It is crucial for democracy to work every time and we can’t guarantee that with an online system.

Image for post
Image for post
Photo by Tiffany Tertipes on Unsplash

At last year’s DEF CON, I wandered into a panel with voting industry leaders from the public and private sectors. Towards the end, the facilitator asked the room filled with 200 or so security experts and hackers if they thought the US should have online voting.

Three brave souls raised their hands. They were booed. One put his hand down, looking embarrassed.

Article was last updated 11/08/20

Read the EFF’s concise position on this topic:

Read this Letter to Governors and Secretaries of State on the insecurity of online voting, signed by over 50 (at time of writing, others may be added) researchers and…


I made an AQI to cigarettes converter in React to find out

On September 10th I left my bedroom and the safety of my air purifier to have lunch with my housemates. An hour later I was having my first asthma attack in years. That night the AQI in Portland dipped into the purple zone. The next day, on 9/11, I had 6 people spend the day in my room huddled around my air purifier while the AQI slipped off the charts.

Spending the weekend refreshing the evacuation maps and PurpleAir.com, I realized I know very little about the AQI or Air Quality Index. …


How to crack passwords and speed up your code, all with the power of hashing.

Image for post
Image for post

Hashing is an important topic for programmers and computer science students to be familiar with. This article is specifically targeted to students, and programmers with a few months to a year of coding experience.

What Hashing Is

Hashing: generating a value or values from a string using a mathematical function

Hashes are mostly used for three things:

  1. Storing stuff without actually knowing what it is
  2. As a convenient way to remember where you put something
  3. To make sure the thing you received is the thing you wanted

That’s super confusing but bear with me.

How it works

Hashing is otherwise described as doing a non-reversible operation on a thing that turns it into a completely different thing but would turn into the same thing if you did it again with the same input. …


Tips to get your stories to rank on the first page of Google

Image for post
Image for post
Photo by Gaia Armellin on Unsplash

I recently started to get into a good momentum with publishing on Medium. Around half of my articles show up on the first page of a relevant Google search, but two of them in particular do very well.

“3 Security Pitfalls Every React Dev Should Know” pretty consistently ranks first to third for “react security,” and Google uses my diagrams from “A Gentle Explanation of Logarithmic Time Complexity” to illustrate the search for “logarithmic time complexity.”

Since I’m a tech writer, most of this applies to tech writing. If you’re not a tech writer, there may be some useful information in here, such as how to structure articles and get them out there. …


Understand how shell scripting works to save yourself time and reduce bugs

Image for post
Image for post
Photo by Sereja Ris on Unsplash.

Recently, I refactored an entire deployment setup for a diverse array of apps. That means a big pile of Docker images that all have to be flexible but stable. Some web applications also needed to be restarted in a user-friendly way that displays helpful error messages to developers with a range of skill levels.

It was a lot of work but I sure did get better at Bash scripting. I’m in a good position to write this article because during this project, I wrote down every weird little thing that cost me debugging time.

Bash is so weird that not all of these even fit into one Medium article. For each section, I’ve linked an article or tutorial that goes into more detail. …


Learn what the different user models are in Django and how to use them correctly

The Django project donations icon: a pink pixel art heart.
The Django project donations icon: a pink pixel art heart.

Django has solid docs and strong opinions. One thing it has strong opinions on is user models. There are a few important tips and best practices for starting these off on the right foot. Follow them to avoid migration headaches as your project grows.

This article is meant to be read all the way through. It is especially for beginners but may have some helpful references for more advanced Django developers. If you’re looking for copy-pasteable code snippets instead of an explanation, check out this blog post or look at an example app.

If you’re already experienced with AbstractUser and using profile models, you may want to skip to the recap at the end. …


Image for post
Image for post
Photo by Hubert Mousseigne on Unsplash

Common React vulnerabilities, how to patch them, and how to spot them in a code review

React is my favorite library for making interactive interfaces. It is both easy to use and quite secure! However, That doesn’t mean it’s completely safe. It’s easy to get complacent and think “we don’t have to worry about XSS because we use React” — that’s not the case.

React vulnerabilities most often happen when you think you’re using the library but aren’t. It’s important to know what React does and doesn’t handle for you.

The following are the most common specific mistakes you are likely to make as a React developer. …


Don’t worry, it’s simpler than it sounds

Image for post
Image for post
Photo by Harry Sandhu on Unsplash

If you’re new to computer science, you’ve probably seen a notation that looks something like O(n) or O(log n). That’s time complexity analysis or big-O notation!

It’s a super important concept to understand, at least on an intuitive level, in order to write fast code. There’s also space complexity. It defines how much memory a program might use but we’ll leave that for the next article.

This concept is one of the reasons higher education thinks it needs to make computer science undergrads take years of math classes. …


A few months ago I was looking for an easy way to make my computer unusable for anyone who isn’t me. Petty, maybe, but I know I’m not the only person who hates it when people touch my stuff. It is also satisfying to watch someone grab my laptop without asking, only to have no idea how to use it.

Image for post
Image for post
don’t touch my stuff :) Photo by Andrew Le on Unsplash

After re-wiring some keyboard shortcuts, I wrote aliases to make bash commands do weird stuff. Like making ls display the contents of the wrong directory or act like the user made a typo when they hadn’t. …


Ever wonder how Google searches the entire internet in a fraction of a second?

Image for post
Image for post
Photo by VELOBAR+ on Unsplash

In computer science, we’re always worrying about the n, the number of operations our code has to do for how much data we have.

One approach to searching is to just go through everything in order: look at every word on a page and see if it matches what you’re looking for. In that case, your runtime would be linear because, for each n or word we have to look at, the program will run one unit slower.

If a program did that for this article and searched for the word ‘fish’ for example, it wouldn’t be a big deal because our n is relatively small. …

About

Jasmine Webb

Developer and appsec researcher living in Portland, Oregon.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store