Sponsorship
Ladder
Having trouble using Linkedin to get career advice and find job opportunities? Ladder is a community-driven career development platform where you have direct access to industry leaders who want to see you succeed. Come join my AMA so you can ask me anything you’d like about how I got to where I am. Just click here and sign up!
Not subscribed to Console? Subscribe now to get a list of new open-source projects curated by an Amazon engineer in your email every week.
Already subscribed? Why not spread the word by forwarding Console to the best engineer you know?
Jobs
Want to be paid for contributing to open-source? Check out the continually updated Console job board!
We’ve got some great open-source jobs from Canonical, SUSE, Brave, and many others. But, we’re looking for more!
If you’re an employer looking to get your job in front of thousands of the best engineers on the planet, you can request to post your job here.
Projects
kratos
Kratos is a Go framework for microservices.
language: Go, stars: 15053, watchers: 406, forks: 3014, issues: 36
last commit: October 15, 2021, first commit: January 10, 2019
social: https://go-kratos.dev/
ArchiveBox
ArchiveBox is open source self-hosted web archiving. Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more…
language: Python, stars: 11943, watchers: 152, forks: 656, issues: 111
last commit: August 11, 2021, first commit: May 05, 2017
social: https://twitter.com/ArchiveBoxApp
Ciphey
Ciphey is a fully automated decryption/decoding/cracking tool, using natural language processing & artificial intelligence, along with some common sense.
language: Python, stars: 8492, watchers: 187, forks: 524, issues: 60
last commit: October 06, 2021, first commit: July 18, 2019
social: https://twitter.com/bee_sec_san
MagInkCal
MagInkCal is an E-Ink Magic Calendar that automatically syncs to Google Calendar and runs off a battery powered Raspberry Pi Zero.
language: Python, stars: 2310, watchers: 34, forks: 60, issues: 3
last commit: October 06, 2021, first commit: September 24, 2021
Console is powered by donations. We use your donations to grow the newsletter readership via advertisement. If you’d like to see the newsletter reach more people, or would just like to show your appreciation for the projects featured in the newsletter, please consider a donation 😊
An Interview With Bee of Ciphey
Hey Bee! Thanks for joining us! Let’s start with your background. Where have you worked in the past, where are you from, how did you learn how to program, what languages or frameworks do you like, etc?
Computer science at the University of Liverpool, I started coding when I was 10 (or 11) in the summer before secondary school in the UK. My first project was actually Ciphey! But back then it was significantly worse.
I use Python and Rust primarily, I love Rust a lot and I've been using it more recently.
What's an opinion you have that most people don't agree with?
Languages, frameworks, all suck. The absolute must important thing is to write simple code. Deciding on React vs Vue is silly. Why sit there deciding when you can just go and build?
What is one app on your phone that you can’t live without that you think others should know about?
I am a very, very big fan of You Need a Budget (YNAB)! I love tracking every penny I spend and optimising my finances :)
If you could dictate that everyone in the world should read one book, what would it be?
The Alchemist by Paulo Coelho, without spoiling it it is truly a great book about achieving your wildest dreams.
If you had to suggest 1 person developers should follow, who would it be?
We've been friends for a few years and she always inspires me. She uses her tech skills for ✨ good ✨ and does a lot of great work. She created a startup to help dementia sufferers, she spends time helping teach other devs and more.
Every time I think about doing something in tech, I think to myself "Is this good? Would Hannah do it?"
I think there's something noble, inspiring and amazing about someone who spends her time choosing to help people instead of chasing the money.
Definitely a lil nugget to follow.
If you could teach every 12 year old in the world one thing, what would it be and why?
You do not have to love or show respect to your parents. It is your choice to make.
If I gave you $10 million to invest in one thing right now, where would you put it?
Sadly, I can't talk about a specific company because I might get done for manipulating the market
However, I am very bullish on tech for good. Even if it doesn't make the greatest return at least my money is doing good for the world.
I saw Hannah's vrcalm app from your previous answer. Are there other "tech for good" start-ups similar to Hannah's that you would recommend people check out?
https://monzo.com/ for banking
https://withplum.com/ for investing / saving
https://share.octopus.energy/blue-loris-13 for renewable energy (that's my referral code, we each get £50 which is enough electricity for 2 months for me!)
https://www.wearewild.com/ for sustainable deoderant
https://zevvle.com/ for mobile phone networks
https://honestmobile.co.uk/ for sustainable & eco-friendly mobile phone networks
I use all of them (apart from phone networks, I am stuck in a contract but I'll be going with Honest after it. Also I don't use Plum anymore, I prefer to invest manually) and I loved them all :)
What are you currently learning?
I'm currently learning Rust (still!) and I've been reading a lot of finance stuff lately. Mostly around the 2008 market crash or cryptocurrency tokenomics.
Tokenomics generally? Or are you looking into specific project tokenomics?
Generally! Although I am looking into becoming a Solana developer. They use Rust, a language I know quite well!
Charles Hoskinson said about language design:
Ethereum - Too abstract, every week they are trying to fix a new bug or exploit
Unknown crypto (?) - Not abstract enough, you need to be a maths major and expert programmer to use it well.
I think Rust solves both of these problems:
Security, so you don't need to spend every week solving exploits
Semi between readable and close to mathematical formulae. You can read the code just fine and get up to scratch in a couple of weeks.
I like that part a lot :)
What have you been listening to lately?
Bad Blood The Final Chapter by John Carryrou, weekly updates on Lizzie Holmes' court proceedings.
How do you separate good project ideas from bad ones?
There is no bad ones, there is only bad implementations. I wrote about this here! https://skerritt.blog/make-popular-open-source-projects/
This is fantastic. I interview a lot of open-source stuff and these tips in your post almost always make the difference between a project getting a lot of traction and getting ignored, even if the software is of the same quality (sometimes even better sadly).
Absolutely, my friend invented a netcat competitor that was super good. Way better than anything out there right now. But, he writes so esoterically you would have never realised it was a networking tool! Sadly he deleted the repo so I can't share :( But it was truly great while it lasted.
Why was Ciphey started?
Al Sweigart of "Automate the Boring Stuff" fame once wrote a book on crypto in Python https://inventwithpython.com/hacking/
I read the book and thought "how hard is it to make a single program that does all of this?" and that's how I did it!!
Where did the name for ciphey come from?
Basically I took Cipher and added a Y to it.
This is a mistake because I should have called it Cyphey, the English word for Cipher. I am on a quest to use English spellings in all of my code (not American). This is quite funny around Hacktoberfest when people submit PRs to "fix grammar issues" and I have to inform them, hey, you American, there's other spellings ya know???? (Reject Americanism, Embrace Tradition)
Are there any overarching goals of ciphey that drive design or implementation?
I want to get to a stage where OffSec is so annoyed by it, they ban it completely from OSCP. Some of my other tools have been banned from the exam :)
What is your typical approach to debugging issues filed in the ciphey repo?
I normally cry my eyes out, eat ice cream and beg God for forgiveness.
Python debugging sucks, at least in Rust I have actual debugging tools!
How do you balance your work on open-source with your day job and other responsibilities?
I work in the UK so that means we don't have those weird 120 hour work weeks that most people seem to have. That means that my day looks like:
Wake up at 7
Workout, meditate, read, enjoy the sunrise
Work 10am to 5pm
5pm onwards I'll do open source if I feel like it
Really not that big of a deal to be honest 😅
Sometimes I'll work past 5pm if I need to, but to be honest 99% of stuff I work on isn't absolutely urgent and can wait until the next day so what's the point 🤷
Also, I work at home from the same desk / room I use for relaxing so if my work time slips into my relax time I am worried my work/life balance will suffer.
Sometimes I work earlier (7am or so) if I am very bored and too injured / achey to workout, but that's because I am bored. However! I will never work past 5pm unless it is absolutely essential. That's me time and I can't take that away from me :)
Do you think any of your projects do more harm than good?
Do you think the creator of the hammer gets upset that people use her tools to kill people? No! My tools do not harm people, I suppose you could use them to cause harm. But the majority of people like them so 🤷
And if they do cause harm, then good ? I mean, the only harm would be to a computer? Destroy all computers, let's go back to farming full time.
If you plan to continue developing ciphey, where do you see the project heading next?
I am rewriting in Rust! :) <3
Do you have any other project ideas that you haven’t started?
Kinda, if I come up with a project idea that I don't have time to work on I'll let one of my friends know so they can get the fame xoxo
You wouldn't mind giving a few to your new friends, the Console readers, would you? 😆
I think the best thing to do is to think. For example, port scanning.
People think you need to scan every port to know if it's open or not.
What if you already knew what was open before scanning? What if you knew what was open before even making a connection to the server?
Now, dear Console reader -- you might think "this is impossible, don't be silly!" and you'd be right. But, it's not 100% impossible.
You can get pretty close to knowing what ports are open before you scan.
People look at these "impossible" ideas and think they can never come up with a solution. You don't need a 100% solution. You only need to get 30% of the way there. Everyone else thought it was impossible until you showed "hey, we can go further than this".
With name-that-hash, people thought it was impossible to tell the difference between NTLM and MD4. But it's not. There are many ways people know the difference:
Crack it
Context
It's just they never thought of applying these to code. Name-that-hash provides you with context. NTLM appears on Windows, MD4 mostly on Linux. Now you know the difference.
It's still an impossible problem, but we are 50% of the way to a solution. And that 50% is way further than anyone else has gotten.Think about it. Do you really need to scan every port to know it's open? You do not.
I'll leave this as an exercise to the reader, the knowledge you'll gain from questioning what's impossible and what isn't, and from realising that you only need to get 30% of the way to a solution is far greater than any project I can give you 😊
Where do you see software development heading next?
Hopefully automated enough that I can become a full time cow hugger ('farmer') and work 1 - 2 hours / week and earn a 6 figure salary.
Where do you see open-source heading next?
Hacktoberfest is soon which means every open source project on the planet will be absolutely spammed by everyone all the time for the smallest of fixes and we will spend all of our time begging GitHub to fix their process.
Do you have any suggestions for someone trying to make their first contribution to an open-source project?
Make your own projects https://skerritt.blog/make-popular-open-source-projects/
Work on open source (I mentor people) http://discord.skerritt.blog
What are the funniest GitHub issues you’ve received while working on ciphey?
Probably the person who commented on a GitHub issue that ciphey should decrypt RSA and complained that we didn't.
Essentially we asked them:
"Let me get this straight. You want us, university students, to break the prime factorisation problem and use that to easily break RSA. And then publish that, for free, on GitHub?"
We got so many "how do you install Python?" comments we literally made a wiki page for it. 😂
We had a similar issue on Hackernews whereby someone was very confused that Ciphey can "break every single encryption known to all of humankind" and was amazed that we had published it on GitHub 😅
I swear those folks never ever click the links before commenting!