Jay Paulynice

My scratchpad where I write about coding, startups, music, weight lifting, hiking, and life in general.

Author: Jay (page 1 of 2)

Building A Home Theater

One of the projects I’ve undertaken this summer is building a home theater in one of my spare bedrooms. The project isn’t complete yet, but these are some of the pictures so far. I decided to use that room because it has a lot of potential to be pitch black given there is only one large window on the side.

While the setup isn’t complete yet, I’ve been quite impressed so far with the quality.

Watching Star Wars: The Force Awakens:

Watching Predator, aka the manliest movie ever made! (The epic handshake between Arnie and Carl Weathers…)

Student Pilot Certificate

This summer has been perhaps my best summer ever. While summer officially began a week ago, I’ve been making a lot of progress on projects I’ve always wanted to do, but never had the time to. So far I’ve picked up the guitar, got into serious shape (close to being shredded…), hiked a few times up north, road tripped mostly around New England, Toronto, and Montreal, got rid of most of my social media accounts (Facebook, Twitter, Instagram, etc.) and read almost a book per week. I’ve also been attending more meet-up groups in order to stay in the loop on new programming paradigms, AI, and machine learning.

Most exciting, today, I took the first steps in getting a private pilot license, which are getting an aviation medical exam (AME) as well as applying for a student pilot certificate through the Integrated Airman Certification and Rating Application (IACRA) website.

Before going to the exam, I completed the FAA MedXPress application, which is pretty simple. The medical exam is just like a physical with a few more tests for hearing, vision, and color. The fee was $150. This is the only fee I’ve had to pay at this point, but I’m sure there may be more coming.

I’ve been doing a lot of research and most of it is available through a simple google search. I’ve always been fascinated with airplanes since high school and always wanted to build airplanes, but my career of course took a different path towards writing code.

I will update this post as soon as I get the actual physical certificates in the mail, which should take a couple weeks. With due time, I hope to complete my private pilot certificate and become a real pilot.

Hiking Mount Monadnock

I went hiking today for just the second time this year and I climbed to the top of Mount Monadnock. According to the Wikipedia page, it is one of the most hiked mountains in the world and has been frequented by the likes of Thoreau and Emerson. Given the rich history of the mountain, I wanted to experience the thrill of climbing it as well.

On the way to the top, I took the white dot trail, which is the steepest way to reach the summit. I was surprised by how steep it is. It wasn’t difficult, but it wasn’t cake either. In some cases, I used my hands to crawl up the rocks while some people I met going down slid down the flat rocks to reach the next point.

On the way down, I opted for the white cross trail. While it isn’t as steep, it isn’t a walk in the park either. It is littered with rocks. Last April, I climbed Mount Willard and it was pretty easy to climb with some fresh snow on the ground.

Sneak peak at Mount Monadnock from far:

Let the hiking begin:

Almost at the top:

Video I took at the summit:

Flat Bench Personal Best

Today I reached a new personal best on the flat bench, lifting 240 lbs. That’s 2×45+5+2.5 pound plates on each side. Since I reached 2×45 plates in December last year, my goal has been to get to 315 lbs or 3×45 plates on each side by December this year. I must say this was a rather ambitious goal given it’s now already June and I have to add 75 lbs more. It will be very interesting to see how much I can push myself in the next six months.

De-Mystifying Learning To Play The Guitar

Here is a riddle to start: ever wonder how experienced guitarists can play without ever looking at their fingers? If you’re just curious about the answer, then jump to the end. Otherwise, read on! I promise this article will most likely pique your interest to pick up the guitar!

I have always found it helpful to write about new concepts I’ve learned. While I love writing code, sometimes I get an intense desire to learn or do something new.

Having said that, I recently picked up the guitar and to my surprise, it has been a lot easier than I thought. Had someone told me it would be, I would have picked it up over 10 years ago.

I took a few music theory classes during my college years, but I never cared to learn an instrument until now. I can play a few notes on the piano like the start of Beethoven’s Fur Elise (thanks! to a girl friend who taught me), but I can’t really play a full song.

To a lot of people, music is an art and mystery they think they must have a natural ability for. I fell into this trap and hence why I never tried to learn an instrument.

The reality is music is all about learning abstract concepts. For example, Math uses the language of numbers and symbols to abstract the world. Music is really the same, but uses notes written on the staff to represent concepts like time, pitch, melody, etc. Math comes to most people easily because they are constantly dealing with those numbers and symbols in everyday tasks without thinking why a five is the shape it is (it’s that shape because we agreed what a five is universally).

Some of the things, I’ve learned so far playing the guitar:

It’s all about the chords (aka: the strings to hold down) and the strings to strum while holding a chord.

Captain Obvious might say: duh!

But that removes all the mystery of playing the guitar! The untrained person sees strings and fret wires, but the trained person sees chords: shapes they form with their fingers. I believe an experienced guitarist can play the guitar without an actual physical guitar. As a novice guitar player, after a few days of intense practice I can already feel how it comes naturally.

Before my guitar arrived, I picked up this book at my local Barnes and Noble:

Some of the basics of music in general:

How do we know what notes to play? In the picture below, we can see the abbreviation FACE starting with the first space going up so F-A-C-E for the spaces. The lines start with E from the bottom and so on so E-G-B-D-F for the lines.

How do we know how long to play a note?

And the time signatures (i.e: 4/4, 3/4 etc…at the beginning of the song):



The basics of the guitar:

The guitar has 6 lines with the thickest at the top and thinnest at the bottom and with each line representing a note (EADGBE). It’s also divided by fret wires with the first fret being fret 1.

Some basic chord shapes:

When I need to know what a chord shape looks like, I simply Google it. A chord shape has x, o, and numbers. The numbers represent the fingers you use from the index (1) to the pinky (4). x means you do not strum that string. o means you play the string open while holding down the numbers.

The C chord:

The G chord:

Some more chords:

What I found the most difficult was moving from one chord to another smoothly. But with a lot of practice, I found this grip easier to move between chords:

Notice in the position above, the guitar neck easily slides and floats within my playing fingers and thumb.

As opposed to this grip:

Now that we know what chords look like, back to our original riddle: how do experienced guitarists play without looking at their fingers?

Here is the guitar…notice anything interesting?

The dots at the top of the guitar.

If you look closely, you’ll see the dots on the 3rd, 5th, 7th, 9th frets and 2 dots on the 12th fret. It’s somewhat of a cheat code!

That’s all for now. I will post some more as I learn more.


Building an OAuth2 Server and Resource

This is part of an authentication service I’ve been working on for a small app. The project is open source on my github here: oauth2-provider-resource. I decided to open source it in the hope that it may help someone trying to build a similar service.

My Year In Startup Land

It’s been quite some time since I last wrote on this blog. My hope is to write more often from now on maybe once a week.

The last year has been my crazy journey working on startup ideas. I left my role at Akamai, where I worked on very interesting projects on the web security team, to pursue ideas that I’ve always been interested in, but never took the time to follow through. Some of the projects I’ve worked on:

  • Medviv is a HIPAA compliant, cloud-synced app that helps patients easily stay on top of their health. Medviv uses AI/ML to learn about each user’s unique situation, so it can deliver custom notifications for appointments and refills, medication updates, and personalized healthcare. Received a lot of positive feedback from Boston Scientific’s Connected Patient Challenge and was a top 6 submission with 104 crowd votes and 3.9/5 from the judges who are MDs, PhDs, and veterans in the field. I hope to launch the beta version by the end of the year or early next year.

    Beta preview:

  • RESTfender is an IoT platform to connect and secure internet of things (IoT) devices from botnets. The project is launched with a number of users. Participated in YCombinator’s Startup School and have gotten some investor attention. Had a nice interview with the Techstars Paris program, but the product wasn’t quite ready to be accelerated. Would have been nice to spend my summer/fall in Paris, but alas! I’m currently working on it on the side collecting feedback, adding features and fixing bugs.

    Tech stack: React front-end, Django/Python/Django REST Framework API, Java reverse proxy, Apache Kafka, Spark, Zookeeper, Cassandra, Postgres, and a mixture of other things. The app is also integrated with Stripe for payments.

    Demo: RESTfender

  • Finally published JigDraw in the Google Play store, which is an app where users create jigsaw puzzles using their own drawings from the app. While it’s currently open source, I plan to publish a premium version that will be $1.99. The idea is to have a marketplace where you can sell your drawings so others can use them to make their own jigsaw puzzles.

    My attempt at drawing Simba from The Lion King:

    Full Demo:

I will write a much longer post soon about all the things I learned in the time from the maxed out credit cards, nights spent wondering the meaning of life, sleeping on the floor, almost fainted on a hot day, drinking away the sorrows and craving steak. On the other hand, it was totally worth it. I learned just about everything under the sun: marketing, selling, design, psychology, etc.


Building A Raspberry Pi 3 Cluster

I will write a much longer post about this at some point, but these are some pictures I took while building my raspberry pi 3 cluster.

I ordered a raspberry pi 3 when it came out on February 29, but it took 2 weeks to arrive and in total coincidence arrived home on pi day, 3/14.

I went to the Micro center here in Cambridge to find some more hardware to hook up my pi3, but to my surprise, I found they had several pi3’s at hand. I grabbed a few to build a cluster and this is the end result. I haven’t decided what project I will do with them, but this is just for fun for now.

Up and running:

4-node cluster:

The raspbery pi 3 unboxing:

The supplies:

The original PI:

Fixing Apache Mahout’s Connection Pooling Datasource Warning

I’ve meant to write about this some time ago, but forgot. While using Mahout to build a recommendation engine with a datasource like MySQL or PostgreSQL, one of the warnings one usually encounters is this:

“You are not using ConnectionPoolDataSource. Make sure your DataSource pools connections to the database itself, or database performance will be severely reduced.”

This is a weird warning because even if you’re using a connection pool, the warning will not go away.

Last week, I got very annoyed and decided to fix it. I dug through the source code on github and found this code in AbstractJDBCInMemoryItemSimilarity.java:

In order to create an item similarity based recommender with data stored in a MySQL database, we would do something like this:

MySQLJDBCInMemoryItemSimilarity extends SQL92JDBCInMemoryItemSimilarity which in turn extends the abstract class AbstractJDBCInMemoryItemSimilarity where the data source type is checked to make sure it is a ConnectionPoolDataSource type as above.

The fix is rather simple, but takes some time to dig through the code and figure it out. Here I’m using Spring to autowire my dataSource object, creating the tables and populating them with some initial data SpringDataConfig.java:

This requires commons-dbcp dependency like this:

The difference is instead of returning a dataSource that is an instance of DriverManagerDataSource, we return a new ConnectionPoolDataSource that takes in our normal data source. Mahout then takes care of the connection pooling as follow:

That’s it.

Detecting malicious web attacks with my simple server

Within the last week, I’ve noticed that my blog was frequently down with this error:

My first thought was that I must be getting a lot of visits, but eventually everything would go back to normal. So I restarted the mysql server and apache then all was fine. A couple hours later, I tried accessing my blog again and realized it was down again for the upteenth time.

With the small web server I’ve been working on, I decided to see what’s going on and where the traffic is coming from. I stopped my apache server and installed git, java and gradle on my ubuntu instance.

Once I got the code on the ubuntu instance, I started up my simple web server on port 80 and realized something weird…it seems that someone is running a distributed denial of service attack against my wordpress blog. Instead of using several machines, they’re running on the same IP but different port.

Request signature:


The attacker is using IP and trying to brute force a post request with some xml file to my wordpress xmlrpc.php page. Notice also they’re trying to access my blog IP directly. It could be some targeted attack against Digital Ocean where my ubuntu instance lives or the attacker just has a list of random IP’s they’re trying to attack. The content length also varies but is always in the 250-300 bytes…283 bytes in the case above.

Knowing this info, I modified my code to match the signature and silently drop the request:

Added a request request filter and defined these values:

The filter method:

Check if the signature match:

Then modified the code that handles the request to simply log the IP

The resulting logs from my simple web server showing the logged request and that the response is dropped:

I will add some more details later, but that’s all for now.

Older posts

© 2018 Jay Paulynice