Craig Stuntz

F# • Compilers • Programming Languages • Functional Programming • Web

Posted by on in Blogs
On Learning Programming and Math at Coursera Coursera, Udacity, MIT Open Courseware, and other such sites are useful to me because they decouple the desire to learn college-level material from the expense and regulations of earning (another) diploma. The latter isn't compelling to me today, but the former certainly is. I've now taken three Coursera courses: Functional Programming Principles in Scala, Social Network Analysis, and Coding the Matrix: Linear Algebra Through Computer Science Applications. I also tried to take Calculus: Singl...

Posted by on in Blogs
Strange Loop Crossword I wrote a 15*15, NYT-style crossword puzzle for Strange Loop. On the NYT difficulty scale, it's roughly a Wednesday-level puzzle. However, it was written for Strange Loop and thus does presume familiarity with functional programming and math, and has a few "inside jokes." You can find the puzzle and the solution on the Strange Loop wiki....
Google's Research on Interviewing Technical Candidates Yesterday's New York Times has a good article on Google's analysis of what works and what does not work when interviewing candidates for technical jobs. This paragraph closely matches my experience: Behavioral interviewing also works — where you’re not giving someone a hypothetical, but you’re starting with a question like, “Give me an example of a time when you solved an analytically difficult problem.” The interesting thing about the behavioral interview is that when you ask somebody to speak...

Posted by on in Blogs
YAML and Remote Code Execution YAML's security risks are in no way limited to Rails or Ruby. YAML documents should be treated as executable code and firewalled accordingly. Deserializing arbitrary types is user-controlled, arbitrary code execution. It's Not Just Ruby A few weeks ago, I had a need to parse Jasmine's jasmine.yml in some C# code. I spent some time looking at existing YAML parsers for .NET and ended up deciding that spending a couple of hours writing a lightweight, purpose-specific parser for jasmine.yml made m...
Faking a placeholder Attribute for an Editable div, and Some CSS Tricks HTML input elements have a placeholder attribute which you can use to show a bit of text to prompt the end user. Although you can make an editable div by using the contenteditable attribute, it will not support the placeholder attribute. I needed to do both, so I ended up reinventing the placeholder attribute for editable divs. Here's how I did it. I wanted the "placeholder" in the editable div to behave as much as possible like a "real" placeholder in an input element. So I started by making...

Posted by on in Blogs
Or, As We Called It Back in 1999, "Tuesday" So this tweet got a lot of attention: potch @potch alias yolo='git commit -am "DEAL WITH IT" && git push -f origin master' I laughed at this, not because it implies some kind of reckless disregard for process and community, but because, in 1999,  at a former employer, when our VCS was Microsoft SourceSafe, this was just the way that we went about our business. Times have changed!...

Posted by on in Blogs
 Review: Coursera Social Network Analysis class I recently completed the Coursera Social Network Analysis class. This was my first time taking a Coursera class. In this post, I will describe my experience with Coursera generally, and review the Social Network Analysis class in particular. Along with several of my colleagues, I took Martin Odersky's Functional Programming Principles in Scala class at the same time. Although I finished my last assignment for that class weeks ago, the class isn't technically complete, so I will reserve commen...

Posted by on in Blogs
The Homomorphic Encryption Patent Land Rush I noticed this morning that Google patent search returns 189 results for the query “homomorphic encryption." I have written about homomorphic encryption in the past; it is a true mathematical breakthrough which has the potential to transform cloud computing security. But the emphasis, here, is on “potential.” There is no fully homomorphic encryption scheme which is efficient enough to be practical for real-world, general-purpose computation. This, apparently, has done nothing to stop the pate...

Posted by on in Blogs
Speaking at "Moving to Better Secure the Cloud" I'll be speaking at a Slashdot/Geeknet "virtual trade show" today. Moving to Better Secure the Cloud: Governance, Risk, and Compliance Management My presentation will be on the potential business impact on the web if an efficient and fully homomorphic encryption system is invented. I'll be speaking sometime in between 3:15 and 4:00 EST, for about 20 minutes. The target audience is CIOs. Sorry for the short notice, but this came together at the last minute!...

Posted by on in Blogs
Ad-hoc SQL/POCO Queries in Entity Framework 4.0 Since version 4.0, the Entity Framework has had the ability to query un-mapped data and project it onto POCOs using ad-hoc SQL. Here, for example, is how we check the current SQL Server version: internal class SqlVersionInfo { public string Edition { get; set; } public string ProductLevel { get; set; } public string ProductVersion { get; set; } } private static SqlVersionInfo GetSqlServerVersion(ObjectContext conte...

Check out more tips and tricks in this development video: