Dane Finlay's website

Higher Education

Between 2013 and 2016 I studied and completed a Bachelor's degree in Information Technology (IT) at Macquarie University, majoring in Software Technology.

As the general focus of degrees, majors and individual courses differs between universities and changes over time, I have put together this page that highlights a few things I learnt during my degree.

I have also included quite a few remarks thinking back on the courses now that I am more experienced in many of these areas.

Contents

Programming & Computer Science

I completed many courses on programming and computer science at university (beginner, intermediate and advanced).

Java & Object-oriented Programming (OOP)

Most of the programming courses I completed used Java as the language in lectures and for assignments, tutorials and workshops. I have various complaints about this verbose language, but I am can work with it just fine.

Nowadays I prefer Kotlin for JVM applications because it has pretty good Java interoperability and is much easier to work with once you get the hang of it. The core library is also a very small dependency.

Object-oriented programming was a central theme in these courses, so I am quite familiar with various design patterns and the object-oriented way of doing things. I will say that not every problem you encounter can be nicely solved by using a design pattern: they are not silver bullets and neither is OOP itself, other paradigms may be better depending on the situation.

Theory

I am quite familiar with computational complexity (big O notation), after having it drilled into me in multiple courses throughout my degree. As such, I usually tend to think about it when writing code.

I also completed a course in algorithm design & data structures. So I know the benefits and downsides of using, for example, a HashMap vs an ArrayList. I also learnt about complexity classes and know some problems cannot be solved computationally for all cases (e.g. the Halting problem).

I was required to complete both of Macquarie's discrete mathematics courses. I got a distinction grade in the harder one (77%). That involved things like mathematical proofs, RSA crypto, finite state machines, Turing machines, complex numbers, matrix operations, solving simultaneous equations and recurrence relations (think Fibonacci sequence). It has been a few years since I've had to use most of this stuff though.

Another course I completed was one on knowledge systems. It focused on formal logic, mathematical proofs, some statistical methodology (e.g. Bayesian networks) and logic programming with SWI Prolog. If you know anything about how Prolog works, you'd know that I must have had a good grasp on recursion to work with it for a semester.

Programming Languages

I completed an advanced course on programming languages.

Over the semester we learned about different programming languages and paradigms, how interpreted and compiled programming languages work, how to use parsers to generate abstract syntax trees from source code, analyse & annotate them for compile time errors, as well as interfacing with the underlying language for code execution.

There were three assignments each focusing on part of the compilation / interpretation process involved in writing a new programming language. The language we used during the course was Scala, a language for the JVM that provides functional programming support.

The Scala library we used during the course is Kiama. It is written and maintained by programming languages researchers and lecturers in the MQU computing department. Fun library to work with once you get used to it.

As a side note, this was probably my favourite course! A little while after uni, I applied what I learnt to create my pyjsgf project.

Multi-threading & Parallelism

I learnt how to work with Java threads during my degree. One assignment I did involved re-creating an obscure board game (DVONN) using Java's Swing GUI framework. We had to calculate intelligent next moves for the computer player on one thread and display it on the main thread responsively.

I'm pretty familiar with the concepts of atomic operations, race conditions, the various thread locks you can use and the problems you can run into.

I also have plenty of experience working with threads in Python, including working around a rather annoying threading limitation it has (see Global Interpreter Lock).

End-of-degree Project (web app)

The end-of-degree PACE unit I completed was designed to be a solid practical experience with software engineering in a group. This section is a brief summary of my experience with that unit.

Groups of 4-5 students were to work together to design and produce software for real clients (sponsors). There were two business students and two IT students in my group. Our sponsor wanted a web application that could be used by managers and students for time management and other things specific to their organisation. It was backed by a database.

We were required to document the process very thoroughly using an absolutely ludicrous number of UML diagrams, drafts, reports, specifications, design documents and a user manual. I believe the final deliverable was around 70 pages!

The web application we produced was written in Python using the Bottle web server package and the file-based SQLite database. It allowed multi-user, role-based read/write access to the information stored in the database through a browser.

We worked together using Google Docs, Slack and the Git version control system. These things made it easy for us to all work on the project simultaneously.

Every group was required to organise frequent meetings with the sponsor for figuring out what they wanted the software to do and look like. At the end of semester we did a 10 minute presentation and demo of the software. After that we handed over the mountain of documentation we'd written, plus the actual software and source code.

I would certainly be capable of reproducing something like this using other database solutions, web frameworks and programming languages (e.g. PHP with PostgreSQL or MySQL). I can usually pick up a new languages or frameworks pretty quickly if they are properly documented. There are some implementation details I would change.

Computer Networking

I completed both a general and an advanced computer networking course. We learned the ins and outs of numerous networking protocols on the Data Link (Ethernet), Internet/Network (IP) and Transport (TCP/UDP) network layers. We also had plenty of practical experience making networks between Cisco routers all setup via laptops with serial interfaces.

I have regularly applied what I learnt in these courses to my server and home networking with Linux, Unix and Windows systems.

One fun thing I've done with my networking knowledge at home is set up a wireless bridge between two routers flashed with the DD-WRT and OpenWRT operating systems.

Database Administration

I completed various courses on SQL queries and database modelling, both on paper and with other tools.

To be frank, I don't remember what variant of SQL was used in these courses. It might have been Oracle or MySQL. Whichever one it was, most of what I learnt should apply in all cases except where non-standard SQL extensions are used. In that case, I'm usually pretty quick with finding my way around documentation nowadays.

SQLite was used during two courses and I have used it extensively when working on Android apps to preserve data between app sessions.

This isn't really related, but I learned to work with PostgreSQL after graduating and I've found their documentation delightfully easy to navigate.

Security

I completed several courses that taught me a great deal about security, cryptography, the various ways hackers can exploit vulnerabilities in systems and how to mitigate / prevent them. For example, the importance of valid SSL/TLS certificates and HTTPS setups when handling user credentials. Another obvious mitigation for database breaches (that many sites just don't do!) is securely salting and hashing user passwords with something like Bcrypt.

Related to web development, I learned that data from forms (even with HTTPS) should always be handled with care. Form data is usually used by servers in some sort of database query, meaning that a web-page form could be used to launch an SQL injection attack.

All database solutions and and languages worth their salt have builtin ways of sanitising user input to prevent this and other types of attacks. Unfortunately, many organisations don't take the time to do this. It is astonishing how frequently these attacks can still succeed and do damage to individuals and organisations.

I did not use PostgreSQL during my degree, but working with it afterwards I was impressed with what you can do with PostgreSQL database roles.

As an example, you can set up a dedicated database user for server-side code that handles inserting form data into a database. You can then only grant that user insert access to specific database tables. Then the server-side insertion code could not read or do anyting else other than inserting rows of data into tables.

So even if you do mess up mitigating against SQL injection attacks, roles can provide another line of defence against hackers! Assuming PostgreSQL's security is solid, all an SQL-injecting hacker could do is fill up your disk space instead of dropping your tables, which should be easier to fix :-)

Other Courses

I did undertake and complete other courses of course. Some of them are already covered by other sections (e.g. web design & development). Most of them don't really apply to software development or IT in general.