Tallan Blog

Tallan’s Experts Share Their Knowledge on Technology, Trends and Solutions to Business Challenges

Category Archive for "Custom Software Development"

Taking a Look at Entity Framework Queries pt 1 (.NET Framework)

If you aren’t familiar, Entity Framework is a powerful open-source object-relational mapping (ORM) framework. Its initial release was back in 2008, so it has grown and evolved quite a bit. I have been using it now, very regularly, for about four years and just wanted to bring to light some tips and the missteps that I have encountered during that time.
I think the most important thing when using EF(Entity Framework) is to be aware of the work it is doing on your behalf.  The best way to see what EF is doing is to simply log it, and for me, that means the output window in Visual Studio, not the database, as you will see, EF does a lot.  So, that being said, it is actually much easier to do than you might expect, and in my mind, there are…

ngrok example

Tunneling Connections to Localhost Using ngrok: Why and How

Anyone who has done web development for any significant length of time has probably had one or more of these situations arise:

I need to expose an API or webhook running locally to an external service or application
My application has external services or integrations that require special handling or emulation when developing locally
I want my deployed application or service in a higher environment to call the endpoint(s) that I am running locally

The common problem here is the need to expose a locally running endpoint to an external service or application. Enter ngrok (https://ngrok.com/).
Ngrok solves this problem by creating and exposing a public url on the ngrok.io domain, and then forwarding the traffic that arrives at that endpoint through to a specified localhost port. Conceptually, it looks something like this:

This diagram was taken directly from https://ngrok.com/product, where the curious can find a…

Release Pipeline View

Azure DevOps Pipelines Deployment Controls

Azure DevOps is a work item tracking, source control, and release management solution provided by Microsoft. It is the cloud-based evolution of Team Foundation Server. If you don’t have a DevOps account, you can get one for free at https://azure.microsoft.com/en-us/services/devops/.
Release Pipelines is a powerful feature of DevOps that allows you to create pipelines to deploy your builds out to your server environments. Let’s say that you are creating a Release Pipeline for your website and you have a separate environment for Dev and Production, both hosted on Azure App Services. When you check code in, you want it to be deployed to your Dev environment automatically through Continuous Integration. This is easily configurable through the Release Pipeline interface.
What about your Production environment though? You want to use the same build artifacts for your Dev and Production environments, so it makes…

Tallan Blog Featured Image

Exploring Buffer Overflows in C, Part Two: The Exploit

Welcome to part two of Exploring Buffer Overflows in C! If you have not taken the time to read the previous article I highly recommend doing so before going any further. In this post, I will be walking you through a simplified version of a buffer overflow exploit and will draw heavily on the vocabulary and theory discussed out in the last post. You can find Part One on Tallan’s Blog here. It also would be helpful to be familiar with hexadecimal numbers, which you can read about here. With that out of the way, let’s get to hacking.
Before We Begin
Before we can start we have to pick a target. Several methods exist to detect potential buffer overflows, ranging from manually reading the code to automated testing. Assuming you do have the source code of a program, searching for insecure…

Tallan Blog Featured Image

YouTube Attempts to Curb Controversial Content

If you’ve ever signed up for a YouTube account, you’re probably more than familiar with YouTube’s head-scratching video recommendations at times. After mounting dissatisfaction over the new recommendation algorithm, which produced too many similar recommendations and videos promoting misinformation, the YouTube team published a January 2019 post indicating that the algorithm is still a work in progress, and announced changes in response to recent feedback.
The new algorithm changes are advertised to be capable of pulling in recommendations from a wider range of topics than before: “on any given day, more than 200 million videos are recommended on the homepage alone.” Contrasting the broadening of topics, YouTube is putting in an effort to reduce videos from being included in the recommendation algorithm which violate the YouTube Community Guidelines, or videos with the potential to misinform users “…such as videos promoting a…

Process

Streamlining ELMAH With A Logging Platform in ASP.NET

Logging and tracing are both critical components of enterprise software development. And yet they are often overlooked or otherwise treated as an afterthought. However, as any programmer worth his or her salt will tell you, proper logging and tracing saves countless hours and headaches when it comes to tracking down bugs in a production environment. To serve these needs, there are numerous logging frameworks to choose from. In this article I am going to explore two popular frameworks and how to best use them together as a comprehensive logging and tracing solution.
Before we begin, let’s define the difference between logging and tracing. Logging is the broad process of recording events that occur in a running software program. The resulting logs include any information about these events that the developer deems necessary. Tracing, on the other hand, is a more specialized…

Getting Started Processing and Converting the Quill.js Delta Format

There are many WYSIWYG (What You See Is What You Get) editors out there just waiting for you to drop them into your website, but one reason to choose Quill.js is for its ability to represent its contents as a JSON (JavaScript Object Notation) object.  Doing so allows you, the developer, to process those contents easily and convert them to another format. Also, it’s free, which is always a good thing.
For this, we will be focusing on some of the basics of how Quill.js expresses its contents in the Delta format and how you might go about processing those contents to fit your needs.  The examples below begin after the JSON string is converted to a C# object. For the features that are being covered here (bold, underline, italic, font color, and numbered/bulleted lists) the class structure might look something…

Exploring Buffer Overflows In C, Part One: Theory

Intro
Cybersecurity is one of the fastest evolving tech fields and the stakes are high. Mistakes can be in the order of millions of dollars. Computers have invaded all aspects of our everyday lives. Although this means I can access millions of cat pictures with the touch of a button, it is dangerous to assume that everyone using a computer is in it for the fuzzy felines. Credit cards, passwords, and social security numbers are moving across the internet just as quickly as cat pictures but with a lucrative black market. There is a lot to gain from a successful hack and hackers will be doing their best to break into the systems we rely on and use daily. Ranging from high-tech exploits such as 2018’s Spectre and Meltdown to low-tech exploits like phishing and social engineering, it is important for…

Design Patterns – Factory Method

The Factory Method design pattern is a creational pattern for simplifying construction of similar objects through means of subclasses and a superclass or interface/class relationships. Makes perfect sense right?  Alright, more simply it helps reduce the complexity of your code when it comes to creating similar objects and taking action with them.
So… where is this pattern helpful?  For the sake of this post, imagine you run a popular website where users can come to get rewards for activities or purchases they have made, and that your site currently only lets users receive payouts from PayPal. More than likely the application will have a lot of code written with only PayPal in mind, scattered throughout the code base with conditional behaviors at every step of the way. Now, let’s imagine that times are changing and your users would rather be paid…

How I Found Myself Involved in #WomenInSTEM

#WomenInSTEM isn’t a movement I ever expected to get involved in, even as recently as six months ago.  That said, I couldn’t be any happier that I’m part of a team that is taking on this subject head-on.
So – backing things up a bit – I joined Tallan in May of 2018.  I quickly noticed that our own office is, by a vast majority, male consultants.  This made it all the more exciting to learn about the scholarship program we put in place at the beginning of 2018 to promote the #WomenInSTEM movement.
Plans to keep the scholarship going in 2019 were in place before my arrival, but the team that put the program together wanted to do more, and I wanted to be a part of that.  I worked with some of our own #WomenInSTEM, alongside a few fantastic educators…

\\\