<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Przemek, Author at Yumasoft</title>
	<atom:link href="https://blog.yumasoft.pl/author/przemek/feed/" rel="self" type="application/rss+xml" />
	<link>https://blog.yumasoft.pl/author/przemek/</link>
	<description>Software development blog</description>
	<lastBuildDate>Fri, 18 Jun 2021 08:50:35 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0.1</generator>

<image>
	<url>https://blog.yumasoft.pl/wp-content/uploads/2021/05/cropped-yumasoft_icon_transparent-32x32.png</url>
	<title>Przemek, Author at Yumasoft</title>
	<link>https://blog.yumasoft.pl/author/przemek/</link>
	<width>32</width>
	<height>32</height>
</image> 
	<item>
		<title>What does it mean to have an SSL?</title>
		<link>https://blog.yumasoft.pl/2020/11/what-does-it-mean-to-have-an-ssl/</link>
					<comments>https://blog.yumasoft.pl/2020/11/what-does-it-mean-to-have-an-ssl/#respond</comments>
		
		<dc:creator><![CDATA[Przemek]]></dc:creator>
		<pubDate>Tue, 17 Nov 2020 09:53:08 +0000</pubDate>
				<category><![CDATA[Programming]]></category>
		<guid isPermaLink="false">https://blog.yumasoft.pl/?p=156</guid>

					<description><![CDATA[<p>Now that the whole world is using encrypted connections, our privacy becomes more important as we do more and more things online. Connections to banks, official, medical matters. On top of that, there is the Covid 19 pandemic that moved our lives even further into the online world. Nobody currently imagines that someone could eavesdrop&#8230;</p>
<p>The post <a rel="nofollow" href="https://blog.yumasoft.pl/2020/11/what-does-it-mean-to-have-an-ssl/">What does it mean to have an SSL?</a> appeared first on <a rel="nofollow" href="https://blog.yumasoft.pl">Yumasoft</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Now that the whole world is using encrypted connections, our privacy becomes more important as we do more and more things online. Connections to banks, official, medical matters. On top of that, there is the Covid 19 pandemic that moved our lives even further into the online world. Nobody currently imagines that someone could eavesdrop on our transmission. Encrypted connections protect our privacy. Everyone says “we need to make it so that there is an SSL.”, but what does it really mean if something has an SSL? The following article should explain a bit.</p>



<span id="more-156"></span>



<p class="wp-block-paragraph">For information, for people a bit more tech-savvy — in this article I use the SSL abbreviation as an encrypted connection of any type and version. We no longer use SSL. Or rather TLS — a new version that has replaced the old SSL. I would not like to focus on the mechanisms, how it works under the hood, but rather on what it gives to the end user.</p>



<p class="wp-block-paragraph">Have you ever wondered how DNS servers work and what do they have to do with SSL? The website sejm.gov.pl allows you to open with a secured and unsecured protocol, so it is a good example for our tests. Consider this situation:</p>



<p class="wp-block-paragraph"><a href="http://sejm.gov.pl/">http://sejm.gov.pl/</a>&nbsp;&#8211; a website unsecured with an SSL<br><a href="https://sejm.gov.pl/">https://sejm.gov.pl/</a>&nbsp;&#8211; a website secured with an SSL<br><a href="https://yumasoft.co.uk/blogpost/194.41.12.17">194.41.12.17</a>&nbsp;– the IP address of the website sejm.gov.pl<br>Entering the website&nbsp;<a href="http://sejm.gov.pl/">http://sejm.gov.pl/</a>&nbsp;we will see something like this:</p>



<figure class="wp-block-image"><img decoding="async" src="https://strapi.yumasoft.pl/uploads/89b8f2cbe7e04b20b4b59137be859c04.png" alt="text"/></figure>



<p class="wp-block-paragraph">The inscription “Not secure” warns us about an unsecured connection, but everything is in place and the site works fine.</p>



<p class="wp-block-paragraph">If we wanted to bypass DNS and go to the same page using the IP address, it would look like this:</p>



<figure class="wp-block-image"><img decoding="async" src="https://strapi.yumasoft.pl/uploads/e72f7d6a07c44476996f5540504dc90e.png" alt="text"/></figure>



<p class="wp-block-paragraph">Nothing really changes. Not a huge discovery, is it? ?<br>So let&#8217;s consider an encrypted connection:</p>



<figure class="wp-block-image"><img decoding="async" src="https://strapi.yumasoft.pl/uploads/bac45a2902c94d2b850fed2f16154ea1.png" alt="text"/></figure>



<p class="wp-block-paragraph">Everything works just fine.</p>



<p class="wp-block-paragraph">How about without DNS?</p>



<figure class="wp-block-image"><img decoding="async" src="https://strapi.yumasoft.pl/uploads/c1e44abae84d4001aae10db6975adf7f.png" alt="text"/></figure>



<p class="wp-block-paragraph">And here we have a problem. Why is the page not loading? We are using the correct address, we are using https, so it should be ok! We take the first steps to find a bad certificate.</p>



<figure class="wp-block-image"><img decoding="async" src="https://strapi.yumasoft.pl/uploads/232c377153c245c48bd68cc1b1ae665c.png" alt="text"/></figure>



<p class="wp-block-paragraph">Hmmm, even the certificate is correct… So why won&#8217;t the browser let us in? What happens when we ignore the error and use this website? Is our connection encrypted? Is it safe?</p>



<p class="wp-block-paragraph">Answering briefly to the above-mentioned questions:</p>



<ol class="wp-block-list"><li>1. Yes, the connection is encrypted. The SSL certificate itself does not have to be trusted to establish a secure communication channel between the server and the browser.</li><li>2. Is it safe? It depends — in this case we are safe.</li><li>3. In this case, by ignoring the error, we tell the browser that we want to view this page, even though its certificate does not match the address we typed into the search bar.</li></ol>



<h4 class="wp-block-heading" id="thenwhydoweneedcertificates">Then why do we need certificates?</h4>



<p class="wp-block-paragraph">The website we are on is verified with a certificate. The address for which the certificate was issued MUST be the same as the address in our browser address bar. Otherwise, even if the certificate is valid, we will be informed about the problems.</p>



<h4 class="wp-block-heading" id="howdoesmycomputerknowthatthecertificateisvalid">How does my computer know that the certificate is valid?</h4>



<p class="wp-block-paragraph">In the operating system, we have saved certification authorities that we trust, we can freely modify their list, e.g. add ours. Here it is important to use a system with limited privileges on a daily basis — only the administrator is able to add a new trusted certificate. So the hands-tied virus runs on a restricted account.<br>In the previous picture, we looked at the sejm.gov.pl website certificate, the issuer Certum Trusted Network CA was at the top of the certification path — it is trusted because it is in the store of trusted certificates of my computer.</p>



<figure class="wp-block-image"><img decoding="async" src="https://strapi.yumasoft.pl/uploads/c56c9e0864224f5c883942687f09fbcc.png" alt="text"/></figure>



<p class="wp-block-paragraph">Because the certificates are saved in operating systems, the number of companies that issue them is quite limited. Theoretically, anyone can issue a certificate for any domain, e.g. using the free OpenSSL tool, but what if we as the issuer are not trusted by others? We won&#8217;t be able to attack this way.</p>



<p class="wp-block-paragraph">The website certification process itself can be simple and fast — e.g. in the case of static websites where we do not provide any sensitive data. The certificate provider then only checks whether the page for which we want to generate the certificate exists and whether it belongs to us. Free certificates for basic features have been available for purchase for some time, issued by Let&#8217;s Encrypt. It can also be more complex, e.g. in the case of banks — suppliers carefully verify whether the company exists, what the company does, and how they apply security measures. The difference can then be seen in the certificate preview, browsers distinguish these stronger certificates, e.g. by showing the name of the company for which it is issued.</p>



<figure class="wp-block-image"><img decoding="async" src="https://strapi.yumasoft.pl/uploads/71112a303b0b44e4872c2579ffff9871.png" alt="text"/></figure>



<p class="wp-block-paragraph">Regular certificates can be certificates for a single domain, or wildcard certificates — for all sub pages at the same time, as above — *sejm.gov.pl Thanks to this, the same certificate can also be used on the website.&nbsp;<a href="https://posiedzenia.sejm.gov.pl/">https://posiedzenia.sejm.gov.pl</a>, or&nbsp;<a href="https://poslowie.sejm.gov.pl/">https://poslowie.sejm.gov.pl</a>.</p>



<p class="wp-block-paragraph">Stronger certificates are always issued only to a specific domain — this significantly increases the costs of issuing certificates for many sub pages, but provides better protection when the certificate is used only in 1 place. For example, the ING Bank has a person certified for the home page and for the login page.</p>



<figure class="wp-block-image"><img decoding="async" src="https://strapi.yumasoft.pl/uploads/7348786c1adc42feafdaed7eb21dc87c.png" alt="text"/></figure>



<h4 class="wp-block-heading" id="whydowestoreandverifycertificatesofcertificationauthoritieslocallyinsteadofaskingatrustedserverifthecertificateisok">Why do we store and verify certificates of certification authorities locally instead of asking a trusted server if the certificate is ok?</h4>



<ol class="wp-block-list"><li>1. We connect to the Internet in various places, we do not know network administrators, Internet providers, etc. It would not be wise to trust everyone that they will send our packages asking for verification to the right place.</li><li>2. To make changes to our computer, we must have administrator rights.</li><li>3. Our computer can thus detect suspicious network activity — just this discrepancy between the certificate and the website we are on. For example, if the Internet provider changed our DNS servers, or directed traffic not where we would like it — for example, a bank&#8217;s bank website. In the screen below, I redirected my traffic from pkobp.pl to wp.pl, the browser immediately picked up the trick. ?<br><img decoding="async" src="https://strapi.yumasoft.pl/uploads/a0a3fc3434e84aadb3a5a4b9919d2f9f.png" alt="text"></li><li>4. As a result, the network traffic is much lower</li><li>5. Where would it be the “internet center” that tells us that the certificate is ok? The Internet is a distributed network and in the event of failure of one region with the current solution, everything works smoothly.</li></ol>



<h4 class="wp-block-heading" id="insummary">In summary</h4>



<p class="wp-block-paragraph">SSL / TLS, apart from and all protocols based on them, provide us not only with encryption between us and the server, they also make sure that the pages we visit are the ones we want to see. They are designed to immunize us as much as possible against attacks by hackers or dishonest administrators. The above examples were based on websites, but identical processes are used, for example, when sending e-mails, connecting to application servers, etc. and in each of these cases, we should use trusted certificates, even if they sometimes cost a lot of money. When writing the program, let&#8217;s not cut corners, an SSL connection without a certificate from a trusted provider is not worth much, because anyone can redirect our traffic anywhere, and our program will accept such a certificate anyway. Anyone can issue a certificate for any domain, but not everyone can issue a trusted certificate.</p>



<p class="wp-block-paragraph"><img decoding="async" src="https://strapi.yumasoft.pl/uploads/3bca325c45444df2bd142f7f9b927306.png" alt="text"><br>Anyone can set it up and use it, and you wouldn&#8217;t want to create an account here, would you? ?</p>
<p>The post <a rel="nofollow" href="https://blog.yumasoft.pl/2020/11/what-does-it-mean-to-have-an-ssl/">What does it mean to have an SSL?</a> appeared first on <a rel="nofollow" href="https://blog.yumasoft.pl">Yumasoft</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://blog.yumasoft.pl/2020/11/what-does-it-mean-to-have-an-ssl/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>The 4DEVELOPERS Katowice 2019 conference</title>
		<link>https://blog.yumasoft.pl/2020/04/the-4developers-katowice-2019-conference/</link>
					<comments>https://blog.yumasoft.pl/2020/04/the-4developers-katowice-2019-conference/#respond</comments>
		
		<dc:creator><![CDATA[Przemek]]></dc:creator>
		<pubDate>Mon, 06 Apr 2020 14:41:00 +0000</pubDate>
				<category><![CDATA[Conferences]]></category>
		<category><![CDATA[4developers]]></category>
		<category><![CDATA[4developers 2019]]></category>
		<category><![CDATA[4developers2019]]></category>
		<guid isPermaLink="false">https://blog.yumasoft.pl/?p=54</guid>

					<description><![CDATA[<p>On October 21, 2019 I had the pleasure to participate in the Silesian edition of the 4DEVELOPERS conference in Katowice, which is the Silesian edition of the largest technology festival for programmers in Poland. The conference was addressed mainly to programmers who are familiar with Microsoft technologies. There were 32 lectures given by 32 speakers,&#8230;</p>
<p>The post <a rel="nofollow" href="https://blog.yumasoft.pl/2020/04/the-4developers-katowice-2019-conference/">The 4DEVELOPERS Katowice 2019 conference</a> appeared first on <a rel="nofollow" href="https://blog.yumasoft.pl">Yumasoft</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">On October 21, 2019 I had the pleasure to participate in the Silesian edition of the 4DEVELOPERS conference in Katowice, which is the Silesian edition of the largest technology festival for programmers in Poland. The conference was addressed mainly to programmers who are familiar with Microsoft technologies. There were 32 lectures given by 32 speakers, and around 400 participants attended the entire event.</p>



<span id="more-54"></span>



<p class="wp-block-paragraph">The event was divided into 4 thematic paths:</p>



<ul class="wp-block-list"><li>&#8211; NET</li><li>&#8211; Application Architecture</li><li>&#8211; Cloud Computing</li><li>&#8211; JavaScript</li></ul>



<p class="wp-block-paragraph">I was mainly interested in the .Net and Application Architecture paths.</p>



<h3 class="wp-block-heading" id="buildyoursoftwareonsolidfoundationsapplicationarchitecturemarcinbada">Build your software on solid foundations (Application Architecture) &#8211; Marcin Bałda</h3>



<p class="wp-block-paragraph">Comparison of the process of building a house to creating software. The lecture was mainly devoted to discussing SOLID principles that allow for production of high-quality software. The author focused on the importance of the application skeleton design and building solid foundations for future functionalities. The lecture was based only on theoretical issues.</p>



<div class="wp-block-image"><figure class="aligncenter"><img decoding="async" src="https://strapi.yumasoft.pl/uploads/b523345030b645148cf580bd4be63dff.png" alt="text"/><figcaption><em><strong>SOLID concept</strong></em></figcaption></figure></div>



<p class="wp-block-paragraph">Useful links:<br><a href="https://4developers.org.pl/lecture_katowice_2019/#id=55567">Lecture description &#8211; in Polish</a><br><a href="https://scotch.io/bar-talk/s-o-l-i-d-the-first-five-principles-of-object-oriented-design">https://scotch.io/bar-talk/s-o-l-i-d-the-first-five-principles-of-object-oriented-design</a></p>



<h3 class="wp-block-heading" id="restserviceswithawslambdaandnetcorenetmarcinbada">REST Services with AWS Lambda and .Net Core (.NET) &#8211; Marcin Bałda</h3>



<p class="wp-block-paragraph">Presentation of the capabilities of the AWS Lambda platform in .NET projects. The speaker showed that .NET also works well with cloud services other than Microsoft Azure. He built a small application connecting to the AWS cloud and introduced its basic functions, such as recognizing objects in images and categorizing them using artificial intelligence.</p>



<p class="wp-block-paragraph">Useful links:<br><a href="https://aws.amazon.com/blogs/compute/developing-net-core-aws-lambda-functions/">https://aws.amazon.com/blogs/compute/developing-net-core-aws-lambda-functions/</a></p>



<h3 class="wp-block-heading" id="portsandadaptersapplicationarchitecturedominikprzybysz">Ports and Adapters (Application Architecture) &#8211; Dominik Przybysz</h3>



<p class="wp-block-paragraph">A very interesting lecture on ports and adapters architecture and a comparison with the layered architecture, which is currently the most widely used. Thanks to ports and adapters, we can freely change the operation of the application, and also easily scale its individual elements. This architecture also allows us to freely divide a monolithic application into microservices, as well as cooperate with various data suppliers/recipients. During the lecture, Domain Driven Design concepts and suggestions on how to model the application using the DDD approach were also addressed.</p>



<div class="wp-block-image"><figure class="aligncenter"><img decoding="async" src="https://strapi.yumasoft.pl/uploads/4006ec5ec6d241d48e9717e968f3c7ff.png" alt="text"/><figcaption><em><strong>Ports and adapters architecture</strong></em></figcaption></figure></div>



<p class="wp-block-paragraph">Useful links:<br><a href="https://github.com/alien11689/ports-and-adapters-example">https://github.com/alien11689/ports-and-adapters-example</a><br><a href="https://en.wikipedia.org/wiki/Domain-driven_design">https://en.wikipedia.org/wiki/Domain-driven_design</a><br><a href="https://herbertograca.com/2017/09/14/ports-adapters-architecture/">https://herbertograca.com/2017/09/14/ports-adapters-architecture/</a></p>



<h3 class="wp-block-heading" id="securedomainapplicationarchitecturedominikprzybysz">Secure Domain (Application Architecture) – Dominik Przybysz</h3>



<p class="wp-block-paragraph">The lecture was about the most common mistakes programmers make when writing code. The author presented various situations where the programmer, knowing the assumptions of e.g. Clean Architecture, misinterpreted them so that the application was built on weak foundations and thus difficult to expand in the future. The speaker also presented tools that help create better code and better define application domains.</p>



<p class="wp-block-paragraph">Useful links:<br><a href="https://www.youtube.com/watch?v=F-HA6ujsm1c">Video from the conference – in Polish</a></p>



<h3 class="wp-block-heading" id="historyofasynchronousinnetmarcintyborowski">History of Asynchronous in .NET &#8211; Marcin Tyborowski</h3>



<p class="wp-block-paragraph">During the lecture, the author presented the history of asynchronous programming in .NET and discussed the pros and cons of different approaches.</p>



<ul class="wp-block-list"><li>&#8211; Thread and Threadpool &#8211; the first approach to multithreading in .NET: creating threads is very expensive and without proper control we can easily cause memory leaks</li><li>&#8211; APM &#8211; a very non-intuitive approach, because of which multi-threaded applications have become illegible to programmers without a solid understanding of multithreading; it does not work in .NET Core</li><li>&#8211; Event-based asynchronous pattern &#8211; a much easier approach than APM, but still the code is very different from the synchronous code</li><li>&#8211; Task Parallel Library &#8211; thread creation is fast, adding lambda expressions has greatly increased the readability of the code, but the code is still different from the synchronous code</li><li>&#8211; Async / await &#8211; the final version of multithreading in .NET &#8211; easy, understandable and fast</li></ul>



<p class="wp-block-paragraph">Useful links:<br><a href="https://tyborowski.it/history-of-asynchronous-in-net/">https://tyborowski.it/history-of-asynchronous-in-net/</a><br><a href="https://github.com/tbr09/Multithreading">https://github.com/tbr09/Multithreading</a></p>



<h3 class="wp-block-heading" id="makeyourapplicationsintelligentshorttutorialhowyoucanaddartificialintelligencetoyourappsnetmichajankowski">Make your applications intelligent – short tutorial how you can add artificial intelligence to your apps (.NET) – Michał Jankowski</h3>



<p class="wp-block-paragraph">Overview of how you can quickly turn a simple application into an application that uses artificial intelligence, based on the example of creating a photo storage program. Thanks to the Cognitive Service, the cloud automatically recognizes unauthorized photos, such as pornographic material with approximately 99% efficiency. This significantly reduces the amount of work needed to check all photos. Cognitive Services also allows you to describe photos and thus categorize them. During the presentation the lecturer created a program connecting to Cognitive Services.</p>



<div class="wp-block-image"><figure class="aligncenter"><img decoding="async" src="https://strapi.yumasoft.pl/uploads/7018048c402449ea931937950e9f8731.png" alt="text"/><figcaption><em><strong>Cognitive Service AI usage example</strong></em></figcaption></figure></div>



<p class="wp-block-paragraph">Useful links:<br><a href="https://www.youtube.com/watch?v=IBCqHy27ndE">https://www.youtube.com/watch?v=IBCqHy27ndE</a><br><a href="https://azure.microsoft.com/en-us/services/cognitive-services/">https://azure.microsoft.com/en-us/services/cognitive-services/</a></p>



<h3 class="wp-block-heading" id="cleandomainmodeldomaindrivendesigntacticallyandpracticallynetkamilgrzybek">Clean Domain Model: Domain-Driven Design tactically and practically (.NET) &#8211; Kamil Grzybek</h3>



<p class="wp-block-paragraph">During the presentation, the lecturer discussed how to practically implement a clean domain model using DDD and C#. The author showed many examples of how to conduct a conversation about the proper domain of the application. During the presentation it was also shown how to avoid primitive types in the program and how to write unit tests correctly for code written in this way. During the presentation, a modular monolith created with the DDD principles was presented as a counterweight to currently very popular microservices, which are also used where they do not make sense.</p>



<p class="wp-block-paragraph">Useful links:<br><a href="https://drive.google.com/file/d/1Gwgojc1y6d9FI_jgF8o-_JSJXnrtWkvL/view">Lecture slides &#8211; in Polish</a><br><a href="https://github.com/kgrzybek/modular-monolith-with-ddd">https://github.com/kgrzybek/modular-monolith-with-ddd</a><a href="https://yumasoft.pl/blogpost/11"></a></p>
<p>The post <a rel="nofollow" href="https://blog.yumasoft.pl/2020/04/the-4developers-katowice-2019-conference/">The 4DEVELOPERS Katowice 2019 conference</a> appeared first on <a rel="nofollow" href="https://blog.yumasoft.pl">Yumasoft</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://blog.yumasoft.pl/2020/04/the-4developers-katowice-2019-conference/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
	</channel>
</rss>
