The Heartbleed Bug: What You Need to Know

Dominic Lachowicz

April 11, 2014

The Heartbleed Bug is a very serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows hackers to steal information that’s protected under normal conditions by the SSL/TLS encryption – the standard used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs). The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and their sensitive data. This allows attackers to eavesdrop on...

Merchant Warehouse Announces zucchini

Dominic Lachowicz

March 12, 2014

Today Merchant Warehouse is excited to announce that we're open sourcing our extensions to cucumber-jvm, called zucchini. These extensions make it significantly easier to use the popular Behavior-driven Development framework. Zucchini is a set of extensions to the cucumber-jvm Behavior-driven Development framework. These extensions make it significantly easier to use the popular BDD framework. Cucumber lets software development teams describe how software should behave in plain text. The text is written in a business-readable domain-specific language and serves as documentation, automated tests and development-aid - all rolled into one format. We love Cucumber, but it very much feels like a Ruby framework ported to Java. Like square pegs and round holes,...

Merchant Warehouse Open Sources Extensions to Log4net

Dominic Lachowicz

March 5, 2014

More exciting news from the Merchant Warehouse engineering team as they open source the Company’s extensions to log4net, called syslog4net. These extensions allow log4net to inter-operate with Syslog servers, in particular, Splunk. Log4net is the defacto logging standard for the Microsoft .NET runtime. Logging frameworks like log4net enable developers to record events in their application, providing an audit trail that can be used to understand the system’s activity and diagnose problems. Syslog, on the other hand, is an IETF standard for message logging. Syslog can be used for computer system management and security auditing as well as generalized informational, analysis, and debugging messages. With Syslog, software applications and physical devices like printers and routers can send...

Creativity and Teamwork – Merchant Warehouse Hosts Inaugural Hackathon

Dominic Lachowicz

February 27, 2014

In late January, Merchant Warehouse hosted its inaugural Hackathon. Its mission: to unite, rollout, and disrupt. But what exactly is a Hackathon and why would we have them? In a nutshell, a Hackathon is a three-day event where our engineers have free rein to work on projects they think will be useful, fun or cool. The 72-hour extravaganza kicks off with very little fanfare. Heads down - for the next two days, regularly scheduled projects take a back seat while engineers build, code and hack away on something that fascinates them - whether it be an issue they want to solve, a process they’d love to streamline or improve, or something completely fantastical they want to build. They’re encouraged to play around with Merchant Warehouse’s rich wealth of data and they have a chance to...

Saved by the ‘Shark’ – Leveraging a Valuable Tool

Dominic Lachowicz

November 14, 2013

Fifteen years ago Gerald Combs released a little network protocol analyzer called Wireshark (then called Ethereal). At the time it only dissected five protocols and only ran on Linux and Solaris. He decided to share it with the world and released it as open source software. Immediately after the release he started receiving code from people around the world. They had problems similar to his and were able to modify the little analyzer to suit their needs. They were also kind enough to contribute those modifications back. Those contributions haven’t stopped to this day and Wireshark has grown into a mature, feature-rich, award-winning network analysis tool. People around the world use it to troubleshoot networks, develop software and protocols, and to learn about networking...

Leveraging Behavior Driven Development: Making it Work

Dominic Lachowicz

August 27, 2013

A few years ago, I read Eric Evans’ seminal book “Domain-Driven Design” and (more recently) Vaughn Vernon’s equally excellent follow-on “Implementing Domain-Driven Design”. Both of them have had a transformative effect in how I build and design software. In many startups, you’re called on to wear many hats. In addition to traditional development manager and architect roles, I’ve often found myself filling in for product owner and quality assurance roles. Coming from a Lean/Agile background, the way that one typically captures requirements (and to a lesser extent, test cases) is through a User Story’s acceptance criteria. Acceptance criteria are generally expressed as a checklist – they’re how you know when you’re done your job. I’d always felt that – even with my system’s architecture,...

Lean Prototyping: Learning and Doing in Today’s Development World

Dominic Lachowicz

August 21, 2013

It was my Junior year of College at the University of Pennsylvania. I was in CS350, working with Professor Jonathan Smith on the semester’s final project –implementing a basic web browser in Tcl/Tk, complete with JavaScript support via Rhino. I was about a week into the project when I recognized that I’d have to scrap my design and most of the code. In order to implement tables that reflowed, I’d need to rethink how I designed my layout engine and probably throw away a substantial amount of code. I was talking to Professor Smith, lamenting that I’d need to redo so much work. He just stood there and grinned at me. With a fatherly look about him, he calmly walked to his bookshelf and gave me a copy of Fred Brooks’ Mythical Man Month. He said something to the effect of “welcome to software...

Making the Most of Your API: Lessons Learned When You (and a Partner) Aren’t Speaking the Same Language

Dominic Lachowicz

July 30, 2013

Over the past couple of weeks, a few members of our development team have been working part-time to upgrade one of our applications to the latest version of a partner’s SOAP-based API. This partner recently announced that they were (rather abruptly) discontinuing support for the previous version of their API. One of their goals was to maintain API compatibility, so in theory, all that was supposed to be required of us to complete this upgrade was to: Upgrade our operating system (OS) to Windows Server 2008.Import a few new digital certificates into our certificate chain. Our partner was enhancing their system to use a stronger security mechanism.Point our application at a different URI that supposedly supported the same set of SOAP messages. In theory, this should have been a quick...

Technology Leadership – What Keeps Me Up at Night!

Dominic Lachowicz

July 22, 2013

Ask anyone who knows me, and they’ll tell you that I’m crazy. Too many mornings, I’ll wake up at 4 am worried about something at work. More often than not, the cause is a yet-unrealized fear about something at work. Will we hit the deadline? Did we test the right things? Maybe I should send my boss an email about how the big project is going. These are the scary monsters that live under my bed – or perhaps more accurately, in my inbox. I keep a pen and paper on my nightstand so that I can jot them down, and quickly fall back to sleep, knowing that my 6 am awake self will follow up on my 4 am self’s troubles. It turns out that fear and my love of (and biological need for) sleep is a great motivator, so when I’m at work, a single, simple principal governs many of my decisions: What do I...

The Merchant Warehouse Culture Code

Dominic Lachowicz

July 1, 2013

Whether you’re an interviewee or a hiring manager, one of the most important – if not the most important – aspects of hiring is culture. With every candidate I’ve interviewed – and with every company I’ve interviewed at – cultural fit is the one thing I’m looking for above all else. I want to work with brilliant, passionate, motivated, and compassionate people, and I’d expect no less from you. When candidates ask me what Merchant Warehouse’s culture is like, I can (and sometimes do) throw around all sorts of words like “agile” or “lean” – maybe even “fast-paced” or “a startup environment”. And all of those categorizations are true. But they don’t capture the culture we aspire to create. Those are more like side effects of our culture. Good managers realize that culture happens, whether...