DEV Community: Tisha

What are Application Attacks?

Tisha — Sun, 20 Jun 2021 02:55:33 +0000

So attacks like social engineering isn't an ultimate goal for the hacker, it's a step towards further attacks. This post will touch on a few of those cool (Might not be the best choice of words when it comes to describing attacks, but that's the best I got) and interesting attacks!

1. Race Conditions

This typically occurs in a software as a result of programming error because two different code sequence is using the same resource concurrently and the program fails to account for this. A common type of attack in this case is TOCTOU (Time of Check Time of Use). Think about it this way, you and your partner used the same bank account to withdraw cash at the same time, when you saw the balance it was $100 but when you tried to withdraw the amount it shows insufficient balance, that's because between the time you checked your balance and withdrew the money, your partner withdraws the balance.

A deadly error that happened because of this was when a Therac-25 radiation therapy machine malfunctioned and caused 3 deaths and at least 3 debilitating injuries. Read more here

Even though these are not examples of an attack, it is a vulnerability that an attacker could use to carry out attacks!

2. Buffer Overflow

It occurs when the data that is input into an application is more than the storage space reserved for that data. If a name field on a website could only accept 25 characters and if someone tries to enter 30 characters and it's not designed to handle this appropriately, it would become unstable by overwriting other areas of memory causing the application to crash.
An attacker can also use this vulnerability to execute arbitrary code at a privileged level. Heartbleed was a famous buffer overflow attack.

3. Code Injection

XSS (Cross Site Scripting):

In this an attacker places a malicious code on the client side of a website, so when a legitimate user visits it they end up executing the code without their knowledge. This could expose confidential data, give an attacker unauthorised access or could even cause a legitimate user to attack a site without them knowing.

DLL Injection:

A DLL (Dynamic Link Library) Windows file is a type of file that contains instructions that other programs can use and share. E.g. Several programs can call upon a ABC.dll file to find the free space on a hard drive.
In this attack a malicious dll file is loaded and instead of the legitimate file a program hooks into the malicious file.

4. Driver Manipulation

Shimming:

It's when in case of incompatible device drivers a piece of code is written to provide backwards compatibility. An attacker can use this to write their own shims. In Jan 2015, Microsoft had a elevation of privilege vulnerbility as a result of this.

5. Replay Attack

In this attack, packets are captured using packet sniffers, information is then extracted from them and then the packet is resend by the attacker. E.g. An attacker can sniff a packet when a legitimate user tries to login get their password and then use that password to log in later.

I think out of all of these, race condition would be mine favourite mainly because of its sheer sophistication! What would your be?

The type of engineering, that could probably land you in jail! Aka Social Engineering.

Tisha — Tue, 08 Jun 2021 00:27:52 +0000

Who is a social engineer?

Well, you do not need a four-year uni course to become this. The only skill you need to be a social engineer is impersonation. A social engineer pretends to be someone they are not to elicit information from their target. (Movie Flashback: Catch Me If You Can)

Some social engineering techniques

Tailgating: As the name suggests, it's following an authorised individual to a building. This works because the attacker makes use of our desire to be polite. I know, you want those good karma points, I do too, but maybe if you don't know the person, this might not be a good place to cash in on those karma points!
Dumpster Diving: Yup, it exactly means what you think it does. It is diving into dumpsters to find valuable information. This works because we are lazy and don't bother shredding documents securely. You might think that's lame who's gonna do that, oh well attackers have struck gold (not literally) looking at a pile of trash.
Should Surfing: As simple as it sounds. It is stealthily looking over someone's shoulder to obtain information. The best way to prevent yourself from this is to be aware of your surroundings and make use of privacy screens!
Phishing: I did a post on this a while back, so check that out here. There are a few other phishing types that you might not come across too often.
- Whaling: It's going for the big fishes aka the whales in an organisation. This is a form of targeted phishing that involves high-profile targets like the executive level.
- Pharming: This is a slightly different and a more sophisticated way of phishing because it doesn't involve a person clicking but rather redirects a legitimate link to a bogus website. This requires DNS cache poisoning by the attacker.
Watering Hole Attack: Taking inspiration from how a lion waits near water holes to prey on deer, this is pretty much the same. The attacker studies the victim and the sites they visit and then looks for opportunities to compromise those sites. E.g. Taking advantage of an XSS vulnerability that may exist in the site but unknown to the security vendors.
Typo Squatting: Also called URL hijacking and relies on user error of mistyping a common URL and getting redirected to a malicious website. E.g. typing www.gooogle.com instead of www.google.com. In this case, Google has registered both domains and redirects the user to the legit website. This becomes more of an issue for smaller businesses that can't keep buying all similar domains.

What are the principles that make social engineering attacks effective?

These are the principles that a social engineer plays on and even though reading about it, they might seem too simple and hard to believe. They work well because they exploit human psychology.

Authority: If someone dresses, carries them, talks like a person of authority, people will end up believing and divulging information they probably shouldn't. E.g. A social engineer acting as an IT security administrator calling you for your password to troubleshoot an issue.
Intimidation: A social engineer would use the power of intimidation and play on our fear of getting in trouble. E.g. Someone from the Tax office calling and saying that you have unpaid taxes and will be arrested if you don't comply with their requirements. (Not gonna lie, I got scared the first time I got this call but I did reach out to the legit tax authority to verify the legitimacy.)
Consensus: This is taking advantage of the herd. We are more likely to believe something if we have other people trusting it. E.g. If an attacker can pretend to show several people complying with their request, it will most likely convince you to do the same.
Scarcity and urgency: The most common use of this has been in marketing, you might have seen ads where you're hurried into buying something because the sale price lasts for a short time or the product is limited. E.g. An attacker pretending to be an IT support admin could convince you to divulge your password urgently and if you didn't do so, you would get locked from your account.
Familiarity: A social engineer would try and create familiarity and liking for themselves by using humor, sharing common interests, and then leverage that relationship later to extract information from you. E.g. A social engineer befriends you at your local cafe, you meet them every day and talk about your life, eventually, you form a liking towards that person and this is what they take advantage of slowly to extract information from you.
Trust: This forms the basis of all these principles, we as people trust people with authority, trust in consensus, and trust the people we like.

Even though it feels so simple, social engineering is the soft side of cybersecurity that is exploiting human psychology. Here are a few examples of famous social engineering attacks.

Most of the time a social engineering attack is a start to a more sophisticated attack. The only way against this is User Awareness and Education and this is what makes combating these so hard!

What is Blockchain, bitcoin?!

Tisha — Sat, 20 Feb 2021 07:42:07 +0000

What's blockchain?

As Wikipedia says it is"an open, decentralized, distributed ledger that can record transactions between two parties efficiently and in a verifiable and permanent way."` (I know you didn't click this link to read Wikipedia article, patience my friend!)
Distributed Ledger: It is a way of recording digital transactions in a way that the transaction is recorded in multiple places at the same time.
Decentralized: This means unlike traditional databases this doesn't have a database and operates in a peer-to-peer network.

Digging Deeper

Once data is put in a block it's impossible to change it. Each block contains some data, the hash of the block, and the hash of the previous block.

1. What data is stored?
The data stored depends on the type of blockchain. E.g. Bitcoin stores information about the sender, receiver, and the amount.

2. What is this hash?
Well, each block is hashed using a hashing algorithm (If you need a brusher, I explained, hashing here). It identifies a block and all of its contents and is always unique, like a fingerprint. The hash is created after the data for the block is generated and if you change the data the hash changes. It also contains the hash of the previous block and this is how we have a block-chain.

So if you try and tamper with the data of a block, its hash changes, and the next block no longer points to the previous block making it all invalid.

Is it really impossible to tamper with the data?
Okaayy fine, even though it is secure. Impossible is a very strong word. Computers are pretty fast these days and can calculate thousands of hash per second. There's a chance you can tamper with the block and recalculate all the following block hashes to make it valid again. So what do we do....?

Proof of Work Mechanism

This is a process that slows down the creation of blocks making it hard for computers to tamper with the block. E.g. In Bitcoin, it requires approximately 10 mins to add a new block to the chain. So if someone wants to tamper with one block they will have to calculate the proof of work for all the following blocks. Thus, both hashing and proof of work make blockchain pretty secure but there's more that adds to the security...!

Peer-to-peer Network

As we saw above blockchain is decentralized so no single entity manages the chain rather a P2P network is used and anyone can join this. When a person (referred as node) joins the network they get the full copy of the blockchain. So when a new block is created everyone gets the new block and each of them would verify it to make sure it's not tampered. Then all the nodes in the network creates a consensus and agree which nodes are valid so if a block is tampered with the other nodes will reject it.

Soo that makes it really hard to tamper because to tamper with a blockchain you need to redo the proof of work for each block, and take control of more than 50% of the peer-to-peer network so that you can get a consensus and agree on the node. Now this is **impossible* to do!*

Now, What's Bitcoin?

So you might have used bitcoin and blockchain interchangeably but they're not the same! Blockchain is a technology and the above explanation is a surface-level overview of the same whereas Bitcoin is one of the first demonstrable use of Blockchain technology! It was invented by an unknown person or group of people under the name Satoshi Nakamoto in 2008.

This is the whitepaper that was created by Satoshi Nakamoto that introduced the world to Bitcoin. It was the first decentralized cryptocurrency but there are a number of cryptocurrencies out there now like Ethereum, Monero, Stellar etc.

How does Bitcoin work?

Sooo, I'm going to try and explain bitcoin and I'll try and make it easy but would encourage you to read the whitepaper if you wanted to dive deeper!
The steps:

Traditional currencies go through centralized payment processors like your bank but Bitcoin transactions are processed by a large distributed network of computers running special software!
So when a transaction occurs the network records the sender and the receiver's bitcoin addresses along with the amount transferred and enters this information on the end of a ledger called Blockchain.
Now each ledger is updated with the new transaction and each transaction is encrypted with public-key cryptography and verified by multiple nodes in the network, (Remember, the consensus we talked about above) making it impossible to counterfeit.
This update process is done by Bitcoin Miners and anyone who wants to do so can do it, they need to guess a random number that would solve an equation generated by the system. But as a miner you don't sit and guess this random number, it's done by the computer, and more powerful the computer, more guesses and better a chance for you to win.
So, the miner who gets it right, gets the chance to write the next bitcoin transaction that gets added to the blockchain. So the block that you have just created gets sent to the whole network for other users to validate it and update their copy of the ledger. This miner is also rewarded for this in bitcoins for this!
This mining is basically a way the proof of work we discussed above works for bitcoins!

Wow, that sounds like free money? Why am I here writing this and you there reading it, instead of mining bitcoins!

Well, Nakamoto crafted the mining rules in a way so that the more mining power a network has the more difficult mining would be i.e. if there are more miners joining then it gets harder to guess the mining math problem, and if miners drop-off it gets easier.
This is done to create a steady flow of new bitcoins and keep a check on inflation. The way it's programmed is on average it takes 10 mins to add a new block!

Conclusion

In a nutshell, that's my attempt to give a high-level explanation of how Blockchain and bitcoin works. Blockchain technology is not limited to cryptocurrency only though, it's used in logistics and food safety as well as healthcare.

That was a bit of a long read, so thank you if you reached till here and I hope you know a bit more about blockchain and bitcoin then what you did before you clicked this link!
Find me on Insta and twitter! :)

How does your phone know where you're?

Tisha — Wed, 27 Jan 2021 11:44:03 +0000

Well, I'm pretty sure you have thrown around the term GPS around casually many times but have you ever wondered how it works?
If you have or you're wondering now then you're at the right place

How it all started?

As you would know, GPS or Global Positioning System is that technology which tells us our geographical location. The concept for the technology started in the late 1960s by the U.S military. It was called NAVSTAR and the first satellite was launched in the orbit in 1978, but it was only in 1995 it became fully operational and was used in cars in the US in 1996. Only in 2000s did it become available to civilians and started being widely adopted.

Wow, that's just around 20 years ago we started adopting this and now we can't even imagine stepping out of the house without GPS, I mean I definitely can't. I struggle with direction even with GPS.

How does it work?

It has three basic parts:

Satellites: As of May 2020, there were 29 satellites that fly, each in its orbit at an altitude of 20,000 km.
Ground Stations: There are 16 stations that make sure, the satellites are functioning properly, they use radars to find out if the satellites are where they're supposed to be.
Receivers: This is your device (phone, watch etc.) that receives the GPS location.

The receiver in your phone is following a signal from the satellites to determine how far it is. When it finds out how far you're from 4 or more GPS satellites it can tell you where you're. For a GPS to tell your exact location, it needs to see 4 or more satellites this is because it uses something called a trilateration mechanism.

Did you know?: GPS doesn't need a phone signal or internet to work, but they make it more efficient. This is how your offline maps work when you're in a place without internet signal.

What is Trilateration?

2-D Trilateration

Imagine, you are on a trip to the US and you decide to experience life without GPS (Bold move) and you find yourself lost somewhere with no idea, you find a local and ask them "where am I?" they say, "You are 625 miles from Boise." That's nice, but that doesn't tell you much, because that means you can be anywhere on the below circle within 625 miles radius.

So now you ask another person, and they say "You're 690 miles from Minneapolis, Minnesota." So now you know that you're in the intersection of the below two circles. That's better you have narrowed down your location.

Now you are lucky and you find another person, who tells that you're 615 miles from Tucson, Arizona. So, you have another circle which intersects the other two circles and you know you're in Denver, Colorado.

3-D Trilateration

Now when it comes to this, we are dealing with spheres instead of circles thus making it a tad bit harder to visualise. This includes our latitude, longitude as well as altitude.
If the radii from the above example go in all direction, you end up with a 3D sphere.
So, if you know you're 20 miles from Satellite A, you're in an imaginary sphere (I did the easy drawing, you'll have to use your imagination here now) with a radius of 20 miles and you know you're 15 miles from Satellite B. So, these two satellites overlap to form a circle. Now add Satellite C and you get a third sphere which intersects this circle at two points.
Now, Earth would act as our fourth sphere because only one of the two points would actually be on the ground so you automatically eliminate the point in the space.
The more satellites you use the better accuracy you get of your location. It at least needs 4 satellites.

How does the calculation work?

GPS satellites send their position and current time to the receiver at certain intervals.
The GPS receiver gets this information in the form of radio signals which it analyzes to get the location of the satellites and the distance between the receiver and the satellites.
To calculate the distance it takes the speed of the wave which travels at the speed of light and the time it takes to travel from the satellite to the receiver. The time needs to be synchronized to nanoseconds for both the receiver and the satellite to maintain the accuracy. (There's a lot that goes behind this to happen because the satellites have atomic clocks which are too expensive for every receiver to have so they use quartz clock that resets itself.Read More Here
Calculating the location isn't as hard because the satellites travel in predictable orbits and the receiver stores an almanac which tells where each satellite should be at a given time.

Whewww....

So yeah, that's it. Hopefully, the next time you are using that GPS on your phone you would want to take a moment and appreciate the maths and science that goes behind making sure you get to your destination!
I know I do, but I still wish Google Maps stop telling me to head north and south...I sometimes feel calculating the distance would be easier than understanding GPS. But that's just me and my absolute lack of direction.
Thanks for reading! If you liked it, go ahead do the usual like, share, subscribe.

Computer network model - A lasagne

Tisha — Fri, 22 Jan 2021 00:53:12 +0000

So, now you have a vague idea of how the internet works (If you don't it's okay, I'll wait till you go find it.), let's dig deeper and see how computer networks are so much like lasagne but more wires than cheese.

What is a computer network model and why do we need it?

For users behind a screen to communicate we need a way to transmit data in a way that is efficient and orderly and for that, we need a systematic approach. This is where a network model comes into play. The main purpose of a model is to divide a big process of transmitting data into small tasks, this way the layers are interconnected and each layer transfers data to its immediate higher and lower layer.

What are the types of computer network models?

OSI (Open Systems Interconnect) Model and TCP/IP Model

The OSI Model was more of a concept and developed before implementation. The OSI model has 7 layers and makes a clear distinction which became a problem when it came to implementation as it didn't correspond well to reality because the internet is fuzzier. The standards for OSI made it complex and harder to implement whereas the simple layering of TCP/IP made it easier to implement.

Digging deeper into TCP/IP Model

1. Link/Network Interface Layer

This is the lowest layer and operates within the scope of the local network connection where the host is attached. It combines the work for the physical layer which is responsible for the electrical, mechanical aspects of the transmission media and the data link layer which ensures data synchronisation, error detection etc. Ethernet and WiFi are examples for this.

2. Network/Internet Layer

This is the layer that is responsible for establishing a connection to send or receive data packets between multiple devices. The packets contain data along with a 'to' and 'from' address. This layer hands the packet to the link-layer below to send it over one link and on the top is the router that accepts the packet and then transports it to the next router as per the destination address. This layer uses the IP address to perform routing.

3. Transport Layer

This provides end to end data transfer by making sure that data sent by an application at one end of the internet is delivered in the right order at the other end of the internet. The two main protocols in this layer are:

Transmission Control Protocol (TCP) - It is connection-oriented and provides reliable and error-free communication, this is done by providing acknowledgement feature which makes sure that an error-free message is transported through by allowing re-transmission in case of missing packets.

User Datagram Protocol (UDP) - It is connectionless and isn't as reliable as TCP. You might wonder, why use it then? Well because for things like video-calls we require speed more than reliability and UDP provides cost-efficient and faster communication

4. Application Layer

This is the layer which is responsible for covering user-interface specifications. This is the layer that interacts with the end-user interacts with via the various software applications they use. Some protocols in this layer include HTTP (Hypertext transfer protocol) which is used to interact with the world wide web (aka the websites you visit) and SMTP (Simple Mail Transfer Protocol) which is used for email services.

One Hugeeee Lasagne

So as you can see communication on the internet is kinda somewhat like a messy lasagne with quite a few layers in between and well this is just an overview of how it looks and to show you how complicated that seemingly simple google search could be (But it is still a better option than texting people on insta, 'how can you learn to code?')

Anyway, thanks for reading! Go enjoy a lasagne now while you appreciate the messiness of an internet model!

How does the internet work?

Tisha — Tue, 12 Jan 2021 22:22:02 +0000

We have been using the internet for a while now, around the late 1960s but do we know how it works? I mean yeah sure, we don't need to know how it works to use it and we can't care much about how it works as long as we get our daily doses of memes, but this post is for you if you did want to take a break from browsing those memes and find out how the internet works? in a simple way!

So What happens when you access a website using your device?

The software on your computer creates a message using different software languages like HTTP, TCP/IP, etc.) which requests the web page you clicked. These are called protocols. The message is then broken into packets which are routed through the internet hopping from one router to another.

Protocols - They are rules on how information passes through the internet. Two of the most important protocols are TCP i.e. Transmission control protocol and IP i.e. Internet Protocol.
Packets - Data that is sent across the internet is called a message but the whole message is not sent in one go. It is broken into fragments called packets. All these packets are sent independently and a packet size could range from 1000 - 3000 characters. The IP is responsible for deciding how the message is packaged.
Router - The internet is made up of a network of specialized computers called routers. They are responsible to move packets from the source to the destination. The movement of packets from one router to another is called a hop.

Traceroute command in the picture below shows the number of hops it has taken to access Google from my laptop

So, you might be wondering do packets always arrive in order?

Uhmm nope, they don't. But yet, you never received a message and found yourself unjumbling sentences, so how does that happen? Glad you asked...it happens because even though a later packet may arrive before but the header of a packet contains information about the packet's order in relation to the entire message. The TCP uses this information in the header to rearrange the packets in order.

So, you might wonder what happens if the packet is lost?

Well, the TCP also handles this through retransmission of the lost packet. This is done by having the destination computer send an acknowledgment to the source computer and if the source computer fails to receive an acknowledgment of a particular packet it re-transmits the packet.

So...

now you have a general idea of how the internet works. Take a moment and appreciate the complexity that underlies behind something as simple as a google search.
In the next post, I will try to better explain the layers that are present in the internet model that would help you understand how the independent networks connect to provide the Internet.

If you read till here, Thank you. Much appreciated!

How I set up my portfolio website using Material Kit React in a few hours?

Tisha — Thu, 23 Jul 2020 04:05:54 +0000

What and Why's it?

It's basically my resume rendered on a website link. The idea is to share my resume with ease and also provide links to easily navigate to projects.
On the tech side of things, the motive was to see how can I use the widely available React UI frameworks out there to build an aesthetically pleasing FrontEnd.
Check it out live here
GitHub Repo

My Process - Building and Deploying a Portfolio Page

Finding React UI Components
Accepting the fact that I'm not good when it comes to designing and hence wanted to not waste a lot of time figuring out HTML and CSS but rather find a template I could work with.
So, I did the most obvious thing i.e. Google and found a blog on 20+ best React UI Components and decided to go with Material Kit React
Setting it up locally
I chose the Free download option on the website and followed the steps on the Docs to set up the project locally. It looks exactly like the live preview version.
Choosing my view
From there, it was basically figuring out what I need on my website and pick the components that I needed. I chose the profile page look because it was quite to the point and it met my needs for a portfolio website.
Routing changes and deleting folders
From there, the plan was to get rid of all the extra stuff that I didn't need. But before you just start deleting folders, you also need to make sure that they're not being used So the best way is to modify the routing and start with deleting from the views folder.
I changed the routing of the file in my Index.js file to only refer to the folder I'll be using as below.
Updating Header
Being a newbie in learning React, structuring components in react is what I find the most interesting and confusing, so figuring out where to edit the header was a bit of to and fro between files. In times like this, I have so much appreciation for the power of F12 on Visual Studio Code
Going through ProfilePage.js (below screenshot) figured half of the header was being rendered using one component and the other half was being rendered by another, so had to navigate to change the content.
Using Material UI components
This Material UI React component has been built using Material UI and I had a whole range of styles available to use from there as well. I went through the documentation and picked up the components I wanted and imported them in my file(below screenshot).
Updating Content
The last and easiest part was adding in the content and except the header and footer which were in their respective component files, most of the content was updated in ProfilePage.js file.
Deploying to GitHub pages
The next step was deploying to GitHub pages, which is just a few button clicks away when it comes to a normal HTML, CSS, JS files. However, I realized that wasn't the case with a react app.
Going back to good old friend google again. I found an article on Deploying React App to GitHub pages and followed the steps there.
Every time I make changes now, it doesn't automatically update if I push to my code repo like for GitHub pages, rather I need to re-deploy every time there's an update.

Conclusion
So to conclude, setting up a static portfolio page and deploying was easy after I figured out that there was react frameworks that I could use and understanding how to use them by referring to the documentation and then, of course, relying on Google whenever there was a road bump.

Feel free to reach out, if you have further questions or any comments on this post, haven't written a blog in ages so would appreciate any feedback you have.

Are you prepared for an unconventional career path?

Tisha — Tue, 03 Dec 2019 23:07:33 +0000

As a part of my part-time role as a notetaker, I get to attend classes which I would never have in my line of studies and learn things which I would never come across and that's definitely one of the many things I like about my work. For one of such classes on leadership, I got to see a TEDx talk on Agile Leadership: Preparing for an unconventional career path by Emily Phillips. She talks about how we can prepare ourselves for an unconventional career path by being an agile leader by preparing for the unpredictable as more often than not especially in recent times (which definitely can be blamed on the tech disruption), what we have planned doesn't work out in the way we would have liked.

The talk is not just about being a leader in a professional setting but how in our lives we can reach for the things we are scared of which doesn't fit into what we might have planned for ourselves.

So, how do we become an agile leader, Emily Phillips lists three steps that she found were important to be an Agile Leader:

1.Have an Iterative process.

A process where you identify a problem and then find a solution for it but not just stop there, after it's done you reflect and repeat it.

2. Build a tribe of resources:

This is a group of people you have crossed paths within your life whom you can reach out to, not just for yourself but also to be there for them and help them grow.

3. Get uncomfortable daily:

This is the one you might have come across often and definitely the one I relate to the most. Everything I have done that has made me proud of my achievements was way outside what I would have been comfortable doing.

I absolutely loved the talk especially because my career path has been anything but conventional and I have been scared to make decision be it moving into technology, choosing units that I knew would be far from easy or going to interviews with sweaty palms, so listening to someone share their experience gives me the confidence to keep getting out of the zone and do things that scare me, learn from my experiences whilst making connections along the way and I'm definitely far from the goal but I sure have started enjoying the process a whole lot more.

I highly recommend listening to this talk if you relate to this post and learn more about how she used these steps in her life to craft an unconventional career path.

If you came this far, pop in the comment section and let me know if you think you could apply these steps in your career.

TEDx Emily Phillips

Why should you attend tech conferences?

Tisha — Mon, 12 Aug 2019 00:41:55 +0000

Why should you attend tech conferences especially if you're starting out in the tech sphere?
In a sentence, because they are fun and gets you high on sugar and you get to learn more in few hours than you ever could have and you get to meet some of the amazing people in the industry probably doing what you are aiming to do.

If you need more convincing continue reading about my experience at #DDDMelb2019.

Started the day with a wonderful talk by Josh Richards on his one way mission to Mars. The people selected for the mission had a range of very diverse background with variety of experiences. Really liked his message about how being diverse and having a variety of experiences makes one more adaptable, which means they would be helping people wherever they're.

The women who code Melbourne #applaudher panel discussion was again and uplifting talk which touched upon the topic of Impostor Syndrome and how it engulfs the best of us, and a pretty efficient way to deal with it is by giving yourself a pep talk like you would give your friend when they were going to do something they weren't comfortable about and ask what you want, you don't get what you don't ask for.

Also attended workshop on modern authentication, got to see a demo of how facial recognition works, learnt about how to share content on IoT devices using content as a service model, addressed one of the most important topic of an Ethical AI and how we can use fast.AI for our own ML models.

Ended the day with an inspiring talk about Aaron Powell on his journey from being afraid to be on stage and struggling to read to now have spoken on all DDD across Australia multiple times, it all started with a thought of let me give it a shot, how hard could it be.

And if you need more convincing which you really shouldn't, the after party was pretty amazing! :)

How to get started as a newbie in technology?

Tisha — Thu, 14 Mar 2019 20:54:03 +0000

Firstly, who am I?

I am a first-year Master of Information Technology student from a slightly different career path. After getting a bachelor’s in Economics and working for over a year, I decided I want to change my career path and pursue a degree in IT. I have always been inclined towards IT but somehow ended up choosing a different path for my undergrad, but even then, I always found myself coming back to it and that’s why last year I finally decided to stop being a Boomerang and pursue a Masters in the same.
Being a beginner myself, I understand making a career change is not an easy feat, so I wanted to share some tips that make sense to me and I feel which might help you make your career transition a little smoother.

1. Get inspired

I feel we can be a bit better at everything we do, it if we have the right dose of inspiration. That doesn’t mean reading inspirational quotes all day long is somehow going to make you a kickass programmer. What I meant by it is, it will prepare you with the right mindset to start with.

If we have people like us to look up to, it is easier for us to relate and see ourselves in that position. Especially if you are a newbie women entering in technology, you might sometime question your skills in relation to your gender mainly because of the low percentage of female figures you can look up to when you consider the field of technology. Don’t let this deter you!

Dig deeper and you’ll find women played a key role in the early stages when programming was just emerging as a field. In fact, the first computer programmer Ada Lovelace was a woman. So why would you even for a minute believe you’re not cut for it?

2. Accept the Steep Learning Curve

Coding is not easy. It is often frustrating and doubting yourself and your ability is given. You need to understand you are learning a language to speak to machines, they can’t read your facial expressions and guess what you’re trying to say, if you can’t form coherent sentences that they understand. It is going to do exactly what you ask it to, this might seem like an obvious statement, but you’ll be surprised to see how many times you mess things up because you’re not thinking how the machine will understand what you are saying. I feel the moment you start realizing and start thinking this way is the moment you start falling in love with programming.

So, the earlier you accept that you won’t be writing magical codes overnight and that as learning any language it takes time and practice to be good at it, the better the journey gets.

3. Be part of the community

I have lost count of the number of times I have started to learn to code and quit mid-way mainly because I was doing it alone and didn’t have a support system. So, if you’re not enrolled in a degree and you don’t have a community of people who are in the same journey as you, it will be very easy to give up when the going gets tough.

In these cases, attending tech events locally, having a presence online, will give you more confidence and hold you accountable and anyway, learning is more fun when you have people to do it with.

Check out the #womenintech #100daysofcode #codenewbie #womenwhocode on Twitter and Instagram and you’ll find so many inspiring people on this journey with you. Also, signup on Meetup app and I’m sure wherever you’re you’ll find tech events around you that you like, if not why not go ahead and start one?!

4. Follow a curriculum

Technology is quite a broad field with new shiny stuff popping out every day, that will probably entice you and end up convincing you to pause what you started with and try a different and probably ‘better’ thing that’s ‘in’ the market. Even though it is hard to resist temptation, it most definitely is a wise choice to make especially when you’re just starting.

Not just the new technologies even when picking up your first language, it is so easy to sink into the vicious cycle of googling and researching the best/beginner-friendly language to start with, I think I have read a post about almost every language justifying how it is the easiest and best language to start with.

So, in this case probably the best way is to first figure out, what is it you want to work with websites, apps etc., and learn the technology that is best suitable for that. E.g. FreeCodeCamp is a good option to start with if full stack development is your end goal. In the end, the first language you learn, whatever it is will be the hardest. It is better to stick to it and learn it efficiently rather than try and be a jack of all trades.

5. Accept your achievements

If you have lingered around contemplating a career in technology for a while, you might have come across the term 'Impostor Syndrome’. Wikipedia defines it as ‘a psychological pattern in which an individual doubts their accomplishments and has a persistent internalized fear of being exposed as a "fraud"’. This is a very common feeling, especially when starting out.

Every time, I solve an algorithm challenge or code a functionality that works, I have this feeling that it just happened this time, somehow by fluke and I’ll probably not be able to do it again.

It is so important in that case to reason with yourself and just accept your achievements, trust your abilities and the fact that you know how to do it. This is something you will need to work with quite often, and I am not sure if it goes away, I haven’t really met someone who doesn’t face impostor syndrome now and then, but you’ll get better in dealing with it. (I feel with this point, I’m trying to convince myself more than anyone here)

6. Keep going

In the end, like with everything the key is persistence. There are so many people out there who have succeeded in this journey just because they were consistent with their effort.

At the point I am today, the end seems so far in terms of the level of coding skills I wish to attain but again it is much closer than where I was a year back.
So,trust in yourself and keep going! 😊