Skip to main content

End of February

These two weeks went really quickly. All of a sudden, it is already end of the month.

There are basically two improvements worth recording.

1. In the readpeer team, we tried to do daily scrum meeting at 11am. We're clearer about the goals and we've effectively fixed miner bugs for the API as well as the App/Plugin workflow. Now, the bugs are mostly cleared and the APIs are mostly well-tested after two weeks' trials and errors. The iOS app is also progressing well, mostly because of Zijian's passion and smartness. Hopefully, we can have a demo next week for both the iOS app and the browser plugin. However, the Android app is slightly lagging. We just started integrating the APIs in the Android app. From the API design and implementation experience, I started to realize the potential security issues out there for the apps.

For Android app, it is actually pretty easy to be decompiled into codes. It's pretty dangerous to simply put the app_api_key and app_api_secret in the app without further authentication schemes. The current authentication method we use is to pass the predefined app_api_key, app_api_secret and username+password to get an unique access_token which is associated with a unique user session. Apps request for the APIs by providing the correct access_token. It seems to be useless to add on encryptions for the access_token and other keys when the app can be decompiled. Hackers can easily see the encryption methods. A more secure approach would be to add on timestamp to the access_token and cron the access_tokens in the backend every few minutes. However, that is also not good enough. What other web services, like Parse.com do is to add app identifiers,etc as additional authentication schemes. That would be nicer, however, it is also hackable especially for Android apps.  We've added SSL support for web app, however, after knowing that SSL packages also can be hacked, I realize that security can be a big issue in the long run. However, security is not the most critical thing at this moment, but the features and the UX.

We also try to create more data by ourselves on the system to make the system more appealing. That's a common trick most UGC driven companies do to make their customers more involved.

Bad thing: The network in NUS goes down very often these days, which affects our service quite a lot. Recently, the internet in the lab server is disabled by school because the owner of the subdomain gets graduated and the server cannot connect to the internet again. I've tried to persuade the prof to use DigitalOcean, however, he recently prefers to buy clustered cubietruck mini PCs partly because of the funding criteria. Honestly, that's not a wise way to go.

2. Our Pair Diary app is progressing well. I've stayed in school for quite a few times/week to work with Qiyue and Zenan. Qiyue is really really busy with lots of projects. Hope he really gets some days off to enjoy his life. Definitely, Qiyue and Zenan are very good hackers. They'll become super good in the long run. For our clockie app, Apple is reviewing it and hopefully we'll get it on app store ASAP. Can't wait any longer.

Some other stuffs worth recording: I introduced a good job to the senior designer in Beijing to come here to work. He has already passed two rounds of interviews and will fly here tomorrow to take the final interview. It's promising that he'll get the job and maybe we will work together someday to make great projects to change the world.



Comments

Popular posts from this blog

InnovFest 2015

I attended the innovFest 2015 event. It was quite eye opening. Besides the booth, some topics in the forums also interested me. The first topic I joined was the Kopi Chat with Yossi Vardi, a famous Israeli entrepreneur and investor. He is straightforward and humorous. When talking about the most important reason why people wake up with a great idea but ended up sleeping without executing anything, he collected answers from the audiences. One answer pretty much fitted his appetite-- "People fear about losing faces". He shared his opinion with the quotes from Theodore Roosevelt, “It is not the critic who counts; not the man who points out how the strong man stumbles, or where the doer of deeds could have done them better. The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood; who strives valiantly; who errs, who comes short again and again, because there is no effort without error and shortcoming; but who does actually st

Learning to operate a digital product

Things worth noting down. In the past two weeks, I've been trying very hard on the marketing strategy adoption for our newborn platform " Dadafish ". It's basically to solve the market place chicken and egg problem in a more cost-efficient manner. We start from the teacher acquisition: Location based Door to Door marketing(visit physical store based on locations).  Vertical domain marketing approach(research 2-3 subdomains and find the relevant hosts to host classes on Dadafish) So far, we've got quite a number of classes ongoing, ranging from arts/crafts, language, cooking, sports. For the time being, we focus a lot on language and arts/crafts. Classes coming in the next few weeks: 1. Classes conducted this week: Japanese writing class Chinese class for complete beginners Flower arrangement class   2. Class conducting next week: Japanese writing class French language exchange for complete beginners(3 groups) French language exchan

Consistency Matters

I didn't post anything last week, which means consistency has been broken. There's a need to reflect the task management skills, otherwise I'm very likely to driving the wrong road Priority changes. A good exercise would be to list the priorities down everyday and assign reasonable time to the tasks. Then never second-doubt. 100% focusing on the task when doing it. Priority changes from time to time.  Human minds are single-threaded, thus, we'll need to keep focused when doing one particular task. Be Grateful. I received the confirmation from NOC Israel that I got admitted by the programme and I'm heading to Israel next Jan:-) Thanks a lot for Prof.Ben and Karl's help. Ultimately, it might be a plan from God. Thanks every one. The additional interview from Google went well, however, I didn't get the winter intern opportunity this time. Though it's a bit too greedy to ask for too much, I still feel a bit sad after informed that I didn't get th