Learn what they are and how they are used

Image by Pixabay

We use signatures to show that we have read a contract and want to do our part of fulfilling it. They serve two purposes: Expressing an intend and being able to prove to the authorities that this intend was expressed in case one of the parties does not follow the contract. For example, if you sign a rental agreement, your landlord has proof that you wanted to pay the stated rent each month. And you have the proof that you actually can use the apartment.

Let’s learn about the problems of this approach and the digital equivalent!

Why handwritten signatures are problematic

Let’s first explore…


An elegant solution to change management

Bitcoin
Bitcoin
Photo by Dmitry Demidko on Unsplash.

The world is changing and developers are not perfect. The first iteration of any software always has some flaws or shortcomings that need to be adjusted after a while. For those two reasons, it is important to have a mechanism for change management. In the case of APIs of central services, you typically have an API version and a deprecation schedule.

But what do you do in a distributed system? How do you keep the system flexible and secure?

Bitcoin has an elegant solution to this problem: Bitcoin Script! After reading this article, you will understand it. Let’s go!

Anatomy of a Bitcoin Transaction

New…


They are coupled, but not the same

Images from @marjanblan (source) and Serge Kutuzov (source)

Web services change all the time. When a web service is about the be updated, you might have an approval process and a quality assurance process around that topic. You might need a manager signing off that the current release candidate (RC) can actually be released.

The release is a business process and a business decision.

When people say that they are releasing the software, they typically mean a crucial step of the release process. That could be the sign-off to allow the deployment. That could be informing clients that the software is finished.

The deployment is more clearly defined…


Image by Martin Thoma

STRIDE is a model which categorizes threats into…


“If everything seems under control, you’re not going fast enough”

Female holding a computer in front of servers
Female holding a computer in front of servers
Photo by Christina Morillo (original). Thank you!

Almost all web services for end-users have the need to store data. Almost all of them store them in a database. And quite a lot use a relational database like PostgreSQL, MySQL/MariaDB, or MSSQL. Database systems are pretty awesome because you can forget about them. They just handle the data persistence for you… until they get slow.

In this article, you will learn the difference between vertical and horizontal partitioning, sharding, replication, and a few other ways to speed up your database. Let’s go!

What Do We Care About?

For database systems, we care a lot about consistency and availability. We also need a working…


Be smart or throw money at the problem

Image by Martin Thoma

The beauty of software development is that almost arbitrary many can profit from a developer’s work. Web services such as Facebook or YouTube have several hundred developers, but hundreds of millions of users. However, having many users is not for free. The servers need to do more work. At some point, the machine you started with is not enough.

After reading this article, you will know the difference between scaling vertically and scaling horizontally. Let’s go!

Vertical Scaling: Scaling up💸

The simplest solution when your server struggles is to buy a more powerful one. It might be more RAM, a better CPU, or a…


Photo by David Rangel on Unsplash

Why do people write malware? Who are those stereotypical black-hat hackers? After reading this article, you should have a better understanding of the breadth of this group of people.

The incentives for creating malware are:

  • Gaining Money: People want to get rich or at least earn a living.
  • Dealing Damage: “Some Men Just Want to Watch the World Burn” to quote Batmans’ Buttler.
  • Gaining Information: Getting private information can be tempting for many people just out of curiosity.
  • The Challenge: Hacking certainly is a hobby like chess. Just like with chess, there are many people who don’t understand the joy…


Photo by Max van den Oetelaar on Unsplash

Credential stuffing is a brute-force attack on a services’ user accounts. Not one specific account, but many. Typically by using credentials that were found in other hacks. As a user, you can see via haveibeenpawned.com if one of your accounts was compromised. Most likely, it was. Let’s learn what you can do!

Why you should care

  • Credential Stuffing is part of “Broken Authentication” and thus #2 in the OWASP Top 10 (source)
  • 2020: $3.5 million in fraudulent check withdrawals with credential stuffing (more details)
  • 2020: About 500,000 Zoom users credentials were found with credential stuffing (source)
  • 2020: “Retail, travel, and hospitality industries attracted a…


An all-time programming classic for interviews

Photo by Christina @ wocintechchat.com on Unsplash

When companies interview potential new software developers, they typically also have a programming interview to make sure that the candidate can actually write very simple programs. Fizz Buzz is a very simple classical example. The problem is easy to describe and the solution is easy as well.

Problem Statement

Write a function that takes an integer and returns a string. If the number is divisible by 3, return “Fizz”. If the number is divisible by 5, return “Buzz”. If the number is divisible by 15, return “Fizz Buzz”. …


Speed of development, execution time, (de)serialization, and maintainability all play a role in making your code shine

Timeline of alternatives to classes
Timeline of alternatives to classes
Photo by the author.

As developers, we throw a lot of data around. The representation of data matters a lot and we need to be able to keep track of which variables represent which attributes. Configuration is a prime example of complex data.

In the following article, I will use location as an example. It must have a longitude, latitude, and can have an address. In C, you would use a struct for this. In Java, you would simply create a class. In Python, there are six alternatives. Let’s explore each of their advantages and disadvantages!

Plain Classes

Plain classes are the default way provided by…

Martin Thoma

I’m a Software Engineer with focus on Security, Data Science, and ML. I have over 10 years of experience with Python. https://www.linkedin.com/in/martin-thoma/

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store