Victor Zhou Avatar

Victor Zhou

Victor Zhou victorzhou.com

An interactive guide to XSS attacks

Definitely Secure Bank® returns, this time with a big Cross-Site Scripting (XSS) vulnerability:

To get in character, let’s have you open up your online banking portal and look around. Click here to open Definitely Secure Bank’s website and login. Use any username and any password you want (don’t worry - it’s definitely secure). Keep that tab open for the rest of this post.

Victor is killing it with this Web Security 101 series.

Victor Zhou victorzhou.com

An interactive CSRF demo

A unique take on explaining Cross-Site Request Forgery (CSRF).

You’re a responsible, hardworking person. You’ve saved up your money over the years at Definitely Secure Bank®. You love Definitely Secure Bank - they’ve always been good to you, plus they make it easy to transfer money via their website. Sweet, right?

You can probably guess where this is headed…

Victor Zhou victorzhou.com

A gentle introduction to Visual Question Answering using neural networks

Show us humans a picture of someone in uniform on a mound of dirt throwing a ball and we will quickly tell you we’re looking at baseball. But how do you make a computer come to the same conclusion?

Visual Question Answering

In this post, we’ll explore basic methods for performing VQA and build our own simple implementation in Python

Victor Zhou victorzhou.com

Git aliases I use (because I'm lazy)

I’ve used Git for over a decade, but it doesn’t matter. Every single time I read a post like this one where somebody shares their aliases/shortcuts/etc, I pick up something new. Every. Single. Time.

What’s fun about this post is Victor also does the math to see if he’s actually saving himself time with all these aliases.

Assuming I type ~100 Git commands in an average 8-hour workday, that’s 550 characters saved, which converts to about one minute saved per day

That isn’t much time saved, but it still feels good, and that counts for something!

Victor Zhou victorzhou.com

How I fell into the trap of premature optimization

Donald Knuth famously said:

The real problem is that programmers have spent far too much time worrying about efficiency in the wrong places and at the wrong times; premature optimization is the root of all evil (or at least most of it) in programming.

You’ve either a) learned this lesson the hard way, b) learned it the easy way (by listening to others’ tales of woe), or you c) should learn it now alongside Victor Zhou as he recounts how he ignored Knuth and wasted a lot of time because of it.

Victor Zhou victorzhou.com

Minify Your SVGs

Victor Zhou uses a lot of SVGs on his blog. Do you? So now he optimizes their size as part of his build process. Do you?

62 SVGs minified, reducing the total size from 459322 bytes to 208897 bytes, a reduction of 54.5%! That’s a total of 250 KB, or 4 KB per SVG. Keep in mind that all of my SVGs were already saved in the Optimized SVG format - these savings were on top of already optimized SVGs. If you haven’t thought about minifying your SVGs before, chances are you’d see much more drastic results.

Victor Zhou victorzhou.com

Random Forests for complete beginners

Victor Zhou has been killin’ it lately with these explainers:

In my opinion, most Machine Learning tutorials aren’t beginner-friendly enough.

Last month, I wrote an introduction to Neural Networks for complete beginners. This post will adopt the same strategy, meaning it again assumes ZERO prior knowledge of machine learning. We’ll learn what Random Forests are and how they work from the ground up.

Victor Zhou victorzhou.com

How decision trees are trained 🌲

A simple explanation of Gini Impurity and how it’s used to train decision trees. In brief:

Gini Impurity is the probability of incorrectly classifying a randomly chosen element in the dataset if it were randomly labeled according to the class distribution in the dataset

Click through for the full break down and some helpful examples.

Victor Zhou victorzhou.com

Why I replaced Disqus and you should too

Victor Zhou:

Switching away from Disqus reduced my page weight by over 10x and my network requests by over 6x. Disqus is bloated and sells your data - there are much better alternatives out there.

Disqus has been the de facto comment engine used for dev blogging (especially for SSGs) for years. I’m happy to learn there are less bloated and privacy-focused alternatives out there.

Victor Zhou victorzhou.com

Machine learning for beginners

Victor Zhou writing on machine learning for beginners with this introduction to neural networks.

…neural networks aren’t that complicated! The term “neural network” gets used as a buzzword a lot, but in reality they’re often much simpler than people imagine.

This post is intended for complete beginners and assumes ZERO prior knowledge of machine learning. We’ll understand how neural networks work while implementing one from scratch in Python.

Player art
  0:00 / 0:00