ladieswhocode 20130508: adventures in paranoia with sinatra+sequel, and networking

ladieswhocode is an informal meeting that takes place every month in London (and I understand other cities too, but I haven’t been there so I can’t tell!). At the beginning I was a bit skeptical as I’m not a big proponent of gender division–I’d rather prefer everyone, no matter the gender, to be able to sit in the same room and listen to speakers of any gender as well. But after attending a few meetings I can understand why some women rather not go to the usual, 99% male, technical meetings. There’s quite a bit of fear about not being good enough, and it’s quite interesting to listen to more female developers share experiences that I thought were unique and isolated to my case… but apparently are not.

And it’s madly knowledgeable people like Eleanor McHugh that can inspire potentially amazing female developers to shed all fear and show their true skills. At the latest ladieswhocode meeting, Eleanor gave a “half talk”, as she shamelessly admitted it to be. See–it’s OK to be wrong, and it’s even better to admit it. She hadn’t been able to completely prepare the talk, but stepped forward to do it anyway, and filled the missing slides by drawing on a whiteboard (although I think it’s better when speakers don’t use slides at all, anyway).

I first heard about Eleanor many years ago, when I was subscribed to the ruby user group mailing list in London. She was there too, and whenever she posted I was like: well! she knows what she’s doing! But our paths never crossed, so to speak. She would go to one meeting, I went to another. She would give a talk at a conference, I wasn’t able to attend. And so on…

Fast forward several years. A couple of months ago, I was back in London and Belen is updating me on all the recent developments on the London scene. And she tells me she has met Eleanor at one of the ladieswhocode meetings! So I thought, well, that is interesting, I must attend too–even though, as I said already, I wasn’t too keen on the segregation idea.

Since it was my holidays week before starting work at my new place, I decided I wouldn’t bring my laptop to this month’s meeting. I would just show up, and network with people, or help anyone who needed help with web stuff. That seemed way more helpful than bringing a laptop to work on something, and not being able to either work at all (because of the constant chit-chatting) or help anyone (because I was supposed to be doing my own stuff). And then I discovered that Eleanor was going to be there and give a talk! Yay! Perfect plan!

Her talk had a quite misleading title: “Adventures in paranoia with Sinatra and Sequel”. Then she opened it by saying that she was going to talk about encrypting a database, which was even more confusing. I thought she would be encrypting and decrypting the entire database file and it just seemed overkill to me.

But I was quite wrong. In fact, she provided us with quite a lot of interesting ideas that, if implemented, could alleviate many of the issues we face as back-end developers, and that pretty much boil down to: what to do when the data in our site gets compromised?

Because it’s not a question of “if” but a question of “when”, if we are truly paranoid. A proper developer should have a good amount of paranoia if she’s responsible for the data gathered by a website, and should think “of the worst” more often than we usually do.

So Eleanor’s talk was basically about how to use a mix of symmetric and public-key cryptography in order to obscure in a computationally intense way some fields in the database. Discussions and name dropping of techniques on how to do this with Ruby ensued, including quite a lot of metaprogramming, and using the SecureRandom library that I learnt about while building our Hackday app! I felt really proud of knowing about that little piece of paranoid programming! 😀

Some interesting ideas that were discussed:

  • encrypt with public/private key the most sensitive fields in the database. E.g. the email addresses
  • hash the encrypted fields you want to do a search on, so you can still search on them (of course add an INDEX too!)
  • expire keys frequently–say, a 10 minutes interval. So if something is insecure for a while, it’s only for a small window of time.

I haven’t done much new back-end programming for a while (mostly maintenance and extending with mini functionality), but I have a few new projects in mind and I’d like to build them with Javascript using node.js for a change (yeah, call the hipster brigade). So since it’s something built from scratch, it could be a good opportunity to apply these techniques and see how they perform. According to Eleanor, they are feasible with Ruby. But will Javascript’s metaprogramming capabilities be on par with Ruby’s? That’s something that I’ll have to investigate. More reporting on this will follow in due time.

Apart from Eleanor’s talk, I also had the opportunity to chat with Angie Maguire, co-organiser of the event, for a few minutes before she ran to welcome some newcomers. But I think I’d rather let her announce whatever she had in mind (just in case she told me some privileged information!).

I also talked with some regulars and non-regulars I hadn’t talked to before, and it was really nice to discuss new ideas and approaches from them–so my plan of not bringing the laptop and network instead worked really well, and I’m quite tempted to continue doing so in the future.

So here’s a call to any lady/woman/girl interested in getting to grips with programming but slightly scared to do so for whatever the reason: come to the meetings! Hopefully more of you will lose the fear and get into IT, and at some moment in the future there won’t be any reason for holding ladieswhocode meetings (unless it’s for remembering old glories, that is!)

NOTE: this post was supposed to be finished and posted past week, but a sudden surge in my socialising activities and a week away from London in sunny Mountain View meant my thoughts were elsewhere. Please excuse any date inconsistencies!

2 Replies to “ladieswhocode 20130508: adventures in paranoia with sinatra+sequel, and networking”

  1. I was also initially skeptical of women-only tech meetups as I’ve always believed coding – like all intellectual pursuits – can and should transcend gender divisions. However having attended a number of LWC meetups as well as a couple of London Girl Geek Dinner events I’ve come to appreciate the very different social dynamic compared to general tech meetups.

    It’s basically nice to have events I can attend and let my shields down (though that might not have been apparent at the last LWC as I always find public speaking very stressful and draining). At mixed-gender events the truth is that I’ll be lucky if 1% of the turnout are women, so essentially they’re male events at which I’m an interloper – no matter how welcome! – and that can be very wearing.

    Also unless people already know my work I find a noticeable minority of the younger devs at those events will be both boorish and dismissive of my opinions, and on occasion I’ve been accused of being arrogant for expressing views which if co Inge from male friends might still be considered controversial but wouldn’t be dismissed either ut of and or ad hominem. The accusation of arrogance itself doesn’t bother me – there’s a lot of truth to it – but the double standard does.

    If I were just starting out I don’t think the average tech meetup would make me feel welcome enough to come back for second helpings, and as beginners need a social support network to keep them encouraged when they hit the many pain points in learning to be a programmer that’s a huge problem. This is the for men starting out in coding as well, but it sees more likely to me that they’ll find the mentorship they need in such a setting.

    I was coding all the way through my teens, and what kept me going through the initial hurdles was having friends to share ideas and experiences with. That became even more true at Uni where computing was only a small adjunct to my physics degree and I could easily have lost the bug in favour of other interests (or even doing coursework!). The downside was that in both cases I had to mix in exclusively male circles to get that support and I’d be lying if I said that didn’t involve embracing many cultural norms which didn’t come naturally to me, and building a persona which has been a mixed blessing in subsequent decades.

    Ladies Who Code along with Rails Bridge and similar initiatives in the JS community is part of a much broader cultural shift that’ll hopefully restore some gender balance to the technical world. We need women to feel at home with coding because otherwise the IT industry not only ignores our opinions, it also ignores the opinions of a majority of men to whom its cultural norms are equally bizarre.

  2. Absolutely! I had to adjust to the “99.99% male” world and as you say the persona we have to build is a mixed blessing.

    And definitely we need such broader cultural shift. For example, stop assuming women working in a tech company is probably in Marketing.

Comments are closed.