Fighting the Proxy

Like many companies, mine uses an HTTP proxy to protect us from various security risks, such as malware, unintended data leaks, and the like. In general this is a great thing. I heard from one of our risk engineers that malware incidents went down substantially when they implemented this proxy.

However, as a developer trying to code behind this proxy, it’s a constant battle. I recently found develop-behind-proxy, which is a very good resource for this. In particular, knowing how to configure the tools you’re using is super important. There doesn’t seem to be very much agreement out there in how to configure tools to route http/https traffic through the proxy, especially when any kind of proxy authentication is involved.

The things I’ve tried have included:

  • setting HTTP_PROXY, HTTPS_PROXY, and similar environment variables
  • setting the lower case version of these vars (are some tools case-sensitive? I think so…)
  • putting my username and password in the proxy URL (e.g. http://user:pass@proxy.company.com:8080)
  • URL encoding my username and password
  • since this is a windows environment, adding the domain and a backslash before my username
  • setting these in various places, like the windows user environment variables, Cmder‘s user-profile.cmd file, the .bash_profile inside the little Ubuntu VM I set up since some apps are either not available or break in weird ways in the windows shell

Of course I haven’t taken detailed notes so I’m not sure which config works for each tool! That’s on me though.

Oh, I’ve also tried Cntlm, and it has a nice little way to encrypt your username and password so that you can feel a little better about putting your credentials in a config file. But so far it hasn’t seemed to really help that much. The key thing I can’t quite figure out with it is how to reference it running as a Windows service from inside the Ubuntu VM.

The frustrating thing about this is that I get the feeling that all of this energy I’m spending configuring the proxy is taking away brain power and time from my “real work”.

But maybe not? Perhaps part of being a coder in a corporate setting is fighting the proxy? Perhaps we should put this in our job postings?

First Week

I just started a new job, and finished my first week. I’m working with people I’ve worked with before. However it’s been about 6 years since we worked together, so it’s a interesting mix of familiar and new, both culturally and technically.

Culturally, processes are very open and there are lots of discussions, both hallway chats and meetings. Of course everyone has these, but the thing that sticks out in this culture is that generally the content is “real”. Meaning it’s focused on topics that are highly relevant to the work being done on the team. Things like who’s going to work on what? Why is this approach better? What are we actually going to do next? There’s very little tolerance of high-level hand-wavy atmospherics. Business-speak is rarely used and often scoffed at. I like it.

Being an engineer, I’m probably more interested in how the tech stack is both familiar and new. The familiar parts are the application architecture (mostly 3-tier) and the programming framework (.NET). The new parts are that there is more automation in general, and more rigorous security practices.

An even new part of the stack is so new it doesn’t exist yet, because I am here to build it! That is, we want to build a data science stack, including all the big data stuff that entails. In short, to “bring in data science”.

Should be fun!