Recently, I was doing a Ruby on Rails course on Udemy that involved opening an AWS S3 service and creating some buckets for develpement and production so images and files could be stored on AWS instead of locally on my computer.
I had already used S3 when I did Mattan Griffel's OneMonthRails a few years ago. I deleted those buckets and cre​dentials and created two new buckets and access keys. 
After the csv file was dowloaded with access key and password, I double clicked it, and it was opened by Atom, the text editor I was using. Since I had already copy pasted the access codes in my .env file which I listed in gitignore, I went ahead and pushed to GitHub as was required by the course.
This, I later reaised, was a big mistake, as I should have opened it with text editor so it remained on my desktop.

The Shock

Sometime later, I got an email from Github's GitGuardian informing me that the API keys are exposed and to confirm if it was true. I was about to ignore it and tell them they were wrong. But I decided to go to my repo and check. Sure enough, my csv file was there with the access key information. I tried all kinds of things to rollback the commit I had made, then found that I could delete the file with an 'rm' command, did that.
That wasn't enough.
Soon I received an email from Amazon to inform me that the account has been compromised and I should take action. Panicking, I went to the billing section to see there was a charge of over $3000 to date, and the projected cost was about $15000! I nearly had a heart attack.

The people who put AWS in AWSOME

I emailed Amazon explaining my situation. Went again to AWS site, wrote another email and fortunately clicked the telephone icon in the submit field instead of the email option, which resulted in them calling me. 
I called them back, and the friendly staff transferred me to the right people to help me. Spoke to Stephanie who allied my fears saying it will be all right, don't  panic, and put me onto a gentleman called Will who took me step by step through the whole process,explaining what happens when you leave your credentials exposed. The call lasted over 15 minutes, I must admire the fact he never lost his cool even once. Every question was answered, every doubt, however silly, was cleared.

What happens when you expose your access keys?

Will said that a lot of novice programmers tend to push code with sensitive information, and this is not the first time. Since Github is a public and open source site, malicious users leave a programme with a script to scan every commit and push that's made to Git for exposed credentials. Once they find such keys, the malicious user immediately uses them to his own ends. Apparently a lot Bitcoin dealings and other transactions are done illegally using such exposed keys. While Will was walking me though the steps, I saw instances running in every region, from Sao Paulo to Singapore (instances are, I'm told, computer spaces rented by Amazon to users). And the rent is humongous if used on a large scale basis, running for hours. Will helped me shut down all the running instances. I asked if I should close the account. 'No', was the answer, as the keys will be still used, we had to shut down the instances one by own going through the regions. Earlier, I had closed all these running regions but that wasn't enough as each had to be terminated.

How to guard your Amazon access keys like a state secret?

While I was lamenting the lack of morals and sympathy and wondering why would people take advantage of innocent users and their novice mistakes, I realised that's how the world runs. You, as a user, have to supremely careful and alert. It's equivalent to leaving your user id and password on a public park bench.
After the session was over, Will sent me an email explaining what had transpired, and that since it was unauthorised use, he has put the case up for waiver of charges. He also sent a link to a gem that scans your code for exposed sensitive information and prevents you from doing something stupidly expensive. 
Called git-secrets and owned by AWS, this further protects users/students from future exposures while pushing code to Github. Git Secrets scans merges, commits, and commit messages for secrets and rejects prohibited regular expressions patterns from being posted. Here's where to get Git Secrets.
https://github.com/awslabs/git-secrets 
A few tense, on-the-edge, panic-stricken days later, I just received an email from AWS saying they have waived the charges of over $3000. I can not say how relieved I was when I received that. I wanted to buy everyone at AWS a beer. 
So please do be careful, very, very careful the next time you push your code to Github. Check, double check, triple check before you commit anything. And install Git Secrets.

Things got more interesting in this segment. In section 3a, we learnt to navigate between screens, add more buttons and actions and some hardcore stuff I couldn't manage on my own like converting string to url among others, but the instructor (a cheerful guy named Kunal) addressed those issues in the next video. To break it down, here's what we learned:
First, we added a navigation control by embedding it from the drop down menu, created a second interface controller, and created a new  Cocoa Touch class file and named it playSoundsViewController and connected it from the Record button on the main screen. So that when you click on the record button it takes you to the next screen. [NOTE: Make sure you name the file properly or it won't let y ou drag outlets or actions. Once you create a new screen and file, click on the new screen and go to the Identity Inspector and type in the new file's name, it will auto fill.]
Then we learnt how to add an mp3 file to the project and access using AV Foundation. We created a path to the audio file in the viewDidLoad section by creating a var filepath and using NSBundle with its subclass mainBundle. 
We created an instance of the AVAudio player and converted NSString to NSUrl.
We added two buttons, playfast and playslow and connected them to the interface so they play the embedded audio file at the corresponding speeds by using the rate method in the AVAudioPlayer class.
We make sure the file, when accessed either plays the mp3 or returns an error message if the entry is invalid. Also, we need to have the variable audioPlayer needs to be a global variable so it can be accessed from other functions. [NOTE: I was redoing the lesson so I could take down all the steps, and was stuck on this error I didn't get before 'EXC_BAD_INSTRUCTION code=EXC_1386_INVOP'. Spent over an hour fixing this, then while comparing to the earlier working code, realised I had put - instead of _ in the mp3 file name. So in case you get that error, it could be this.]
We are supposed to take the common pieces of code and create a new function butI'm not sure where to add the function to, so I'll see if that gets addressed in the next lesson. 

This is a topic we are required to write about on finishing the first section of Udacity's course, I thought I might as well do a post and perhaps keep updating it as and when I manage to finish the many courses I'm taking. So here goes:
I've been meaning to enroll for one of Udacity's many courses for a while and that came to fruition when I signed up for their free Intro to iOS Development with Swift course. 
The course is laid out very well, the instructions by the teacher Kunal were clear and easy to follow, the quizzes were relevant and made you think. I managed to solve quite a few based on what I learnt on the Udemy courses and by googling. There's a forum where you can submit your answers and ask questions, I noticed the instructor answering some questions, which is always encouraging.
Broadly, the course is about building a simple recording app. In the first part, you are taught how to add labels, buttons, images to the buttons, constraints and how to use them, aligning images, hiding and showing labels and the text they contain, the difference between IBOutlets and IBActions, the relationship between Model, View and Controller (I knew about it a bit from my Ruby and Rails lessons) and the difference between the 1x, 2x image boxes in the xc assets (the 1x is meant for non-retina iPhones and 2x and 3x are for retina iPhones). By the way, strong and weak in IBOutlets are Swift's way of managing memory, a weak variable is an instruction to hold a weak reference while a strong variable/outlet means I initialised it, so keep it till I don't need it anymore.
I must say, based on this course, I am tempted to take up their nanodegree on Beginning iOS Development. And they have an attractive incentive of refunding 50% of the tuition fees for those finishing the course within a year.

After finishing their Ruby course and being thoroughly impressed by the structure, the explanations and the overall approach to simplifying Ruby, I signed up for their Rails course and the Blocks and Iterators course. Just started Rails, it's a lesson you don't rush, so taking it one lesson a day. The reason it should be taken slowly is, like with their Ruby course, there are parallel projects happening while learning. That is, they teach using one app, and ask you to do another app using similar methods, so you need time to digest the information and apply it to two projects. If you have an idea for another app, you can start off on that as well. 
Meanwhile, I'm on their Blocks and Iterators course, which again deconstructs the topic beautifully with interactive, engaging diagrams/animation drawings. I take a screen shot of these drawings for future reference, like a ready reckoner of sorts.
Again,I keep wondering how did I miss this course? I remember seeing it while searching for online Ruby courses when I was caught by the coding bug, but for some reason didn't sign up. I am on Treehouse, Udemy and Tealeaf for Ruby, Rails and other courses but I strongly recommend Pragmatic Studios as the first step. I've also started re-taking the Ruby course, as a refresher, to relook at the concepts and see how I can apply them to say, a problem on Tealeaf. 

I just finished the Pragmatic Studio's Ruby course. They give you a timetable which lays down a one month long plan to take the course but I finished it way ahead. Because it was so simply and beautifully explained I didn't want to stop at just doing one segment a day. 
Mike and Nicole have an excellent way of teaching a complicated language to beginners. First, the diagrams. Important aspects of the language are explained with simple diagrams that visually deconstruct the point, making it easy for you to understand the concept. If you want, you can take screenshot for future reference.
Second, the tete-e-tete between Mike and Nicole. They've mastered the art of two people teaching a lesson at the same time which is a difficult thing to do (there's a Udemy course on a different subject where the teachers of that course try that but doesn't work). Here, Nichole and Mike take turns at asking the relevant questions and raising important points and answer them. 
Three, the whole layout of the course, from strings and numbers to coding three apps. They code a movie app while you are asked to do a game app while there's a bonus coding opportunity for a crowdfunding app using the principles taught in the course. 
The TDD segments are a bit tough, they are more like your afternoon math classes, a pain but necessary. I skimmed over the TDD (Test Driven Development) sections but will have to go back and learn them. In fact, I've already re-started the course as practice is essential in learning anything new.
Towards the end, a couple of points tend to get rushed but that's nothing big. I've signed up for their Rails course and am going to take up their Blocks and Iterators course today. 
I can say in all honesty that if you are a beginner or coding enthusiast looking for your foray in Ruby, this must be your first stop. 

After signing up for Tealeaf Academy's Ruby course, I managed to solve two of the problems, the calculator challenge and the Rock, Paper, Scissors project. They worked too which was encourag_ing and satisfying. Then came the tough parts: Tic Tac Toe and Blackjack. I got the higher language or pseudo logic part quite right (you are encouraged to use English to write down the solution, and introducing code to convert the steps into a working programme) but the problem was in understanding what code to write to translate the pseudo-code into a working one. I am an author and a freelance writer. Logical thinking is as far away from me as saving for a rainy day is to a bachelor on his first salary. This knowledge helped me from smashing my new Mac and throttling the duck.
Did I tell you about the duck? In proamming circles, apparently, they have this method whereby you are supposed to talk to a rubber duck. You tell him your problem, what's keeping you from writing a working code, lying down on a counch while the duck takes notes, yawns, looks at the watch and says, We'll meet next week, meanwhile remember what we talked about today', and charges you $80 a session. 
It's called Rubber Duck Debugging. This, they say, helps. While I see the logic behind talking out your problem loud, I fail to see how a duck can prevent himself from serious threats to his life from frustrated programmers, most of whom are rookies like me. There were times I wanted to beat the crap out of the duck, like Happy Gilmore. That'll only end up in a trail of dead ducks, so to speak. So I took the Codecademy course and finished it in a day and half. Must say it was quite informative for a free course.Finished a couple of Ruby modules on Treehouse. Still, no clue about how to code the blackjack game. So I looked at the solution and did the TicTacToe and am currently doing the Blackjack game. The instructors say you must make some serious attempts to try and code before going to the solutions videos which makes me a trier at least.
The thing is, some of the steps don't even occur to me. I'm sure this is the case if you come from a non-coding background. I've only got the coding bug a few months ago. While trawling the Net, I stumbled onto the Pragmatic Studio again, and this time decided to give it a shot. They were having a discount on their 9th anniversary, and it was affordable, so signed up for their Ruby course, and finished 15% as of now. I like what I see there, like the teachers, and the way they've laid out the programme. It feels good. Progress report to continue, till next time, happy coding, and spare the duck.