A very good news for all of us: vacation is coming 🤓 But in order to make the vacation meaningful, I would like to enhance my knowledge besides simply running the "eat, play, sleep" loop.
The first thing I would like to do is to learn Swift properly. Though I have gained some knowledge on Swift from my teammates, who are Swift pros, in final project, I still lack of a solid basis on the language and iOS development (my teammates tanked all the basic setup). After an exciting semester with 3216, I would definitely like to take its twin module 3217 and some knowledge on Swift would help me focus more on the design and soft skills in 3217, instead of struggling with the coding part.
Secondly, similar to Swift, although I used NodeJS for 2 of my projects, I still what to learn more about Javascript. I read an article that in year 2016, Javascript has been enhanced with new frameworks and libraries which makes it very much different from the age of jQuery. It would be interesting to find out more on it.
Moreover, as mentioned in my previous blogs, I developed interests on computer security and I have bought a book on web security for noobs. Hopefully I finish it in the first 2 weeks then I will come back to tell you whether computer security is still appealing to me 😂
Last but not least, I need to review on my algorithms in order to be prepared for interviews next semester ><
It seems like I won't have enough time to finish all of this unless I upgrade myself to an "vacation-efficient" version. It is always fun to challenge myself so let's try 💪
Bohan's Blog
Saturday, November 19, 2016
At the end of CS3216
At the end of CS3216, did I achieve what I hope to learn at the beginning of the semester? In my very first blog, I listed 4 skills that I would like to learn in CS3216, namely project management, time management, working with people, and hardcore coding.
For the first two soft skills, considering the heavy workload, we are somewhat forced to schedule our tasks well and work efficiently in order to save time for other modules and sleep (Sorry guys I know we are not supposed to take other modules or sleep during 3216 😳). As for working with people, I really enjoy working with all my 4 teams and I truly admire them. They are all very nice people with strong technical and soft skills. Just by reading their codes and watching their presentation I can make great improvement. Just some quick example, Jinghan is a godlike iOS developer, Jiang Sheng is so pro at backend and server management, 💡has great sense of art, Melvin can always spot what is wrong with an idea, Zhi An is a such a confident presenter. There are much more to list down. Among all the advantages of my friends that I observed, if I manage to master some of them myself, I guess I will be able to push myself to a new level. Another very specific lesson I learnt from my final project teammates is, in order to have buffer time to do testing / submit for review / prepare for Steps, we really need to work very very hard from the beginning. In other words, NEVER procrastinate. I guess that is part of the reason why they are so professional. Last but not least, like many of us, I enhanced my coding skills during the semester. I have learnt new skills like NodeJS, Swift and Amazon Web Server management.
Beyond what I hoped to learn, the guest lectures and TA reviews actually taught me lessons out of my expectation. For instance, now I have a clear idea on how to do a successful pitch in 2 mins which I applied in the final pitch presentation. Prof and Su Yuen's review on our app also opened my mind on how to create great user experience. Besides, I really didn't expect that I could talk that much on Steps day haha.
And what could have been done better? Well, marketing skills. Our trail on marketing FitMi at Deck turned our to be a failure. I guess it is because firstly we didn't point out what we want them to do (downloading our app and supporting us on Steps) so most of them were like "hmmm okay, so?" after listening to our pitch. And secondly we didn't approach them in the right time with good reasons (like charity). I guess people just don't want to be disturbed by marketing people when they are eating / talking to their friends. A better way might be set up a booth and selling our T-shirt 😆. Our T-shirt is really a big success (all thanks to You Jing💡).
To summarise, 3216 really opened my mind by showing me what myself and others can do and pointed out what I need to work on. Though it is now the end of the epic semester, I have a feeling that it is a start of a new journey. A final word for myself: GLHF =)
For the first two soft skills, considering the heavy workload, we are somewhat forced to schedule our tasks well and work efficiently in order to save time for other modules and sleep (Sorry guys I know we are not supposed to take other modules or sleep during 3216 😳). As for working with people, I really enjoy working with all my 4 teams and I truly admire them. They are all very nice people with strong technical and soft skills. Just by reading their codes and watching their presentation I can make great improvement. Just some quick example, Jinghan is a godlike iOS developer, Jiang Sheng is so pro at backend and server management, 💡has great sense of art, Melvin can always spot what is wrong with an idea, Zhi An is a such a confident presenter. There are much more to list down. Among all the advantages of my friends that I observed, if I manage to master some of them myself, I guess I will be able to push myself to a new level. Another very specific lesson I learnt from my final project teammates is, in order to have buffer time to do testing / submit for review / prepare for Steps, we really need to work very very hard from the beginning. In other words, NEVER procrastinate. I guess that is part of the reason why they are so professional. Last but not least, like many of us, I enhanced my coding skills during the semester. I have learnt new skills like NodeJS, Swift and Amazon Web Server management.
Beyond what I hoped to learn, the guest lectures and TA reviews actually taught me lessons out of my expectation. For instance, now I have a clear idea on how to do a successful pitch in 2 mins which I applied in the final pitch presentation. Prof and Su Yuen's review on our app also opened my mind on how to create great user experience. Besides, I really didn't expect that I could talk that much on Steps day haha.
And what could have been done better? Well, marketing skills. Our trail on marketing FitMi at Deck turned our to be a failure. I guess it is because firstly we didn't point out what we want them to do (downloading our app and supporting us on Steps) so most of them were like "hmmm okay, so?" after listening to our pitch. And secondly we didn't approach them in the right time with good reasons (like charity). I guess people just don't want to be disturbed by marketing people when they are eating / talking to their friends. A better way might be set up a booth and selling our T-shirt 😆. Our T-shirt is really a big success (all thanks to You Jing💡).
To summarise, 3216 really opened my mind by showing me what myself and others can do and pointed out what I need to work on. Though it is now the end of the epic semester, I have a feeling that it is a start of a new journey. A final word for myself: GLHF =)
Friday, November 18, 2016
JoJo's Bizarre Adventure
Since Prof introduced great movies and books to us, I would like to share a great comic with you, which is JoJo's Bizarre Adventure, written by Hirohiko Araki.
Similar to Cloud Atlas, JoJo's Bizarre Adventure includes multiple stories across centuries. To summarise, it "tells the story of the Joestar family, a family whose various members discover they are destined to take down supernatural foes using unique powers that they possess. The manga is split up into 8 unique parts, each following the story of one member of the Joestar family, who inevitably has a name that can be abbreviated to the titular "JoJo". The first six parts of the series take place within a single continuity, while parts 7 and 8 take place in an alternate continuity." (Wikipedia).
In the comic, the protagonist can be a well educated English gentleman, can be Japanese high school students, can be a Italian mafia rookie, or can be a lady who is framed to be a criminal. But regardless of who they are, it is their way of living that makes the stories alive and attractive. Reading the comic, the idea of "I would like to live my life that way" keeping jumping in my mind.
Their attitude towards life can be summarised into two keywords, “gold spirit” and "dark will". The first term describes a positive attitude including kindness to people around and the courage to do what is right. The second term refers to the toughness to break though the obstacles.
Cloud Atlas
Anyone can tell from the length that Cloud Atlas is a great movie.
It was my first time watching the movie and I have to say the structure of the movie is quite unique. Multiple stories are presented in "random" order and together they form a blueprint of what the author tries to deliver to the readers. I spent the first quarter trying to understand what is going on and what are the relationships among the 6 stories. But bearing with the confusion, each story was very attractive on their own. I was so curious to find out how they proceeded. At the end of the movie I was glad that the sub-stories are finally linked together as a magnificent world of imagination. Prof mentioned that he got many ideas about life from Cloud Atlas but during my first trial I was struggled with the content so I could not fully understand the meaning underneath the stories. From my points of view, the movie was trying to tell us, in your way towards your dream, there will always be obstacles and oppression, and scarification must be made to do what need to be done in order to overcome them.
Among all the lines, there is one that really shocked me. "All boundaries are conventions, waiting to be transcended. One may transcend any convention, if only one can first conceive of doing so." It was how I saw the world at the age around 14. At that time I was thinking, why there must be rules, especially those unreasonable ones, to prevent people from doing what might be more beneficial to the world? I was quite upset about it at that time. But after I grow up a bit I then somehow find the rules acceptable because there are too many people in the world and they all think differently so without rules the world might become a place of chaos. So I started wondering, what are the rules that is of no value to follow and what are the ones that I need to stick with even though I don't like them? Apparently I do not have the wisdom to tell the difference between this two so far because I am still confused about it. My doubt is actually similar to a philosophy concept of in 西游记, Journey to the West, where Zhu Bajie was named Wuneng (悟能) because he needs to learn what can be done and what cannot be done. I guess I still have a long way to go before I can clarify the question.
Back to Cloud Atlas, after some research I realised that there were some difference between the movie and the book. So I would like to read the book during winter vacation and hopefully this time I can focus more on the connotation.
Sunday, November 6, 2016
Rainbow table
Prof Hugh's talk on compute security was very inspiring, especially the part about rainbow table. I was wondering after class, if rainbow table seems to be so powerful in cracking password hashes, does it means that our passwords are not secure at all? Out of curiosity, I researched on the defence mechanism for rainbow table and here is what I found:
First of all, adding a salt is a very intuitive approach to defence against rainbow table. A salt is a random data that is used as an additional input in hashing a password. Same password hashed with different salts will result in different hash values. But bear in mind that the salt value must be large enough to make rainbow table ineffective. Otherwise the attack will still be able to precompute the password hashes for different salt values. I think the underling principle of this mechanism is quite common in computer security: instead of aiming for perfect secrecy, you create a computationally secure scheme to defend against attackers with limited amount of resource. This idea works because it is likely that for every single bit increased in the encrypted data, it takes attacker exponential amount of resource to break it, so called 魔高一尺,道高一丈. (Quan Yang mercy please if I am wrong >.<)
Secondly, in addition to adding salt while hashing the password, we can run the underlying hashing function multiple times to increase the amount of times required for the attacker to build rainbow table. This is called Key Strengthening. The response time to validate users' input password will be affected as well but since for each user they only need to hash one password multiple times the overhead is negligible.
Another defence mechanism is even more interesting. Based on what we have for key strengthening, if we remove the salt after we hash the password, normal users and attackers will have to brute force the salt results. This will increase the overhead for normal users in a significant amount of time. But I am not very sure how it helps to defence against rainbow table attack better than key strengthening. It seems that such defence mechanism is only published on a paper and hasn't been put into practice yet.
Computer security is such an challenging and important field in computer science and after what Quan Yang and Prof Hugh had demonstrated in our lectures, it seems to be amazingly interesting as well. I really feel like looking into this area and having some fun myself~
First of all, adding a salt is a very intuitive approach to defence against rainbow table. A salt is a random data that is used as an additional input in hashing a password. Same password hashed with different salts will result in different hash values. But bear in mind that the salt value must be large enough to make rainbow table ineffective. Otherwise the attack will still be able to precompute the password hashes for different salt values. I think the underling principle of this mechanism is quite common in computer security: instead of aiming for perfect secrecy, you create a computationally secure scheme to defend against attackers with limited amount of resource. This idea works because it is likely that for every single bit increased in the encrypted data, it takes attacker exponential amount of resource to break it, so called 魔高一尺,道高一丈. (Quan Yang mercy please if I am wrong >.<)
Secondly, in addition to adding salt while hashing the password, we can run the underlying hashing function multiple times to increase the amount of times required for the attacker to build rainbow table. This is called Key Strengthening. The response time to validate users' input password will be affected as well but since for each user they only need to hash one password multiple times the overhead is negligible.
Another defence mechanism is even more interesting. Based on what we have for key strengthening, if we remove the salt after we hash the password, normal users and attackers will have to brute force the salt results. This will increase the overhead for normal users in a significant amount of time. But I am not very sure how it helps to defence against rainbow table attack better than key strengthening. It seems that such defence mechanism is only published on a paper and hasn't been put into practice yet.
Computer security is such an challenging and important field in computer science and after what Quan Yang and Prof Hugh had demonstrated in our lectures, it seems to be amazingly interesting as well. I really feel like looking into this area and having some fun myself~
Monday, October 31, 2016
Taste of mongo
In our final project since there is no constraints about the choice of database, our group uses MongoDB to manage data. It was my first time using NoSQL database and here are some thoughts about it.
As for the advantages, one of the things I really like about MongoDB is that I do not need to write schema anymore. The flexible data model MongoDB provided makes managing data a lot more easier. Basically I can store any type of data with desired structure. I can also dynamically update the data model with changing requirement without any interruption to old data. Based on my research, MongoDB also provides high performance in terms of throughput and latency. So far the amount of data we managed is not large enough to prove the statement but I am looking forward to it.
On the other hand, as for the disadvantages, not being able to do join query makes me feeling quite uncomfortable. Being used to relational databases, join is the one of the most frequently used method to retrieve data from different models with a single query. In MongoDB, the alternative is the "lookup" operation which I have not get used to. Besides,
MongoDB does not support transactions except certain atomic operations at single document level which may lead to data inconsistency.
Sunday, October 23, 2016
Why pixel games are still popular?
Since our final project, FitMi, is designed in pixel style, I research on available pixel games in the app stores and surprisingly find that pixel games, which seem to be a bit outdated, are still popular in the market. But why? Based on my personal experience and some further research, I suspect that these are possible reasons that keep pixel games alive.
One of the most important reasons is reminiscence. Because of reminiscence, developer created pixel games to pay tribute to the pioneers, for example, Super Mario, which bring them a lot of fun in their childhoods. Players of classical pixel games are attracted by new pixel games because of similar reasons.
Secondly, many game developers and organisations are short of man power which means that sometimes they have to do game design without designers. In such cases, pixel game is a rather safe choice due to its simplicity.
Third, pixel games actually enable users to make full use of their imagination. Therefore, for children and teenagers, who are never lack of imagination, pixel game is still a great choice for entertainment.
Moreover, expectations to pixel games are usually lower than the expectations to more advanced games such as GTA5. Since user accept the simple design of the user interface, it is not likely that they expect the game play to be very fancy.
On the other hand, since pixel game cannot afford too fancy game plays, they really have to put in effort to come up with a core feature that is fun. The Binding of Isaac, for instance, is a very good example of simple but playable game. The carefully designed core features keep pixel games attrative for a long period.
Last but not least, considering the large number of pixel games in the market, maybe it is just some of them becomes successful and popular at the beginning. And the success of these games earn users and credit for other pixel games which makes the whole market alive.
One of the most important reasons is reminiscence. Because of reminiscence, developer created pixel games to pay tribute to the pioneers, for example, Super Mario, which bring them a lot of fun in their childhoods. Players of classical pixel games are attracted by new pixel games because of similar reasons.
Secondly, many game developers and organisations are short of man power which means that sometimes they have to do game design without designers. In such cases, pixel game is a rather safe choice due to its simplicity.
Third, pixel games actually enable users to make full use of their imagination. Therefore, for children and teenagers, who are never lack of imagination, pixel game is still a great choice for entertainment.
Moreover, expectations to pixel games are usually lower than the expectations to more advanced games such as GTA5. Since user accept the simple design of the user interface, it is not likely that they expect the game play to be very fancy.
On the other hand, since pixel game cannot afford too fancy game plays, they really have to put in effort to come up with a core feature that is fun. The Binding of Isaac, for instance, is a very good example of simple but playable game. The carefully designed core features keep pixel games attrative for a long period.
Last but not least, considering the large number of pixel games in the market, maybe it is just some of them becomes successful and popular at the beginning. And the success of these games earn users and credit for other pixel games which makes the whole market alive.
Subscribe to:
Posts (Atom)