Engineering at Prezi

For Our Daughters

Like many other companies, here at Prezi we want to see more diversity in the tech industry and in particular, we want to see more women. Why?

The obvious answer is a shallow one: I have a two-year-old daughter and I want her to grow up in a world where she has the same opportunities as everyone else. With the current state of her father’s chosen profession, she needs role models if she’s ever going to follow in my large round footsteps. Why does it matter if someone else has done it before her? Well, I suppose it shouldn’t, but it would make it a whole lot easier. I want her to be able to go to conferences and not feel like an outsider because she’s the only woman in a room. For this to happen, we need to prove to everybody that being sexist is not only outdated and morally incorrect, it’s also plain stupid.

Pride: Simpler Management of Modular App Development

This is the first post in a series on modular application development at Prezi.

Pride is a tool we built internally at Prezi to help our developers work on modular applications in their local development environments. We think you might find it useful (provided you use Gradle), so we’re now open-sourcing it. Give it a spin, and tell us what you think!

Building a large application means trouble. It’s unavoidable, a fact of life. What you get to choose is the kind of trouble you want to deal with. Some suggest keeping everything in one large, ever-growing repository, while others opt for SOA and similar micro-component architectures. In the past, with our Flash-based editor, we suffered enough from the pains of a monolithic beast to give aggressive modularization a try with our upcoming projects. Working on tooling was a necessary side effect and Pride is one of the outputs. It allows us to split our applications into components without our developers losing the benefits of working on a single codebase.

Outage of the Sentry

Erm, are you starting an outage postmortem with a pun?

Prezi recently suffered two site outages that prevented people from accessing their prezis for a total of almost four hours. It caused a lot of people serious problems, embarrassment, and stress. We’re sorry, and we owe everyone not just an apology but also an explanation. However, the pun is appropriate, because the reason for both outages was our use of a third-party piece of software called Sentry. Also puns are great.

Hack the Smoke Out of It

There was a time when the number of engineers at Prezi was small enough for us all to know each other’s names, favorite coding language, and embarrassing drunken habit. As we’ve tasted some success, and been able to chase our dream of a world that better shares ideas, more people have joined the party. This means a lot more “who’s that?” moments in the bistro. Combine this phenomenon with the value we put on stretching ourselves and you’re left with only one alternative: Bonding initiatives.

Heartbleed Defeated

Huge issues are rarely the result of one tiny mistake. But when that little error happens to occur within the context of a widely used crypto library, the impact can be catastrophic. I’m writing, of course, about Heartbleed, which affected up to ⅔ of all online businesses.

For those of you without an engineering background, Heartbleed took advantage of a security hole in recent versions of the OpenSSL library, meaning it could leak information from the server’s memory. Such information might be nothing more than meaningless junk with no context, or… in the worst cases, it could contain vital password data. Fortunately, the evidence indicates that we caught this problem before our users were negatively impacted.

Let me jump ahead to the end of the story. We were able to quickly and proactively respond to the threat of Heartbleed and eliminate any risk of unauthorized access to our users’ accounts. But what makes the story interesting is HOW we were able to get it done so fast.

Honest Deadlines

When I was eight years old, I would arrive home from school before my family. I hurried back so I could minimize the time spent on homework and maximize my hours spent watching TV and playing with our Commodore 64. One day, on the journey from the TV to the computer, I accidentally broke one of my mother’s vases. After my initial panic, I resolved to fix the vase with superglue. At the moment I thought of this resolution, in my mind, I was something of a genius, and I was sure my mother would never notice. However, being only eight years old, I had more success gluing my fingers together than the pieces of china.

Prezi Got Pwned: A Tale of Responsible Disclosure

Disclaimer: For purposes of reference, Prezi runs a Bug Bounty Program that invites attacks like the one detailed below.

The emails that arrive in a security engineer’s inbox can be put into three broad categories.

1) Readable
Details of a new Budapest craft beer bar
Links to articles about actual real-life hoverboards

2) Archivable
Announcement on changes to company travel policy
Links to articles about how that whole hoverboard thing was a scam

3) Mutable
Replies to the announcement on changes to the company travel policy
People teasing me about me taking the hoverboard thing seriously.

Every now and then there are those emails which fit into the “Shiiiiiit” category.

Prezi – the Land of the Polyglots

“I speak Spanish to God, French to women, English to men, and Japanese to my horse.” —Buckaroo Banzai

Ask any engineer “which programming language is the best?”, and you’ll get crushed by a deluge of answers ranging from stuff they started with in uni to something they read about on a tech blog ten minutes ago. Some will answer with whatever they’re using right now in their job, and a few more will tell you about something they think is going to be big, if only Google/Microsoft/Apple/King would see it for what it is!

We’re living in a multi-platform age. Gone are the days of writing for one operating system, in one or two languages, for only one (primary) client. Take Prezi. We never hire anyone as an “expert” Flash (or even JS) coder, but our product runs primarily on Flash, so a lot of people become one. Nobody really gets to specialize – one week you’re working in C++ (and we’re looking for you if you can too), and next week maybe the team needs you to dig down into JavaScript to get the job done.

Being an engineer/dev into today’s world means being a polyglot. At Prezi, we’ve got at least 14 main languages under our collective belts that people actively work in, day in and day out.