The Art Of Commenting Code

Ever Since the Appearance of TDD

Comments have started been replaced from a separate unit test. At least this happens in theory….

After numerous head-wall-banging sessions though, even at large companies where they tend to have a more standardized method of coding with large codebases we often find many, many good gems.

Commenting is art! Trolling while commenting is a given!

Have a look below and for crying out loud laugh until you break 🙂

Personal Favorites :

Dear maintainer:
Once you are done trying to 'optimize' this routine, and have realized what a terrible mistake that was, please increment the following counter as a warning to the next guy:

 total_hours_wasted_here = 42 

And another one, which by the way I have said it many times :

When I wrote this, only God and I understood what I was doing

Now, God only knows

Best Comments Ever!

On a relevant note while browsing source code of

Look what I found!

Screenshot from 2014-03-20 11:14:24
Put on your robe and wizard hat and lets Play Hearthstone ? While binding events with jQuery 😀

And last but not least, from the company’s large codebase  I currently work at:

*********GRANDE KOLODAXTYLO ***************
To solve issue with serializing data coming in different parts of the response array

Kolodaxtylo in greek means “the middle finger”.

And some dummy user names / passenger names in unit tests :

Luke Skywalker, Princess Leia, and in general names from Star Wars Universe.

But also Greek ones:

Lelos Observes

A sidenote here, working primarily on a travel agency booking site, while we all devs use this name for our tests, it turns out that this guy “Lelos Observes” has “traveled” virtually 2-3 times around the world…

Mitros Karamitros, Loula Karaloula and Loulis Kouklentes

5 Unbelievable Security Fixes

While working with security…

…you often find yourself between a rock and a hard place.

Solutions must be provided in with low cost both in time and money !

Since one of my responsibilities during my morning job is security, we had, as a team to outthink all the potential attackers. Now this is a quite hard job to do. While we had a lot of brainstorming going, we decided to take a break. And one of our colleagues came out with the following blog post. Have a look: 

I hope its a demonstration if proper camera usage…

Better than NSA

Looks like I’ll have to think twice before trespassing…

Watch out, it looks very fierce


Practical and Efficient

Always lock your mo-pad!


Always, always think big!

After some years the chain will actually grow into the tree, rendering it impossible to move


But above all, know how to:

Protect and Spell!


I personally think that it gives a totally new meaning

to the term “security fixes”. I just hoped I had the opportunity to implement those security fixes during a PCI/DSS audit… By the way, in terms of development and bug-introducing procedure (we all had this, bugs are unfortunately unavoidable), not while ago there was this bug.

The heartbleed bug, has efficiently put all internet to knees…

Heartbleed bug was at the same (ok, a little more) level of stupidity.



/* Enter response type, length and copy payload */
s2n(payload, bp);
memcpy(bp, pl, payload);

There was absolutely NO static analysis problem. NO compilation error. Nothing at all. Just a stupid thing that two variables where controller by the user. And if you change those two variables you’re gonna get a GOOD dump of the nearby memory….

That was the case…

Source : Diply