Martin Fischer

Software Developer

„I'd rather have a search engine or a compiler on a deserted island than a game.“ - John Carmack


From design to implementation...

...is not just an empty phrase. Good software design starts with a solid business process. From my experience, I can confirm that adequately defined processes are essential for quality results. At this point, it is important to work out the process and its solution with the client, considering requirements from both the technical as well as the designing perspective. Especially with in-house development, it's an architectural team project by the developer and the client, not just task-oriented implementation.

Sustainability and quality means...

...considering impact of prospective requirements. These may be unknown by either the developer or the client. Working as a team rather than "solving tasks" is most important here, too. Sooner or later, software will reach its legacy state. Maintainable projects reach this point much later, especially if continuous improvements and refactoring are taken seriously. Just considering the quantity of solved tasks alone will reduce maintainability on the long run.

The human is central

User experience is our term for understanding how users interact with software. Oftentimes, UX and technical demands develop over the course of the implementation process. Whether the user is a developer, an end user, or is involved differently does indeed matter. My principle here is: Software should assist you with your work and feel self-evident, without requiring heavy prerequisites or setup. Using the application (and especially the update and deployment process) should not feel like petting a Tamagotchi.

Novel & outside the box approaches

The standard solution which pops into mind at first glance is not necessarily ideal. "Novel" isn't a contest for the creativity award, neither is it the raw opposite of mainstream problem solving. It means observing requirements and environment from an unprejudiced perspective rather than proceeding "default-mode development". There are, indeed, requirements that are not met by any standard solution.

A diverse team usually comes up with the most sophisticated solutions.

Portfolio

Experience / knowledge
Favorized
Top favorite
Not interested
Training or intention to learn

Technical

Programming and scripting/markup languages

  • C#
  • C++
  • PHP
  • HTML, CSS, JS
  • MS SQL
  • MySQL
  • Linux Bash Scripting
  • XML, JSON
  • Python
  • Assembler
  • Lua Script

Frameworks & 3rd party libraries

  • .NET Framework
  • WPF
  • Entity Framework
  • jQuery & jQuery UI
  • WCF
  • WinAPI
  • Xceed / Extended WPF Toolkit
  • Windows Forms
  • ASP.NET Web Forms
  • Arduino
  • DotNetBar for WinForms
  • MVVM Light (30%)
  • AngularJS (0%)
  • ASP.NET MVC (0%)

Applications

  • Visual Studio
  • Mercurial & Tortoise HG
  • Linux: Debian
  • SQL Server Management Studio
  • LINQPad
  • Wireshark
  • Process Monitor
  • InstallShield Limited Edition

Technologies

  • Software design, patterns, OOP
  • Reverse engineering, security, white hacking
  • LINQ
  • Algorithmic
  • Cryptography
  • Network (Sockets/TCP, HTTP)
  • Graphics processing
  • Parallelization

Social skills

  • Open minded
  • Straightforward
  • Honest
  • Trustworthy
  • Tolerant
  • Curious
  • Analytical / logical
  • Self-observant and reflective
  • Consistent

Methodic skills

  • Precision
  • Creative thinking
  • Transfer of learning
  • Understanding of usability
  • Presentations

Languages

    • German
    • First language
    • English
    • Very high level of written and spoken
    • Czech
    • Basic knowledge

Hobbies

  • Playing the piano
  • Bicycling
  • Programming
  • Drawing
  • Graffiti
  • Electrical engineering

References

UAC & Local Privilege Escalation

White hacking commonly involves reverse engineering in order to automate a process that is not easily accessible. Any application can be modified or intercepted to any extend. Even without bypassing security boundaries, you still have vast options of manipulation to ultimately improve automation, usability, accessibility or data extraction.

So much for horizontal privilege escalation in the business scope. The screenshots show my research on the user account control (UAC) and I have discovered several ways to bypass it and elevate privileges. Environment variables seemed particularly vulnerable to me, since there are various ways to inject them, leading to altered execution flow.

Source-code and binaries of 5 UAC exploits I discovered can be found on my project page. Please note, that I have educated Microsoft's security research team by sending a detailed whitepaper months before releasing them and to this date, they are not patched.

www.architektenkreis.de

architektenkreis is a website, where architects and students of architecture can present their projects.

For this web portal, I have developed a content management system, which handles multi-lingual content, the billing process and newsletter distribution. The customer can present their projects using images and text. There are different subscriptions to choose from with individual conditions.

Literay

Literay is a raytracer that I developed during my apprenticeship and which I kept working on. The renderer supports different 3D objects and effects, such as lighting and shadows, anti-aliasing, reflections and textures. Since raytracing is a task that can be easily parallelized, the raytracer utilized multithreading. The UI (the editor) is written in C# and WPF and the render engine itself is implemented in C++ for optimal performance.

Rendered scenes can be scripted using Lua. Since Lua is not a static markup script, more complex scenes can be created programmatically. 3D mathematics is an exciting topic for me, which is why I took this challenge.

The project page is here.

tick'it

During my apprenticeship there was demand for an issues tracker with individualized features. Standard solutions were not entirely satisfying, because they didn't meet all specific requirements. That's when the development of "tick'it" started. I developed the issues tracker using PHP and I also provided a desktop tool, which I've written in C# using the DotNetBar UI framework.

Over time, all kinds of features and improvement became essential to our apprentice. Some of them include the team calendar, a knowledge base and other features that improved our daily teamwork. tick'it is an individual issues tracker with lots of additions, which serves our requirements exactly. I kept maintaining it to become our core of organized work.

Processes that were previously driven by Excel and Word are now covered centrally.

Object detection algorithm

Our customer hosts an online store, which we have written a Windows app for. This app displays product pictures on the Metro UI, but it should only display the relevant part instead of the entire photo.

So, I developed an algorithm in C++ which detects the bounding box of the product on the image. The calculation is done on the client device, so performance did play a huge role. The detection took up to 100ms per image and was required to deliver an optimal result in at least 80% of cases.

The challenge was the vast variety of product images. Many of them had very heterogeneous backgrounds, like i.e. a wooden table. The position and the size of a displayed product varied a lot.

Musical floppy drives

This project started when I experimented with the Arduino microcontroller. So, I was figuring out if it was possible to utilize the motors of floppy drives to make music with them. After all, everything that can vibrate in a certain frequency can make music.

The project was very interesting, because it's within the field of electrical engineering and it's also quite challenging. So, I did my research on IDE connector and I came up with a working solution. The Arduino and my software work with converted MIDI files and play music with up to 6 channels. The device on the pictures works independent of a computer.

The project page including technical description and videos is here.

Bunte Brücke

("Painted Bridge") - A cultural project, sponsored by DRK. It was an arts project, organized by students of art and social work, including a group of refugees. The goal was to paint a bridge with graffiti, expressing cultural dialog. I was involved in the voluntary development of a landing page for project presentation.

Of course, I did also participate! Take a moment to guess which of the two motives I have painted. Both art and experiencing culture made this weekend very exciting.

buntebruecke.de and the article in Journal Frankfurt

Project page

You can find some of my projects online:

bytecode77.com - Have a look!

Activities

Stack Overflow

Stack Overflow is one of the most popular communities amongst software developers. This is due to the unique concept of Q&A, which provides answers to user's questions and also creates an enormous knowledge database for developers.

As a member, I like answering questions in order to contribute to the developer community and also to gain Reputation. In turn, a good reputation on Stack Overflow is helpful when posting questions.

YouTube

On my YouTube channel I'm presenting projects, which are interesting to viewers of the community. One of them is musical floppy drives (see also: References). This project gained the biggest audience, although it was never my primary goal to generate views or subscribers. I'm also showing off other projects, including a tesla coil that also makes music. (Yes, music is also my passion)

bytecode77.com

bytecode77.com is my project page with miscellaneous projects which I have developed over the years. Some of them include useful programs and tools, while others are research projects and PoC's which I developed for purely educational purposes.

Some of these projects however, became increasingly popular, which established my online reputation.

CV

Since 16.05.2016 MISUMI

Software Developer

  • In-house development of applications to improve business processes
  • As desktop application hosting sub-applications
  • Using WPF with WCF & MS SQL service backend
01.09.2011 - 15.05.2016 SYZYGY Deutschland GmbH

Software Developer

  • Development of web applications using ASP.NET
  • Miscellaneous projects in the field of graphics processing
  • Development of desktop applications in C#
30.07.2008 - 16.06.2011 Europäisches Berufsbildungswerk Bitburg

Apprenticeship: IT Specialist for Application Development

  • Development of desktop applications in C#
  • Web development using PHP

Imprint

Legal Disclosure

Information in accordance with section 5 TMG

Martin Fischer
Ben-Gurion-Ring 176
60437 Frankfurt am Main
Germany

Contact

Telephone +49 (0)160 4413375
Internet address martinfischer.it
E-mail mail@martinfischer.it

Disclaimer

Accountability for content

The contents of our pages have been created with the utmost care. However, we cannot guarantee the contents' accuracy, completeness or topicality. According to statutory provisions, we are furthermore responsible for our own content on these web pages. In this context, please note that we are accordingly not obliged to monitor merely the transmitted or saved information of third parties, or investigate circumstances pointing to illegal activity. Our obligations to remove or block the use of information under generally applicable laws remain unaffected by this as per §§ 8 to 10 of the Telemedia Act (TMG).

Accountability for links

Responsibility for the content of external links (to web pages of third parties) lies solely with the operators of the linked pages. No violations were evident to us at the time of linking. Should any legal infringement become known to us, we will remove the respective link immediately.

Copyright

Our web pages and their contents are subject to German copyright law. Unless expressly permitted by law (§ 44a et seq. of the copyright law), every form of utilizing, reproducing or processing works subject to copyright protection on our web pages requires the prior consent of the respective owner of the rights. Individual reproductions of a work are allowed only for private use, so must not serve either directly or indirectly for earnings. Unauthorized utilization of copyrighted works is punishable (§ 106 of the copyright law).

Privacy Statement

General

Your personal data (e.g. title, name, house address, e-mail address, phone number, bank details, credit card number) are processed by us only in accordance with the provisions of German data privacy laws. The following provisions describe the type, scope and purpose of collecting, processing and utilizing personal data. This data privacy policy applies only to our web pages. If links on our pages route you to other pages, please inquire there about how your data are handled in such cases.

Inventory data

  1. Your personal data, insofar as these are necessary for this contractual relationship (inventory data) in terms of its establishment, organization of content and modifications, are used exclusively for fulfilling the contract. For goods to be delivered, for instance, your name and address must be relayed to the supplier of the goods.
  2. Without your explicit consent or a legal basis, your personal data are not passed on to third parties outside the scope of fulfilling this contract. After completion of the contract, your data are blocked against further use. After expiry of deadlines as per tax-related and commercial regulations, these data are deleted unless you have expressly consented to their further use.

According to the Federal Data Protection Act, you have a right to free-of-charge information about your stored data, and possibly entitlement to correction, blocking or deletion of such data. Inquiries can be directed to the following e-mail addresses: (mail@martinfischer.it)