The Codeumentary Blog

Welcome to my new blog at >illya.sh/blog, a fresh start and a continuation of a journey I began with The Codeumentary Blog. For those unfamiliar, The Codeumentary Blog was my former platform where I shared insights and experiences in Software Engineering and Computer Security. This new space isn’t just a successor; it’s a refined and more focused venture, aiming to delve deeper into an optimized set of topics.

As a nod to the past and a bridge to the future, this inaugural post is dedicated to preserving the essence of The Codeumentary. Here, you’ll find a comprehensive list of all my previous posts, each with a summary and a direct link. I’ve ensured that all original links remain functional, maintaining seamless access to these resources.

This compilation isn’t just about nostalgia or mere documentation. It’s a testament to the evolution of my thoughts and skills. Each article reflects a step in my journey, and I believe they will continue to be valuable resources for readers like you.

So, whether you’re a long-time follower or new to my work, I invite you to explore these articles. They are a window into my growth and a foundation upon which this new blog will build.

The Codeumentary blog can be found at: >illya.sh/the-codeumentary-blog. It has been archived and is no longer being updated. All of the content is available for referrence purposes, and the links to the blog posts will continue to work.

Introduction

Over the years I have produced a wide array of technical content, including articles, videos and short-form content. I have also ran several blogs, with the most prominent one being The Codeumentary Blog, which can be considered a previous iteration of this blog. The Codeumentary covered the topics of the Software Engineering and Computer Security. Every blog post has gotten a non-trivial amount of traction, with some of them, like the Demystifying The Regular Expression That Checks If A Number Is Prime having been included as a part of University syllabus reading, others being referrenced in newspapers, and others simply getting traction and traffic.

Given that there are individuals and systems that are relying on that content, it is important to keep it available. This blog entry serves as a referrence for the content that was previously published on The Codeumentary Blog. Additionally, I have made an effort to preserve the backwards-compatibilty of all of the links, as such all of the links original links to the blog posts will continue to work.

The Codeumentary Blog Posts

Below is the full list of the blog posts from The Codeumentary Blog, alongside a brief summary of each post.

👀 Demystifying The Regular Expression That Checks If A Number Is Prime

• 👉 Link to post
• 📚 Summary: This blog post offers an in-depth explanation of the regular expression .?|(..+?)\1+ used to determine if a number is prime. Tailored for readers with varying levels of regex knowledge, the post breaks down the regex’s functionality in an accessible manner. Not only has this article been incorporated into university syllabi, but it’s also cited in multiple publications. Additionally, I present practical code examples across Java, Python, JavaScript, and Perl to demonstrate the application of this regex in different programming environments. This blog post provides a “zero-to-hero” explanation for anyone seeking to gain in-depth knowldge on advanced regular expression features, such as backreferrences.

🐍 Why You Should Learn Python

• 👉 Link to post
• 📚 Summary I argue for learning Python due to its simplicity and readability, which make it ideal for beginners. Yet, it’s powerful enough for large organizations. From web development to data analysis and machine learning, Python’s versatility is unmatched, and its community provides an excellent support system.

👷‍♀️ Design Patterns Notes - An Overview Of Design Patterns

• 👉 Link to post
• 📚 Summary: I’ve compiled notes on design patterns to share a clear overview. By exploring patterns like Singleton, Factory, and Observer, I aim to help others understand their structure, purpose, and application in software design, providing a foundation for writing better code. I wrote this blog post while studying for an exam on Object Oriented Programming course, while I was at the University. It was written to serve as both: a detailed study guide for myself, and a resource for others to learn about design patterns. As such, you may find this blog post useful if you are learing about design patterns, or if you are looking for a quick, clear, practical, and concise referrence on the topic.

🔓 The Weak Security Of The Portuguese Government’s Authentication System

• 👉 Link to post
• 📚 Summary: I explored the security mechanisms of the Portuguese government’s authentication system and found them lacking. The system’s vulnerabilities could be exploited to compromise user data and privacy.
• 🟢 Responsibe Disclosure: I have followed the responsible disclosure process and reported the vulnerabilities to the responsible agency, describing the vulnerabilities and security issues, as well as offering a more detailed description draft and Proof-Of-Concept code, but obtained no answer. I have made all of the content public more than 90 days after the contact.

🔏 Chave Móvel Digital’s Log Out Button Does Not Log The User Out

• 👉 Link to post
• 📚 Summary: I discovered that Chave Móvel Digital’s logout button doesn’t actually log users out. Despite clicking ‘logout’, your session remains active, posing a significant security risk, especially on shared computers.
• 🟢 Responsibe Disclosure: I have followed the responsible disclosure process and reported the vulnerabilities to the responsible agency, describing the vulnerabilities and security issues, as well as offering a more detailed description draft and Proof-Of-Concept code, but obtained no answer. I have made all of the content public more than 90 days after the contact.

📲 Chave Móvel Digital Phone Number Leakage

• 👉 Link to post
• 📚 Summary: I noticed a serious privacy issue with Chave Móvel Digital where phone numbers were leaked via an API endpoint. This could have led to the exposure of private users’ data, and used a stepping stone for XSS or phishing attacks, highlighting a need for better privacy controls.
• 🟢 Responsibe Disclosure: I have followed the responsible disclosure process and reported the vulnerabilities to the responsible agency, describing the vulnerabilities and security issues, as well as offering a more detailed description draft and Proof-Of-Concept code, but obtained no answer. I have made all of the content public more than 90 days after the contact.

💉 Chave Móvel Digital Multiple XSS Vulnerabilities

• 👉 Link to post
• 📚 Summary: I reported multiple XSS vulnerabilities in Chave Móvel Digital’s system. This could have allowed attackers to inject malicious scripts, posing a threat to users’ security.
• 🟢 Responsibe Disclosure: I have followed the responsible disclosure process and reported the vulnerabilities to the responsible agency, describing the vulnerabilities and security issues, as well as offering a more detailed description draft and Proof-Of-Concept code, but obtained no answer. I have made all of the content public more than 90 days after the contact.

Conclusion

This blog post provided a comprehensive overview of the previous iteration of this blog, The Codeumentary Blog. It also served as a referrence for all of the blog posts that were previously published on The Codeumentary Blog. I have made an effort to preserve the backwards-compatibilty of all of the links, as such all of the links original links to the blog posts will continue to work.

If you have any questions, comments, or suggestions feel free to reach out me at >illya.sh.