One time, over the course of a few days, I wrote no code. I also received no bug reports or feature requests and never had to do any maintenance, deployments, monitoring, or performance optimization on said lack of code. It was magical.
I think most folks call this vacation. A lot of employers have unlimited vacation policies to minimize their employees time away from the keyboard. It's very generous of them!
More seriously, taking time away is a good thing for any career path. I think some of my best work is done when I've had time away to actually live life. Somewhere in the deep unconscious mind I'm still designing systems and compiling algorithms that might solve problems I'm working on.
A whole new encryption scheme that will change my world. I’ll share it here when it’s polished up.
It allows you to encrypt anything and can be decrypted by anyone after a certain point in the future has passed. It uses the new NMA announcements (signed timestamps) from the Galileo GPS satellites to “prove” the time has passed and generate the decryption key.
Oooh i've always thought about this but never dug deeper into where can one get a signed proof of time. Would really like to see how this will go! I can see a lot of things built on it ("validated" Web Archive, press/betting market, etc).
Maybe the GPS timestamps will become the world standard, maybe it will not be. I assume the NMA announcements have a public key to verify/decrypt the message.
How does it work? I can imagine a program that checks if it sees a correctly signed message of the right time, but that program would then have to decrypt the payload, and I don't know how the key for the payload could be derived from the as yet nonexistent timestamp.
It’s basically a SNARK (cryptographic program) where the verification program itself is part of the cypher text and instead of outputting 0 or 1, you get decryption.
You could send something to a reporter and not even the NSA could open it until the appropriate time.
You could encrypt crypto-wallet keys with it and your heir can’t open them until after turning a certain age.
My use case: my wife or myself write a letter that can’t be opened until some point in the future. Every year, we delete the old letter and write a new one. This is “in case we die” so it’s addressed to loved ones. Right now, we can theoretically read each other’s letters if we wanted to, but this encryption doesn’t require us trusting each other, the service we host them on, or anything.
> Right now, we can theoretically read each other’s letters if we wanted to, but this encryption doesn’t require us trusting each other, the service we host them on, or anything.
Ah, yes, this enables the famous trustless relationship. :)
(I kid, I'm sure you have a lovely relationship, but the clash was too funny for me)
We do trust each other, this is mostly born of a conversation last week. We were talking about extending it just beyond us, but our loved ones as well, and friends. Thus “require” in this sentence does not imply we do not trust each other (we do) but that it is not necessary to work. We aren’t worried about governments and corporations with too much processing power solving np-complete problems to read these letters, though that may be other people’s threat models.
If that were true, potentially every intelligence agency on earth would have a copy and it would defeat the purpose of it since anyone could spoof gps signals. It seems entirely within Europe’s interest to keep it out of any other agency’s hands as it would defeat the purpose of it.
I just checked and it looks like[1] this happens at least once a year, specifically to guard against this kind of attack. It doesn’t break the chain of hashes though.
I am also skeptical, though I am no expert. SNARK are zero-knowledge proofs, they are intended to give a proof that a result was computed correctly, not prevent an unwanted computation altogether.
The fact that you can decrypt after the time passed is of course the easy part, preventing decryption before then is the problem.
Yeah, there’s no telling how secure it is. Works, yes. Easily circumventable, maybe, maybe not. There’s a lot of math involved and I’m by no means an expert at any of it or guaranteed to have implemented everything correctly. For my personal purposes it’s 100% secure unless you know wtf you are looking at (much like a one-time-pad). Once the code and algorithms are published, it’s only secure until someone breaks it.
A data dashboard for the fire department I worked for - which I left in 2020.
Screenshots [1]
It was more than a few days, in fact was quite the work in progress. When I started management had no way of visualizing our call data on an as needed basis. Prior to the dashboard if they need some data for fire calls they went to one person, asked for the data and waited until that person got around to doing it and then delivered in an Excel spreadsheet. Same with EMS data through a different person.
I started to work on v2 but it kind of died on the vine as I knew I would never get support from I.T. [2]
There were also some scripts that I created to gather data, compile it and send it a daily email to various people within the department. But once I left the department I lost access to the department network. [3]
Long, LONG ago, I wrote a little program to predict hard drive prices. It worked well for a few years, and needed some tweaks, but was quite the conversation starter. I looked through the oldest hard drive ads I could find, and extrapolated. I added a factor for a "base price" because nothing below that number would be a viable retail product.
I just found the DOS version hosted at the Internet Archive[1]
Here's a later Javscript version[2]
It was good for a while, but eventually it wasn't optimistic enough.
I depend on my battery monitoring tools every day (xbattbar[1] for X and wattbar[2] for Wayland), and each of those was written over about two days time.
However, the coolest thing would have to be the project I'm in the middle of now, but it requires some explanation. At Hackerspace.gent, the center of the lounge area is Bloembak[3], a 1x1m table with a 32x32 pixel display covering its surface. During a discussion at a local bar with its creator, I decided it would be absolutely brilliant to be able to run shaders on it. So in my spare time over the last week, I wrote an interpreter for SPIR-V shaders to check my understanding, and then over the course of about 2 days, I rewrote the entire thing to target LLVM. While it's not finished (I only implement ~2/3 of the opcodes in SPIR-V and 1/10 of GLSL.std.450), it's already sufficient to run quite a few shaders off shadertoy at a reasonable framerate.
I wrote a simple diff3[1] with a port of someone's Myers algorithm code implementation that I am still trying to get right. Diff is pretty tricky! I want the diff to have the same behaviour as git. I can detect conflicts but largest common substring isn't always the same behaviour. I think git is line aware.
My goal is to create a database with seamless merge with my Merkle CRDT implementation[3]. That can be a distributed system that handles non-conflicting merges. CRDTs allow data to be merged seamlessly without overwriting eachother. The braid protocol is very interesting too. I recommend reading the shelf CRDT algorithm.[4]
I am also interested in distributed systems and programming language design. See my profile for my ideas.
To understand Git's sourcecode I need to understand the theory and the problems of diffing so I am trying to solve the problems before looking up the hard fought answers to algorithmic problems.
I wrote this VR toy spaceship construction thing for an F# game jam. I think it has the potential to turn into something cool if I can ever find time to turn it into something more than a proof of concept.
No, this was Unity. I work with Unity in my day job so easier for me to do quick experiments with it but I would like to check out Godot at some point.
A probably useless tool to replace words in text files.
Looking back it's probably for those not using a good text editor + not knowing regex, but it was fun, and useful to me at the time.
I've been building tooling to mitigate open-source supply chain attacks. Packj [1] analyzes Python/NPM packages for risky code and attributes such as Network/File permissions, expired email domains, etc. Auditing hundreds of direct/transitive dependencies manually is impractical, but Packj can quickly point out "risky" attributes that must be checked. We found a bunch of malicious packages on PyPI using the tool, which have now been taken down; a few are listed here https://packj.dev/malware Would love to get your feedback.
I would like to attest to the wonderful power of REWRITING MONTHS OF CODE IN DAYS!!!
You’ve all been there. You spend months working with a new stack or framework or environment, and the deadline looms. The DEAD LINE. And you know something isn’t quite right.
And it comes to you. By virtue of emergent coder phenomenon, you KNOW you can rewrite your months and months of code, and do it RIGHT, and if you don’t it will be mediocre, and if you fail (it still has to pass testing) it will be your disaster.
DO IT!
It can be done!
You can succeed!
There is a programmer deity out there which blesses drastic, self determined rewrites.
It can all be done in a few days. And it can only be done in a mad dash of determination.
Of course, as the users came, scope grew, and now it supports a lot more than just email alerts when static websites go down - but I was amazed at how quickly you can spin up a business these days (and with supabase/planetscale its probably even faster in 2022).
Around April 2020 I identified a project need for an "inverted search engine" - a system that would accept documents (recipe ingredient lines, like "three large onions") as input, and would match those against a dataset of terms (ingredient names, like "tofu" or "tomato").
That would have been possible with a feature like percolation[1] in Elasticsearch, but I felt that the overhead of maintaining state (percolator queries) by using a network service would be excessive and that building an in-process alternative would be feasible.
The result is hashedixsearch[2], a pure-Python search engine library with support for stemming, synonyms and a few other features[3] to support the use-case.
It builds upon inverted index support provided by the hashedindex[4] library.
I created an inventory management for a state government organization.
The department was paying contracting companies to inventory assets.
At the end of the inventory, the contracting company would deliver the inventory on paper which would be filed in a managers office for a few years.
The inventory database was fairly simple just a few tables when the application was first developed.
Eventually a different manager decided the electronic data entry would be useful.
We added a few forms for data entry using a tablet.
With the data in a database, the person doing the inventory could pull up the inventory from the previous years and check off the equipment that was still at the location.
There was a form for entering new equipment and a form for transferring equipment between locations.
The manager who helped me got an award for reducing the time required for the inventory from months down to a few weeks.
I initially started the project just to maintain my development skills.
The inventory database remained in use for several years with very little maintenance except for writing a few reports and showing a few people how to use the reports.
Instead of a not very useful pile of paper, we had a database that contained the inventory.
When a manager wanted to know how many laptops or desktops needed to be refreshed each year, he could run a report listing the devices with specific attributes like how much memory or which CPU type and use the report to budget for the next years equipment refresh.
This was over ten years ago, and the sites were managed by different IT organizations, so at the time, it was just a simple task to save time for people on a different team.
This is my most recent effort which took a few hours.
K8s debugging thing which I affectionately call kubebkwd to contrast with kubefwd. Covers the main use case of telepresence that I was interested in - i.e. proxying to a local host instance from a local k8s cluster like docker-desktop. Does it without any special localhost network configuration other than what is set up with docker-desktop or other local k8s environments by default and only makes changes in the cluster so hopefully will be more robust to host OS configuration than telepresence, which I've had problems with. But be warned it's quite hacky, barely tested and doesn't clean up after itself, inconsistent style, here be dragons, probable dunning-kruger effect driven development, etc.
A while back over the course of a week I wrote a python script to modulate the extrusion flow on a 3D printer based on FEA data. I would simulate the forces that would be on the part in Inventor Nastran and export it to a text file (side note: Nastran had the strangest plaintext output of a program I've ever seen. It was like a book, with a title page, table of contents, page numbers, etc. It was clearly a relic of years past). Then I would the Nastran and gcode into the script, and it would increase extrusion where the stresses were high while reducing it where the stresses were low.
Even though it was fairly rudimentary and I never formally tested anything, it seemed to work well enough.
I wrote this [0] to scratch an itch in 2005. It was created and launched in a few days. Over the years we fixed some bugs and added some minor features because people asked.
A non standard but simple protocol to manage the company's VoIP products, sometime in the early 2000's I was debugging problems with call initiation using one of the standard protocols (MGCP/MEGACO/H323). In a few days I hacked a quick way to send and receive the bare minimum needed to start and end calls. This caught up and is now a part of the company's offerings.
Odd thing for me to reach out, but I'm kind of turning this idea into a startup, along with some other algorithms/processing. (which is why I deleted it). Saw you have an nlp background, interested in working on a project?
Signed, Burnt out software developer