Definitely Secure Bank® returns, this time with a big Cross-Site Scripting (XSS) vulnerability:
To get in character, let’s have you open up your online banking portal and look around. Click here to open Definitely Secure Bank’s website and login. Use any username and any password you want (don’t worry - it’s definitely secure). Keep that tab open for the rest of this post.
Victor is killing it with this Web Security 101 series.
A unique take on explaining Cross-Site Request Forgery (CSRF).
You’re a responsible, hardworking person. You’ve saved up your money over the years at Definitely Secure Bank®. You love Definitely Secure Bank - they’ve always been good to you, plus they make it easy to transfer money via their website. Sweet, right?
You can probably guess where this is headed…
Show us humans a picture of someone in uniform on a mound of dirt throwing a ball and we will quickly tell you we’re looking at baseball. But how do you make a computer come to the same conclusion?
In this post, we’ll explore basic methods for performing VQA and build our own simple implementation in Python
I’ve used Git for over a decade, but it doesn’t matter. Every single time I read a post like this one where somebody shares their aliases/shortcuts/etc, I pick up something new. Every. Single. Time.
What’s fun about this post is Victor also does the math to see if he’s actually saving himself time with all these aliases.
Assuming I type ~100 Git commands in an average 8-hour workday, that’s 550 characters saved, which converts to about one minute saved per day
That isn’t much time saved, but it still feels good, and that counts for something!
Donald Knuth famously said:
The real problem is that programmers have spent far too much time worrying about efficiency in the wrong places and at the wrong times; premature optimization is the root of all evil (or at least most of it) in programming.
You’ve either a) learned this lesson the hard way, b) learned it the easy way (by listening to others’ tales of woe), or you c) should learn it now alongside Victor Zhou as he recounts how he ignored Knuth and wasted a lot of time because of it.
Victor Zhou uses a lot of SVGs on his blog. Do you? So now he optimizes their size as part of his build process. Do you?
62 SVGs minified, reducing the total size from 459322 bytes to 208897 bytes, a reduction of 54.5%! That’s a total of 250 KB, or 4 KB per SVG. Keep in mind that all of my SVGs were already saved in the Optimized SVG format - these savings were on top of already optimized SVGs. If you haven’t thought about minifying your SVGs before, chances are you’d see much more drastic results.
A simple guide to what CNNs are, how they work, and how to build one from scratch in Python.
This buils on Victor’s original intro to Neural Networks that we linked up previously.
We’re talking with Victor Zhou about the explosion of the .io game genre. We talked through all the details around building and running one of these games, the details behind Victor’s super popular game called Generals — which he eventually sold, and we also covered the economics behind creating and selling one of these games.
Victor Zhou has been killin’ it lately with these explainers:
In my opinion, most Machine Learning tutorials aren’t beginner-friendly enough.
Last month, I wrote an introduction to Neural Networks for complete beginners. This post will adopt the same strategy, meaning it again assumes ZERO prior knowledge of machine learning. We’ll learn what Random Forests are and how they work from the ground up.
A simple explanation of Gini Impurity and how it’s used to train decision trees. In brief:
Gini Impurity is the probability of incorrectly classifying a randomly chosen element in the dataset if it were randomly labeled according to the class distribution in the dataset
Click through for the full break down and some helpful examples.
Victor Zhou:
Switching away from Disqus reduced my page weight by over 10x and my network requests by over 6x. Disqus is bloated and sells your data - there are much better alternatives out there.
Disqus has been the de facto comment engine used for dev blogging (especially for SSGs) for years. I’m happy to learn there are less bloated and privacy-focused alternatives out there.
Victor Zhou writing on machine learning for beginners with this introduction to neural networks.
…neural networks aren’t that complicated! The term “neural network” gets used as a buzzword a lot, but in reality they’re often much simpler than people imagine.
This post is intended for complete beginners and assumes ZERO prior knowledge of machine learning. We’ll understand how neural networks work while implementing one from scratch in Python.
