New Initiative: API Bar

We would like to introduce our new initiative, namely API Bar, in relation with business APIs that are getting released/published day in day out as part of business strategy by companies of every size (large, medium, small). The reason we have named the initiative as API Bar is that the way APIs (making the business competitive) are coming up every day seems like APIs presented in bottles with different labels  with developers trying to figure out which APIs to use and why? 🙂  As part of this initiative, we shall be doing following activities and publish our findings appropriately from time-to-time: Evaluate the APIs from technical perspective while exploring different …

Continue reading

Posted in API Development, News. Tagged with .

UI Lessons from Revamped Yahoo Homepage Design

The article represents the UI lessons that one could learn from newly launched Yahoo homepage. Please share your opinion and help me add more points. Take a look at screenshot of the new, revamped homepage below: The objective behind the revamped homepage design is to offer users more smooth and adaptable experience and makes it easier for the users to discover content. Following are some key characteristics of revamped homepage with focus on enhanced usability: Simpler navigation with the ability of one doing following in easy manner: Browse top stories Checking email Access stocks, photos, or weather.  Cleaner design that’s easy to navigate  Ease of use with the familiar search …

Continue reading

Posted in Web. Tagged with .

Tips for Setting up Application Security Education/Training Plan

The article represents one of the education model that could be used to regularly educate your IT organization/team about latest security updates, attack patterns, mitigation techniques, security-related libraries and infrastructure, best practices and guidelines, etc . Now that application security is becoming an important aspect to take care, while laying out plan for application design and development, it becomes much more important to put a plan in place for educating application developers & testers. The primary objective is to create a security-aware development team (organization at large). Following is one of the model that could be used to achieve the above said objective: Security Awareness Training: Security awareness training to all …

Continue reading

Posted in Application Security, Software Engg. Tagged with .

Developers Take Away from Gmail App Enhancement on iOS 7

The article reflects on the developers take away from recent enhancements of Gmail App on iOS 7 platform (iPhone, iPad). The latest enhancements consist of background app refresh of email thus avoiding users to manually refresh and get new emails. Following is the description of technology behind background refresh feature. Background App Refresh using Pre-fetching The new update released for Gmail App for iOS 7 platform makes use of the iOS background app refresh feature. This would mean that iOS users are no longer required to manually refresh the app to get the new emails. Following is the excerpt from Gmail blog post: “The app now fully supports background app refresh, which means …

Continue reading

Posted in News, Software Engg. Tagged with .

Technical Architect Interview Questions – Part 2

interview questions

Following is the list of questions that were discussed by me with some of the guys appearing for the position of technical lead or architect, in last few months. Please feel free to share your opinion on them. Architecture Define the roles and responsibilities of technical architect, application architect, solution architect and an enterprise architect? The reason I asked this question was that the interviewee ended up mentioning all of these roles while introducing himself. And, while answering the question, he was unable to clearly define these roles. As an advice, please take care of mentioning about your role when attending the interview for the role of an architect. For …

Continue reading

Posted in Interview questions. Tagged with .

Design Tips for Developers to Secure Cloud Applications

If you are a developer working on one or more cloud applications and want to know design and coding tips to make sure that you take care of appropriate security concerns, following represents  some of the important areas to consider: Data Design: Data design is one of the key areas of concerns when one is developing cloud applications. This is primarily because cloud service model such as SAAS (Software-as-a-service) allows data related with different customers to be hosted on same database server. And, if data model, primarily related with multi-tenancy, is not designed in the nice manner, there are high possibilities of data breach wherein the attacker could get access …

Continue reading

Posted in Application Security, Cloud. Tagged with .

Samsung Fingerprint Scanning API & Mobile Wallet Security?

This article explores the recently released Samsung fingerprint scanning API also termed as “Pass API” in light of security for mobile wallets. Pass API is released as part of the Samsung Mobile SDK 1.5 beta1 during the launch of Samsung Galaxy S5 mobile phone. One of the key feature of Samsung galaxy S5 is fingerprint reader. The application could use fingerprint reader to scan user fingerprints and verify against the users’ stored fingerprints on the device. This article presents an overview on the PASS API and, then, talks about how it could be used for mobile wallets’ security. What is Pass API? As mentioned on Samsung Developers Page for Pass API, …

Continue reading

Posted in API Development, Application Security. Tagged with , .

5 Reasons Why Developers Should Consider Maintaining Their Blog

What Developers feel about Blogging

Ask a developer to write a blog and this is what his reaction may look like: :-). However, based on my personal experience, I must say that blogging at regular intervals helps the developer become a better developer, although one may need to spend a bit extra time for planning and writing blogs. However, it is worth it.  This is why I suggest my colleagues and junior developers working in my team to consider writing their blogs. Do read it further and let me know what you think. Thanks for reading it further.   Some of the reasons why developers avoid writing in general, and writing blogs in particular are …

Continue reading

Posted in Others. Tagged with .

Google PACO for Tracking Trends on Personal Stuff

The article talks about features & benefits of Google PACO mobile app that one could use for tracking analytics data in relation with personal stuff. Thanks for reading it further. Ever wanted to check on how are you doing in relation with some of the following habits on the personal front: Software Developer: How much time are you devoting on some of the following: Learning new technologies by reading one or more webpages/books Trying out/evaluating new tools & frameworks (this could be tracked on weekly basis rather than daily basis) Physical Training (PT): How much time are you spending daily on doing one or more PT exercises such as running? In …

Continue reading

Posted in Mobility. Tagged with , .

OWASP Security Misconfiguration Example from PayPal.com

The article represents some of the examples of OWASP security misconfiguration vulnerabilities that I could figure out by spending sometime on the Paypal.com website. The article is just an educational one and is not written with any other intention. If you are from Paypal reading this, please get it right. Accessing PayPalObjects.com with URL, https://www.paypalobjects.com/ displays the fact that it is hosted on Apache Server. Take a look at the picture below. It looks like paypalobjects.com server hosts static resources such as CSS, JS and images file as I could figure out several of such resources link with base URL as paypalobjects.com. Password Recovery Module seems to be using Spring Webflow …

Continue reading

Posted in Application Security. Tagged with , .

Tips to Quickly Get Started with Android Hello World!

android hello world

The article is written for those curious ones (Java developers at all level) who want to quickly get started with Android programming. This is what I did and got started with few hiccups (in relation with starting ADB server) to get the hello world done. Download right set of tool: Visited the android SDK download page where I got option to download appropriate libraries/tools based on whether I am using one of the existing supported IDE such as eclipse. Although, I am an experienced Java developer and use Eclipse, I rather went with downloading entire ADT bundle consisting of eclipse and SDK platform/tools. Choosing System Type: While I downloading I …

Continue reading

Posted in Android, Mobility. Tagged with .

Tools & Frameworks That Were Used to Build WhatsApp (Android)

  The article talks about the tools & frameworks that got used to build WhatsApp mobile application for Android platform. The reason why I decided to write this article is the acquisition of WhatsApp by Facebook in $19 billion and, my curiosity on what could have gone in building such application from technology perspective. The objective is to let Android developers take a peek into WhatsApp Android application and, get appropriate information on tools & frameworks that could be used to build a messaging application such as WhatsApp. Thanks for reading it further. Tools & Frameworks Used in WhatsApp Following is a list of tools & frameworks that were found to …

Continue reading

Posted in Mobility. Tagged with , .

How Static Resources (CSS, JS) are Served at Facebook.com?

This article talks about techniques used at Facebook.com to serve the static resources such as CSS, JS and Images files when someone accesses Facebook.com. If you are one of the developer at Facebook and worked on related modules, and disagree with one or more aspects of this article, please drop a message and I shall change the same appropriately. The article is aimed to present a perspective on how to handle the web static resources, based on how it is handled at facebook.com. Thank you for reading it further. Back in February 2004? Well, like most other startups, facebook got launched in February 2004 with usual manners of serving CSS & JS …

Continue reading

Posted in Web. Tagged with , .

Use Facebook BigPipe to Load Webpages Faster

This article represents Facebook BigPipe technology and various different open source frameworks which could be used to load web page faster like Facebook. Please suggest related frameworks if one or more of them is not mentioned in this article. You may have read the text on BigPipe on several webpages. However, I wanted to present a different perspective including pictorial presentation for better understanding. Traditional webpage serving model  Following diagram represents traditional webpage serving model.   You may notice that in traditional model, the request-response operations are pretty much sequential in nature. Thus, following can be observed: Webserver Busy, Browser Idle: As the request is sent from browser, and webserver …

Continue reading

Posted in Performance Engineering, Tools, Web. Tagged with , .

What Javascript Frameworks are used at Twitter.com?

twitter

I have been doing research on what are some of the UI frameworks that are used at twitter.com. Following is a list of those UI frameworks, primarily Javascript. Please feel free to shout if you happen to know that one or more of the following frameworks ain’t actually used: Testing Jasmine: This is a javascript library. A behavior-driven development framework for testing JavaScript code. It does not depend on any other JavaScript frameworks. It does not require a DOM. And it has a clean, obvious syntax so that you can easily write tests. UI-based Sizzle: A pure-JavaScript CSS selector engine designed to be easily dropped in to a host library. Bootstrap: As …

Continue reading

Posted in Tools. Tagged with , , , .

Java Lambda Expressions Explained with Examples

java8 lambda expressions

The article represents different viewpoints on Java Lambda Expressions (Java 8) to help Java developers understand what, why, when, how of Lambda expressions. Lambda expressions are nothing but a way to abstract behavior unlike the object-oriented programming which is based upon the abstraction of data in form of object. Lambda expressions are used to assign the behavior to a variable or pass the behavior in between method calls instead of wrapping the behavior in an object and working with the objects. Take a look at the following example to understand the Lambda expressions better.Remember, the famous addActionListener method on button to capture the button-click event and, take action when the …

Continue reading

Posted in Java. Tagged with .