Tuesday, August 21, 2018

This was 2018!

Well, an intense 2018 : traveling and climbing with old and new friends, making steady progress in climbing level, learning new techniques, practising and refining them, both in climbing and professionally :
  • Config management Camp in Ghent
  • Climbing in Gorges du Tarn en Gorges de la Jonte with Vertical Thinking, including two multipitches (Le jardin enchanté, and diagonal du Gogol)
  • Climbing in Fontainebleau with Alex and Tom, doing lots of yellow, orange and blue routes in L'éléphant, Apremont and Roche aux sabots.
  • Climbing trip to Ettringen, practicing some trad techniques, first time climbing Basalt
  • Climbing trip with Vertical Thinking to Guillestre (Haut Val Durance), doing 2 nice multipitches (4-5 pitches including a 6a)
  • Climbing day with Koen and Wouter in Moha
  • Visiting Romania (Moldova and Transilvania region) with Eduard and Ecatarina : Lady's rock, Vatra Dornei, Dochia Caban and Toaca Peak, Transfagarasan, Sighisoara, Bran castel, Brasov, Iasi
  • Short citytrip in Vienna (during a 22h layover between two flights)
  • Multipitch climbing with Koen in Yvoir, also exploring Anhée
  • Climbing training working towards 6c.
  • Percona Live Europe in Frankfurt
  • Climbing trip to Siurana with Rouslan and Rat : leading my first 6b (redpoint), 6b+ toprope and projecting a 7a
  • Quick visit to Barcelona
  • Visiting 35C3 conference in Leipzig, another 4 days of infosec, IT, technology and science. First year as an 'angel', volunteering to help with some tasks at the conference. Unfortunately, bound to my hotel room due to illness for half of the conference. Luckily, all talks are recorded and streamed, so I could I could follow a few from my bed : https://media.ccc.de
  • Spending New Year's Eve in a doctor's office and looking for a pharmacy, due to earlier mentioned illness.

Plans for 2019 :
- more climbing : training for 6c/7a, fall-training to get more comfortable while leading, climbing trip to Buis-les-baronies in April, maybe a trip to Boulder, Colorado, possibly an alpine experience in the summer or a climbing trip in the US west coast in autumn
- continue Rock maintenance with Belgian Rebolting Team.
- find a new house, preferably with a small garden
- conferences : FOSDEM, Config Management  Camp, Percona Live (Austin, Texas), Percona Live Europe, 36C3
- first time Rock Werchter (Tool is coming)

Monday, January 01, 2018

Overview of 2017

Well, 2017 was exciting! A new job and a lot of climbing in Belgium, California and France : KVB4 training, crag maintenance weekends with BRT, trips to Fontainebleau and Freyr :

  • First BRT weekend of the year : exploration and first works in new climbing site in Spontin, some langlaufing on Sunday
  • FOSDEM 2017
  • Got selected for a sysadmin position at the ICT department of Ghent University
  • Joining BRT on Sunday for climbing in Freyr
  • More rock maintenance in Spontin, climbing a few routes in Pont-a-Lesse on Sunday
  • Climbing in Gorge du Tarn and Gorge de la Jonte with Vertical Thinking, leadclimbing up to 6a, finished a 6a+ toprope (Fuck the Curve, De Que Fas a Qui), 3 multipitches (Jardin Enchanté, Roc d'Aiguile, Le Bitard), discovered a nice and quiet climbing area at the end of the Jonte valley, called Pauparelle, close to Meyrueis, well equiped, 4 to 6a)
  • Introducing Alex and Tom to bouldering in Fontainebleau during a 4 day climbing trip.
  • Second trip to Fontainebleau with Alwyn, Pieter and Maene.
  • Started working as Linux System Administrator at the ICT department (DICT) of Ghent University
  • Icinga2 training in Amsterdam
  • Trip to Le Marche in Italy, visiting Rome and Milan on the way home by train.
  • KVB4 training in La Bérarde, learning basics of trad climbing, using mobile protection, (self) rescue techniques, a lot of knots (HMS and Alpine slipknot to the rescue!) and tips and tricks to avoid tricky situations when climbing in semi-alpine areas and how to get out of them.
  • Climbing trip to California, visiting Yosemite, Bishop and Joshua Tree, being fortunate to meet some nice people to climb with. It was a nice combination of comfortable sports climbing (Owens River Gorge), getting some experience in trad and crack climbing in Yosemite, and toproping harder crack climbing routes in J-Tree.
  • positive final evaluation for the trial period in my new Linux Sysadmin position
  • Visited 34C3, for the first time in Leipzig. Yet again an interesting 4 days of conference on IT, security, policy and science.

Plans for 2018 :
  • More crag maintenance with BRT and climbing (trad), maybe another climbing trip to California or multipitch climbing in France
  • Conferences : FOSDEM, 35C3
  • Pick up on contributing to Open Source again

Climbing in California 2017

From October 25th 2017 to November 9th 2017, I went to California on a climbing trip. The goal was to build experience in trad and crack climbing and explore some climbing areas :


Day 1 : Glacier Point Apron

With Patricia

  • Harry Daley (5.8, 2 pitches)

Day 2 : Swan Slab 

With Rhea and Dan :
  • Oak Tree Flake (5.6) : trad lead
  • Grant's Crack (5.9)
  • Lena's Lieback (5.9)
  • Claude's delight (5.7)
With Rhea :
  • Unnamed Crack (5.9) * : first trad lead while placing gear
  • Unnamed Crack (5.7) *
* Swan Slab, route E (5.7) and F (5.9) in Super Topo Yosemite Valley Free climbs (p. 96)


Day 1 : Owens river Gorge (Central Gorge)

With Spence and Sierra, bolted routes

Warm Up wall

Great Wall of China - Left

  • Enter the dragon (5.8)
  • China Doll (5.8)

Day 2 : Owens river Gorge (Upper Gorge)

With Spence and Sierra, bolted routes

Upper Elbow Room

  • For Patricia (5.7)
  • Frank (5.9)
  • Stella (5.8) : very fun!

Joshua Tree

Day 1 : IRS wall

With Patricia and Dave

  • Tax Man (5.10a)
  • Bloody Tax Break (5.10b)

Day 2 : Hemingway Buttress

With Patricia and Dave

  • Poodles are people too (5.10b)

Sunday, January 01, 2017

This was 2016!

Yet, another exciting year, learning new skills and meeting new people, here are some highlights of 2016 :
  • visited FOSDEM; giving a lightning talk about Buildtime Trend; meeting Rouslan, Eduard, Ecaterina and many others
  • attended a Massive Attack concert in Paleis 12.
  • visited Mount Expo, the outdoor fair organised by KBF
  • saw some amazing outdoor films on the BANFF film festival
  • spent a weekend cleaning routes with the Belgian Rebolting Team (BRT) in Comblain-La-Tour. On Sunday we did some climbing in Les Awirs, where I finished a 6b after trying a few times.
  • First time donating blood plasma
  • First academic publication (as co-author) : https://biblio.ugent.be/publication/7204792
  • Climbing trip to Gorges du Tarn with Vertical Thinking : climbing 6 days out of 7 (one day of rain), doing multipitch Le Jardin Enchanté, sending a lot of 5, 6a and 6a+ routes, focusing on reading the route, looking for footholds and taking small steps.
  • Some more route cleaning with BRT, this time in Flône, removing loose rock and preparing to open new routes.
  • went to DebConf16 in CapeTown, talking about 365 days of Open Source (video) and made a first contribution to Debian.
  • Visited South Africa and climbed in Rocklands/Cederberg
  • became a (Junior Developer) member of the Debian MySQL Maintainers Team
  • 10th blood/plasma donation
  • visited Amsterdam for the MariaDB developers meetup
  • climbing trip to Orpierre in France. It was cold during the night, but as soon as the sun came out it was T-shirt weather. Plenty of climbing with Adriaan, Mathias, Bert, Stijn en Corentin (a local French climber) : a very nice multipitch (Diedre Sud, 7 5b/5c pitches) and quite a few 5's en 6's single pitch routes, with a few 6a's leading and 2 6b's toprope.
  • Another cleaning weekend with BRT, learning how to glue bolts. Slipped on a greasy forest trail and bruised a rib.
  • went to 33C3 in Hamburg : 4 days of talks about IT, technology, science, security and privacy.
  • celebrating New Year's Eve in Ghent with some friends, good food and an exciting quiz

Plans for 2017 :
  • Clean some rock with BRT, climb, both indoor and do a few climbing trips
  • Conferences : FOSDEM, DebConf, FrosCon, 34C3
  • Contribute to Debian and MariaDB

Thursday, June 09, 2016

You can learn anything you want

This morning I was reminded that, 4 years ago, I was looking for a project to get some experience with Java, C or C++.
Looking back, I started working on an Getback GPS, an Android app (learning some Java) and later on another project called Buildtime Trend, which gave me some Python and JavaScript experience.
So in 4 years, I started 2 Open Source projects, learned 3 new programming languages, and some other technologies and frameworks along the way.

I can say I learned a lot the last few years, on a technical level, but it also made me realise that it is possible to learn new things, if you set your mind to it. You just have to start doing it, try things, fail, learn from it, try again, read a tutorial, look for questions and answers (fe. on Stack Overflow), go to conferences, talk to experienced people, join a project that uses the technology you want to learn.

And this is not limited to technology. Want to learn a musical instrument? How to make a cake? How to become a great speaker? Learn to swim longer or faster?

This is all possible. You just have to start doing it and practice. Taking small steps at the start. Allow yourself to fail, but learn from it and improve. You might need some guidance or coaching, or take a course to give you a headstart.

I'm not saying it won't be hard, sometimes you keep failing, stop making progress and you get frustrated. And that's a time to take a step back, monitor your progress, examine the goals you have set yourself. Are you doing it the right way? Can it be done differently? Do you have all the required skills to make progress? Maybe you need to practise something else first?

Anyway, keep the end goal in mind, take small steps and enjoy  the journey. Enjoying what you are doing or achieving is an important motivator.
If you set your mind to it, you can learn anything you want.

Which reminds of this video, how to learn anything in 20 hours :

Saturday, May 21, 2016

Some guidelines for writing better and safer code

Recently, I came across some code of a web application that, on brief inspection, was vulnerable to XSS and SQL injection attacks : the SQL queries and the HTML output were not properly escaped, the input variables were not sanitized. After a bit more reviewing I made a list of measures and notified the developer who quickly fixed the issues.

I was a bit surprised to come across code that was very insecure, which took the author only a few hours to drastically improve with a few simple changes. I started wondering why the code wasn't of better quality in the first place? Did the developer not know about vulnerabilities like SQL injection and how to prevent them? Was it time pressure that kept him from writing safer code?

Anyway, there are a few guidelines to write better and safer code.

Educate yourself

As a developer you should familiarize yourself with possible vulnerabilities and how to avoid them. There are plenty of books and online tutorials covering this. A good starting point is the Top 25 Most Dangerous Software Errors list. Reading security related blogs and going to conferences (or watch talks online) is useful as well.

Use frameworks and libraries

About every language has a framework for web applications (Drupal, Symfony (PHP), Spring (Java), Django (Python), ...) that has tools and libraries for creating forms, sanitizing input variables, properly escaping HTML output, handling cookies, check authorization and do user and privileges management, database-object abstraction (so you don't have to write your own SQL queries) and much more.
Those frameworks and libraries are used by a lot of applications and developers, so they are tested much more than code you write yourself, so bugs are found more quickly.

It is also important to regularly update the libraries and frameworks you use, to have the latest bugs and vulnerabilities fixed.

Code review

More people see more than one. Have your code reviewed by a coworker and use automated tools to check your code for vulnerabilities. Most IDEs have code checking tools, or you can implement them in a Continuous Integration (CI) environment like Jenkins, Travis CI, Circle CI, ... to check your code during every build.
A lot of online code checking tools exist that can check your code every time you push your code to your version control system.
There is no silver bullet here, but a combination manual code review and automated checks will help to spot vulnerabilities sooner.

Test your code

Code reviewing tools can't spot every bug, so testing your code is important as well. You will need automated unit tests, integration tests, ... so you can test your code during every build in you CI environment.
Writing good tests is an art and takes time, but more tests means less possible bugs remaining in your code.

Coding style

While not directly a measure against vulnerabilities, using a coding style that is common for the programming language you are using, makes your code more readable both for you, the reviewer and future maintainers of your code. Better readability makes it easier to spot bugs, maintain code and avoid new bugs.

I guess there are many more ways to improve code quality and reduce vulnerabilities. Feel free to leave a comment with your ideas.

Friday, January 01, 2016

This was 2015 and plenty to do in 2016!

2015 was an amazing year, learning a lot and making some progress in my Open Source development and climbing activities.
Buildtime Trend keeps growing, with Angular and a Facebook Open Sourced project as new users, improving my Python and JavaScript skills, setting up a CherryPy based service on Heroku, backed by a Celery/RabbitMQ task queue to make the service more responsive.

I have no real resolutions for 2016, I'll just spend my time on climbing and Open Source software development, learning new skills along the way and putting them into practice :

  • use Ansible (or another configuration management tool) to provision a Vagrant based development environment for Buildtime Trend
  • start using Django to add user management to Buildtime Trend as a Service
  • learn how to climb safely in less equiped areas using friends, nuts, and other mobile protection
  • apply the lessons learned form "The Rock Warrior's Way' while climbing
  • visit a few conferences : FOSDEM, 33C3 and Newline, and maybe some more : LinuxTag, DebConf, FossAsia, KeenCon, ...
  • do some improvements to my house

Plenty to do in 2016! I wish anyone an joyful year full of insights and opportunities to learn and improve.
And remember, it's all about enjoying the journey!

Here are some highlights from 2015 :
  • Celebrated New Year in Lisbon.
  • Reached a 365 day commit streak contributing to Open Source projects, with 2300+ commits over that period.
  • visited FOSDEM 2015, another great weekend of Open Source enthousiast meeting and sharing knowledge in Brussels, with over 500 speakers and 5-10.000 visitors. Happy to meet Eduard and Ecaterina again who came over from Romania, and many others.
  • Buildtime Trend was mentioned in the Black Duck newsletter 
  • Buildtime Trend made it to the top 3 of hot projects on OpenHub
  • Reached the most active developers top 10 on OpenHub
  • Released Buildtime Trend v0.2 and launched a Heroku app hosting the service.
  • Visited Cork and Dublin with Sofie, attending Jeroen's PhD graduation ceremony and meeting Rouslan and his friends.
  • Attended Newline 0x05 and did two talks : Buildtime Trend : Visualise what's trending in your build process and What I learned from 365 days of contributing to Open Source projects
  • Ended my commit streak after 452 days
  • Went on a climbing trip to Gorges du Tarn
  • Flashed my first 6a lead climbing on rock.
  • Traveled to the US, East coast this time, visiting Washington DC, meeting Lieven H and Wim, exploring New York City with Tine, Lukas and Marie-Hélène.
  • One-day climbing trip to Freyr with Peter.
  • And another climbing trip to Beez with Lieven V, Ben, Patrick and others.
  • 4th blood donation, convinced Tine to join me for her first donation! Well done!
  • Deployed a Celery/RabbitMQ based worker to Buildtime Trend as a Service on Heroku, taking some load off the webservice and improving the response times.
  • Climbing trip to La Bérarde, with Bleau, doing my first multipitches (Li Maye laya and Pin Thotal) with Mariska and lead climbing a few 6a+ routes. Weather was great, atmosphere was superb, climbing was fun!
  • Went to Fontainebleau for the birtdayparty of Andreas. Great fun, nice people, lots of routes. Finished my first red route in Fontainebleau.
  • Travelled to California and made roadtrip from San-Francisco, to Yosemite, over Tioga Pass to Mojave Dessert, Red Rock Canyon, Las Vegas, Zion National Park, Bryce Canyon, Grand Canyon and flying back from Phoenix to San-Francisco. I did some climbing and hiking, took a climbing course on using cams and nuts. On the way I met a lot of nice people, with whom I had interesting conversations.
  • Released Buildtime Trend v0.3
  • Finished online Stanford University course Algorithms: Design and Analysis, Part 1
  • Read The Rock Warrior's Way, a must read for any climber
  • Visited 32C3 in Hamburg, 4 days of lectures, writing software and talking to other developers. It was amazing, next year again!