Posts

All the articles I've posted.

• Finding Vulnerabilities with Bandit

  Published:Sep 24, 2015 |  at 03:37 PM

  Python's dynamic nature makes it hard to catch security vulnerabilities statically. Bandit scans your Python code for common security issues. Learn how to use it to find problems before they reach production.

• 10 Software Talks to Listen to on Your Way to Work

  Published:Sep 10, 2015 |  at 03:17 PM

  I felt like I didn't know enough as a developer, so I started listening to conference talks on my commute. Here are ten of my favorites that genuinely changed how I think about building software.

• Dangerous Python Functions, Part 2

  Originally:Aug 15, 2015 | updated Feb 21, 2026

  In part 2 of my dangerous Python functions series, I cover more risky functions like pickle.loads(), yaml.load(), and tempfile.mktemp(). These can lead to code execution, deserialization attacks, and race conditions.

• Dangerous Python Functions

  Originally:Jul 26, 2015 | updated Feb 21, 2026

  Python's dynamic nature can lead to subtle bugs that are hard to catch. I've created a deck of cards highlighting dangerous Python functions like eval(), exec(), and input() that can cause security vulnerabilities or unexpected behavior.

• The Sunglasses Scam

  Published:Jul 14, 2015 |  at 02:09 PM

  I got banned from Ragnarok Online for "scamming" players with sunglasses. This bizarre experience taught me about cognitive biases and anchoring effects, drawing lessons from Daniel Kahneman's "Thinking, Fast and Slow."

• Intro to Code Reviews talk

  Published:Jun 25, 2015 |  at 08:54 AM

  If you've never participated in a code review, it can be tough to know where to start. I gave this talk at an LA Django meetup to help teams get started with code reviews and make them a regular part of their process.

• Impostor Syndrome and Me

  Published:May 27, 2015 |  at 01:09 PM

  I've struggled with impostor syndrome throughout my career, from my first programming job to joining Amazon. What I've learned about recognizing it and working through those feelings of not being good enough.

• Code Review Best Practices

  Published:May 5, 2015 |  at 08:54 AM

  A comprehensive guide to effective code reviews, covering what to look for in terms of architecture, style, and testing, as well as how to provide constructive feedback.

• Python / Django Talks

  Published:Aug 18, 2014 |  at 07:51 PM

  I started listening to Python and Django conference talks on my commute instead of music, and it's been amazing. Here are my notes and takeaways from some of the most influential talks I've heard.

• Submitting a Patch to CPython

  Published:Aug 3, 2014 |  at 12:32 PM

  I submitted my first patch to CPython, Python's main implementation. The story of how I found a bug, worked with the core developers, and got my contribution accepted into the language.