This Week I read up on the section called Deep End. This section talks about taking risks and not always taking the safe and easy route. With life it isn’t all about doing the bare minimum and playing it safe. Trying to cruise by in life by doing only what is needed of you. Also doing what you are comfortable with. This section has a story of a person who decided to take that leap of faith by accepting a new job that took him out of his comfort zone. He met with the CTO and CEO of the company he worked at and they wanted him to go to Lagos to work with a contract there and Lagos was rated the 3rd most dangerous city in the world and this would scare away a lot of people however he decided to go. When he started working there it was supposed to be a 3 month job however he stayed for nearly 2 years helping the client. He doesn’t regret taking that trip and because of the trip he has been all-over the west African country and now he is working in London. Because of the risk he took it opened his world by being able to experience different opportunity and meeting new people and go to new places. We can learn a lot from this because in life working on projects for companies we will not be doing things that we like all the time. There are going to be times that we would have to work on projects that take us out of our comfort zone and ask us to learn a new library or a new language and we would have to throw out everything we know and accept the fact that things change. Sooner or later we are going to have to make those hard decisions. But sometimes those hard decisions are just a test of our will to be able to move past those barriers that we have set in front of ourselves and to overcome the obstacles to become better and open new opportunity for ourselves. I think I will take this lesson with me in the future because there are going to be times that I am comfortable working at where I am at but when a new opportunity comes up where it asks me to move ½ way around the world and to work a new team. I will look back on this section and maybe take that opportunity and hopefully it would let me experience something new.
This week’s Sprint retrospective we had some issues. So, there were still the issue of ng2-amrs not working for many of the people in group. However, thanks to Jason Knowles he figured out how to fix the issue of cryptojs not working on the Ampath’s website. So, we were able to try and write something for Ampath to be able to use or try to use. Our goal in the beginning of the sprint was to write all the methods for Ampath so that way they can have something they can use for the summer or give to summer interns or people who would be working on it later on. We decided to split up the work into different parts so that way we would be able to get more methods done for them. We decided to write methods depending on what the client told us in their stories. We then decided to make the method for hashing passwords, encrypting records, generating private keys, generating local salt, clear local salt, delete keys, and writing decrypt records. I started to work on deleting private key method however i wanted to work with Oren since he was generating the private key so this was one of the issues we ran into that because since we were working on a project that we just kind of picked up and we don’t know much about it there wasn’t a lot to work on for the project so when I talked to Oren to see if he could help me with the delete private key method but Oren was actually going to work on that as well. So instead we decided to work on that part together.
So, I started to do a little research about the cryptojs and how to make private keys we decide to write a private key using PBKDF2. PBKDF2 is a password strength algorithm that makes it difficult for computers to check that anyone password is correct Master passwords during a Brute Force attack so the way that PBKDF2 works is that it requires many computations to get from the master password to Turkey anyone that’s trying to brute-force try to automatically guess a master password has to perform the same calculations PBKDF2 with PBKDF2 it prevents password-cracking flows from making optimal use of the graphics card which reduce gas rates from hundreds of thousands of gas per seconds less than a few ten thousand guesses per second.
Finally looking back through throughout this project I’ve learned a lot about encryption services. Maybe not enough to be able to write my own encryption from scratch. But this experience was helpful for me and it will help me throughout my career. Between the two classes I was taking this semester and learning about Sprints and planning’s how to work with a group and team. It was different than all the other years that I have been in school. I didn’t learn a new language or more coding skills but I l was able to get a real-world experience. how time-consuming it was to even talk to the manager, how that we were a class who that was working on the same project but we are split into four groups and none of us really talk to each other about trying to put our code together and make it work with one another. Though maybe it was because no one was really experienced in this type situation or maybe the time constraint of working on this project and also having other class work and other personal stuff to do that’s it was a 10-week project if he really boils down to how much work was done it might have been a lot shorter so that’s why we weren’t able to finish I’m what we were assigned and trying to bring it together. so, the for the final Sprint we’re going to try to just finish up what we started and then start working on our presentation.
This week I read the section called Expose Your Ignorance. This sections is something i can relate to very well. I am a senior in college and by that time many people would think that you would be able to program thing by yourself. You should know about at least 2-3 languages by now and have the knowledge to work in the real world however just like the section “White Belt” there are always going to be people better than you and you don’t know everything yet. It is still a learning experience and for me in the class that we are taking now the section we are doing for the project. Which is encryption services is still something I don’t know much about at all. Just saying that you know nothing about something would be better then you hiding and saying nothing. That is what a team is about. To help and encourage each other to do what you can do and that way you can help them when they need help. During hackatons that i go to when meeting new people if we wanna work on a project we all have to introduce ourselves to each other. We also have to tell people what we can and can’t do because if we depend on someone to the most important part of the project and they don’t have the knowledge to do it in the end we would not have a project to present. Also just because you don’t have the knowledge to work on the project you should not just sit around and do nothing. Take this time to learn a new language, download the library’s needed to work on the project, watch videos, and work with a project partner to see if there is anything you can do. Just like the section says people are more inclined to make themselves look competent then just to tell others that you don’t know what you are doing because there are people looking up to you for advice or employers looking to you for the knowledge. That is why this section teaches you that you that lying about knowledge inst worth it and to accept your faults and work on them another day.
This week’s Sprint retrospective we had many issues. Most of the group could not open ng2-amrs program. So, for some of the sprint we were trying to get it working. When we first saw the projects, we are all able to download and able to run ng2-amrs program without any issues. However, for some reason four out of the five people’s program were not working. We sent messages to Ampath to see if it was something that they would be able to help us fix. However they were no help. We were also asking other students in the class of they were having similar issues but no one else was having the same issues. Most of us tried uninstalling and reinstalling the program and it did work for a few. While we were trying to work on fixing the ng2 we were also thinking of ideas of how to get this encryption service into the website. First we were thinking that they wanted only an encryption for the password. But from talking to Jonathan this encryption service was meant to encrypt everything from data coming in, going out, passwords, and files. We were looking up research about other encryption services that might have done this before but most of the encryption service are not done offline. This is because we would not be able to save the hash password and the salt on the tablet because if we did they would be saved on the tablet they are using. That is not really safe a encryption especially because it is patient data. At this point we are confused with what we must do. Unlike other projects that give us specifications and an end goal of what they want. The ampath project is different for us because you cannot just message them and expect a response right away because they live on the other side of the world and most of the times when we are brainstorming ideas on what we want to do. We don’t know exactly what they want and when we do ask they gave us a “yeah that seems fine.” kind of answer. Most of times we just want exactly what they want. For me this project has been difference because for other classes and other products that I have been working on such as personal project and project for classes I would be told what the final expectation for this project would be. Since this project for Ampath is such a huge project and many of us are just learning new stuff just for this project. We don’t know much of what they want or what to do. Once we understand that they wanted a websites that would be able to hold all the patient data offline so that they would be able to meet patients where they would have no cellular service. But part of the problem with that is when doing encryption services from the standpoint of view of programmers we want this to be perfect so that way and path would not have any troubles but I’ll find encryption to us feasible or possible we hope that the next Prince able to get a lot more work done we would try and get something so that they can work off of this or maybe the next project for the next class would be able to take the coat that we have now and work off of that
This week I read the book Apprenticeship Patters guidance for the Aspiring Software Craftsman. There was this one section that caught my attention and it was the Concrete Skills. This was very interesting to me because it’s quote was “Having knowledge is not the same as having the skill and practical ability to apply that knowledge to create software applications. this is where craftsmanship comes in.” Growing up we are taught that you need all the knowledge you can to even be able to be considered for a job. Many people tell us that you need even a masters to be considered for a job these days anymore. However there was a professor I meet back when I first started programming he told me he used to be the hiring manager for IBM and he meet hundred of different candidates that tried and applied for the job. The things he learned about hiring people is that not everyone is the same. Yes there will be people who have the knowledge of programming and would pass all these tests and get everything right. However, once it came to actual coding and work ethics they were very questionable. There are people who got out of college that have a different perspective. They say that everything you learn in school isn’t going to be helpful in the real world. Most of the time you learn all your skills once you get a job where they teach you what skills you need. It is really all about if the job would take the risk and hire you. There are many stories that there are people who have basic knowledge of programming are hired because they have experience in other fields that can be used to help out the team in different ways because you don’t just want a team of programmers that know one language but a team that can cover each others weaknesses. That’s why I think that this sections is very good because it gives a real perspective of what companies should look for in a person not what they can do now but how will hiring them affect us in the future and the capability of these people in the future.
This week’s Sprint retrospective we decided to look up different types of encryption services. Everyone had an encryption service that they were to look up and then write a shorts program see how it works. We decided out of all the encryption service out there we wanted to look at crypto-JS, Forge, web crypto, pouchdb, and bcryptjs. The one I researched was forged encryption service. It did do what we wanted however we decided not to use it because it has not been updated in over a year. There were also the security issues of ddos and there was an issue in the package where it was vulnerable to timing attacks due to unsage HMAC comparison. So since we are working with sensitive data and did not want it to be leaked. Forge was out of the picture. Pouchdb was another one that we ruled out because this encryption service was made by someone that did it during their free time so it wasn’t updated regularly. The encryption service that we did decide to use was cryptojs because it was the simplest encryption service that we could have used and is not too old and the last update was not that long ago.
Finally, we decide what kind of encryption service we wanted to use. We started to talk about how we encrypt the data that is given to us. Oran gave an idea that we would encrypt the data as it comes our way so it would act like a blanket. Whenever some data such as a string, array, and any other sensitive information would come through the encryption service. It would take that data and encrypt it. However, Oren had a colleague that was familiar with encryption services and he told him that data like that should be encrypted already. So that brought up a good point we want to ask Ampath if they have the data already encrypted or is this encryption service itself supposed to encrypt the data that they have. for now, moving forward we decided that we’re going to act like they need the data to be encrypted. We also need to start working with the other teams to know what data that is going to be given us to us and if cryptojs would be able to work with what they are planning.
For the next week I will be studying up more on cryptojs and then trying to help the team write a basic program that can take inputs and give outputs of strings, letters, and words. I learned a lot about encryption during the week that we were encryption service in the beginning I did not know how the encryption service works such as what was salt and encrypt a string how would it remember what encryption that use to the string. If you were to send it to another device to be encrypted with that device need that same type of program to unencrypted password. These were questions that I had when I first started this project however as I continue to research the more and more I learned about how encryption works. So, it made it easier to understand what my teammates were talking about and I would be able to help them with their stuff and they can help me with mine.
This section of the chapter is very relatable because when I first got into computer science most of my friends and family were not very impresses or helpful with my interest in it because most of them were in business or the medical field. so just as it says in the section i had to nourish my curiosity of computer science by reading up on things myself and I was just getting the bare minimum of CS. Luckily I had one cousin who was already in computer science and he told me about these competitions called Hackathons that were programming competitions that people did for computer science that you can win prizes and learn about programming and making connections. At first I turned him down many times because in my head I thought that those Hackathons were for people who has experience programming and at least has one or two years of knowledge under their belt. However, I was very wrong when I finally went I meet many people who never programmed in their lives. This was the start of my fascination of computer science. When I first started all I did was give out ideas and suggestions of what the product, website, or program should do. I talked to many different companies such as google, dell, hp, twillio, and ect. They all told me about their own path in their computer science careers. From there I started to want to learn more and more programming and wanted to write my own stuff just for fun and learn how things work.
To me this chapter has a deeper meaning such that we all do need to unleash our enthusiasm. This doesn’t just mean computer science it can mean anything and everything. Once we find a group of people that share common interest and ideas as what we want to do. This will stoke the fire within us to want to learn more, do more, and get out there. Once we get that push we can encourage each other to do what we love and besides just flying under the radar we can be out there learning, helping, and teaching others about our own passion.
This week I read the section called “The White Belt.” The quote goes like” As a rule, each step should have a feeling of entrance. This is the beginner’s mid- the state of becoming. “I like the title of this section The White Belt. I like it because I do Tae Kwon Do and when you first start off you are a white belt. That is where everyone else starts and no matter who you are we all start off as white belts. As you take classes you learn not just from the master (which is a black belt the highest of the belts) but you also learn from everyone else as well. Taking Tae Kwon Do classes we all learn from each other no matter what belt you are. This section of the book takes everything you know and tells you that you don’t know anything. Which is true because when you are learning you don’t know everything. There are times when you are working on a code and it becomes a 30 line code and you think you did it the best way however there are some people who can take that 30 lines of code and just make it into 10 lines and some can even do it with 1 line of code. Just like the example in the book that shows the different solutions of how to write the code that generates random numbers for the United Kingdom’s National Lottery. This also goes for the blackbelts because even though you may know a lot you do not know everything. Technology changes rapidly and then there are different concepts and people that are just better at doing certain things that you. So you should not stop the search for knowledge and we should continue to try learning from each other just like how a white belt learns from each other, their pears, and their masters. Everyone has their different skills and different strengths and weakness so that means when you work as a team they can help cover your weakness and improve your strength
This week’s sprint retrospective we finally figured out what we are doing. We started to talk about what we wanted to do for the project. Looking at the Trello board there were quite a few options. However, since Eric had some experience with encryption services we decided to work on the encryption for the website.
We were reading the google doc to see what they wanted us to do for this project. We noticed that they wanted to be able go to download a certain patient information before they were to go out onto the field because whenever they were to work on the field the internet would cut off and it would impact their work dramatically. So, we know that since they are taking sensitive information with them outside they have the risk of it getting stolen. With this information, we wanted to have an encryption that is not just some username password but also a keygen so that way it would last a few weeks or however long the doctor would want the information on the tablet to be accessible on the tablet but after that it would get locked out where you would not be able to access the information at all.
Our next objective was to look up what kind of library’s we could use to make this encryption such as crypto-js, forge, bcryptjs, and webcrypto. Oren sent a message on the slack to Jonathan asking what kind of encryption that they have already used or would like us to use and they are fine with us choosing.
We then set up on our Trello board what each one has to research and write a sample project with the assigned library. As I researched the encryption library Forge. There were many things that I had no idea what they were talking about or what it did so because of this I had to watch a few YouTube videos of what encryption really is. I had a feeling that encryption is just like a folder that you put a password on and then that way no one can access it but it’s different than that. The process of covering information of data into a code. So that way it can change words into random words and letters that would just be gibberish. This is going to be a lot of fun learning about encryption since many things out now a day should deal with personal information security and to be able to learn more about it is going to be useful for me in the future.
Moving forward we just want to be able to work on our communication with each other and how we would be able to share the information that we have with not just each other but also with the rest of the class. Throughout the week all I have done was read though the code and to see what it does. Reading though the code it looks like they have some kind of implication for security however it looks very basic.
For this sprint retrospective there isn’t much to talk about because we were just going over the basics of how we are going to work together and setting up the server for our team to work on. During the sprint meeting we talked about the little things that we would like to set up so that way our experience of the class will be much easier. Such as how we can change how our trello board works. The way that we decided to do the trello board is that we wanted to have a column of things that we should do. Which was the sprint back log. Things we are working on which is the sprint planning. Then for the end of each sprint we would sit down review what we did what we finished and then decided if the part that we finished would go on to the finished section or would stay on the needs to be completed section.
Next, we talked about how we are going to push code to each other. This was something that was going to be a little difficult for us because most of the time we just push the code to our own git and we don’t have to worry about messing with anyone else code. We decided that any code that we write that would be combined we would push it in class together that way if we have any issues we can talk to each other then and there. Since we do not know how git hub would implement the changes and if we would want each other to change something that we wanted to write but someone else wrote something else then that way it would cause less confusion within the group.
Finally, we went onto the google doc at the end of the meeting and just talked a reviewed the stories for ng-amrs. Just trying to keep ourselves ahead of the curve and started talking about how we can do this project. Sitting down and reading many of the stories they all talked about how they were going to a village and most of the time they would have no internet at some times. So it was harder for them to pull up information about their patient. So the main point of the project was to have an offline application that they can access between online and offline seamlessly. However they don’t want to have every single patient but to have certain patents in the tablet so that way they don’t have to worry about storage space.
Throughout the week I just worked on the assignment leading up to setting up the server and getting to know my team more. Some of the things that did help me out throughout the sprints are the slack board and my teammates. For now I don’t see any issues working with my team they are all great people and we are testing the waters of how we should be coordinating how we work and what we should do.