Solve software problems by adding more

It was a Saturday morning. I was watching Youtube & saw this video on Youtube. Immediatly few examples from my day to day work came in to my mind. Few week ago I was fixing a small edge case bug in one of our products. Even before starting to fix the issue, I knew it will be one line of code change. So I did the fix & next day here come the QA report, because of that one line change I did, I have introduced 4 more edge cases which cause some inconsistancies. Then I started fixing those issues...

Findmyfare data leak API

Yes this time it is Findmyfare.com Recently I found two issues in Findmyfare website. So as usual I reported the issues. Unlike Dialog & Mobitel, Findmyfare was very responsive & took it very seriously. Within few hours after I reported issues, they deployed 1st issue fix & a patch for the 2nd issue (Not exactly a fix, but data leaking issue was gone). In this blog post I will explain what were those two issues. First issue This looks more like a mistake. But this kind of mistake can be easily identify from code reviewing (Not sure they do code...

Dialog login vulnerability explained

Here is my previous blog post about reporting Dialog security vulnerability. Finally Dialog fixed their login vulnerability. So it is time to explain in deep what was it. Note: Vulnerability is already fixed. So you won't be able to try it by yourself. This blog post is for education purposes. First of all go to Dialog.lk By Clicking Log in - mobile connect button with any Dialog mobile number or clicking Log in button without any User Name, Password You can go to Dialog Mobile phone authentication page. This is where all fun begins. You can enter any Dialog number...

Dialog online login security vulnerability

This time it is not about just a single API exposing data. Dialog online login vulnerability was way more bigger. Someone else can login to another person’s account & change their data plans, activate / deactivate packages, check / change personal data and so on. So I decided not to write anything in detail related to the vulnerability until Dialog fix it. First of all I should say same as Mobitel, it was not easy at all for me to escalate the issue to Dialog. It was like the security vulnerability was my fault. I noticed this vulnerability even before...

Mobitel API expose NIC number

This is a story about a form validation. I already informed Mobitel (one of the telecommunication company in Srilanka) about this form validation more than two weeks ago by, Sending them two emails Contact them via Facebook fan page Via one of my friend who is working in Mobitel But they haven’t replied to me or change the form validation. So I thought “ok then. it is not a bug, it is a feature” & decided to write a blog post about that particular form validation. Here is the form that I am going to talk here. I think it...

Configuring Raspberry Pi Day 02

So the second day of my Raspberry Pi configuration started. The plan was to finish installing all required packages & finalize the environment setup. Started the day by SSH the Pi from by personal laptop, which is perfectly working now & I don’t need to connect HDMI monitor or USB Keyboard. After SSH, installed Git & Ruby successfully. Then tried to install bundler gem & realized Raspberry Pi date & time is not correct. Most probably the reason is the Local network I am using is blocking port 123. So it cannot sync the datetime automatically. For now as a...

Configuring Raspberry Pi Day 01

This is the first blog post of me about Raspberry Pi & planning to write posts about my Raspberry Pi configuration updates frequently. Yesterday while I was in my workplace, I got an idea to run a server for my personal use. Initially my plan was to run some daily tasks which are doing everyday. So for that I was thinking what is the best place to have a server which I can access. First of all AWS was the place came to my mind. It will be the easiest solution for me. I can start a Micro Instance which...

Finished converting Bitcoin Transactions

Few months ago I wrote a blog post about I am converting Bitcoin blockchain to SQL. And gave several meet up talks about this crazy idea I had & the progress of the work. Ruby Meetup Singapore - Cryptocurrency & Ruby You can find the slides here on Slideshare Here I am with the full database of transactions from the day Bitcoin started to March 2018. If you want to check how I did it look at my previous blog post on I am converting Bitcoin blockchain to SQL It took me more than 3 months to finish this conversion....

I am converting Bitcoin blockchain to SQL

Recently I developed a Ruby wrapper gem for Bitcoin & Ethereum RPC APIs. Using that I started converting Bitcoin transactions to a SQL format just for fun. My plan was to query the transactions easily to get some stats about the transactions that people did in the past few year. I thought it would be maximum 1 week task to convert all transactions which were in 500K+ blocks by that time. But by the time I write this blog post, I am still running the script. Until the first 100K blocks I used a very simple Ruby script that iterate...

Bitcoin node in Docker

Once I wanted to run a Bitcoin node inside a docker container. To configure a computer to run a Bitcoin is not an easy task. There are many dependencies you have to install & there are several configurations to setup. I have been going through those troubles few times & decided to move Bitcoin node into a Docker environment. So everything I have to do is build the docker image & run it. If you want to have a look, the repository is here bitcoin-rb. To make things easier & clear I am going to use a docker-compose.yml file. version:...

Connect to Ethereum IPC using Ruby

To make things easier, I’m using the same ethereum-rb docker image as my node. It is configured to run Ruby developments environment too. So I don’t need to do any configurations in my personal computer to start Ethereum node. This is the docker-compose file I am using with the configurations. docker-compose.yml version: '2' services: app: build: ./app command: --rinkeby --rpcapi "db,personal,eth,net,web3" --rpccorsdomain='*' --rpc --rpcaddr="0.0.0.0" volumes: - $HOME/.rinkeby:/root - ./app:/app So you can have a folder app which contains my Dockerfile & pass command parameters to the ethereum node. By passing --rinkeby you can connect to the ethereum rinkeby test network...

Deploy Ethereum ICO with Ruby

I am using a Docker image that I optimized to use for ruby Development. The reason why I am using docker image is, if you are going to configure your machine to support Ethereum, you have to install various things. Have a look at the ethereum-rb & also if you want to see the Dockerfile. Everything I am describing here are in ico-rb repository. To get started clone the repository. So it will be easy for you to understand better. Then docker-compose build will fetch all dependencies & install. docker-compose -f docker-compose.yml up will start running the ethereum network in...

gitplan Ruby gem & it's usage

git-plan is a Ruby gem to execute set of git commands at once. If you have set of git commands that you everyday run while developing, you can set an alias for the set & execute from only one command. Dependencies First, make sure you have Ruby installed. On a Mac, open /Applications/Utilities/Terminal.app and type: ruby -v If the output looks something like this, you’re in good shape: ruby 2.3.1p112 (2016-04-26 revision 54768) [x86_64-darwin15] If the output looks more like this, you need to install Ruby ruby: command not found On Linux, for Debian-based systems, open a terminal and type:...

gitstat Ruby gem & it's usage

Gitstat is a ruby gem for git log your repository to get commit history by number of lines for each Author in your repository Installation $ gem install gitstat Usage After installing the gem, go to your repository & just type gitstat. Then you will get the total number of added lines / deleted lines & commits by each author in the repository. Author >>>> //de lines added: +11839 lines | deleted: -16271 lines | total commits: 368 ************************************************************************************ Author >>>> Adrian Hosey lines added: +52 lines | deleted: -10 lines | total commits: 2 ************************************************************************************ Author >>>> Alex Grigorovich...

Journey to DeccanRubyConf 2015

While I was a studying for my final year in the University, I got the chance to attend DeccanRubyConf 2015 as a speaker. My talk was “Concurrency & Parallelism in Ruby”. Because it’s a Ruby conference, I thought of talking more about Celluloid because all the participants were from Ruby background. So that was my first visit to India for 3 days. Early in the morning prior to the conference day, I landed on Mumbai airport & had some terrible experience with traveling to Pune by train. Finally I decided to go to Pune by bus. By evening I was...

Add Github SSH Key

Here are the steps to configure your SSH Key with Github & communicate easily with your repositories. Step 1 First of all check whether you have created any public SSH keys in your computer. ls -al ~/.ssh Check the output you get & if you find any file named with, id_dsa.pub / id_ecdsa.pub / id_ed25519.pub / id_rsa.pub You don’t have to worry about generating the public SSH Key again. Skip the 2nd step & go to the 3rd step if you already have a public SSH Key. Step 2 To Generate public SSH Key, Copy and paste the below command...

Celluloid Async Tasks

Most of Ruby developers use celluloid because it’s very easy to use for asynchronous tasks. If someone want to do a process in background they can simply do it by one keyword. The keyword is async. Here is a simple example to show the usage of Async feature. require 'celluloid/current' class Rocket include Celluloid def launch for i in 0..5 sleep 2 puts "Counting.....#{i}" end puts "Blast off" end end rocket = Rocket.new rocket.async.launch That launch method is running in the background. Cheers, DilumN

Create Celluloid Development Environment

If you want to contribute to Celluloid, you are warmly welcome. For beginners here are the steps you should follow to setup your development environment. 1 - First of all git clone your Forked Celluloid source or clone directly from the main repository. 2 - Then create a new file named Gemfile wherever you want. 3 - Include this inside your Gemfile source 'https://rubygems.org' gem 'celluloid', :path => '~/Documents/celluloid' The path here is your cloned source path. 4 - You are ready to test Celluloid source with the changes you are doing, without push it to Github. bundle install Run...

Install Celluloid

This is the second post about Celluloid & the basic installation of Celluloid in your project. First of all you can install celluloid by, gem install celluloid To import Celluloid into your project, require 'celluloid/current' Once you require 'celluloid/current', the imported Ruby class supports all the Celluloid APIs. You can use the power of Celluloid in your class. If you want to add Celluloid into your GemFile gem 'celluloid' Cheers, DilumN

Introduction to Celluloid

Celluloid provides a simple and natural way to build fault-tolerant concurrent programs in Ruby. With Celluloid, you can build systems out of concurrent objects just as easily as you build sequential programs out of regular objects. Recommended for any developer, including novices, Celluloid should help ease your worries about building multithreaded Ruby programs. By combining concurrency with object oriented programming, Celluloid frees you up from worry about where to use threads and locks. Celluloid combines them together into a single concurrent object oriented programming model, encapsulating state in concurrent objects and thus avoiding many of the problems associated with multithreaded...