Programming, Thoughts

Beat the Burnout

Inspiration from Sam Altman

After almost 3 years of nonstop hacking and coding, the toughest part of the job is not burning out. There are many a times when the thing that kept you interested (programming) just doesn't cut it anymore. The spark isn't there. When you don't want to go any further - when you'd rather eat ice cream for the rest of your life..

The burnout is real. Any programmer would be able to tell you this. Every big, massive undertaking has an equally large and massive undertaking for bug squashing, testing, and endless hours of debugging. No one writes perfect code, but in order to survive the gruesome, computer stare-down (maybe breakdown too) - you must know a few tricks:

  1. Coffee coffee coffee - I can't stress this one enough. Nothing gets you going like a cup (or 5) of joe. Nothing.
  2. Working out - Specifically, cardio. Even a twenty minute bike ride will light your brain on fire. Challenging your body is paramount to challenging your mind.
  3. Spoil yourself - Every techie is obsessed with something, whether it be a side-project, more electronics, energy drinks, video games, etc. Find that thing which keeps the hamster wheel spinning.
  4. Downtime - This is the part where you kick back, relax, and enjoy the show, or meal, or company, or music, or your bed.. Whatever it is, make sure you don't touch your computer during this time.
  5. Multitask - This could be unique to certain individuals, but being able to work on multiple projects with varying levels of difficulty, ensures that you are able to constantly stay busy while being productive. For example, in office, I will tackle the hardest challenges while I have all of the motivation, but when I lose focus, I will then revert to cleaning up the lower hanging fruit, such as icon updates.
  6. Operate on your best hours - Not everyone is productive at 5AM, but if you are, you know better to twiddle your thumbs during those times. Do what you got to do.
  7. Work on something you love - This is the best part about coding. You get to build something which has never been built before. Use a new framework with your favorite language or contribute to projects which you strongly believe in. The world is your oyster.

That's it for now. I revamped my website with a few more CSS goodies. I plan on adding a portfolio page soon to give you a snapshot of all the projects I'm working on!


Raspberry Pi 2/3 (B+ Model) as an IPTV (Stalker) Client

Finally, after 2 days of fiddling around with this hardware, including testing with Raspbian (Wheezy), Raspbian (Jessie), and OpenELEC OS, I was able to successfully get Kodi 15.2 via OpenELEC 6.0.3 up and running.

I had absolutely no success with the Stalker PVR Client on Raspbian, so I opted for the unified media experience with OpenELEC. It's great. It automatically detects and installs drivers for my wireless network and keyboard / mouse receivers.

Pre-installation requirements:

  1. Raspberry Pi 2/3 - I bought mine on sale from Amazon for $36.
  2. HDMI capable display - I used my computer monitor and TV for testing.
  3. Internet connection - I used the EdiMax USB Wireless receiver from my starter kit.
  4. 8 GB or larger MicroSD Card - Mine was a Class 10 Kingston from my starter kit.
  5. Micro USB Charger - Mine was included from my starter kit, but I've seen 5-star recommendations of a 2 amp one.

Now that we have all of those in order, we are going to start by flashing the SD drive with the OpenELEC OS:

  1. Let's start by downloading the OpenELEC image from their downloads page. Select the "Diskimage" option.
  2. Unzip the image package you just downloaded.
  3. Write the disk image to your micro SD card. Use the instructions on this page for the platform you are using.
  4. Boom! You have now installed an entire powerful, open-source media center OS on your Raspberry Pi.

After a few splash screens and a short welcome tutorial, you should end up at the home screen, as such:

On a side note... Look how tiny that thing is compared to my 40" TV. Here are a few quick links to navigate the menus.

  • To setup wireless networking, go to System -> OpenELEC -> Connections and select the network and credentials to connect. It should "State: ready" when it is connected. OpenELEC will automatically connect to this network when it starts up.
  • To check for updates, go to [left arrow] -> Check for Updates. This will automatically update your add-ons and your repositories.
  • To install add-ons, go to System -> Settings -> Add-ons -> Install from repository -> [select repository] -> [select application] -> Install.
  • To launch add-ons, go to System -> Settings -> Add-ons -> My add-ons -> [select application] -> Launch.

To install the PVR Stalker Client (v0.8.4):

  1. Follow my install instructions to install the client from OpenELEC repository -> PVR Clients -> Stalker Client.
  2. Enable Stalker Client once you have configured it with your provided settings. (I cannot provide this for you - there are guides online for different services)
  3. Enable TV and Synchronise channel groups with backend(s) from System -> Settings -> TV -> General.
  4. This one is IMPORTANT. I experienced constant screen refreshes up until I did this one. Power off the machine and back on again. I used the power icon from Kodi.

Voila. You are all setup and running. Your TV option will be reloaded once channels are loaded - there will be a banner to indicate they are being loaded. Enjoy your cheap media center.

What are you waiting for? Cut the cable. Please comment or email me if you have any questions!


24 Thoughts

In celebration of 24... 24 thoughts for the memory and internet bank.

  1. Your wisdom and knowledge is effervescent. Instill wisdom without acting like a douche.
  2. Find your hobbies and passions and pursue them with no end.
  3. Being grateful and saying thanks is a universal language that all economic classes appreciate.
  4. Volunteering and helping friends out should be a motive, not a chore - we're all humans and deserve such respect.
  5. Finding time for yourself is as healing as it is peaceful.
  6. Reserve your judgment of character until you know the whole situation.
  7. Your moral compass and character shift so fast that what you believe this week, might not be what you believe next. (See 20 year old me vs. 24 year old me)
  8. Everything in moderation is the best thing you can do for your health.
  9. Surround yourself with people who are different and smarter (in many other fields) to grow infinitely.
  10. Everyone needs help sometimes - someone who is a psychopath criminal needs help, not punishment.
  11. Racism and sexism is very much alive in America today. Just because everything's politically correct now, doesn't mean these issues don't exist.
  12. Only an energy revolution will prevent this world from exhausting our natural resources and creating permanent climate change. We all need to reduce our carbon emissions by more than 80%.
  13. A timely apology with the right mindset can unburn your bridges.
  14. Do something new each day that your future self would appreciate. It doesn't have to be big.
  15. Communication is key (emoji). Assumptions lead you down a dark, quiet path.
  16. Your mental psyche is one of the biggest barriers to success. Find what makes you happy and keeps you motivated.
  17. Depression is the realest thing a human can ever experience. The extreme apathy on life can swallow you whole. If you're suffering, please talk to someone NOW.. Email me even!
  18. The Internet has a cruel, unrelenting soul and can be more harmful than it is helpful. Disconnecting from everything every once in awhile is one of the best things I've ever done.
  19. As life progresses, your free time and energy shrink drastically. Maximize and prioritize what's important in your life because it will move fast and you will have regrets.
  20. Partying is fun, but so is taking a walk and pursuing your interests. Addiction is an insanely fun downhill ride, with little support to bring you back up.
  21. Working too hard can also swallow you whole. Don't give up what you love for your career. There's plenty of other time to make money.
  22. We're all different, yet we're all human. All of us want to be respected, yet not all of us are respecting. Know your peers.
  23. Accept responsibility and move on, don't project your frustrations onto other people. Handle your business and learn from your mistakes.
  24. If everything else in your life fails, appreciate and reflect on the small things - like being able to breath and enjoy life in the 2000's.

<3 tldr: I am BuzzFeed.

Programming, Thoughts

Let's add a backdoor to one of the world's most secure devices

Apple's Letter

We are, yet again, at another pivotal piece of Internet legislature. Recently, a federal judge in Riverside, California ordered Apple to assist the government in unlocking and decrypting the iPhone 5C, used by Syed Rizwan Farook, responsible for the San Bernardino shootings in December.

These shootings were one of the worst acts of domestic terrorism in 2015. My thoughts go out to all of those affected. These attacks are despicable and those responsible for the attacks must be help accountable for their actions. Apple has already complied with all valid subpoenas and search warrants, even going as far to make Apple engineers available for advising the FBI.

The FBI fucked up. They compromised their entry to the sized iPhone 5C by changing the Apple ID and password associated with the phone by someone in the county health department, per the FBI's request.

Given that the iCloud auto-backup solution failed and all other feasible recovery solutions are now inviable, the FBI and the Department of Justice asked a judge to order Apple to re-write the firmware just for their unlocking purposes. This proposed new firmware would allow the FBI to remove the automatic wipe feature, allowing them to brute force the password.

I've been reading a lot of misinformed comments on the Internet and thought I'd give my computer science perspective of the situation:

1. Many Internet souls are arguing that Apple is operating based purely off its business model, and that they are using it's security features to maintain its company and brand marketability.

Let me make it very clear that Apple is NOT operating under its best marketing and business interests (surprisingly). This is about Apple's customers and their basic freedoms. Creating a backdoor is not only unlawful, but it puts the vast majority of law abiding citizens and their personal information at risk.

2. Many uninformed Internet warriors are wondering why Apple just doesn't comply with the FBI, given that it's only one user's iPhone and that that user is one of the San Bernardino shooters.

The issue isn't as black and white as it seems. The situation is not a hardware hack, rather it is a software hack. It is easy to think that the backdoor would only be applied to the single iPhone. However, this backdoor vulnerability could be applied to every iOS device in existence. That's over 1 billion devices.

I hope Apple takes this case all the way up to the Supreme Court. This backdoor, if created, could be abused by Apple's internal employees, hackers, even foreign governments if it ended up in the wrong hands. History has shown us that as soon as something is leaked, it becomes available on The Pirate Bay an hour later.

We cannot sacrifice our basic freedoms in the name of terrorism. As soon as we encourage this type of misbehavior, it gives our government unlimited access to all of our private devices. This is how oppressive regimes operate. Let democracy stand.


What's good, 2016?

2016 goals list since I'm a different person every year, and my interests and goals always change.

  • Write at least 1 blog post every 2 weeks
  • Don't be afraid to ask for what you want
  • Learn one new recipe a week
  • Cocktail recipes galore
  • Mandala tattoo on right forearm
  • Ukelele chords and being confident enough to play for others
  • Brogramming 2.0 - Shakes for breakfast, shakes for lunch, shakes post workout. Shoutout to my mom for getting me a magic bullet.
  • BASS CENTER & TELLURIDE!!!! (Also first time visiting Colorado)
  • Sports Analysis blog posts
  • Data Mining + Data Analysis techniques
  • Align with the last 2 goals, push forward on my FantasyDevil app
  • Giving back to the community and my friends - as well as finding more time to hang out with friends

I've developed a lot in the past 2 years since I wrote my last post, and I really do feel a lot healthier with myself and in my own skin. I am ready to give back to the world. Don't be afraid to hit me up for anything, I'm making it my life's mission to give back.


Cloud Security and a $20000 AWS Charge

Cloud security is a hot topic right now. In the current state of the Software Revolution, pretty much everything in everyday life is moving to the cloud: movies (Netflix & Hulu), business communications (Google Hangouts & Slack), driverless cars (Google & Tesla), storage (DropBox & OneDrive), cloud robotics (Google & Industrial Perception) to name a few of the thousands of cloud-based technologies available today. There are so many smart-* apps and devices coming out that all of our daily computational power is moving to the cloud.

This is awesome. This allows software developers and engineers like me to work from any location as long as I have an internet connection. In fact, my current job (shameless plug for Yappee) allows me to work remotely because all of our technologies are based on the cloud - GitHub, Amazon AWS, and Slack are a developer's best friend.

Under the carpet, all of these applications have critical security features and complex API's which are crucial to the success of these technologies. On the front-end side of things, the users are presented with elegant interfaces with a ton of power at their fingertips. This is the future and it's awesome.

This magical ride with cloud computing is only going to get bigger and faster according to Moore's Law. This 2^* exponential growth is going to allow us to do things we never thought possible with software, but STOP RIGHT THERE...

We are becoming so enveloped within this digital world that we are failing to recognize the consequences that may occur from cloud security.

Two days ago, I was playing around with my GitHub repo and to make room for another private repository, I switched one of my previous Ionic projects to a public, open-source project because what the heck someone might find it useful. That someone wasn't who I expected.

I received an email yesterday morning, with the title Your AWS account is compromised. Wow what's going on here? I read into the email and saw that my GitHub project was listed with my AWS security credentials listed through my elastic beanstalk configuration. I took immediate action to change all my passwords and keys associated with this account as well as deleted my github repo from the cloud. It didn't take long until I received another email regarding a support case I didn't even open myself.

Thank you for taking quick action to delete your exposed access key. The hold on your account has been lifted.

However, prior to you deleting your access key your AWS account has been compromised and currently there's a charge of $13510.95 USD. To prevent further charges as well as for me to submit a concession request, please go through and delete any unauthorized resources.

Holy shit!!!! $13510.95 USD. My account was compromised... as fuck. These GitHub bots have no mercy. Overnight, they were able to acquire my AWS credentials through their scraper and launch up 500 SpotInstances as well as 500 more c3.8xlarge EC2 instances in all regions of the world - all using my billing account. Absolutely nuts.

I contacted Amazon AWS support immediately with my pressing issue. One of their employee's, Ben, let me know about all of "suspicious" activity that my account had undergone. Ben is my hero. He got my attention immediately through a phone call and voicemail, and immediately submitted a concession request on my behalf, assuring me that all of my expenses would be covered by Amazon. Amazon and their customer support receive my highest regards. 10/10.

Screen Shot 2015-10-29 at 3.38.57 PM

This is my billing account by the morning. Within 1 day of my GitHub repo going public, the bot was able to launch off 500 of the largest EC2 instances available on Amazon with spot requests to continually relaunch them if they went down, accruing over $20000 of computing costs. This is insane (also impressive from a hacker standpoint).

Admittedly, I am 100% responsible for leaking my credentials to a public zone, but trust me, if it can happen to me, it can happen to anyone. There are bots these days for everything. Keep your shit safeguarded.

tldr: Cloud Security is important. Keep your passwords safe.


WordPress Automatic Updates

They suck so hard. I had my entire site configured how I wanted it to look like, and of course automatic theme updates are default for this piece of shit platform.

How many hours am I going to waste to achieve the same effect that I've had before?!

What the fuck.

Download Easy Automatic Updates plugin to stop the bleeding.

WordPress is the worst developer platform.

Programming, Thoughts


Something really, really, really needs to be addressed here, and it's the current state of everyone's favorite instant money app: Venmo.

Hell, I use Venmo for rent, splitting checks, and paying for just about anything. It's quick, easy, and all emoji jokes aside, it gets money to your bank in a day's time. That's amazing, considering that PayPal, the software-boom parent of Braintree, takes three days time to transfer money from PayPal to your bank.

Last year in 2014, Venmo processed $2.4 billion of payments. $2.4 billion dollars. It doesn't stop there though, as Venmo has already processed $1.6 billion in transactions in the 2nd quarter alone. At this current rate, Venmo will process anywhere between $5 - $10 billion dollars in 2015.

The money-making scheme behind Venmo is actually quite genius: all of the cash-moneys sitting inside your Venmo account is actually gathering interest for the company. But this is also the whole reason why Venmo is unsafe. When you transfer your Venmo credits to any of your friends on Venmo, that money is only getting moved around on the application layer. That money is not being moved from your account to your friend's. Let me repeat that, even if you receive the notification, the email, and the verbal confirmation that the money was transferred, there's absolutely no guarantee that money will reach your bank account when you cash out.

This article does a tremendous job of explaining the intricacies of Venmo:

if I Venmo you $20 for Chipotle, the “+ $20.00” notification you get isn’t actually reflecting a transfer from me to you. Rather, in most cases, Venmo is floating you the money until it can come out of my account. The actual mechanics of the transaction are much more complicated; the point is that Venmo is just the top layer with which you interact. “The current systems that [the United States has] in place for consumers don’t allow for real-time payments or instant payments, but instead just create this illusion that the funds are good and immediately available,”

It's completely plausible for someone to deposit to Venmo from a fraudulent or maxed out credit card. Those "funds" can then be moved around from account to account until a user decides to cash out on his/her Venmo funds. One day later, the funds from that cash-out transaction will come back with an error: "payment that you requested to be transferred to your bank came back for insufficient funds".

This is how a Venmo scam works. You trade your virtual credits for real-life goods or services, only to realize that you never received your money. The biggest difference between Venmo and PayPal is that PayPal has securities to prevent merchants from scamming you; however, Venmo's user agreement has something completely different:

“Business, commercial, or merchant transactions may not be conducted using personal accounts.”

This means that if you sold your Craigslist item for illicit Venmo funds, Venmo will not refund you the price of the item if the transaction doesn't go through because you violated their terms of service.

Wow. Talk about shady business practices. Venmo wants you to use their application for virtually all transactions, but they conveniently forgot to mention that they won't reimburse your loss.

Be careful out there. Venmo isn't magic.


Expectations vs. Being Grateful

Since it's the holidaze, I just wanted to post something a little more cheery and less work-related for everyone who reads my blog. One of the biggest topics in human psychology is what keeps people going - what keeps them motivated, what makes them want to do work, what makes them want to stay...

Besides the usual work achieved and progress made, we need the carrot at the end of a stick to keep us moving forward. I think one of the biggest motivating factors for both work and personal relationships is being grateful and tempering expectations.

Too many times in my life do I see people pissed the fuck off because they feel underappreciated. A simple thank you goes a long way (as does as simple sorry). Everyone feels like they're working their asses off, and the easiest way to piss them off is to expect more from them.

It's fine if you want to extort your workers and friends for all they're worth - just don't expect them to react the same way when you asked them the first time. Instead, let's be grateful for everything that the other person has accomplished.

Let's say thanks everytime something goes as planned, and say thanks for all the hard work each and everyone of us put in day in and day out. Let's be grateful that the other person cares about the company or another individual. After all, we're only human. We all have expectations and we all have duties, but to let those wash aside and come to expect them - that's being snobby and down right rude.

So let's take some time this holiday to say thanks to your relatives, your friends, your bosses, your coworkers, your girlfriends, your boyfriends.. Everyone deserves it.

Programming, Thoughts

Startup Girlfriend Threesome Balance

And this one comes up a lot.. How do you balance your girlfriend with your 60-70 hr / week job affair?? Short answer - you don't without some sacrifice. Choosing your job before girlfriend creates a rift in communication and questions about priority. Choosing your girlfriend before your job results in unnecessary stress, poor work, and unwarranted work-review meetings with your boss.

What do you do? And how do you achieve this balance when it seems impossible? I'll start by saying that it's not an easy task, but if you want results, you must be attentive and willing to put in the effort with sacrifices.

  1. Communication is key. Don't fret the hours and be confident on what your needs are. Make sure you and your girlfriend are aware of the commitment necessary for both people to be happy.. You get to work while she curls up next to you in bed.
  2. Keep your priorities straight. Don't let the love of your life become an afterthought. Your girlfriend loves and cares about you -- something that your job can't offer. Emotional support is the name of the game. Make sure she knows that you're not purposefully ignoring her for your work.
  3. Reassure her about your free time availability. This is a big one. You must be able to set boundaries on when you're working and when you're playing. There's no in between ground, so make sure you have your entire day's schedule straight. The best is when you both can find free time to work together.
  4. Create a list of goals each day, and achieve them. This one may seem unnecessary, but it's important. These don't have to be work related at all! Even small goals like 'Take girlfriend out to dinner' or 'Spoon her for at least 20 minutes' should be on this list.
  5. Compromise. This is a given in any relationship, but especially important in the startup / girlfriend threesome. Your weekends are limited while hers are empty. Go out and have fun, but let her know that you'll need to be up early the next morning to get your shit done.
  6. Have fun. Don't let the work clog your mind. I am for one, an emotional robot whenever I'm working. It's either coding or girlfriend.. They both deserve your full attention. When you're out having fun, have fun and don't worry about work until you boot up your laptop again. Trust me, there will be plenty of time to do that.

These are the most important things off the top of my head. Any less and I wouldn't be the best working / loving man I could be. Life moves on in mysterious ways, but you can't get what you want or deserve without setting some boundaries with communication. I suck at it, but I'm working towards a more mutually beneficial threesome here.. Coding, love, happiness. That's all.