Console 37

Dexter, Social, and PostgREST

Sponsorships

Triplebyte Compiler

Compiler is a blog by Triplebyte that's all about software engineering job seeking, learning, and productivity. Want to put your best foot forward toward growing your career this year? Check out Compiler's library of helpful reads and then take a stab at Triplebyte's wide offering of programming assessments that let you (and hiring companies) know how your skills stack up. Get started here.


social-analyzer

Social Analyzer is an API, CLI, and Web App for analyzing and finding a person’s profile across 300+ social-media websites, with new social-media websites regularly updated in the repo.

language: JavaScript, stars: 3283, watchers: 204, forks: 164, issues: 2

last commit: January 24, 2021, first commit: November 30, 2020

postgrest

PostgREST serves a fully RESTful API from any existing PostgreSQL database. It provides a cleaner, more standards-compliant, faster API than you are likely to write from scratch.

language: Haskell, stars: 16410, watchers: 363, forks: 756, issues: 132

last commit: January 22, 2021, first commit: June 17, 2014

https://twitter.com/postgrest_org

cs-video-courses

cs-video-courses contains a list of Computer Science courses with video lectures.

stars: 18777, watchers: 957, forks: 2620, issues: 3

last commit: January 16, 2021, first commit: October 21, 2016

dexter

Dexter is a voice controlled assistant, akin to Google Home and Alexa, running on a Raspberry Pi.

language: Python, stars: 92, watchers: 3, forks: 3, issues: 0

last commit: January 18, 2021, first commit: July 27, 2018


Help Wanted

If you’re interested in posting a help wanted ad for your project to thousands of open-source developers, send an email to console.substack@gmail.com


An Interview With Giga Alqeeq of Social-Analyzer

Hey Giga! Let’s start out with your background. Where have you worked in the past, how did you learn to program, and what are your favorite programming languages?

I go by Giga, I'm the owner and developer of a startup named QeeqBox. I work on transitioning some of my closed-source projects to the open-source model (40+ projects). Most of those projects are in the security field, specifically the malware prevention and detection fields. My vision is to finish refactoring the projects by 2022.  

My first experience with programming was at the age of 12. We had an MPC-2 with the BASIC compiler and a few pre-installed games. After school, I'd spend time reading and learning BASIC commands.

In 2006, I started freelancing globally in reverse engineering, security tools development & pen-testing. It was a great experience because I worked on many diverse projects. During that time, I developed my closed-source projects which helped me accomplish freelance tasks efficiently. 

I'm familiar with different programming languages, because I've always been interested in learning past methods and combining newer techniques, but my favorite programming languages are Assembly and C.

What are you currently learning?

I've been spending time learning more about startups in the U.S. I'm still new to the startup space, but I'm learning and am happy with the pace moving forward. For example, I have been listening to the audiobook called Zero to One: Notes on Startups, or How to Build the Future by Peter Thiel

Why was Social-Analyzer started?

Social-Analyzer was a closed-source project that I developed back in 2012. It was used to find & analyze profiles related to cyberbullying, cyber-grooming, cyberstalking, and spreading misinformation. Having an automated process that facilitated finding profiles helped the investigation process by focusing on gathering results vs spending time looking for profiles. It also helped to connect patterns by analyzing the gathered results. 

On November 30th, 2020, I finished transitioning Social-Analyzer and published it on my Github organization account. It took a couple of months to finish the entire transition process. It's been great to see the progress the project has made on different levels. I've been excited and thankful for the positive feedback it's received recently. It's helped me keep a steady pace in continuing to build. The work experience and job search experience in the U.S. can be discouraging, but the feedback helps affirm that hard work pays off.  

What is the most challenging problem that’s been solved in Social-Analyzer, so far?

There were 2 challenges that I faced.

1) Implementing a custom multi-layer detection module - This module is not an easy model to understand because of the different layers. Combining those layers produces a rate value that starts from 0 to 100 (no-maybe-yes). Writing a detection in this model may take additional time to understand & test.

2) Reverse Detections - This specific type of detection is not commonly used, it's the opposite of the common detection seen nowadays. An easy way to explain it is: When you have a detection, you are detecting on a string; whereas, in reverse detection, you are not detecting on a string. In both types, detections are valid and counted as a hit!

What is your typical approach to debugging issues filed in the Social-Analyzer repo?

My typical approach in debugging issues filed in Social-Analyzer repo is to split the issue ticket into 2 separate parts- issue scenario & issue fix, using my own dedicated issues tracker. I start by adding gathered information from users into the issue scenario. Based on the gathered information, I then try to reproduce that issue on my dedicated testing system. This system generates many logs that take time to analyze, but they are very helpful. I analyze the logs until I find the root cause of the issue. Once found, I fill the issue fix with a properly tested solution. I will then assign severity (critical, high, medium, or low). This helps me to decide whether or not to fix the issue on the platform and to determine the best time of day to make the update. I keep the user updated with the processes being made. 

Dedicated testing system? Could you say more about that?

My Dedicated Testing System (Macaw) is a project I created years ago. It's a complex Python environment that automates given tasks or commands in different virtual machines. Macaw is used for testing proposes, but sometimes I use it to automate processes through the REST API. Also, it's connected with different platforms such as Github & AWS.

Any plans to open-source Macaw?

I am not sure yet. It’s something I will definitely think about!

Is Social-Analyzer intended to eventually be monetized?

Social-Analyzer and all current QeeqBox projects are free to use. My current goals are to have my work associated with QeeqBox/Giga, and to share information with security communities. If users would like to sponsor the projects, thank you! Keeping the projects up to date takes effort and Github has recently approved the sponsorship option on current QeeqBox projects. 

My projects are developed in a modular approach, which allows adding or removing modules (plugins) from a project. I follow that approach because I always like to keep my options open. 

How do you balance your work on open-source with your day job and other responsibilities?

I try my best to balance my day. However, my schedule requires flexibility because my Dedicated Testing System runs 24/7. If something does not go right, then I get a notification from it regardless of my Pacific standard time zone. 

What is the best way for a new developer to contribute to Social-Analyzer?

The best way to contribute to Social-Analyzer is by reading the contributing file and Wiki file. The contributing file contains issue and pull request examples. The wiki file contains a lot of documentation on how to write your detections. 

Do you have any suggestions for someone trying to make their first contribution to an open-source project?

Sometimes new contributors get discouraged because their first contribution is not implemented. I encourage them to ask why it's not implemented, rather than being discouraged. Maybe their contribution is good, but it cannot be implemented due to internal procedures or because it may cause conflict with future features, etc. 

Do you think any of your projects do more harm than good?

My projects are intended to be used for good, my hope is they continue to be used positively. Having good cybersecurity ethics is very important to me. 

Are you at all concerned about the "atomic bomb" aspect mentioned in this Reddit comment?

Thanks for sharing the Reddit comments. It's important that users are aware of their public presence, sometimes it's “out of sight out of mind” because we are eager to be part of a new social media platform. I believe it's helpful to be aware of what becomes public information and have a better handle on our social Internet presence.


Like what you saw here? Why not share it?

Share

Or, better yet, share Console!

Share Console

Also, don’t forget to subscribe to get a list of new open-source projects curated by an Amazon software engineer directly in your email every week.