Oregon State University|blogs.oregonstate.edu

Archives: November, 2023


The Infamous smallsh… November 24th, 2023

From Dread and Tears to Growth and Triumph

It was Fall of 2020 when I began my first term in the Post-Bacc Computer Science program at Oregon State University. To say I was nervous would be an understatement. I knew coming into the program that it was not going to be an easy endeavor. With the reputation computer science has, being conceptually difficult to grasp and requiring specific skills and abilities, I wasn’t sure if I was going to sink or swim. 

Being new to programming, I knew that these first few courses were going to be crucial and would set the tone for the rest of the program. With that mindset, I gave everything I had to learn the material and build the foundation I needed to succeed in this program. After successfully completing my first term and feeling that I truly grasped the concepts taught, my confidence began to grow. The more classes I completed, the more I started to think that I might actually be able to do this. That was until I took Operating Systems I.

Operating Systems is notorious for being one of the most difficult courses in the program and one project in particular ‘smallsh’ had the reputation of breaking even the most confident of students. One of things that makes this course so difficult is that it is taught in C language, and for most students, this was their first time using it. 

I had heard horror stories about this project, so I knew that if I was going to conquer it, I would need to start early and utilize every tool available. Though even with this, the struggle started immediately. It seemed like as soon as I figured out one problem, another would arise. This led to hours and hours of reading, testing, designing, redesigning, retesting and oftentimes winding up with no progress made. 

All that confidence I had gained leading up to the course was suddenly shattered. Feeling frustrated and defeated, I started to question whether I could do it. Even though these feelings were agonizing, ultimately it would prove to teach me one of the best lessons I’ve learned. Just keep going. With each problem I solved in this assignment, my confidence slowly began to come back, which gave me the drive to solve the next problem, then the next. After days of grinding and figuring out solutions, I ran the test script provided to check if our programs had met the assignment criteria. Seeing that test script come back with 150/150 points and knowing that I had completed something that had built up in my head as being impossible, was a feeling of accomplishment I had felt only a handful of times in my life.

To this day, this moment sticks out as the biggest success throughout this program and continues to help me achieve newer and bigger goals in my life.

Read the post...


Docker For The Win! November 4th, 2023

If you are new to this blog and have not seen my initial post, I am currently enrolled in my final course of the Oregon State University Post Bacc. Computer Science Program. This final course is the Capstone Project that ties in and demonstrates all of the knowledge I have gained during this time.

For my project, I am working with two other individuals. Our team for this project is researching the top 10 web application vulnerabilities and authoring a write up that explains in detail each of the vulnerabilities, as well as a how-to guide to secure any web application against such attacks. To accompany our write up, we have also created two versions of a web application that acts as a faux online store. The first version of the web application is vulnerable to all of the web attacks covered in our write ups and the second version is secured against these same attacks.

In the beginning stages of development for this project, our team had a long discussion about how we were going to deploy our two web applications. We knew that we would need them to run simultaneously and that they could be run on a user’s local machine. What we ultimately decided on was Docker.

Docker is a technology that uses images and containers to create a virtual environment, preset with all the configurations and dependencies installed for your individual needs. A Docker Image is virtual environment built by a developer. The Docker image allows any user to build this what is know as a Container, out this image. The container will hold a running version of that image that can be changed, manipulated, deconstructed, etc. All while maintaining the original version of the environment in the image.

Because we need two version of our web application, Docker is the ideal option as we are able to create two images, one image that holds the vulnerable site and one that holds the secure site. Users are able to run a container of each image at the same time and manipulate code in order to practice their data security in an isolated sandbox. When the user is finished, they can simply close the current container and start fresh using the original image environment.

Not only does this make it easy for anyone to run our web application, but it saves user time by having all dependencies already defined and able to be installed on a container rather than their local computer. Even more, Docker images are far more efficient than other technology, such as virtual machines.

Docker sounds almost too good to be true. The reality is that for a user of a Docker image, it truly is that good. However, for a developer of a Docker image, this technology comes with some pitfalls. The biggest pitfall of Docker is the build time. What I mean by this that as a developer builds a web application, they want to be able to test it. For apps that are large and contain many dependencies, the time it takes for Docker to create an image is agonizing. If a change needs to be made to the image, even something as minute as adding a comment, the entire Docker image must be built again. This includes reinstalling all of the dependencies that are already installed on the current image. In my case, for my group’s web application, this averages 5 to 6 minutes.

Docker could be greatly improved if this issue was addressed and that in the building of the Docker Image, the install is able to recognize where changes have been made in the image and update only those pieces that were modified.

Read the post...