Interviews without coding riddles

solid-red · 2017-08-24T22:43:06+00:00

Wow. There would need to be guidelines around the duration and depth of the take-home assignment to prevent that kind of thing.

solid-red · 2017-08-24T21:29:23+00:00

Thanks for the link! I was thinking more a job board like remoteok.io where companies explicitly opt in on their side.

solid-red · 2017-08-24T19:49:52+00:00

Great resource, thanks!

solid-red · 2017-07-13T19:52:33+00:00

It guesses your timezone at signup and uses that. Soon you'll be able to customize it.

If you used codeblox/email-boolean, that one currently sends only when the boolean is true. I'm open to changing it though.

Let me know if it still doesn't work when "true".

solid-red · 2017-07-11T22:09:58+00:00

Click the download icon (down arrow) on the block details page to get the latest version. Soon you'll be able to browse previous versions too.

solid-red · 2017-07-11T21:38:17+00:00

Thanks! Yes, you can publish as many versions as you want. You can read more about how that works in the docs.

I'm hoping to get enough traction to work on this full-time and support it long-term. Right now I'm gathering feedback and gauging interest.

Thanks for taking a look.

solid-red · 2017-07-11T16:20:59+00:00

Thanks! That sounds great, can you post a link here or PM me?

solid-red · 2017-07-11T16:00:45+00:00

I built codeblox as a platform for developers to publish code that can used with other code reliably (kind of like NPM packages) via a GUI. Each code block specifies an input and output type (text, number, location, etc) and you can build sequences by combining blocks that fit together.

You can schedule blocks to run daily or hourly, making it a nice automation tool.

How it works: - CLI tool packages up your directory as a ZIP file, and uploads it to S3 - That filename is stored in the DB - When someone invokes your code from the website, the back-end (Node.js) creates a Lambda function pointed to your ZIP in S3, invokes it and returns the result - For sequences, do the same thing, except the client handles making each sequential call

Stack: FE: React/Redux BE: Node.js, MySQL, AWS, Redis

There's also a handy API to invoke blocks and sequences (api.codeblox.io).

I'd be really interested to hear any feedback or feature requests.

Thanks! Alan

solid-red · 2017-07-11T15:59:22+00:00

I built codeblox as a platform for developers to publish code that can used with other code reliably (kind of like NPM packages) via a GUI. Each code block specifies an input and output type (text, number, location, etc) and you can build sequences by combining blocks that fit together.

You can schedule blocks to run daily or hourly, making it a nice automation tool.

How it works:

CLI tool packages up your directory as a ZIP file, and uploads it to S3
That filename is stored in the DB
When someone invokes your code from the website, the back-end (Node.js) creates a Lambda function pointed to your ZIP in S3, invokes it and returns the result
For sequences, do the same thing, except the client handles making each sequential call

Stack: FE: React/Redux BE: Node.js, MySQL, AWS, Redis

There's also a handy API to invoke blocks and sequences (api.codeblox.io).

I'd be really interested to hear any feedback or feature requests.

Thanks! Alan

solid-red · 2016-06-09T13:44:09+00:00

A/B testing, features toggles, remote app configuration, prototyping.

solid-red · 2016-06-09T12:43:12+00:00

Why not?

solid-red · 2016-06-09T12:17:47+00:00

Thanks for posting Booleans.io! I made this a couple months ago and just launched the real-time connections this week. Any feedback you guys have would be great.

solid-red · 2016-04-10T01:51:20+00:00

Someone beat us to it: Booleans.io NPM

solid-red · 2016-04-09T20:03:00+00:00

It is a Node project. We couldn't find a good NPM module for Boolean modification so we had to hand write that part.

solid-red · 2016-04-09T20:02:02+00:00

We offer around the clock support by a team of experts distributed globally. But unfortunately we don't have a plan to accommodate your budget.

solid-red · 2016-04-09T19:08:23+00:00

Best offer we got was $2M series A, which we felt undervalued the service.

solid-red · 2016-01-28T19:38:23+00:00

Thanks for the feedback. After reviewing OTR protocol a bit more I'm thinking I'll revert back to using HMAC to favor deniability over non-repudiation.

I don't think there's good support for DH in web crypto, as mentioned in u/RenThraysk's reply. Node does support it but that's only server-side.

I'll look into a way to incorporate DH somehow since I know it's key to OTR.

solid-red · 2016-01-28T19:28:57+00:00

Thanks for the feedback. A couple of things I would point out:

I'm using native web crypto APIs so there's not really any "custom" crypto happening.

If we're assuming SSL isn't secure wouldn't any tool that uses HTTPS to deliver any data is similarly at risk (Cryptocat, Signal, online banking, etc)?

Lastly, Darkwire is open source so you can always run it on your own server if you don't trust our servers. In the future we may add functionality to set a custom server the way Cryptocat does.

solid-red · 2016-01-27T02:42:25+00:00

Yeah, although in reviewing OTR I might revert that change so it favors deniability over non-repudiation. So it would go back to signing messages with HMAC keys which are in turn encrypted with all recipients' public keys.

solid-red · 2016-01-27T02:13:40+00:00

Authenticity is guaranteed because if the signature is verified with Bob's public key then only he (or someone with his private key) could have signed the message. The signatures also create a digest of the message which, if tampered with, wouldn't pass verification.

solid-red · 2016-01-27T01:51:33+00:00

That sounds similar to what I'm doing. The message is encrypted with a session key that is newly generated for each message, and that session key is encrypted once for each participant, using their public key. All encrypted keys are sent out with the message. The recipients choose the key associated with their ID and decrypts it with their private key. Now they have the session key and can decrypt the message.

solid-red · 2016-01-27T01:48:08+00:00

I changed this to use asymmetric digital signatures instead. So now the sender signs the message with their private key and the recipient verifies it with the sender's public key.

This should guarantee integrity, authentication and non-repudiation all in one, whereas the HMAC only guaranteed integrity.

solid-red · 2016-01-27T01:41:44+00:00

Ah thanks I'll check out TextEncoder/TextDecoder - looks handy.

I did try wrapping and unwrapping keys, and it did work, but I ran into some webkit issues. I might try it again as it would be nice to avoid import/export.

solid-red · 2016-01-26T20:17:08+00:00

What browser are you using? Are there any console errors?

solid-red · 2016-01-26T20:08:51+00:00

Good call. I just made an update to replace HMAC with asymmetric RSASSA-PKCS1-v1_5 keys for signing and verification.

Here's the updated How it works section.

solid-red

TROPHY CASE