security out of thin air

I feel so much pity – and sometimes anger – when an exploit is found on some software and you can feel the smugness of security professionals while the poor developer have to scramble and get out a fix as soon as possible.

The security professional’s job is all fun and pretty easy. They just run automated scripts, compile a report, send it to the client and – poof – money out of thin air*. They only report (much of them false positives), they don’t have to fix. I’m willing to bet that the vast majority of security professionals wouldn’t be able to fix it themselves and that if they did, it would still have security issues. Maybe not now, but eventually.

It’s because writing code securely is incredibly hard – even for a security professional. If a developer had to handle all the exploitable cases, they wouldn’t be able to ship any kind of feature.

So to the security professionals that feel all high and mighty because there’s an exploit, just remember, you owe your livelihood to the developer that you label “stupid” or “idiot”. Developers come up of things out of thin air, you’re lucky you get to profit off of it.

Nothing is secure; only nothing is secure.

*The Mission Impossible-esque heist? Yeah, happens once in a while but far from their bread and butter.

How, What, Why

This resonated with me.

Nowadays, I don’t get excited anymore about the mechanics of things. “How” to do something has decidedly become boring; or perhaps it’s that “What” to do and “Why” do it is just more interesting for me now. The “how” takes care of itself.

Sure, I like Ruby on Rails and ReactJS and they’ll still be my goto tools for things that I need to do implement fast and really well UX-wise, respectively. But the end user doesn’t actually care, as long as it works. Sure, coding standards are important, but it should always go hand in hand with shipping something that works.

Kuala Lumpur 2018

November 10 to 16

Highways and Traffic

Almost all their major roads are smoother than SLEX. Traffic looks bearable because cars actually respect lanes. Motorcycles, however, are still pedestrians on engines. This just made me feel frustrated about Manila.

Vortex at KLCC

The unit itself was pretty nice. I guess having a local IKEA does wonders. We had a washing machine. I should’ve brought half the clothes that I did. There’s a pool and sauna that I got to use a bit. The place is right in the middle of the metro, and close to all transpo options.

Free Bus and Aircon Walkways

I wonder who funds it? What if we had that in Manila? How much would it cost? How much would we get out of it? I have a feeling that the benefits would far outweigh the cost.

Pavilion at Bukit Bintang

This place is just awe-inspiring. I get that it’s a high-end mall but, man, the sheer size of the place is just insane.

IKEA

You’re an adult when you get excited going around IKEA. I saw like 3573839393 things I wanted to buy but couldn’t because 1) money and 2) baggage allowance. Sad life. JJ was exactly the same.

Also, I missed that berry jam on brown sauce for the meatballs. I think I should try going back to Norway one of these years.

Chinatown

I wonder how much those original Mont Blanc bags cost?

Grab to airport

His hood went up twice while we were at the expressway. The first time was really scary because we were going around 120km/h at the fast/overtake lane right next to a truck.

I felt bad for him because the airport was 40 minutes away from the city proper. I wonder how he’s going to have his car fixed.

Waiting for Boarding

Someone hit me up for conversation while waiting – Danny from Muñoz that came from New Zealand on his way home for an emergency with tickets he bought the day before for 1800 NZD. He gets paid 22 NZD per hour.

Intelimina Plans

We actually went there to plan. I felt it was productive and it was nice seeing everyone join in coming up of what we should be working on as a team on one of our products. We didn’t cover the other products, and we totally should, but that’s mostly on me for now.

Back in Manila

It’s hot and traffic is as slow as always. Wrote this at the back of my Grab, going to BGC. I’m back.

On Becoming Who You Are

As it turns out, to “become who you are” is not about finding a “who” you have always been looking for. It is not about separating “you” off from everything else. And it is not about existing as you truly “are” for all time. The self does not lie passively in wait for us to discover it. Selfhood is made in the active, ongoing process, in the German verb werden, “to become.” The enduring nature of being human is to turn into something else, which should not be confused with going somewhere else. This may come as a great disappointment to one who goes in search of the self. What one is, essentially, is this active transformation, nothing more, nothing less. This is not a grand wisdom quest or a hero’s journey, and it doesn’t require one to escape to the mountains. No mountain is high enough.

Just found this passage from one of the few mailing lists I subscribe to. I think that’s by John Kaag as he ruminates on Nietzsche’s philosophy. This is the book. I haven’t read it yet, maybe one of these days.

Love, Like, Dislike, Hate – Meditations on Gifts Part 1

I tried to make this a 5x5x5x5 but I’m taking so much time on the dislike/hate part.


Love
  1. I enjoy learning new skills by applying them. I learn best when under external pressure (I have billed the client already).
  2. I enjoy explaining things to people because it reassures me the level of knowledge that I have – or don’t have – and it forces me to compose my understanding to something that can be communicated.
  3. I enjoy seeing problems get solved with constructs of my design.
  4. I enjoy creating things as part of the process of learning new skills.
  5. I enjoy seeing my progress in mastery of the skill.
Like
  1. I like considering new point of views, trying to view something based on another level’s perspective. I ponder a lot; chewing upon thoughts like chewing gum.
  2. I like talking with other people if we’re talking about concepts or their informed opinions on things and how they’ve come to that opinion.
  3. I like experiencing new things and learning something about myself in the process.
  4. I like helping other people by giving them opportunities.
  5. I like planning out my day, my finances, my food – even though I need to work on the actual following the plan thing.
Dislike
  1. I dislike talking about mundane things. Can we just skip the small talk and get on with discussing deep stuff?
  2. I dislike social media because it’s distracting and it is a huge time and attention sink, not just for me, but also for other people.
hate
  1. I hate the feeling of lack of resources.
  2. I hate the feeling of rejection.
  3. I hate traveling.
  4. I hate not being able to keep my promises.
special mentions

I have a love-hate relationship with gaming. I like games because they’re mentally engaging. It triggers my min-max persona a lot. Anyone who’ve played with me will be able to tell you how much I get into games.

But games also triggers a sense of losing control on my part. That I just can’t stop myself. It’s an addiction.

There’s also a sense of waste when I play. I’ve invested so much time and effort into playing and I have nothing to show for my investment.

 

Numbers

The same song has been playing for 2 hours now.
It’s sunny outside.
I’ve been working for 2 hours now.
The view of the pool from our window is calming.
We’ve been here for 32 days now.
I kind of like it here.

The plates have shifted.
It has been 10 months now.
But the boiling hot anger and tremors of disappointment are ever stronger.
It has been 5 years for me since I had an idea, though.
I don’t feel anything, because I knew this was coming.

I’ll stay here until I’m 30.
That’s when I plan to revisit my plans.
But now, I’m still 27.
So there’s nothing else to do but to execute.
I had an 8-year head-start.
Why do I feel like I’m so far behind?

Love Gaming. Hate Gaming.

I actually have a love-hate relationship with gaming.

  • I used to steal from my dad’s wallet just to play in the nearest playstation rental place (remember those?)
  • It started me poking around my computer and lead me to my understanding of computer hardware today.
  • Me and my brother have spent upwards of 10,000 pesos over the course of 4+ years on internet cards and ragnarok cards as well as countless hours playing various MMO games (Ragnarok then Khan Online then Flyff then Dekaron and a bunch of other MMOs that I’m forgetting.)
  • It started me into writing scripts for bots and exercised my nascent logic skills (which turned out useful for programming.)

I love playing games. But it just sucks so much of my time and attention, because it’s too interesting and I’m finding out that I’m a really competitive person (even when I claim that I’m not.) Especially if it’s a game that has infinite replayability and a grind component (e.g. most MMORPGs), I’ll be gone for a week.

I’ve been able to stave this off because I play it on a dedicated computer but mobile games are now the bane of my existence. The accessibility makes it hard to compartmentalize and it provides a “good enough” dose to tide me over.

I wish to find the middle ground. Something like, play only games on weekends. Or in the evening. Something like that. But I’m realizing that it _is_ _fucking_ _incredibly_ hard.

It’s either I don’t play at all, or I just play all the time.

And I’m slowly finding out that I might have to give up gaming altogether if I want to be at 100%.
I’m trying to come to terms with this realization.

Game over, huh?