I did something different: Week 7 Recapitulation

This week I worked in getting a level development aid. And I think I did a nice work.

Basically, it’s a mocha/chai script, that connects to the testing database and uploads the JSON file of the level, and if any modification it’s required, it reuploads it. If you refresh the level.

Peek-2018-02-20-20-39(1).gif

I worked also in the development of a third level using this aid. I think I did a nice level, it’s only missing approval of the rest of my partners before uploading it.

P.D: Sorry for the weird visuals in the GIF.

9667850610_527f08b7e1_o
“Nano Titans” by Pascal (CC0). From https://www.flickr.com/photos/pasukaru76/9667850610/
Anuncios

Something different: TO-DO Week 7

This week I’ll be working with two issues that aren’t quite as similar as the previous work I’ve done.

8060928920_21163820bf_o
“Dare to be Different” by Tamás Éberhardt (CC BY-NC-ND). From https://www.flickr.com/photos/tomtata/8060928920

First (GitHub issue):

I’m going to be working in the design of a third level. I’m so bad when I play the game that I hope I won’t make anything very difficult or very easy, because it’s possible I won’t be able to pass it alright.

Second (GitHub issue):

This is the responsibility this week that I’m excited for. I’m going to develop an enviroment where the level designer can test its level without needing to upload the level to the server, and the removing it and so.

Sprint 2 it’s over: End of week 6

Sorry for uploading this week’s blog one day later. But I’ve been sick and yesterday was the worst of it. PLEASE, DON’T VACCINATE WHILE YOU HAVE THE FLU, EVEN IF THE MEDICS TELL YOU IT WONT AGGRAVATE YOUR CONDITION.


Last week we finalized the second sprint. It was a hevier sprint, for all of us. But progress and effort is getting reflected in the project. we are happy.

223990159_662ad3b5ac_b
“Sprint” by Denis De Mesmaeker (CC BY-NC-ND). From https://www.flickr.com/photos/2ni/223990159

This last week, as I mentioned in the previous week, I mainly worked regarding two new issues. First, to create a database dummy for testing and applying hooks during testing. Second, to develop new tests applying the new features, such as hooks, for the new features (And more extensive tests for previuous done tests).

GitHub Issues:
1.- Hooks and Dummy DB
2.- Testing

Regarding the first issue:

I was reading a tutorial on Mocha/Chai testing (link below) and in a step, the guy talks about creating a different database to stop the pullution and unnecesary requests to the main DB. And that was the first part of this issue. I made a new cluster in Atlas for testing purposes, and implemented new enviroment variables and .ENV files for the connection (Which was in fact, the complicated part).

Then, I started reading in the same tutorial about hooks, and how weel those functions integrate with with database testing. The hooks available are: before(), after(), beforeEach() and afterEach(). The names basically describe everything those function do. The important thing to know is that these functions are written inside the describe() function. before() and after() esecute one time during each describe() and, if it’s an “each” function, it executes before or after each it().

Regarding the second issue:

This issue was quite simpler. Now that I uderstand hooks, I can start making more useful but simpler tests.

To summarize everything up, I made tests for the POST at /getLevel, a POST and GET at /score and the delivery of the static files.

We are almost at the middle of the available weeks! But not really…

Mocha/Chai tutorial: link

Miguel Montoya
Esperanto enthusiast
ʕ•ᴥ•ʔ

More testing – Week 6 TO-DO

As I was saying in my previous blog, I have two new issues for this week. And the main focus of them are to enhance current features, not to implement new ones. I will explain them quickly.

2276152067_664761a49d_b
“Test drive of first production Tesla” by Robert Scoble (CC BY). From https://www.flickr.com/photos/scobleizer/2276152067

The first issue is to create a hook for the testing. This means, to create a dummy DB to stop pollution and requests to the main DB.

The second one is to update the testing script to include the new and future features.

Let’s work, work, work!

Miguel Montoya
Esperanto enthusiast
ʕ•ᴥ•ʔ

I really did stuff – End of week 5

So in my previous blog, I wrote that I didn’t have a lot of stuff to do. But I talked to my partners and discussed some self-assignments for this week (And next).

So, basically, I made 4 new issues, of which I completed 2 and left 2 for next week. We were given notice that we are going fast regarding the project development. So, these new issues don’t implement new stuff (Well, kinda of…), but most of them implement new and more efficient ways of doing what we already did.

13982774079_22fd9ae682_k
“Canada goose” by Yi-Lian (Lucas) Liu (CC BY-NC-ND). From https://www.flickr.com/photos/yiliangliu/13982774079/

The first new issue was to implement Mongoose as interface to connect to mLab. This would provide a more stable connection to the DB and schemes and models for document creation and finding. These new models have steps for verifying the content of the documents too. The only problem with this was that the campus’ network has proxies that wouldn’t let the connection to begin with mLab and Mongoose. This problem cause my second issue.

Move our database from mLab to MongoDB Atlas. This wouldn’t have been as complicated if Atlas provided a free interface to the database’s collections and documents. So instead, some scripts were necessary to create to feed the database and check the data that is already uploaded.

Everything was successful at the end. There were 1 or 2 hard complications (Like identifying the problem with mLab and the network). Now two more issues are pending. You can read about them in the next blog.

Miguel Montoya
Esperanto enthusiast
ʕ•ᴥ•ʔ

I want to become a pro – Security blog #4

So you are a pro, you say…

You think you are good, you say…

But do you have a computer security certification?

No?, you say…

11960608165_55df368e44_o
“Professional” by Dan Taylor (CC BY-NC-ND). From https://www.flickr.com/photos/dantaylorphotography/11960608165

As many more data breaches are happening each year, with more size and quality of attack, cybersecurity skills are on very high demand. But not because there a lot of jobs available, means that the position is going to be given to anyone who tryes and aplyes (Mainly to make sure that the person know about the stuff, but also because there are so many areas of specialization in security). The company will ask you to have one or more certifications.

Let’s talk about some of them. In fact, just 8 of the more of 70 certifications that Wikipedia has mentioned (Only 10 of those have an individual entry).

ISSEP/CISSP

The Information Systems Security Engineering Professional certification was developed by the N.S.A. It cover security methodologies and practices into all information systems aswell as the proper and secure handling of data. This is the must-have certification if you want a career in IT security.
It’s issued by the (ISC)²

LPT

The EC-Council Licensed Penetration Tester certification demonstartes the person’s ability to audit network security and perform penetrations and develop proper corrective actions to the problems and weakness found in the test.
It’s issued by the EC-Council

GPEN

The GIAC Certified Penetration Tester certification it’s similar to the LPT (Above) but it demonstrate too the persons knowledge of legal issues regardiong penetration testing aswell as specific penetrations tests and practices.
It’s issued by the GIAC.

CSFA

The Cybersecurity Forensic Analyst certification provides the necessary knowledge to perform a deep analysis of computer systems and proper interpretation of investigation results in a short time frame.
It’s issued by the GIAC.

ECSP

The EC-Council Certified Secure Programmer issue assures that the programmer knows most f the security vulneravilities due to programming. The certification holder has developed the best practices and techniques against those vulnerabilities. This certifications it’s available for .NET and Java.
It’s issued by the EC-Council.

CSSLP

The Certified Secure Software Lifecycle Professional certification validates the holder’s ability to develop application and software security protocalsin the organization. It ensures that potential  breaches and vulnerabilities are reduced troughout the software development.
It’s issued by the (ISC)²

CEH

Certified Ethical Hacker. You can read more about this certification and ethical hacking in my previous post.
It’s issued by the EC-Council.

There are somo other certifications that I didn’t mention here.

 

Miguel Montoya
Esperanto enthusiast
ʕ•ᴥ•ʔ

404, level 2 not found.

13990410803_36a873c5e6_o
“404_madness” by Oliver Tacke (CC0). From https://www.flickr.com/photos/otacke/13990410803

I guess this post won’t be long. I already did all of my assigned issues (You can check the current and past issues here). I’ll be working alongside my partners in any way they need. And I will star doing some refactoring and code documentation. And I will talk with my parters in the project administration area regarding my working payload.

Miguel Montoya
Esperanto enthusiast
ʕ•ᴥ•ʔ