WebEggs

Adventures in tech 

Mini-MOOC on programming securely

Published on May 15, 2013 by in Courses

Today’s issue of CompTIA SmartBrief featured an article from the Wall Street Journal that I found rather interesting: it reports the story of how Adobe has been prone to too many cybersecurity attacks and what they have done, internally, to prevent that: they have invested on education. Starting from the consideration that secure software begins with secure coding, they have developed a portfolio of short training modules aimed at making programmers aware of  how security bugs find their way in programs, and how to avoid them. Results have followed and now they have decided to share this experience, and the training modules they had developed, with the world.

These training modules are being share for free through SAFECode, a non-profit organization that features Adobe itself, Microsoft, Siemens, Intel and other major players in the IT industry among the founders. As the name suggest, SAFECode is about software and security, as their mission states:

SAFECode is dedicated to increasing trust in information and communications technology products and services through the advancement of proven software assurance methods. To this end, SAFECode unites subject matter experts with unparalleled experience in managing complex global processes for software development, integrity controls and supply chain security. The trusted exchange of insights about proven methods and real world experiences provides SAFECode members a unique opportunity to share collective perspectives and practices that can enhance the greater cyber ecosystem.

If you check SAFECode’s homepage right now (as of may 2013), you can find the link to their training section, which is what I really got interested in. While not being a true MOOC as MOOCs go,  in that you don’t have a subscription and scores and several weeks of lectures, yet there is a quite comprehensive catalogue of short video courses, each around 20-30 minutes. So far the list includes:

The Injections 101 module is the one I’m most interested in: I plan on taking it – it’s just and half an hour module – and on sharing my thoughts with you afterwards. In any case, I think that these courses somehow stand out of the rest of the MOOCs you can find out there: while IT MOOCs are usually aimed at training on a general level, like teaching you how to program or to learn a new skill, these SAFECode modules address some very specific need, things that even very skilled programmers often learn ony after years of experience, if ever. In a sense, these are really advanced topics, but ones that should be included in the education of any programmer from the very beginning.

 
Tags: , , ,
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
No Comments  comments 

And I’m back

Published on May 5, 2013 by in

It’s been a few months since the last posts here on Webeggs, I know!

Just a quick note to say that I’ve been busy getting my Masters Degree in Computer Engineering and starting my PhD. I’ve actually been tech-learning a lot!

I’ve also moved my server to the US-East region of AWS, so there might be some temporary glitches as the DNSs update.

I’m preparing a short tutorial on Javascript and AOP, it will be up soon, so if you like, just check back.

 
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
No Comments  comments 

Some memorable words

Published on March 21, 2012 by in
RTFM_by_bugznz

This morning as I walked down to the breakfast room of the hotel where I’m staying this week, I got an email that really made my day. Just a little background: I’m staying in Milan the whole week because I’m teaching a Java advanced class at some employees of a very large IT company. I have to keep my students engaged, which is no easy task because I have to teach for 8 hours a day for four or five consecutive days to the same guys, so I really need a trick or two every day to pop their interest up. I also encourage them to ask me anything, no matter how trivial it may seem, because my wish is to send them home with something more that what they could have learned just by reading a book. Today, just before lunch, I had the greatest pleasure to read aloud these words, which came as a notification in my email. They are by Sebastian Thrun, the co-founder of Udacity and an amazing teacher and researcher, answering to someone else’s post:

I really hope that this new digital medium makes it easier to ask “stupid” questions. Let me report on myself. I work with a 200+ people team at Google (reporting into me), I co-founded Udacity, I am an authority in my area of research. I ask many many “stupid” questions. I have learned that asking questions is power. The problem is if others respons to such questions with “you should have known.” People rarely do this to me, but they do this to my students. I really dislike this, and i usually confront them. We should remember that there is NO learning without asking questions. In this class, there are people with many different levels of knowledge and skills. What brings us together at this point is that we are all 100% dedicated to make this class. be kind. Reach out to people asking questions whose answer appears trivial to you. Be a friend. And make a friend. remember the question that seems obvious to you once was non-obvious to you. You find that people respect you for being kind. Being kind is one of the highest levels of achievement. I will respect you for it, and so will the people around you. There will come the day when you are asking the stupid question – and you will appreciate the kindness of others. [Sebastian Thrun]

You can read the original post, where it originated from and all the answers here

I can’t tell you how much my students appreciated these words, and I have really noticed that afterwards they have been more free to ask me questions. So much that I’ll find a way to read this words in any future course.

 

 
Tags: , ,
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
No Comments  comments 

PID Controllers

Published on March 20, 2012 by in CS373

It’s been a couple of very intense weeks around here, but sure I haven’t quit studying!

CS373 at Udacity is keeping up with the expectations, definitely! I’m every day more enthusiastic about the things they’re teaching.  It’s also proving tough, which I like very much: there are already so many “no-previous-knowledge-required” courses out there, but what about when you have passed those? This course challenges you, asks you to really think and write some pretty tough code, and I’m finding it very rewarding. It’s too late now to enroll if you are not already a student, but I definitely encourage you to start it on the next edition, which starts on April 16th.

We’re in the fifth week now, and we’ve had a very peculiar look ad PID controllers. As I had studied them for my Control Systems course, I thought you’d use a PID controller only to achieve stability in a dynamic system, but using it for tracking is something that really opened my eyes upon it. I was nevertheless very glad to see that those hard-learnt concepts are coming up again!

Now, I’m toying with another 2D demo, that might help someone answer to the first question of this week’s homework… some more javascript is on the way!

In the meanwhile, I’ve dropped off of Circuits and Electronics (not that I had ever really started it, even though I confirm that the platform is stunning) and of saas-class, because it proved just a quite fast overview of how to develop web applications with Ruby on Rails, and it just requires you to learn involved code in Ruby. There has been some discussion on the forum regarding what people expected from the course and what it really is about, I’d call it a miscommunication problem. Anyway, David Patterson answered at some point that later this year there will be a more advanced part II, we’ll see.

 
Tags: , , , , , ,
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
No Comments  comments 

3n + 1: a little headache at CS101

Published on March 10, 2012 by in Courses
Collatz conjecture

Homework two at Udacity’s CS101 gave a little shock to more than a student. The third loop of question 5 was:

n = any positive integer
while n != 1:
    if n % 2 == 0: # the % means remainder, so this tests if n is even
        n = n / 2
    else:
        n = 3 * n  +  1

And the question was: will this loop end sooner or later, will it loop forever, or doesn’t anybody know?

To the abashment of many a student, the answer is “nobody knows”. Many people have tried running the loop with different values of n, you could even try to run it with the largest integer that your programming language and your hardware allow, and the loop always end, so why isn’t the correct answer “yes it ends”? This is a very good introduction to the concept of conjecture. According to the definition of the Merriam-Webster’s dictionary, a conjecture is:

2.c : a proposition (as in mathematics) before it has been proved or disproved

So here is the tricky part: no matter how hard anyone has tried, it has worked, but nobody has yet find a mathematical proof that that loop will end. This very simple little problem even has a proper, famous mathematical name, it’s the Collatz  conjecture. If you search the web, you can find much about it. Very interesting is the Wolfram MathWorld’s page on the Collatz Problem: if you look on the right sidebar, you can find links to demo projects on this little tricky conjecture.

Some may argue that this all has little to do with CS101, learning about programming, but I think it was indeed quite appropriate: a high-level course should not only give you standard information on the subject, but it should also open your mind to new ideas, give you new paths to explore, expand your knowledge. I think that the students that were already familiar with the idea of a mathematical conjecture were immediately hinted by the “Unknown, to anyone” formulation of the third option, and even if they didn’t know of this specific problem, they might have started searching the web for something like “3n +1″. Google it and the problem shows up at the very top. Other students, who might have never heard of what a conjecture is, now have an idea, so I think that, even if it wasn’t something dealt with in the lectures, it is still a great way of teaching, because it asked students to actively look for something. Again, kudos Udacity!

A word to the wise: like so many other open problems in mathermatics, this conjecture is very easy to state, but it doesn’t mean it will be easy to prove, so you’d better think twice before you dive in and try to solve it!

 
Tags: , , ,
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
No Comments  comments 

The Square problem and some news

Published on March 8, 2012 by in AI @DEIS, Courses

After Tuesday’s class, I came home with the 10×10 square problem in my mind. It looks like it would be a nice little game to have on a website, and it’s deceptively easy to understand the rules, but quite hard to find a solution. This is how the problem is stated:

Image from the iTunes preview of Logic 10x10

In a 10×10 square grid, all the cells are empty, except for the upper left corner where there is the number 1. Fill all the other cells with numbers from 2 to 100, following this rule: the following number in the series must be either a 2 cells distance vertically or horizontally, or at 1 cell distance diagonally. (note that in the picture on the left, the 1 is in the central cell, but this doesn’t change the problem very much).

Also programming the functions for the AIMA library is really easy, in principle, but as soon as I ran it on a small instance (6×6) I found that I’d better optimize the variable that holds the status of the problem, and find a way to reduce the search space.

Let’s take a look at the search space: you surely have a search tree of depth 100, with a fan-out of each node that is at most 7, because you can move in either one of the 8 directions, but one is surely impossible because it’s the cell whence you came. With lots of “bitmask-magic”, some reduction of the fan-out in cases of symmetry and some early failing when there are unreachable cells, I was able to reduce the time to solve the problem of a 6×6 instance to a few milliseconds:

pathCost : 35.0
nodesExpanded : 3482
queueSize : 25
maxQueueSize : 33
Solved in 2ms

With an average solving time of ~60ms. Good. But as soon as I go up to a 7×7, the average time grows up to 2000ms, and 50000 for an 8×8. The 10×10 has been computing for the last 13 hours and hasn’t come up with a solution yet! While brute force does its work, I’m working on a little JavaFX applet to showcase here. Maybe by playing it a little I will be able to embed some strategy in my game…. or maybe even better, I’ll have some self-training algorithm that will learn a strategy… work in progress!

While I fiddle with this, I received three emails from Coursera… it seems that something is moving at last! Three courses are starting next Monday: Cryptography, Algorithms and Natural Language Processing, aka NLP. A couple more, Game Theory and Probabilistic Graphical Models are starting the following week, march 19th.

While probably I won’t be able to follow everything that is currently being offered because I already have five real exams in the next four months, I have enrolled most of them, and I’m very curious to see how Coursera is doing, if they will live up to the expectations that ml-class and db-class created. Personally, I have only watched part of ml-class and almost none of db-class, but from the reactions I can tell that people were very happy. I actually plan to take ml-class even though it’s officially over, last fall I really had no time but the lectures and quizzes are still there so I hope there will be no hurry.

 
Tags: , , ,
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
No Comments  comments 

And the winner is….

Published on March 6, 2012 by in AI @DEIS

As I mentioned earlier, I am attending an AI course at my faculty, and today’s class was in the lab. What I didn’t mention is that the suggested textbook is AIMA, and today I discovered that we would be using the AIMA library in the lab. Our very kind TA, Eng. Federico Chesani introduced us to three problems that we could try and solve with the help of the library. Our goal then was not to implement search strategies, which can be found in the library, but rather to deal with status representation, goal testing, heuristics and termination conditions.

The three problems were:

The uber-famous MCP, aka Missionaries and Cannibals

Image from Millan.net

Three missionaries and three cannibals come to a river and find a boat that holds two. If the cannibals ever outnumber the missionaries on either bank, the missionaries will be eaten.

How shall they cross?

You can even find a playable version here

A grid-filling problem

Image from the iTunes preview of Logic 10x10

In this problem you have to fill a 10×10 grid with numbers from 1 to 100 according to a few rules: the next number can be only 2 cells away in horizontal or vertical direction, or 1 cell away in a diagonal direction.

The only reference I found is this iPad game, called logic 10×10. If anyone has a better reference, I’ll be glad to know.

The U2 concert problem

How can we cross this bridge in time?

The concert starts in 17 minutes, but we need to cross a bridge, at most two of us can walk through it at a time. Bono can walk fast and can cross the bridge in 1 minute, the Edge almost as fast, in 2 minutes, for Adam it takes 5 minutes but Larry is really slow, 10 minutes to cross the bridge…

I’ve made a bit of search and found that this is a lesser known problem than the first two, but still it’s not really new. I found this article that refers to it. Actually, in our version there was a requirement that said that people had to cross in 17 minutes, while the original problem asks you what is the minimum time, so it was a bit different.

Then our TA put us in a competion: “you have an hour and 15 minutes to complete this. The first person or group that finishes wins pasta and cappuccio (*)  tomorrow morning”. He also added some fun remarks about the fact that he’s older than the students and that when you get old lots of your neurons have already died but the students are young and they had to but their brains at work.

Hey, wait a minute. You, dear TA, you’re younger than me! Maybe just by a few months, but you’re younger! Which means I have less neurons alive than you, and much much less than my fellow classmates… am I really impaired in this competition???

I’ll show you better!

And so I started moving my fingers at lightning speed on the keyboard… and finished first! Eleven minutes before the deadline :-) On a side note, I probably must say that after 16 years of java coding, and I don’t know how many using Eclipse, I might have a *slight* advantage in the code-typing speed… but hey, I have to do with less neurons!

If you’re interested, you can download the code. You will also need the aima 0.95 library (the lecture slides were written for that version). It’s *awfully* written, almost zero comments and very poor practices… but the competition required me to hurry!

If you can read Italian, here you’ll find the slides and specification of the problems.

* Pasta is not what you think of, it’s not spaghetti: in this context, it means a piece of pastry, or brioche. And cappuccio is cappuccino. Tomorrow morning I’ll have a nice breakfast!

Tomorrow morning's breakfast... yum!

 
Tags: , , ,
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
No Comments  comments 

MITx is alive!

Published on March 5, 2012 by in Courses
Analogue Circuits

I finally finished all of my homeworks for CS373 and SAAS, and I even managed to complete the one for CS101… pheeeew, it’s been a long coding night! But I’ve been able to complete them all in time, and I even had the time to get into some discussion about Kalman filters and brushing up my Control Systems Theory. My professor would be proud of me!

A few minutes ago the time for March the 5th finally came on GMT, and so the first MITx course officially launched. I just had to take a peek, and the first impression is simply WOW.

Now, I know that probably I won’t take that course to its end, I’ve had enough of Analog and Digital Circuits for my BS, thank you. I don’t know why, but as much as I adore mechanics, I’ve never been too fond of circuits. I can happily go down to the logical circuit level, but when it comes to resistors or diodes I simply get very, very bored. So I already know that I’ might drop the 6.002x course very soon, as soon as it demands more than what I already know.

Then why did I enroll? Well, because I’m a real fan of e-learning. It’s a really new field, at least at this level and scale, and there are so many initiatives, so many people are exploring the field and testing which methods will lead to the best results. I think that they also have to define the measurement scale for the “results” themselves, what are the metrics to decide whether a course was successful or not. So I’m trying to have a look at all the different approaches, and get an informed opinion about what works and what not, what is missing and what could be bettered.

I’ll have to take a deeper look in the next few days, but so far MITx 6.002x is sporting:

  • The richest UI I’ve seen so far. Cool!
  • Videos filmed specifically for the course, not “recycled” from a live class. Great.
  • Even some acted videos of students. Fun :-)
  • Background music and proper movie-making. Cool, keeps you engaged.
  • Chance to slow down or speed up the video. Useful.
  • Clear pronounciation from all the speakers. As a non-native english speaker, I’m so grateful.
  • Captions scrolling on the side, so that they don’t disappear as soon as the word is over. Great improvement.
  • And the captions are clickable! You’ll jump right at the point in the video. Wow.
  • An online lab: a circuit designer much like SPICE. Really really useful.
  • A free, full textbook. This textbook actually. Amazing.
  • A discussion forum, like aiqus or the Udacity forums. Ok, they all have one.
  • A wiki that supports even circuit boards as content. Super-cool.
  • A cool, cool progress section. Did I say cool?

Also, MITx will actually issue a certificate. While the validity of this certificate is only up to whoever wants to accept it, it certainly is a plus.

While some of these things might seem only cosmetic improvement if compared to the other courses that are online now, I must admit that they make the experience very interesting. Other instead are really rocking. If you compare these features with other courses, that may even have a required textbook that you actually have to buy or that have very poor video editing, the quality is superb and makes you want to go on. I’ve also heard one of my professors at University say that the MIT-style is much different that the Stanford-style… well, you can surely sense that in the videos :-)  I’ve spent an hour or so on this course now, which is amazing considering my lack of interest for the subject itself, but what’s more amazing is that I’m really intrigued to go on with the course.

Just to be clear: not that spending a few bucks on an ebook is too much to pay for a university-level course, but these classes are meant to reach everyone in the world, and they should think mostly of those people who are really willing to learn but don’t have the means to afford college education, or that live in countries where “a few bucks” is your monthly salary. Bringing education to these people is the great power of these online courses, more than bringing it to people like me who were born in a country where you have full access to all the knowledge that you want, and that were able to attend good schools at any level.

But be warned: from what I can sense now, this is not a 101 course, it seems that you need some prior  understanding of basic electronics, or you’ll get lost at the very first explanation of how the tools work. But I may be wrong, I’ll check the lectures and then I’ll see…

 
Tags: , ,
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
2 Comments  comments 

Palindromes

Published on March 3, 2012 by in CS373, SAAS-class
symmetrical_cow___moom___by_dcarolinav-d4lqs47

It really seems that a couple of tough courses in AI (one at Udacity and one at my faculty) and a job and a MS thesis aren’t enough to keep me busy, so I’ve started having a look at Software Engineering for Software as a Service at Coursera.

It’s a shorter course than CS373, only five weeks. The elected programming language is Ruby on Rails and there is a textbook to read: Engineering Long Lasting Software by two real software engineering gurus: Armando Fox and David Patterson, who are in fact the teachers of the course. I still haven’t bought the book, but as soon as I do I’ll try and review it.

The first two weeks of the course are almost over: there was no assignment on week one, but there are a few for week two. So far I’ve completed, with much pain due to my absolute ignorance in Ruby, only the first one, about palindromes.

What is funny is that the first coding challenge posted in the CS373@Udacity forum was just about the very same problem! Ok, it really shouldn’t be too surprising, because it’s a very common basic computer science problem, nevertheless I find that the differences of writing in Python and in Ruby are really relevant.

I can’t post the codes right now, because saas-class homework deadline has not passed yet, but we’ll have a comparison very soon. Now I’d better go back to my assignments… Ruby is driving me crazy and I’ve just started watching the videos of CS373 Unit 2. So far it seems pretty tough!

 
Tags: , , ,
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
3 Comments  comments 

2D Robot localization

Published on March 2, 2012 by in CS373
Probability distribution of homework 1.4

The first week of CS373 at Udacity was fun… and tough! Homework 1.4 is about the localization of a robot in a 2D red-and-green world, you have to calculate the probability distribution given the “world”, a list of measurements and a list of motions. Your sensor is pretty broken (senses right only 7 times out of 10) and the 2D robot really moves only four times out of five. You have to write some Python code that will calculate and show the distribution.

I couldn’t help but play a bit around it: I decided to develop a webpage that would allow you to see the world and the distribution, and to interactively move a robot in this 2D world. Mostly, I wanted this page to help test the Python code, so first of all I needed an embedded Python interpreter in Javascript. Embedded, because I do not have the skills or the willingness to secure my website so that I would execute anyone’s Python code on my backend host :-D

There are several projects online projects that allow you to execute Python code, such as Codepad, TryPython and Ideone jsut to name a few, but I needed something that I could embed in my page and where I could access the Python environment from Javascript, so I ended up choosing Skulpt: it’s small, downloadable, open source and Javascript-scriptable. If you check their website they even have a very neat editor with syntax highlighting. The code is hosted on Googlecode and you can check it here, but if you want to use it beware: user documentation is zero, so you really have to dive in the Javascript code and find your way around, it requires some skills. Nice thing is that the Python functions are implemented using standard JS code, so once you find the right place, you can really tweak it.

And the reason that I bothered tweaking it is that the modulo operator does not behave in the expected way for negative left-hand operand:

-1 % 5 == 1

while, according to Python, it should be 4. Also, booleans are not promoted to integers, so I patched those two things to make it work. If you’ve seen the code in Unit 1 you know why those patches are needed. Still, the modulo operator doesn’t work as expected for negative right-hand operators, but it really doesn’t matter in this case.

Check my 2D robot localization demo here.

 

 
Tags: , , , ,
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
2 Comments  comments 
© Anna Chiara Bellini 2012-2013