Category Archives: Learning

18 Lessons From 13 Years of Tricky Bugs

In Learning From Your Bugs, I wrote about how I have been keeping track of the most interesting bugs I have come across. I recently reviewed all 194 entries (going back 13 years), to see what lessons I have learned from them. Here are the most important lessons, split into the categories of coding, testing and debugging:


Continue reading

Learning From Your Bugs

DSC_0663Bugs are great learning opportunities. So how do we make sure we learn as much as possible from the bugs we fix? A method I have used for more than 13 years now is to write down a short description of the bug, the fix, and the lessons I learned.

Way back in 2002, I came across a blog post (that I unfortunately can’t find again) that described this method. I have used it ever since, and I believe it has helped me become a better software developer.

Every time I fix a particularly tricky or interesting bug, I take a few minutes to write down some facts about it. Here is an example of a typical entry: Continue reading

Ph.D. or Professional Programmer?

When I graduated from university with a degree in Computer Science, I wanted to continue and get a Ph.D. But I also wanted to work as a software developer, so I worked for five years in industry before going back to do a Ph.D. I spent one year as a Ph.D. student before deciding that I liked professional software development better. Even though this was many years ago, I think some of the lessons I learnt still apply. Continue reading

Social Engineering from Kevin Mitnick

GitWI recently finished reading Ghost in the Wires by Kevin Mitnick. It is the story of Mitnick’s hacking career, from the start in his teens, through becoming the FBI’s most wanted hacker, to spending years in jail before finally being released. It’s a fascinating book that at times reads like a thriller. One of the things that struck me when reading it was how often he used social engineering to gain access to systems. Here are three examples of what he did, and what we can learn from them. Continue reading

Coursera Course Review: Software Security

I just finished taking the course Software Security from the University of Maryland via Coursera. It was a relatively easy course (at least if you know C) that gave an overview of the following areas: buffer overflows and other memory attacks, web security (including SQL injection, CSRF and XSS), secure design, static analysis, symbolic execution, fuzzing and penetration testing. The instructor, professor Michael Hicks, was one of the more pedagogical lecturers I have listened to, and the whole course was quite enjoyable. Continue reading

Lessons Learned in Software Development

Here is my list of heuristics and rules of thumb for software development that I have found useful over the years:

Programming bookshelf



1. Start small, then extend. Whether creating a new system, or adding a feature to an existing system, I always start by making a very simple version with almost none of the required functionality. Then I extend the solution step by step, until it does what it is supposed to. I have never been able to plan everything out in detail from the beginning. Instead, I learn as I go along, and this newly discovered information gets used in the solution.

I like this quote from John Gall:  “A complex system that works is invariably found to have evolved from a simple system that worked.”

Continue reading

Coursera Course Review: Computational Investing Part 1

I recently finished the Coursera course Computational Investing Part 1 by professor Tucker Balch at Georgia Tech. The focus of the course is on portfolio analysis and selection. Almost all the analysis uses the daily closing prices of stocks as the starting point. The concepts are not particularly difficult, and the programming exercises give you good hands-on experience with the different analysis techniques. The assignments are in Python using several tool kits for time series analysis (NumPy, Pandas and the QuantSoftware ToolKit). Continue reading