Monday, 24 March 2014

Cut the Cross Down


Many things happened in the past few weeks, but I didn't record them in a consistent manner. It's like I'm carrying less burden than before, but the consequences could be pretty bad in the long run.


















Accomplishes: 

1. Finished the book "You can draw in 30 days" and managed to draw sophisticated 3D objects.
2. Finished reading the first DSLR photographing book and practised three weekends on  a second-hand Canon D7 camera. Learn everything from a scratch from Zhixing. Attended my friend, Jingping's harmonica concert.
3. Launched our Clockie app V1.0. Finished the V1.1 debugging and modification. On going for the V1.2. We consider this app to be our first experiment on how to make a real product. Besides UI and features, we are going to do some experiments on the business side as well, for instance the free-premium business model. However, since there are small issues with the current version, we still choose not to market it yet until the V1.2 comes out. 


4. Meetup with the YunReading team. Good to know that Yingbo is doing coding again on skyscanner and Aldrian is doing text mining and NLP research before going for his PHD study in the US. We are planning to open-source the YunReading project.

5. I found my new job in Visenze as a software engineer. Visenze is a tech startup specialised in image recognition. It's one of few real tech companies in SG. I was supposed to join them after my graduation. However, as Prof. Tung is so eager to make readpeer a product, I choose to finish the readpeer project first. The ReadPeer beta version is about to finish in late April including the iOS app and Android app. Though it wasn't a pleasant journey with no exposure to real clients and the business side, it is nice that the project is becoming more closed to a product. I cannot count it as an entrepreneurial experience since I've got no control over the product including the product design and decision making. A lot of useless features are included to add the complicity of the project, which is surely not my intention. I do not see myself as a lifelong software engineer, but more of a future project manager. Unfortunately, in the readpeer project, I was not given the privilege to learn new stuffs as a co-funder. I even got blamed for reading a business model book. Indeed, I lost most of my passions already when I'm more like a emotionless worker than an energetic entrepreneur that can change the world. I've got to learn more from real lean startups on how projects can be conducted, not only on the tech side, but also on the business side. I guess Visenze would be a nice place to learn when it's in a promising growing stage. For the ReadPeer project, I guess I'm already 仁至义尽. Though it might get millions of government fundings, I won't care any more. A lot of people get fundings from the government doing nothing but boasting themselves on useless projects. I'm not one of them. I'd rather do something really useful and stay passionate forever.

Losses:

I wasn't very religious in the past few weeks. Though I didn't do sinful things, I do feel myself cutting the cross down. 




Saturday, 1 March 2014

End of February

These two weeks went really quickly. All of a sudden, it is already end of the month.

There are basically two improvements worth recording.

1. In the readpeer team, we tried to do daily scrum meeting at 11am. We're clearer about the goals and we've effectively fixed miner bugs for the API as well as the App/Plugin workflow. Now, the bugs are mostly cleared and the APIs are mostly well-tested after two weeks' trials and errors. The iOS app is also progressing well, mostly because of Zijian's passion and smartness. Hopefully, we can have a demo next week for both the iOS app and the browser plugin. However, the Android app is slightly lagging. We just started integrating the APIs in the Android app. From the API design and implementation experience, I started to realize the potential security issues out there for the apps.

For Android app, it is actually pretty easy to be decompiled into codes. It's pretty dangerous to simply put the app_api_key and app_api_secret in the app without further authentication schemes. The current authentication method we use is to pass the predefined app_api_key, app_api_secret and username+password to get an unique access_token which is associated with a unique user session. Apps request for the APIs by providing the correct access_token. It seems to be useless to add on encryptions for the access_token and other keys when the app can be decompiled. Hackers can easily see the encryption methods. A more secure approach would be to add on timestamp to the access_token and cron the access_tokens in the backend every few minutes. However, that is also not good enough. What other web services, like Parse.com do is to add app identifiers,etc as additional authentication schemes. That would be nicer, however, it is also hackable especially for Android apps.  We've added SSL support for web app, however, after knowing that SSL packages also can be hacked, I realize that security can be a big issue in the long run. However, security is not the most critical thing at this moment, but the features and the UX.

We also try to create more data by ourselves on the system to make the system more appealing. That's a common trick most UGC driven companies do to make their customers more involved.

Bad thing: The network in NUS goes down very often these days, which affects our service quite a lot. Recently, the internet in the lab server is disabled by school because the owner of the subdomain gets graduated and the server cannot connect to the internet again. I've tried to persuade the prof to use DigitalOcean, however, he recently prefers to buy clustered cubietruck mini PCs partly because of the funding criteria. Honestly, that's not a wise way to go.

2. Our Pair Diary app is progressing well. I've stayed in school for quite a few times/week to work with Qiyue and Zenan. Qiyue is really really busy with lots of projects. Hope he really gets some days off to enjoy his life. Definitely, Qiyue and Zenan are very good hackers. They'll become super good in the long run. For our clockie app, Apple is reviewing it and hopefully we'll get it on app store ASAP. Can't wait any longer.

Some other stuffs worth recording: I introduced a good job to the senior designer in Beijing to come here to work. He has already passed two rounds of interviews and will fly here tomorrow to take the final interview. It's promising that he'll get the job and maybe we will work together someday to make great projects to change the world.