NDC Oslo 2016 - Lightning Talks 1

Video thumbnail (Frame 0) Video thumbnail (Frame 14235) Video thumbnail (Frame 15219) Video thumbnail (Frame 16127) Video thumbnail (Frame 17369) Video thumbnail (Frame 19006) Video thumbnail (Frame 20017) Video thumbnail (Frame 20766) Video thumbnail (Frame 24077) Video thumbnail (Frame 25957) Video thumbnail (Frame 28768) Video thumbnail (Frame 29537) Video thumbnail (Frame 30504) Video thumbnail (Frame 31724) Video thumbnail (Frame 33494) Video thumbnail (Frame 34891) Video thumbnail (Frame 35696) Video thumbnail (Frame 38289) Video thumbnail (Frame 39823) Video thumbnail (Frame 41850) Video thumbnail (Frame 49664) Video thumbnail (Frame 57478)
Video in TIB AV-Portal: NDC Oslo 2016 - Lightning Talks 1

Formal Metadata

NDC Oslo 2016 - Lightning Talks 1
Title of Series
CC Attribution - NonCommercial - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this license.
Release Date

Content Metadata

Subject Area
Einar Afiouni: Organising CSS, what can you do, what we did and what we learned from it We recently had the opportunity to start fresh with CSS on a project, so we decided to take the opporunity to research what methodologies there are out there for CSS, what are their advantages and disadvantages and what we decided to go with as well as what we learned doing so. (We just started, but until NDC we will have enough time to see how it went, mistakes, regrets etc) Nicholas Paulik: How I hacked my way to NDC In January, I attended the conference Security Day 2016 in Oslo, with a plethora of awesome speakers and sessions. During the live Q&A session at the end of the day, I spontaneously tested the Q&A software for cross-site scripting vulnerabilities, causing an unexpected dialog box to pop up on the big screen. Being a security conference, this was met with laughter and applause, and I was encouraged to give a lightning talk. This lightning talk is based around the event, with focus on what made the exploit possible, how some common security mechanisms can be defeated, protection against cross-site scripting and how the vendor of theQ&A software responded. Erling A Børresen: HTTP/2 – What's the deal? HTTP/2 was published as a RFC in may 2015. In this lightning talk I will take a (very) brief look at the history behind HTTP/2, what it is and how this new standard will change and improve the every day work of a web developer. The presentation is best suited for web developers who wants a quick summary of what HTTP/2 may bring to the table, without diving to much into the details about how it works under the hood. Jan Tore Stølsvik: Forget data changing over time with React.js React is a JavaScript library for creating user interfaces by Facebook and Instagram. React brings many good things to the table, but the best part by far, is the virtual DOM. With a virtual dom it has once again become possible to code frontend applications like the good old days, when for each request we simply re render the entire view. In this talk I will explain how this simplifies an application, makes it faster, more reusable and testable.
Principal ideal Euclidean vector State of matter Multiplication sign Mereology Social class Arm Electric generator Block (periodic table) Software developer GUI widget Moment (mathematics) Maxima and minima Flow separation Element (mathematics) Category of being Block (periodic table) Data structure Reading (process) Spacetime Inheritance (object-oriented programming) Service (economics) Computer file Connectivity (graph theory) Computer-generated imagery Electronic program guide Content (media) Coprocessor Graph coloring Element (mathematics) Cross-site scripting Goodness of fit Flow separation Internet forum Energy level Utility software Divisor Data structure Computer architecture Module (mathematics) Multiplication Inheritance (object-oriented programming) Weight Projective plane Core dump Line (geometry) Uniform boundedness principle Word Hypermedia Personal digital assistant Atomic number Statement (computer science) Social class Object (grammar) Musical ensemble
System call Internetworking World Wide Web Set (mathematics) System call
Medical imaging Group action TDMA Videoconferencing Right angle Streaming media Line (geometry) Complete metric space Connected space
Server (computing) Game controller Network topology Weight Structural load Archaeological field survey Streaming media
Principal ideal Point (geometry) Dataflow Game controller Server (computing) Group action Streaming media Client (computing) Food energy Session Initiation Protocol Medical imaging Roundness (object) Semiconductor memory Data compression Email Dataflow Server (computing) Binary code Control flow Limit (category theory) Connected space Membrane keyboard Subject indexing Right angle Communications protocol Data compression
Ocean current Boss Corporation Programming language Server (computing) Windows Server Server (computing) Web browser Client (computing) Instance (computer science) Content (media) Public key certificate Connected space Latent heat Web service Goodness of fit Googol Addressing mode Googol Revision control Point cloud Communications protocol Proxy server Window Point cloud
Medical imaging Dataflow Game controller Speech synthesis Line (geometry) Metropolitan area network Connected space
Goodness of fit Mobile app Service (economics) Internetworking Basis <Mathematik> System programming Bit rate Information security Information security Twitter
Presentation of a group Touchscreen Slide rule Event horizon Mobile Web Information security Cartesian coordinate system Information security Lattice (order)
Filter <Stochastik> Scripting language Presentation of a group Functional (mathematics) State of matter Code Ferry Corsten Virtual machine Electronic mailing list Web browser Neuroinformatik Number Type theory Cuboid Website Software testing Information security Freeware Information security Metropolitan area network Vulnerability (computing)
Filter <Stochastik> Digital filter Touchscreen Proxy server Computer-generated imagery Source code Content (media) Frame problem Attribute grammar Different (Kate Ryan album) Revision control Table (information) Local ring
Email Slide rule Greatest element Scripting language Structural load Java applet Code Source code Limit (category theory) Coma Berenices Function (mathematics) Twitter Attribute grammar Element (mathematics) Medical imaging Root Data conversion Information security Error message Address space Scripting language Vulnerability (computing) Email Slide rule Limit (category theory) Proof theory Type theory Digital rights management Process (computing) Event horizon Personal digital assistant output Right angle Hacker (term) Information security Address space
Email Building Group action Scripting language State of matter Java applet Multiplication sign View (database) Coma Berenices Mereology Computer programming Software bug Web 2.0 Facebook Mathematics Synchronization Cuboid Software framework Aerodynamics Endliche Modelltheorie Series (mathematics) Imperative programming Information security Scripting language Building Software developer Type theory Digital rights management Message passing Process (computing) Phase transition Order (biology) Interface (computing) Right angle Information security Row (database) Ocean current Web page Reading (process) Slide rule Server (computing) Functional (mathematics) Open source Dependent and independent variables Web browser Content (media) Template (C++) Attribute grammar Element (mathematics) Latent heat Hacker (term) Representation (politics) Data structure Computer architecture User interface Mobile Web Dependent and independent variables Focus (optics) Surface Projective plane Cartesian coordinate system Web browser Word Synchronization Video game Library (computing)
Point (geometry) Stapeldatei Complex (psychology) Functional (mathematics) Game controller Server (computing) Euclidean vector Observational study State of matter Connectivity (graph theory) Multiplication sign Decision theory View (database) Execution unit Replication (computing) Field (computer science) Software bug Revision control Mathematics Roundness (object) Spherical cap Reduction of order Cuboid Representation (politics) Software testing Endliche Modelltheorie Volumenvisualisierung output Scripting language Operations research Inheritance (object-oriented programming) Kolmogorov complexity Interface (computing) Software developer Forcing (mathematics) Sound effect Cartesian coordinate system Category of being Process (computing) Function (mathematics) Order (biology) Phase transition Statement (computer science) output Right angle Representation (politics) Writing
and the end.
i'm in my name is in one word is a than the little brat that becomes whole thing and i'm going to be about the are. during the off organizing our seas us and we recently had the opportunity of starting fresh on the project and the with. i thought we might as well to a little effort and make r.c.s. is better than our old see assess which is not so good. i'm a lot of people. love to hate see assess the use this give for showing how us yes this can behave sometimes. but i think actually that c.s.s. can actually be awesome. so what's what's out there. i'm. the i'm just going to go through a little of the methodology as we researched while a finger figuring out how we were going to come. organize our see assess the first one being object oriented c.s.s. which encourages reuse and more efficient c.s.s. it's based in the two principals separation of structure from skin structure. structure being everything from our margene and having and skin being color and background and so forth. and separating container from calm them to which means that. the there's no or higher tea in d.c. assess every little piece of and every class should behave the same no matter where you put it. one drawback from this is that you might end up played a lot of c.s.s. classes in your h.t.m.l. and that's something i personally don't find this nice another way to do it is atomic see a service which i feel like his. kind of like object or in the pubs takes its on the whole different level you break every piece of sea ice is down to the bare minimum. and something like this would be broken down. to something like this and then again a drawback would be that your h.t.m.l. actually ends up describing i'm how everything looks and you get a lot a lot of classes. in the twenty sixteen we have now have something called the at the miser which again take this even for and you describe the whole style in the h.t.m.l. at the my this parts store h.t.m.l. and generates. and see us this file looking like something like this and you don't even have to write any. any as he says that all but i feel like that would be like actually like its styling everything the line. the comic the subatomic secession not be confused with atomic design which i am. i know which is more like a park. and. as a guide for anything not just the uscis you break everything down to the smallest possible. modules and then you call those adams and then you build molecules out of multiple adams and then organisms how to have multiple molecules and so on and so forth and which is a very nice way of thinking folders structure or file structure for years the assess and that. actually for many parts of software development. and you also have something called scalable and modular architecture foresee assess or smacks and even wearing a smacks t. shirt. but even though i'm wearing a smacks t. shirt i don't believe that in any more. or i i used to be a more i'm now a follower of snacks than i am now. and it's basically that you break everything down into five categories space layout module state and team. if you're interested that much more you can read on their website it's for you. it's a good read actually. and lastly before i come to what we ended up with his band which people might be familiar with the kind of popular at the moment i feel it's developed was developed by yandex. i pretty much says that you break everything down into block elements and the block element contains and the block container complaints elements and moderate fires. can combine the of visualizing asked for an object with multiple. some objects inside and the properties and example would be the immediate example down there. so what did we end up doing while with its read a lot of articles about all the different ways of doing at things and we found something that that we felt would be nice it's called components u.s.'s or c c has also. no one has simplified them where we have some global utility base classes. and the block element modifier structure of bam only instead the double underscore foreign elements we have just the simple dash i'm with camel casing. and and this is actually very nice. in weight you can actually use the pre processor like less and sass to and use the in this case less the ampersand selector to just nest everything down and. the cold becomes relatively small easy to read in my opinion and. and then write think everything over and over again. and you end up with no inheritance just like object or at the sea assess everything is in the pen off each other's sold the structure of teaching else should and shouldn't have anything to say on the phone. on how things that will end up looking. and we have global utilities which might seem more like something you would do in the comics assess where if you just have something smaller just want to add here and there you could add as the mother for a class or just use a global you feel it the class. some setbacks though we found out where were you want to have a harbor selector on the block element to nest that downwards you have to repeat the name off the block and everything down in the harbor statements so that. you could change the state them every single pocked since they're so little no inheritance really india. in the components u.s.'s or you can make a modifier class and you something like javascript to toggle it to your arm. it's as to how you want it. and that's actually i think them biggest set back we have had with this i'm that take out that has been that the words really good with react which is what we a use now in the project. todd or how little modifier classes that's been really easy it creates single purpose high else and the logical fall the structure as special if you had some atomic this and elements into it the files are small and maintainable and it works really great with the pre processor likely. this course s.. but it's not perfect. the. you always wish to see you just going to run like yeah run smoothly about the all this when something bothering you and it's still very early in the project so we still have a lot of time to school is something up. thank you.
so what. this. but so are wrong. that so.
he would go i'm going to talk about eighty p. to what's the deal for us whether the others first bit about me i'm going i'm working at a condo us both the front on and win back in the world for and have done so for six years now. h t t p two claims to be foster easier and more robust and that's quite clear goals compare to age to be one we will look into those three things around but for some brief history.
i'm fortunate to be won and nothing has really really changed since the ninety's and ago was a revised set of our of season two thousand and fourteen but basically what we're using today is from the ninety's and in two thousand and nine will. who was thought that the internet had moved on so they released are announced speed. and then we had a call for proposal for a to be too. and then google in two thousand and twelve. the release the first draft and speeding which was to become an exact copy for the first draft of a should be to an inmate last year it was officially less than that. so it should be too is basically a super set of it she to be won everything you do in a should be won with status colds met some stuff like that is still the same he used the same your eyes teams the same ports the standard.
and so forts of four. and but a cheaper to has won majors thing it is multiplexes.
wade actually to be one you needed to create one connection want is because action for each request and which were there to be to you can have multiple request on the same connections and it's called streams those streams are independent and on walking so you can get a lot of streams. and it's an intensely a. this way we avoid a lot of work arounds we have created for a to be won by contact the nation states sprites the main shouting and in lining. i'm going to show your radio and there's this is a comparison of age of fifty two and one and this is set to one hundred militants can latency and each image contains one hundred ninety two small images on the right hand side here and just scraped.
one connection and on the left hand side we have a lot of connections and as you can see. it looks much much faster on it should be to donation to be won. this is kind of an education starts to turn with mills against us latency but still you you see the picture. the prior taishan actually the video comes with privatisation that means that history may be dependent on completing completion of another strain.
and does you could say that destroyed not load before are all have completed this one of a stream males on weights this this gives an opportunity to say that this is more important than another and us you could create the pens a tree looking at it.
and this gives a lot of control to the current. but the spec says that in the survey doesn't have to take care of its but it's of wish from the current not have them on but most of the servers implemented a handle this.
actually the two also has flow control. this could be enabled just for a stream or for the whole collection this animal us to you. to you limit. the data going over the connection or the stream typically if you have a device with low membrane you wanted to limit how much data you get into memory at once before it could be a handled if you're with your streaming and use a place presses pause anyone stop or limited strain so we don't you need of the whole connection. compression of energy to be one you can use to sip and stuff like that but it's still a barn and i still a text based protocol are actually to be to this binary that means that you can no longer tell that into an age to be to surround right in it should be. amounts on it. but all the tools you use are used to do the arts now supports. support stage to be too so if you use wire shark or carol or whatever you could easily do it as well there's another are of see that's was released and together with a ship he too cold h. pack which is had their compression and that that means. but you don't have to send every single header for every request you could have some had theirs for the connections some for the stream and so forth. and it's also compressed and as it's not an edge to be want an example for how this could be much foster easy if you have a really large cookies on that they only percent once an compressed instead of on compressed initially be won. server push this cano hard to wrap your head around and it's one of the things the institute at we really don't know how it's going to be used in the future.
but the principal a start the server mace speculating what the client might want and then trying to send data to a client before its ask for it. doing so by sending and what is called a push from his and then the client may or may not reject that promise. the client has control and example could be that your request an index action now and then. and then the server says sees that ok every last users who requested in the exceptional also wanted javascript phylis he says fallen some images so i'll just send it to you round right away instead of waiting for the client to ask for the m this is kind of like in learning. but in lining can't be rejected by the client so typically a mobile client will draw rejects large images of the disco point will receive them right away. so can i use it now.
and this is the browser support it's fairly good.
and the support for into an explorer is swindle stand only and safaris later since have found almost ten. but it's still all green only drawback is that the boss or when there is has agreed to only implement h.t.t.p. to over to last so you need the certificate and you need to secure connection and some and by the when there's think this is a bad thing but still. that's how it is not. soros serve as a port if you own an i deployed on their own servers its kind of good fairly good support abortion has his jet yeah that's it. months off the us house sits on windows ten and server two thousand and sixteen and in excess it is a fairly good all there's also a lot of clients are implemented for specific current programming language it's like goal ruled the pipeline an old soldier a. of for proxies big eyed peas imported ha proxy just not so that depends on when you're using an for cloud our cars supported google apple engine supported and cloud for does asher and his own web services can. which cost for instance dasient and they don't have a roadmap for eight of probably digging to deep into their infrastructures oh but if you push them send an e-mail stuff like that it's going to come in the future.
so foster easier more robust foster yet less overhead less the city connections you have served a purpose which can really make it foster it's easier because in don't have to think about all the work arounds we have been it should be won like concatenation image frites the man shouting and in lining. and is more robust you have flow control awaits the gives you really much control. yes thank you.
the hope that the lower one welcome to my speech how i had my way to end the sea.
so this story begins in january when i attended security day two thousand and six two thousand and sixty which have many great speakers many great talks speaker such as my were there at the end of the day they held a cue a session where we in the audience could asked the percentages questions.
so before the conference troy had asked on his twitter does anyone know of a good mobile app or other service to allow people to submit questions during a conference talk.
and then a couple of people they replied with a slight ago suggesting that he should use that and also the application of the people behind slight though they replied and said well thanks for the shout out and please let us know if you can help you with anything. so this light on how it looks on the big screen on the presenters you and this is slightly how it looks on your mobile phone so we in the audience were sitting there with our mobile phones and we can ask questions to the speakers of the conference so i thought to myself well this is six this is a security conference so.
it would be really funny to see if i can exploit this somehow maybe exploit the presenters machine. and the aftermath of that is basically this. i managed to find across site security vulnerability by entering a piece of code into the speakers a into the type your question you and this was executed and the dialogue box popped up on the speaker computer so what happened was basically that the audience they started laughing in the. centres they turned around the main then state then they started laughing and the in my lower their he asked the wall who did that so i raised my hand and he said will give that man and applause and you know come up here and tell everyone what you just that and then he encouraged me to to give this lightning talk afterwards so i'm going to tell you what i did as you know with.
cross-eyed scripting will rebuild a piece what the attacker will try to do is to run malicious code on on the victims internet browser so this is this here is just the simplest and most basic thing you can test to. this free cross-eyed scripting vulnerability so i just started out with a simple script tagged with an alert exit the alert on the function from dollars script entered that into the question box and what happened then while the thing was a blank question turned up on the percent of you know. dialogue box no text just an empty question. so because of this i thought to myself that there is maybe a filter here that is trying to prevent cross-eyed scripting vulnerabilities. but the nice thing about the filters is that the oldest people they have a cheat sheet to get around these filters and from my experience when i do security testing when you get down to around number seventeen on this list you find something that works and if you don't find anything that works by that then you have this is the.
a screen shot from the whole table of contents you can see it's quite long there's over ninety methods different methods to get around these filters so there's something for from one for every taste hear them so some examples one i use their is on the top which is basically just by frame where the source attribute is.
set to a piece of java script code and you have to have java script to call on in front of its because this is a source attribute or or the one on the bottom there which it has become my personal favorite i type this in everywhere which is basically just an image tag which has the source attribute set to the roots. and this will generate an error and then you can have your job a script in the on air handler so for those of you who know slide show you know that they have hundred than sixty character limit for the questions so how much missed you can you do with hundred sixty characters you can type that much code right into hundred sixty characters. but we can get around that because what we can do is we can load and external script so this we do this in about hundred forty two characters you could probably get that down even further if you really put effort into it but this is a proof of concept that was working on his life though aware you base. sickly what you do with the job descriptive here is that you create a new script tag and then you set the source of tribute to arm to a job a script which is on you will have her dot com and then you a pen that script element to the dom so this will basically execute a external script and now sky's the limit basically. you don't have the honor and forty two hundred sixty character women anymore you can basically low whatever you want. so what happened after this was that you know you remember that slidell they had replied to troy on twitter so we now replied that he said well so we used to wrap them now we have a serious security will ability to report so luckily slight old they were really quick about this so they reply with the e-mail address but by now.
now you know this twitter conversation have become quite hilarious and also quite american first light of what they reply with the e-mail address so i emailed them with all the details and everything and you know of a good and four story here is that they they fix this quite quick i mean this was fixed by the next day and also peter cornick from now from. though he told me that this cross-eyed scripting will rebuild he was a big because they do escape old all the output the data from the user's they do that bought this but because of some customer some customised nation that they had done for customer this particular inputs and. it was all put it was not escaped so it's basically an honest mistake and way we we still think that slight always taking security seriously but this brings me over to my last light here which is about content security policy because this could save slide on this case because it can protect you from some honest mistake.
this and basically what content security policies about it's a hey cheaply response heather where your web server can tell the web browsers where they are allowed to load dynamic resources from so in the example there that you see on the middle of the slide what. the compton security policy there says is to the browser that you are only allowed to low scripts from current origin or from c.d.n. dock example dot com so in the previous example we tried to load a script for evil hacker dot com the content security policy would have ensured that the browser. or would know or at least any sane and modern browser the also any old i.e. users will be still with would be our lock but any sane and modern browser would then refuse to load that script so this is not and substitute for for for other security features but it can save your asked if you are unlucky. and if you have done some honest mistake. so thank you for listening.
two. the. i. ok. i think i'm going to talk about react. my name is on to associate and i work gets too close to us if i'm stuck developer i work with the java script and i especially liked to work would react. the record is a dose gift library for building user interfaces it was created on facebook and it was later open source. since it focuses only on the user interface we call it library and off the framework that you can use it together with most frameworks that exist. a i don't think that react it's just not library life here we usually say about the latest high. it does not look that different on the surface but the way i think in program would react as fundamentally change the way i create from the education says. it's more enjoyable to work with its also faster simpler reusable and testable. after this talk i hope that you are curious about react and want to learn more and maybe try to use it in export next project or application. so there are a lot of frameworks up there and react can be used by itself or can be plugged into one of these frameworks but most famous you should have a very broad scope and they have some parting with that the same thing that reactors. and many of these parts they tried to solve the same things that wrecked do for example may be programming less imperative. so they can do the same thing afghan and react can do the things of course of the other famous going there for a focus on features that are unique to react and make it great to work with. this is the framework of or this is architecture that most famous uses its called model of you view model. it focuses on enhancing the internal of representation of the page which is also called the dom. so the view is the same thing as saddam basically. but the dumbest slow and it has some issues it's also very bad to work with so we try to avoid a possible. the way we've created use in the surround frameworks is through h.t.m.l. templates so create a bunch of facial elements and you add some attribute to them and that by and set up to a variable in the view model. now if you change the view that will automatically change the variable in the new model and then that will have to back down to the view. so you can change the data anywhere he wants and the framework star was to keep everything in sync. now at facebook a series called based group they found it increasingly hard to maintain the cold with the structure previously fix bugs kept showing up again and again and example they get when talking about react it's the chat box. so in facebook you have a chat box in the lower right corner and then you also have a notification up in the top when you receive a message you should get notification both places. births. if you keep down in the bottom and read the message should be affected in other words if you had richard the that in the bottom or if you read the message on a phone it should be i think in both places. the bugs kept showing up all the time that broke this functionality. and finding these bugs that exist because state change in this specific order because of tiny shoes is a tedious and time consuming process so they decided to do something about it. this is the architecture of react the reactor him or or library. in this we break all types with the dom instead of trying to enhance it and the abstract away with this virtual them. the nice thing about breaking all the types with its that you can use it for and other things as well for example mobile development with reactivated. and since just a doll mr sloan but work with facebook took some liberties and made it faster and fix some of the issues that we experience. but the best part by far is this magic that's happening we don't have to think about the state's changing over time many more like the old days when you would essentially refreshed the whole page every time something changed.
so almost like a server rendered bache no need to define of you for any stay at any point in time and then react with expressed force. react this despite the rendering replication every time something changes then takes the new version and looks at the old version to find self what changed and it applies only this to the dawn. since the dawn is very slow we get a huge performance boost by touching these changes together and only reading and writing to the dominant absolutely necessary. our job than with stuart create this model and this is done using react components. now all the design decisions about how you create these react components are amazing. we can basically think of them as a function which only depends on the state of the component and the properties and then returns a virtual dahmer presentation. everything right to stop the script there's no wish him well. you encapsulate read all the state inside the component and the data only fields one way. let's look at a simple example most simple component. with only an input field and the label. we describe the state in this he get initial statement the and then we used to stay in iran or function which returns to view for the value and in this label or spend a month not commonly we have to identify know when we would be done because this would change something in the impact box. fear that would automatically of that model which with the date the label. but in react the view always depends on the state never the other way round so the label won't get affected but the thing i for thought was like mind blowing is that you can actually change in the box either effect would write something for nothing happens. so this is not good. said. to change the value of for him to box me to call set states with a new state well use this is the only way you are allowed to change the state inside the compartment and you're only allowed to do it inside a component which means that exists and cap selected inside the compound. therefore if there's something wrong with the state the application you know exactly where to look for the bug. just open the component and search for this stuff said states. you never need to worry about execution order or time issues either and this reduces the complexity of for use interface considerable. so to fix our simple component we explicitly set the state and input box on change called back is invoked receptor the air and then this function is getting cold. it now so might think that this is knowing or like this that her studies. it. so i think that this is annoying if you have to do this for all the like value changes in europe occasion that becomes law and look at all that code for such a simple component. but i find this very liberating you know exactly what's going to happen all the especially if you look at the old cold or other people's code it's easier to read and feinberg's. you also have control of execution order. and when this component gross very large it is encouraged to create some components or smaller components. so would react it is encouraged and quite easy to create reducible components everything is just tripped and all the components of functions and therefore feels very natural for most developers when you should expect these components. because you expect functions and local all the time. hopefully there's also a normal to extract oil to render function into its own status function because then the unit don't depend on any state at all. it only receives properties from its parent component and returns of you. this makes it extremely easy to test because your views are not pure functions you only send in some properties and get out of you representation and this contest like in whatever manner you want. to summarize wrecked this awesome at least for me it forces you to write good coat and your apple most likely be faster simply by using react without any kind of my station at all. it is simpler because of the state changes are split up into distinct faces and encapsulated inside the components. it's easy to an extra components into meaningful reusable subcomponents because everything's functions and you're used to doing that all the time and functions are quite easy to test so it makes our vacation quite possible. i hope he found this interesting want to find out more thank you for listening.
while will be removed when women who are one. a will.