kevinhakanson.com

Kevin Hakanson

Multi-Cloud Certified Architect | DevSecOps | AppSec | Web Platform | Speaker | Learner | Builder
Twitter | LinkedIn | GitHub | Stack Overflow | Credly

2024

Asking Claude Haiku to redefine A/B testing

October 4, 2024 #genai

During a call with customer, they mentioned that “friends and family” testing of features often gives positive feedback. I thought this would be a fun use of generative AI so I asked Claude Haiku for some help “redefining” A/B testing: The…

2023

Microsoft Certifications no longer on Credly

November 20, 2023 #azure #certification

Even while working for AWS as a Solutions Architect, I keep my Microsoft Azure certifications up to date. These free renewals happen every year on the Microsoft Learn platform. Certification title Certification number Earned on Expires on…

Agile daily stand-up and The X-Files

October 25, 2023 #random #agile

I’ve been working with a customer for several months on a cloud modernization project. We are just over a month from production and addressing blockers in our daily stand-up meetings. Every so often, some “big and scarry” issue appears…

Vitest File Snapshots

September 29, 2023 #javascript #codequality #cedar

I recently added tests for both prism-cedar and highlightjs-cedar using the File Snapshots feature of vitest. Each of these syntax highlight libraries uses a lot of regular expressions, and I immediately think of the joke about regex. Some…

My Favorite Laptop Stickers

July 1, 2023 #random

I’ve been collecting laptop stickers for a while, but only started affixing them to my laptop last year. I didn’t want to lose them when my work laptop was returned or replaced. My solution was to buy a hard shell case, which I can remove…

AWS Icons for PlantUML has dark mode

June 22, 2023 #aws #opensource #uml

Release 16.0 of AWS Icons for PlantUML includes an experimental “dark mode” where will set the background/foreground colors and use icons which have a specific “dark” version. This was possible because the 2023-04-28 (16-2023.04.2…

Finding outdated AWS icons in draw.io files

March 4, 2023 #aws

I admit to being an AWS service icon snob - when I see outdated icons being used, I look down on the diagram. For example, this image with multiple versions of old AWS Lambda icons: However, these are a pain to update by hand. Last month…

Hello Rust WASM NodeJS

February 6, 2023 #rust #wasm

I am working on a project that requires calling some Rust crates from a NodeJS runtime. I had a project with some working code (which I didn’t fully understand), so I wanted to start by implementing the classic “Hello World!” problem. Let…

2022

Diagrams-as-Code Episode on Twitch

December 15, 2022 #aws #architecture #uml

So much fun on the Build On AWS weekly - Code me some diagrams Twitch stream today talking diagrams-as-code with Darko, and surprising him with this: The PlantUML source code (except for the full base64 PNG). I also got to talk about…

Sequence Diagrams with Mermaid and Diagrams.net

October 2, 2022 #aws #uml

I’m still having fun creating UML Sequence Diagrams using PlantUML. On August 19, 2022 I published Sequence Diagrams enrich your understanding of distributed architectures on the AWS Architecture Blog. The source files from that blog…

My First AWS Blog

June 14, 2022 #aws #s3

Posts on this blog have been fewer lately, but today my first official AWS Blog post was published: Partitioning and Isolating Multi-Tenant SaaS Data with Amazon S3

aws-icons-for-plantuml v13.0 Released

June 6, 2022 #aws #opensource #uml

Last year with Adding AWS Icons to PlantUML Sequence Diagrams I started making my diagrams look a bit better. However, the native sprite format looked somewhat washed out to me. My investigations resulted in some Python coding and deeper…

Python Typings for AWS Lambda Function Events

April 10, 2022 #aws #lambda #python

I was building a Python-based AWS Lambda function similar to what was announced by New – Use Amazon S3 Event Notifications with Amazon EventBridge and the code looked similar to this - full of “magic strings” that I had to discover. Python…

aws-jwt-verify v3.0.0 Released

March 29, 2022 #aws #opensource #security

What started as pull request #60, escalated to becoming a maintainer on aws-jwt-verify and releasing v3.0.0. AWS JWT Verify is a JavaScript library for verifying JWTs signed by Amazon Cognito, and any OIDC-compatible IDP that signs JWTs…

Fun with Emoji ZWJ Sequences

February 9, 2022 #random #javascript

Today I learned about Emoji ZWJ Sequences and what it takes to create the “man technologist: light skin tone” emoji I often set in my slack status. This is actually multiple unicode characters “smashed” together using a Zero Width Joiner…

2021

The #1 Search Result on Google

December 7, 2021 #random

After I received my “Your December Search performance for kevinhakanson.com” email, I took a look at Search Console Insights. I have a #1 position search result on Google for my The Frozen Caveman Antipattern blog. Since this was fun for…

The Mystery of the 100 Mbps Internet Speed

September 24, 2021 #random #networking

My current workstation setup includes a ThinkVision P27h-20 Flat Panel Monitor which offers a “full-functioned USB Type-C one cable solution with the capability to deliver up to 90W power delivery and an Ethernet signal.” There are a lot of…

Adding AWS Icons to PlantUML Sequence Diagrams

August 12, 2021 #aws #uml

I’ve blogged about UML Sequence Diagrams using PlantUML before, but now my Sequence Diagrams are more beautiful after using the AWS Icons for PlantUML and reading the PlantUML Sequence Diagram docs. Let’s start with a basic PlantUML…

My first C# AWS Lambda Function

July 29, 2021 #aws #lambda #csharp #dotnet

Here it is - my very first AWS Lambda Function coded in C#. You can probably guess I didn’t write that code, but generated it from a template. There is .NET Core CLI support for creating .NET-based Lambda applications. Most of my Lambda…

AWS CloudFormation Linter Custom Rules

June 30, 2021 #aws #cloudformation

While diving deep on AWS CloudFormation Linter (cfn-lint), I discovered Custom Rules support. The linter supports the creation of custom one-line rules which compare any resource with a property using pre-defined operators. To give it a try…

It's Day 1 at AWS

March 22, 2021 #career #aws

Today I start at AWS as a Sr. Solutions Architect at AWS. It is “Day 1” for me both in the English definition of the phrase as well as using the Amazon vernacular. “Day 1 is both a culture and an operating model that puts the customer at…

Acclaim Badges to CSV

February 27, 2021 #certification #javascript #monitoring

From previous blog posts like I’m a Microsoft Azure Solutions Architect Expert or I’m a Microsoft Azure Solutions Architect Expert you can see I like to celebrate when I pass another certification exam. I also link to the specific digital…

2020

Cloud State Monitoring

December 18, 2020 #cloud #monitoring #azure #aws #devops

Last week I gave a presentation about a concept I decided to call Cloud State Monitoring. The premise was that much of cloud configuration monitoring is point-in-time evaluations, but there is additional value in monitoring the change in…

My Amazon Alexa Skills Journey

December 1, 2020 #aws #alexa #certification

Today (December 1, 2020) is the day Amazon Alexa is deprecating the Echo Buttons Skill API. In 2018, I published a couple Alexa skills for Echo Buttons (Color Stumper; Rochambeau Buttons) and even have two unopened sets of buttons which I…

Azure Managed Identity Resources

October 10, 2020 #azure #security #iam #cli

As part of studying for the Azure Architect exams using Microsoft Learn, I was experimenting with Managed Identities. Here is the definition from the What are managed identities for Azure resources? page of the Azure docs: There are two…

7 Attempts at Slide Deck Humor

September 18, 2020 #random

With the transition of SlideShare from LinkedIn to Scribd, I looked through my old tech conference presentation slide decks and wanted to highlight some of my slides that (maybe) were not as humorous as I planned. They say “If you have to…

What is the OWASP Cyber Defense Matrix?

August 12, 2020 #cloud #security #owasp

The OWASP® Foundation works to improve the security of software through its community-led open source software projects, including the OWASP Cyber Defense Matrix, a project initially created to help organize security technologies across the…

Understanding CIS Controls and Benchmarks

June 11, 2020 #cloud #security #cis

In a conversation about cyber security or cyber defense, you might hear the terms CIS and security controls mentioned as a recommended best practice.  However, without some additional context this is just another TLA (Three Letter Acronym…

Will the real Azure please stand up?

April 18, 2020 #azure #random

Naming things is hard. Each of these “Azure” names appear somewhere (or at some time) in the documentation: Azure Microsoft Azure Azure Cloud Microsoft Cloud Windows Azure At the time of this post, Azure has 58 regions worldwide and…

AWS UX Issues when Under Load

February 3, 2020 #aws #ux #codequality #random

Last week, I attended an Architecting for Machine Learning on AWS event at their Minneapolis office along with about 40 people. This three-day technical workshop is designed to provide architects and developers hands-on training for…

Using AWS X-Ray with Lambda@Edge

January 20, 2020 #aws #xray #cloudfront #monitoring

One of my original Lambda@Edge functions was still running on an old Node.js runtime, which I needed to update. That function dynamically generated images of a United States map with various states shaded based on the filename. This…

AWS Signature Authorization using Postman

July 7, 2019 #http #aws #security

The other day I ran across Use Postman to Call a REST API - Amazon API Gateway, which highlighted that Postman can generate AWS Signatures for authorization (see Authorization | Postman Learning Center).  When I wrote AWS Chalice, Amazon…

UML Sequence Diagrams using PlantUML

June 9, 2019 #uml

I’ve blogged before about text notation for UML Sequence Diagrams in WebSequenceDiagrams notation, but since we standardize on Lucidchart for diagrams, I found they have UML Sequence Markup support as well.  However, Lucidchart’s dialect…

AWS Tag Keys with Spaces Problems

May 23, 2019 #aws #cli #ux #codequality

The Cloud Center of Excellence at my company was beginning to strictly enforce the tagging standard, which meant that mis-tagged resources were going to be deleted. The CCoE gave reasonable lead time, and even provided a list of affected…

AWS Tools for PowerShell on macOS

May 3, 2019 #aws #powershell #macos

Since you can never have too many command lines and shells, today I thought about Installing PowerShell Core on macOS. After that, it was time for Setting up the AWS Tools for PowerShell Core on Linux or macOS X and making sure it worked…

AWS IAM Policy for Service User S3 Access

April 10, 2019 #aws #iam #s3

As a “security custodian” for some of my company’s AWS accounts, I review requests for what we call “service users,” including the AWS IAM Policy documents attached to those users. I prefer these to meet the Principle of least privilege but…

Finding all AWS Services my Team is Using

January 11, 2019 #aws #python #iam

I was reading Automate analyzing your permissions using IAM access advisor APIs | AWS Security Blog and realized it would also be way see what AWS features one of my project teams (a.k.a. redacted-project) was using. So, I put together a…

2018

Architecture Decision Records (ADRs)

December 18, 2018 #architecture #agile

Recently, I was asked to do an architecture review on a couple of projects - one was just getting started, and the other was a PoC demoed at a user conference.  Unfortunately, as with too many “agile” projects, existing architecture…

AWS Cloud9 and Sharing with Role Issue

November 21, 2018 #aws #cloud9 #iam

A co-worker and I were investigating AWS Cloud9 and the ability to share environments.  However, when you do a Window - Share… from inside the environment, you get this dialog: However, we are not using IAM users, but roles assumed via…

"Full Stack" Caching Strategy

October 17, 2018 #webdev #caching #http

“Caching is somebody else’s problem, until it’s not” - me (just now) OK, so that’s a dumb quote I just made up, until it’s not.  Microservices do their work, generate their HTTP, response and sent it to the browser.  Often, it isn’t until…

AWS WAF vs AWS WAF Regional

September 5, 2018 #aws #waf #security

Welcome - AWS WAF lists separate API references for AWS WAF and AWS WAF Regional.  AWS WAF is “available for protecting Amazon CloudFront distributions” and AWSWAF Regional is “available for protecting Application Load Balancers.”  These…

Cloud Custodian Code Confusion

September 4, 2018 #aws #devops #security

A coworker and I were debugging incorrect results with our  Cloud Custodian policy.  Here is the filter that gave us 3 results when we were expecting 2: One of the extra items should have been excluded because of the SslPolicy clause, but…

AWS WAF / AWS Shield for DDoS Protection

August 31, 2018 #aws #waf #security

One of the AWS Whitepapers is the 30-page AWS Best Practices for DDoS Resiliency (June 2018) which gives a overall summary of the topic as well as a good distinction where AWS Shield and AWS WAF fit. First, a definition and some key facts…

Investigating Web Cache Poisoning

August 22, 2018 #http #caching #security

Practical Web Cache Poisoning had me wondering about header validation in one application I was consulting on. I decided to test against an internal endpoint that reflects back HTTP headers. I used ’s -H to lie about my and headers and…

First Thoughts on AWS Cloud9

July 5, 2018 #aws #cloud9 #python

The other week I had trouble creating an AWS Cloud9 environment, so I tried again today - and with success, because I actually met the requirements found at VPC Settings for AWS Cloud9 Development Environments and put the instance in a…

Redis Security Investigation

June 22, 2018 #aws #redis #security

The Securing Redis section from the Redis Quick Start stresses applying network level security (firewalls), the option (AUTH command), and SSL tunneling.  Additional details can be found by reading A few things about Redis security and…

Secrets Management

April 10, 2018 #security #podcast

I recently listened to Software Engineering Radio Episode 311: Armon Dadgar on Secrets Management from December 5, 2017 The show covers: what a secret is; the difference between secrets and sensitive data; what is secrets management; the…

AWS Options for Blocking IP Addresses

March 20, 2018 #aws #security #networking

While diving into BIG-IP iRules code researching HTTP to HTTPS Redirection, I ran across this snippet: Reaching out to one of the DevOps team to learn more, he directed me to a process document on how to block IP address in our data center…

HTTP to HTTPS Redirection Investigation

March 13, 2018 #http #webdev #security

The recent efforts related to Google and Mozilla are Deprecating Existing Symantec Certificates had me revisit another HTTPS topic:  HTTP to HTTPS Redirection. Redirection is one of the items checked by Observatory by Mozilla and supported…

"Access Logs" from AWS Services

March 8, 2018 #aws #http #monitoring

Some web facing AWS services that provide HTTP access, allow you to enable “Access Logs” written in a W3C extended log file format. Access Logs for Your Application Load Balancer - Elastic Load Balancing Access Logs for Your Classic Load…

Adoption of HTTP Security Headers on the Web

March 6, 2018 #http #security

Adoption of HTTP Security Headers on the Web looked at HTTP Archive data to do some analysis of the adoption of various HTTP security headers.  Here is a summary table of usage. The analysis deep dives into each header, and which values…

Marking HTTP Pages as "Not Secure"

February 9, 2018 #http #webdev #security

Chromium Blog: A secure web is here to stay put a deadline for marking HTTP as “Not Secure”: Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”. What if you want that behavior today?  Below…

Referrer-Policy HTTP header

February 7, 2018 #http #webdev #security

Referrer-Policy is one the security focused HTTP headers checked during Observatory by Mozilla scans.  Scott Helme talks about this in A new security header: Referrer Policy, but his comment that you can set Referrer Policy via the Content…

GraphQL vs. REST APIs?

January 30, 2018 #webdev #api #graphql

I ran across Understanding And Using REST APIs — Smashing Magazine, which is an entry level article explaining REST APIs and uses the GitHub API v3 in its examples. By default, all requests to https://api.github.com receive the v3 version…

2017

CloudFront and Disaster Recovery

December 12, 2017 #aws #cloudfront #disasterrecovery

Note:  If you need a refresher on CloudFront, start with What Is Amazon CloudFront? After reading Lambda@Edge Now Supports Content-Based Dynamic Origin Selection, Network Calls from Viewer Events, and Advanced Response Generation (Posted On…

AWS Certificate Manager and Certificate Pinning

October 30, 2017 #aws #http #security

As a background, please review Out with HPKP, in with CAA? to re-familiarize yourself with HTTP Public Key Pinning (HPKP) and Certificate Authority Authorization (CAA). Today, I saw How to Prepare for AWS’s Move to Its Own Certificate…

API-First and the Customer Experience

October 17, 2017 #api

Enabling distributed digital business with API-first architecture (Google Cloud Next ‘17) was a good, high-level overview of API strategies, and reminds me of our internal Customer Experience Model and Customer Experience Principles goals…

IAM Roles: "trust policy" == "assume role policy"

October 4, 2017 #aws #iam

Take a look at the screenshot below.  What’s the name of this policy? If you said “trust relationships policy” or “trusted entities policy” then good luck finding the API to update it, where it is called the “assume role policy” document…

Customer Data Encryption-At-Rest Options

September 27, 2017 #aws #encryption #security

This post is going to enumerate some customer data encryption-at-rest options for those customers asking about specific key management choices.  Examples below will refer to AWS specific technologies. No Encryption Although this option may…

Out with HPKP, in with CAA?

August 30, 2017 #http #security

I hadn’t looked at HTTP Public Key Pinning (HPKP) in detail at until Pokemon Go vs. Certificate Pinning, and later realized how bad things could get with HPKP and RansomPKP.  Now, as I read I’m giving up on HPKP from Scott Helme (@Scott…

Amazon RDS and IAM Policy Notes

August 24, 2017 #aws #iam #rds

As a follow up to Amazon RDS and Tag-Based Permissions, this document digs into an IAM policy that restricts by tag value. Took a look at the AWS Managed (Predefined) Policies for Amazon RDS, including  (see Using Identity-Based Policies…

The Frozen Caveman Antipattern

August 8, 2017 #career

That “clickbait” headline is a reference to Unfrozen Caveman Lawyer and based on my favorite part of nealford.com • Knowledge Breadth versus Depth.  However, the most relevant part is the lead up to this pyramid, which illustrates “enhanced…

DataDog APM Tracing HTTP Headers

August 7, 2017 #http #monitoring

Update: Might be obsolete based on Datadog + OpenTracing: Embracing the open standard for APM from December 6, 2017 Do the DataDog APM tracing headers to see if they match Zipkin () or OpenTracing or AWS X-Ray () or anything else? Of course…

Blockchain Programming vs. Web Development

July 21, 2017 #blockchain

Have a read through A hacker stole $31M of Ether — how it happened, and what it means for Ethereum, but make sure to get to section 3 where it compares the mantra of “move fast and break things” vs. the irrevertible code in a smart contact…

Authenticated Encryption with the AWS CLI

June 28, 2017 #aws #cli #encryption

I wanted to understand Authenticated Encryption better as a follow up to my research on Encrypted Properties and AWS IAM Roles. I decide to try and learn interactively, so I saved some “sensitive” data into a file. Then using aws kms…

Creating an AWS IAM Role for sts:AssumedRole

May 15, 2017 #aws #iam #cli

This post is a research summary of tasks relating to creating an IAM role via the CLI: The “trust policy” only included an explicit single member of the role: kevin.hakanson@example.com Test if it works via the CLI, and it does. Update  to…

Amazon RDS and Tag-Based Permissions

April 27, 2017 #aws #iam #rds

AWS Identity-Based, Resource-Based, Resource-Level, and Tag-Based Permissions contains a link to AWS Services That Work with IAM - AWS Identity and Access Management, which has the table of services supporting tag-based permissions. Amazon…

AWS sts:AssumeRole and Condition Keys

April 19, 2017 #aws #iam

In wondering how to restrict roles to only allowed to be assumed from specific EC2 instances, I found Actions and Condition Context Keys for AWS Security Token Service - AWS Identity and Access Management, which lists the key that is used…

AmazonS3EncryptionClient example

April 14, 2017 #aws #java #sdk #encryption

The following code uses the  from the to put an encrypted object into an S3 bucket. Note: When you view this object in the S3 console, it shows “Encryption” as “None” because it was client-side encryption and not server-side. Object Key…

AWS Request IDs

March 8, 2017 #aws #http #monitoring

I was reading Techniques and Tools for Better Serverless API Logging with Amazon API Gateway and AWS Lambda when I came across a reference to the x-amzn-RequestId HTTP response header.  This appears to be a common way for Amazon services to…

CLI SAML Authentication and AWS STS assume-role

March 2, 2017 #aws #iam #cli

When I run a CLI based SAML log in (using an internal tool), I can select from the roles available to my account (e.g., PowerUser or ReadOnly).  I think of these as user roles.  However, IAM roles can also be created and assigned to EC…

Monotonic Time in JavaScript

February 15, 2017 #aws #xray #javascript #monitoring

I was looking at the source code for The AWS X-Ray SDK for Node.js and saw these code snippets: Whenever I see in JavaScript for performance timings, my Spider-Sense tingles. Browsers have  for this, which always returns values that…

Web Browser Secure Contexts

February 14, 2017 #webdev #security

HTTPS - it isn’t just for breakfast authentication anymore. Yeah, I stole that from a Florida Orange Juice 1979 TV commercial. So, what are Secure Contexts anyway? Secure Contexts - Web security | MDN provides full info, but some key…

Profile Picture Performance Problems Pondered

January 28, 2017 #webdev #ux #caching

In researching browser component UX timings for a project, I found some a slow requests. Here is the likely culprit: Well, not Kevin Hakanson the person, but his profile photo which is base64 encoded and included in the body of the JSON…

Yahoo Maps?

January 27, 2017 #random

The other day, I was having a Slack conversation with a co-worker when he replied “true” in agreement with a statement I was making.  My first instinct was to respond “Double True!” due to the SNL Digital Short: Lazy Sunday. Full lyrics…

AWS X-Ray Investigation

January 15, 2017 #aws #xray #javascript #monitoring

In Zipkin JS Investigation and Zipkin JS Investigation (Part 2), I took a simple Express (Node.js) based web application and added zipkin tracing. I updated that application with support for AWS X-Ray (Preview).   The code snippet below was…

Wolfram|Alpha and Pokémon Answers

November 3, 2016 #random #nlp #pokemon

The other day, my daughter had me search for zigzagoon on Wolfram|Alpha: Computational Knowledge Engine.  Apparently, there is a full Pokédex loaded because it knew details like number, type, size, and generation. So, I tried this…

UX Issues with Authenticator Apps

October 17, 2016 #ux #mfa

I recently got a new personal iPhone and realized that none of my accounts stored in Google Authenticator were restored via the iCloud backup restore process.  I thought it might be time to switch authenticator apps to something like Authy…

"I have people skills"

October 11, 2016 #career

The other day, I ran across Why “Relationship Workers” will replace “Knowledge Workers”.  After only reading the title, my first humorous thought was this scene in Office Space. But as I read the article, I understood the core premise…

HPKP and RansomPKP

September 6, 2016 #http #security #webdev

In Pokemon Go vs. Certificate Pinning I explored RFC 7469 - Public Key Pinning Extension for HTTP and the HPKP header.  This looked like something that was complicated to implement if you didn’t have a very mature key management process…

Smaller and faster data compression with Zstandard

September 1, 2016 #webdev

I saw this post from Facebook on their new open source compression algorithm: Smaller and faster data compression with Zstandard | Engineering Blog | Facebook Code. We’re thrilled to announce Zstandard 1.0, a new compression algorithm and…

How IAM Roles Become Credentials on EC2

August 15, 2016 #aws #iam #security

While investigating how to secure S3 buckets using IAM Roles, I was curious how the IAM Role assigned to my EC2 instance became the credentials an AWS based application could use.  IAM Roles for EC2 are the recommended practices, but how…

Categorizing Information Security Topics

July 20, 2016 #security

“Security” as a topic or category can be confusing without additional context. This document attempts to categorize information security topics using industry standard groupings. My internal cloud security group has created a plan which…

Zipkin JS Investigation (Part 2)

July 20, 2016 #javascript #api #monitoring

The continuing story from my Zipkin JS Investigation My zipkin-js issue was fixed a couple days ago when zipkin-js/packages/zipkin-transport-http landed, so I decided to revisit my test project and see how it works. I updated my to use…

Pokemon Go vs. Certificate Pinning

July 11, 2016 #http #security #pokemon

Saw this Tweet from @notdan about the Pokémon Go video game and their lack of certificate pinning: At first, I thought “duh, of course, they should have” but then I realized that I need to understand Certificate and Public Key Pinning…

Software Customization Taxonomy

June 30, 2016 #architecture #saas

Building customizable systems is strategic to selling multi-tenant software. Ideally these system support a number of factors while avoiding decreasing technical health. Global growth with a scalable localization model Customer specific…

Zipkin JS Investigation

June 10, 2016 #javascript #api #monitoring

To better understand the concepts behind Zipkin, I took a look at Zipkin JS (a Zipkin instrumentation implementation for Node.js), including submitting Pull Request #10 and Issue #11 to that project. I wrote this (ugly but) simple Node.js…

AWS WAF vs. ModSecurity

April 25, 2016 #aws #waf #webdev #security

In a recent meeting with the corporate security team, it was mentioned that a Web Application Firewall (WAF) might be the recommendation for cloud projects to protect against XSS and SQL Injection.  The Cloud Security Workstream has done…

Disaster Recovery Taken Meme

March 3, 2016 #random #disasterrecovery

In a review of the technology goals, it was reinforced that products “will test DR” which triggered a flashback to Liam Neeson’s speech from the 2008 movie Taken. “I don’t know who you are. I don’t know what you want. If you are looking for…

WebSequenceDiagrams Notation

March 1, 2016 #uml

https://www.websequencediagrams.com/ supports notation for synchronous calls, asynchronous calls, return calls and activations.  These features are useful for documenting complex interactions with some of the operations happening in the…

AWS DynamoDB and Disaster Recovery

February 29, 2016 #aws #database #disasterrecovery

AWS DynamoDB (managed NoSQL database) appears to lag behind AWS RDS (managed relational database) w.r.t. some disaster recovery features: Backup/Restore Cross Region Replication Encryption at Rest Related Videos: AWS re:Invent 2014 | (SDD…

2015

DevOps and the Myth of Efficiency

December 22, 2015 #devops

Ran across this series of posts on DevOps: DevOps and the Myth of Efficiency, Part I | Java Code Geeks DevOps and the Myth of Efficiency, Part II | Java Code Geeks They draw a distinction between “complicated” and “complex” and make…

Chrome Dev Summit 2015 Notes

December 9, 2015 #webdev

Chrome Dev Summit 2015 Notes is a summary by Daniel O’Connor of the presentations from the Chrome Dev Summit 2015, along with links to the videos.  The term “RAIL” appeared in many of the session titles and is defined below: RAIL: Response…

2025 Customer Challenge Demo Experience

October 28, 2015 #innovation #vui #javascript

For my company’s 2025 Customer Challenge, my finalist pitch included a live demo.  Teams were allowed 3 minutes of pitch time, and I allocated about 30 seconds for this demo.  Things didn’t go exactly as planned, but they did work out in…

Replacement strategy for Google Search Appliance?

September 28, 2015 #webdev #search

During the introductions of an internal Search Experience Community meeting, a product was mentioned that uses the Google Search Appliance (GSA) and was looking to move off of that platform onto Elastic. Some of our products also use a GSA…

2025 Customer Challenge

September 21, 2015 #innovation

September 18 was the close of my company’s 2025 Customer Challenge, and I got my idea submitted right before the deadline:  Algorithmic Business Development Utilizing Intelligent Agents The premise of the innovation challenge was about…

Azure "Search-as-a-Service"

June 3, 2015 #azure #search #nlp

Microsoft Azure Search became generally available in March.  To learn more, I watched some of the videos, including: Azure Search 101 - Getting started with Azure Search with Liam Cavanagh Azure Search 102 - Searching and Mapping Spatial…

Global Search Box as Question Answering

June 1, 2015 #search #ux #nlp

During a product design session, we had a discussion on Global Search covering “what search is” and “what search should be.” I used the following example of question answering as where I see “global search” heading: I can search Google for…

Thoughts on SaaS Customization

April 30, 2015 #architecture #saas

When searching for a definitive reference for SaaS customization, I found this CommitStrip Just an exception they said… comic: On a more serious note, I did find a SaaS Maturity Model from Microsoft (circa 2006) with four levels. Ad Hoc…

WebStorm 10 and TypeScript support

April 10, 2015 #javascript #typescript #webdev

WebStorm 10 now has updated TypeScript support including a built-in TypeScript 1.4 compiler with TypeScript 1.5 support already in the WebStorm 10.0.2 EAP.  To test this out, I opened a simple, sample project where I was playing with…

IP Address as a factor?

April 7, 2015 #security #networking

On a call we “discussed” if IP address could be considered a second factor, including the spoof-ability of IPs. Some excerpts from a Security Stack Exchange question: network - Can IP address be a component of 2-factor authentication…

Facebook GraphQL/Relay and Netflix Falcor

April 1, 2015 #webdev #api #graphql

I have my eye on two new client-side, data-access technologies that will be open sourced “soon”.  They are both trying to solve redundancy and coupling concerns between client-side code/data models and server-side code/HTTP endpoints.  How…

I have a .NET Rocks! mug.

February 12, 2015 #random #javascript #podcast

You may (or may not) have seen: Kevin Hakanson on Twitter: “@richcampbell @jhusain great show; I especially liked the comment selected (thanks for the mug) On 21 January 2015, I was listing to Todd Gardner (@toddhgardner) on .NET Rocks…

2014

JavaScript Static Code Analysis?

November 19, 2014 #javascript #security #codequality

My company’s “Application Security Testing Standard” requires assessing application code with Static Code Analysis or Dynamic Analysis.  The tools currently used for this are from Veracode Static Application Security Testing (SAST), or…

Extending AngularJS $log Concept

October 17, 2014 #javascript #angularjs #monitoring

Logging is an important component of monitoring an application. AngularJS provides $log which is documented as: Simple service for logging. Default implementation safely writes the message into the browser’s console (if present). The main…

Hindi Number Formatting in JavaScript

October 7, 2014 #javascript #i18n

For a project I am consulting on, we were looking at globalization topics in the browser, including support for Hindi.  I have mostly worked with Latin based character sets in my internationalization efforts, so I wanted to dig into the…

I was a victim of internet plagiarism

September 23, 2014 #random #i18n

I often present at developer-focused conferences and user groups on JavaScript and web platform topics.  One presentation I give is on JavaScript Internationalization (initially at the 2013 internal Technology Unconference and most recently…

Page Visibility API

July 3, 2014 #javascript #ux #angularjs

I am taking an online Leadership & Influence for Architects training series with about 20 architects across the company.  The facilitator requested full attention and to avoid the temptation to multi-task.  Of course, I complied, but I…

I love to talk; I hate to type.

June 1, 2014 #random #vui

If you know me, you won’t be surprised that I love to talk. What you may not know, is that I hate to type. Between my poor spelling and my constant typos, I think the key accounts for about 50% of my keystrokes. In fact, typing class was…

cf.Objective() 2014

May 20, 2014 #javascript #encryption #security #conference

Last week I was a speaker at cf.Objective() 2014: The World’s Only Enterprise ColdFusion Conference, giving my Developer’s Guide to JavaScript and Web Cryptography presentation.  It took place May 13-16, 2014 at the Radisson Blu - Mall of…

JSON-LD is an official Web Standard

January 17, 2014 #architecture

Saw a link to JSON-LD is an official Web Standard on Twitter - took me a bit to realize LD was Linked Data.  I could see this being useful in our REST APIs that return JSON. JSON-LD has reached the status of being an official…

The End of Chrome Frame and Chrome for XP Support

October 17, 2013 #webdev

Since Chrome Frame was pushed out to employees to support Workday, we have been seeing some odd browser issues with a few of our applications.  This has led us to “disable” Chrome Frame support by setting the maximum IE version used to IE…

2012

Customer upload speeds?

February 1, 2012 #ux

As newer products are dealing more with uploaded user content than just searching and displaying company content, I was curious about how fast their internet connections are.  I know my online backup trickles compared to my download speeds…

2009

JavaScript vs. JSON encoding

August 3, 2009 #javascript

In the process of converting some JavaScript code which creates an object from a JSON string from using (the evil) eval to using JSON.parse (which is native in IE8 and Firefox 3.5), a strange bug was encountered.  Take the following…

You can’t escape encoding

July 6, 2009 #webdev

Recently I have run across several items where the solution to the problem was a proper understanding of encoding and escaping.  One issue was with the YUICompressor having problems with some of our JavaScript files.  The core issue was…

My first jQuery ticket

May 20, 2009 #javascript #jquery #opensource

Back in May 2009, I created my first jQuery ticket: Use native JSON.parse if available inside ajax.httpData In jQuery.ajax.httpData, would you consider using the native JSON support (​http://www.json.org/js.html) if available? Below is some…

2008

Debugging JavaScript in IE

October 27, 2008 #javascript #webdev

If you have everything set up, you can use Visual Studio to debug JavaScript errors when you hit them in IE7 (IE8 will have debugging built into the developer tools).  You just click “Yes” when the dialog appears.  However, I have don’t…

Ajax Experience 2008 Summary

October 6, 2008 #webdev #conference

Last week, I attended the Ajax Experience 2008 in Boston.  There were a lot of interesting sessions, and I talked with many of the speakers.  Here is a recap of some of the more exciting things I learned. I spent Monday morning at the Dojo…


© 2024 Kevin Hakanson (built with Gatsby)