XING Devblog

X-Sessions mobile – Another great XING API event

Posted by Diana Knodel Filed under API

After an awesome kick-off event to the X-Sessions in November 2013, the second event – X-Sessions mobile – took place at the Hamburg XING office on 27 March. We wanted to bring together XING developers, partners and anyone interested in our API and the growing XING ecosystem. The XING API team and the mobile teams welcomed about 80 guests from all over Germany and the Netherlands to our office in Hamburg.

X-Sessions mobile

X-Sessions mobile – Talks, networking, interactive session & food.

Talks, showcases, trends

The event started with a lightning talk by Taner Kizilok about the past, present and future of mobility. After this opening talk, two partners presented XING API showcases and their experiences with the XING API: Tobias Balling presented Blinkist, an app that gives key insights from non-fiction books in just 15 minutes. They integrated the XING login into their app and XING Premium users get to use their wonderful service for free for one year. Afterwards Niels Linnemann talked about Contaxt – a XING app that helps you sort your contacts in different contexts. That way you can easily see who you met with as well as when and where.

The partner talks were followed up by a more technical approach to things. Piet Brauer presented the iOS SDK for the XING API and did a live hack on stage. The SDK is developed and maintained by the mobile team and publicly available for other developers. The final talk before the networking break was by Jan Ahrens, speaking about messaging apps, their architecture, and how to make them more secure. He closed this great talk by questioning whether secure XING messaging would be of interest…?!

Five talks in one hour – it was time for a break. There was music, food, drinks and time to meet and network with other API enthusiasts. Afterwards Alexey Krivitsky took over and moderated an inspiring interactive session: He compared APIs to humans, organised a speed dating event for different APIs and generated a firework of ideas. It ended with an API cocktail party and great ideas for new apps based on the XING API. After this, real cocktails were served which were a welcome refreshment for all guests. The evening event was rounded off with cocktails, networking, table football and great discussions! Thanks to all of the speakers and guests who made this an awesome event!

So what’s next?

We have more events in the pipeline to help us regularly connect with our community and partners and exchange and learn about new ideas and needs. You can meet us at the API Days in May or in Hamburg at the Hamburg Geekettes and OpenTechSchool Hackathon in June in Hamburg. If you’re interested in attending one or both of these events, please contact us at api-support@xing.com. We have some free tickets to give away and would be happy to meet you there!

 

 


Posted by Ingo Chao

Filed under Security

Heartbleed

Die verfügbaren Schwachstellen-Tests haben von Anfang an XING als “nicht betroffen” vom Heartbleed-Bug eingestuft. Qualys-SSL-Labs

Unsere Loadbalancer waren vom Heartbleed-Bug nicht betroffen und wir mussten daher keine neuen Softwareversionen einspielen. Diese Geräte verteilen die eingehenden Anfragen von außen auf unsere Applikationsserver.

Die API für externe Applikationen war nicht betroffen. Wir haben bereits diejenigen Entwickler kontaktiert, deren eigene Server für die Kommunikation mit uns wiederum vom Heartbleed-Bug betroffen sein könnten.

Es kann noch keine Aussage getroffen werden, wann die Browser invalidierte SSL-Zertifikate als solche erkennen und folgerichtig ablehnen.

Die schwierige Frage ist, wann die Anwender beginnen sollten, ihre Passwörter zu ändern, die sie im Internet nutzen (also für alle von ihnen benutzte Services im WWW und für E-Mail etc.). Die Verschlüsselung im Internet basiert auf einer Vertrauenskette.

Solange sich auch nur ein ungepatchtes System in der Kette befindet und damit ein SSL-Zertifikat als potentiell kompromittiert zu bezeichnen ist, können diese neuen Passwörter in dem Moment ihrer Eingabe theoretisch gleich wieder abfließen. Daher empfehlen wir Ihnen nach dem gegenwärtigen Kenntnisstand noch nicht, Ihre Passwörter zu ändern. Wir werden Sie bei neuen Erkenntnissen umgehend informieren und weitere Maßnahmen einleiten.


German Perl Workshop 2014

Last week, the German Perl community headed to the city of Hanover for the 16th edition of the German Perl Workshop. More than 100 participants came together for talks and hacking. The workshop was much smaller than the YAPC::EU conferences, which gave it the feeling of a family gathering where many long-term community members met with a number of newbies.

The talks covered a broad range of topics including modern web frameworks, web automation, Perl 6 details, uncommon perl use cases, dev ops and deployment as well as functional programming.

Perl camels

Perl camels @ GPW

Sawyer X gave us an update about the current state of the perl-based web framework dancer 2, including a short trip to dancer’s history as a sinatra port. Matt S. Trout presented us his view on devops and configuration management, while Ovid succesfully took apart several common assumptions about software testing. If you’re into web automation, Max Maischein‘s WWW::Mechanize::PhantomJS might also be worth a look. XING was also present with my talk about the architecture behind xing.com and the tools we use to develop, deploy and monitor it.

While generally a single-track event, this year’s workshop featured a 3-hour tutorial about designing and implementing a REST API in parallel to the talks. And, of course, lightning talks were not missing from this workshop either. Nowadays popular in many different tech communities, they’ve been a highlight of many perl events for ages. Workshop participants were able to claim 5-minute talking slots short notice and present their most recent work, announce upcoming events or point the audience to whatever might be of interest to them. As usual, this resulted in a nice mix of very different topics, ranging from ‘Why CGI.pm must die‘ to IPv6. Julian Knocke contributed a lightning talk about the Perl module WWW::Curl::UserAgent built here at XING to overcome some issues we’ve experienced with other perl-based user agents.

Since I briefly mentioned our monitoring tool logjam in my talk, several people approached us over the following days in order to learn more about logjam and how it helps us to find programming errors and performance hot spots. To follow up on that, Julian Knocke quickly prepared another lightning talk to provide more information about logjam and how we use it at XING.

All of the talks including the lightning talks were recorded and will be are available on YouTube.


Posted by Diana Knodel

Filed under API

X-Sessions – The Preface: It was great!

X-Sessions

The kick-off event to the X-Sessions – a series of events about the API – took place on 22 November 2013. Following on from the public launch of the XING API in December 2012, we were now very happy to organize our first event in Hamburg, bringing together our community, partners and anyone interested in learning more about our API and the growing ecosystem. More than 80 guests from all over Germany, Switzerland and the Netherlands attended.

→ Read more…


Refreshing XING’s Mobile Website

Every two months, XING gives its developer and product teams a week away from their everyday work to come up with great ideas for XING and then turn them into reality. During the last innovation week held at the start of November, two Rails and three front end developers got together to work on touch.xing.com.

The aim of their project was to modernise the mobile platform’s code and add some great new features.

→ Read more…


Challenges for a developer: Harmonising advertising and customer satisfaction

Or, to put it another way, “How iFrames became smart and (a bit more) secure”

A lot of people, including customers, developers and interaction and user experience designers, immediately feel uneasy when they hear the word “advertising”. Adding advertisements to a page is always going to slow down performance, and moving things around due to ad placements could lead to features being less prominent.

When it comes to the visual experience, not much can be done about that from a customer perspective as advertisements bring in money. Actually a developer could think of it as being part and parcel of his salary.

You might be asking yourself why this blog article is part of the developer blog… but keeping reading and you’ll find out (and be surprised ;-) ) what XING did from a technical perspective because customer satisfaction is a matter of both design AND performance.

→ Read more…


Posted by Paweł Król

Filed under Everything else

Perl impressions after YAPC::EU 2013

Another YAPC::EU conference series was held in the beautiful city of Kiev in Ukraine on August 12-14, 2013. It was my second visit to a YAPC::EU conference, and I had made up my mind to visit it a year ago while attending YAPC::EU 2012 in Frankfurt, Germany. Back then I was truly impressed by the vibrant atmosphere in the Perl community and the numerous ideas that people had regarding the advancement of an almost 25-year old programming language. I very soon confirmed that not attending the YAPC in Kiev would have been a crime.

→ Read more…