gone in building such application from technology perspective. The objective is to let Android developers take a peek into WhatsApp Android application and, get appropriate information on tools & frameworks that could be used to build a messaging application such as WhatsApp. Thanks for reading it further. Tools & Frameworks Used in WhatsApp Following is a list of tools & frameworks that were found to …
How Static Resources (CSS, JS) are Served at Facebook.com?
This article talks about techniques used at Facebook.com to serve the static resources such as CSS, JS and Images files when someone accesses Facebook.com. If you are one of the developer at Facebook and worked on related modules, and disagree with one or more aspects of this article, please drop a message and I shall change the same appropriately. The article is aimed to present a perspective on how to handle the web static resources, based on how it is handled at facebook.com. Thank you for reading it further. Back in February 2004? Well, like most other startups, facebook got launched in February 2004 with usual manners of serving CSS & JS …
Use Facebook BigPipe to Load Webpages Faster
This article represents Facebook BigPipe technology and various different open source frameworks which could be used to load web page faster like Facebook. Please suggest related frameworks if one or more of them is not mentioned in this article. You may have read the text on BigPipe on several webpages. However, I wanted to present a different perspective including pictorial presentation for better understanding. Traditional webpage serving model Following diagram represents traditional webpage serving model. You may notice that in traditional model, the request-response operations are pretty much sequential in nature. Thus, following can be observed: Webserver Busy, Browser Idle: As the request is sent from browser, and webserver …
What Javascript Frameworks are used at Twitter.com?
I have been doing research on what are some of the UI frameworks that are used at twitter.com. Following is a list of those UI frameworks, primarily Javascript. Please feel free to shout if you happen to know that one or more of the following frameworks ain’t actually used: Testing Jasmine: This is a javascript library. A behavior-driven development framework for testing JavaScript code. It does not depend on any other JavaScript frameworks. It does not require a DOM. And it has a clean, obvious syntax so that you can easily write tests. UI-based Sizzle: A pure-JavaScript CSS selector engine designed to be easily dropped in to a host library. Bootstrap: As …
Java Lambda Expressions Explained with Examples
The article represents different viewpoints on Java Lambda Expressions (Java 8) to help Java developers understand what, why, when, how of Lambda expressions. Lambda expressions are nothing but a way to abstract behavior unlike the object-oriented programming which is based upon the abstraction of data in form of object. Lambda expressions are used to assign the behavior to a variable or pass the behavior in between method calls instead of wrapping the behavior in an object and working with the objects. Take a look at the following example to understand the Lambda expressions better.Remember, the famous addActionListener method on button to capture the button-click event and, take action when the …
Infosys.com Website Design – A Post Mortem
This article represents some of the libraries, tools & framework one would want to use to create Infosys style website. Lets first try and re-iterate some of the key striking characteristics: Responsive Large fonts, vector icons Background image slider with diligently selected relevant images Following are some of the tools (libraries) & technologies (programming languages etc) that can be used to achieve some of the above: .NET programming language: The website is created with .NET programming language. Font Awesome 4.0.3: Font awesome is used for vector iconsfound at several places on the website. Fotorama image slider: The image sliders on homepage and various other pages is empowered by fotorama.js. Webtrends: Looks …
I found it very helpful. However the differences are not too understandable for me