This Saturday, we (somehow) managed to squeeze the 140 attendees of Sit Hack and Relax into our office. People hacked on all sorts of projects including:

• FeelHN: Sentiment analysis for Hacker News comments
• JVM interpreter written in JavaScript
• Modernizing the Stripe Ubercart module
• Chrandora: Play or pause Pandora directly from the Chrome menu bar

We also had people learning how to use Redis, playing around with RubyMotion, and brushing up on CSS. Here's a taste of what happened:

Moments of triumph were had:

But of course there was also plenty of relaxing:

Missed this hackathon? Get notified about future events by adding yourself to our Meetup group!

You've had a long week. You deserve a nice relaxing hackathon at the Stripe office this weekend. Hack on a project, meet other coders, hang out, or just work on eating the food. Feel free to bring your own project or start one on the fly. All are welcome!

RSVP via our Meetup event. Hope to see you there!

People tend to have a narrow view of the problems they can solve using GDB. Many think that GDB is just for debugging segfaults or that it's only useful with C or C++ programs. In reality, GDB is an impressively general and powerful tool. When you know how to use it, you can debug just about anything, including Python, Ruby, and other dynamic languages. It's not just for inspection either—GDB can also be used to modify a program's behavior while it's running.

Read more

Today we're happy to release Einhorn, the language-independent shared socket manager. Einhorn makes it easy to have multiple instances of an application server listen on the same port. You can also seamlessly restart your workers without dropping any requests. Einhorn requires minimal application-level support, making it easy to use with an existing project.

Read more

Stripe is holding Office Hours this Thursday. If you're planning to integrate payments into your app any time soon, this is a great way to get started. The team will be around to help you with the integration and answer any questions you may have about accepting payments. We'll have food as well.

RSVP via our Meetup event. Hope to see you there!

Siddarth and I will be hanging out at Miracle of Science on Wednesday night. Come by, chat, and have a beer on us!

RSVP via our Meetup event.

Stripe is for large enterprises, rapidly-growing startups, side projects, and everything in between.

A few weeks ago, we decided to build something that shows the kinds of things being created with Stripe. As we did, it became clear fairly quickly that highlighting just a few users wouldn’t be enough. And so, rather than focus on a small number of sites, we instead put together the Stripe Gallery. It’s a detailed cross-section of what hundreds of Stripe users are building.

You can look at Stripe as a web company, a payments company, and a technology company. It is all of these things, but we look at Stripe through a different lens: we’re out to build a platform that makes it easy for others to implement their ideas. The internet is humanity’s most exciting invention. It’s always been great at facilitating communication and the real-time exchange of information, but the economic layer has lagged behind. It’s been cumbersome to build a business on the web.

Many of Stripe’s users—even those at large companies—tell us that, without Stripe, they simply wouldn’t be charging for anything. Hearing this is what tells us that we’re on the right track.

We’re very proud of our users, and we’re excited to show what they’re creating. Check out the Stripe Gallery, and let us know what you think.

Update: We've also posted downloadable Stripe CTF disk images, available by direct download or BitTorrent.

You're free to use the disk images to do your own cool things. The Stripe code on the disk images is licensed under a BSD license. Third party code included in the disk images is subject to its own license, which is included. We'd appreciate you letting folks know where you got the original code and we'd love to hear what cool things you're doing (but that's up to you).

Janos Gyerik has also created a Live CD image of the Stripe CTF that makes it even easier to get started.

We ran a capture the flag security challenge a few weeks ago. Expecting only one or two hundred people to look at it over the course of its week-long run, we were blown away when we found 900 simultaneous users logged in just a couple hours after we launched. Thanks for bearing with us while we provisioned more servers to handle the load.

Simultaneous users over time

Our users were largely anonymous, but we had people log in from 12,000 unique IP addresses. Among them we saw everything from startups and security firms to major universities and Fortune 100 technology companies. It was awesome to see participants hailing from all around the world.

By popular demand, we've created virtual machine images that you can use to run your very own Stripe CTF server. They're available in the Amazon Web Services us-west-1 and us-east-1 regions as AMIs owned by account 928171847254. When you log in as user ctf, you'll see instructions on how to get it up and running. We recommend using VPC so you can set outbound firewall rules.

I've posted the slides from my short security talk given at the meetup and the source code of each level. Several people have posted their solutions online. You can find more by searching for the final password: theflagl0eFTtT5oi0nOTxO5.

To the 250 people who solved every level and captured the flag: congratulations, your T-shirts will be in the mail soon! To everyone else who participated: we hope you enjoyed it as much as we did.

We recently rolled out three cool new improvements to dashboard.stripe.com. Enjoy!

Search

Search has been much improved. One of the most common uses of the Stripe dashboard is to immediately jump to a particular charge or customer, but doing so used to be fairly slow in a variety of cases.

To address this, we have deployed elasticsearch to make all queries far faster. In addition, we've simplified search semantics. Typeahead results used to differ from full search results; now, we always return the same results in both cases.

Client-side Caching

Until recently, every time you viewed a list of items in the dashboard (for example, the payments or customer lists), we fetched the latest data from the API. This round-trip led to a noticeable delay in rendering the page each time.

Within a session, though, it's usually the case that the list is the same as the last time you viewed it. To take advantage of that, we now use HTML5's LocalStorage (technically sessionStorage) to present the list immediately, without any latency, while fetching the most up-to-date data in the background. If there's new data to be displayed, you'll see a small notification at the top of the list.

Logs

Figuring out what’s going wrong in a complex stack can be pretty annoying. Building applications with Stripe involves sometimes subtle communication between your servers, your users' browsers, and Stripe, and debugging usually involves too much tail(1) and console.log.

It becomes even more complicated when you try to figure out at a later stage why something happened. For example, you may see a refunded charge and want to know how, why, or when it happened. To systematically solve issues like this, we decided to expose the raw HTTP requests sent to Stripe. Now, every Stripe API operation, including requests made using the dashboard itself, are available for inspection.

You can see all your requests in the new "Logs" section in the sidebar. Additionally, pages for individual objects (payments, customers, and so on) now show the HTTP requests pertaining to that particular object.

We expect that this will make development and debugging much easier, and we're really excited to launch it.

Come learn how common exploits work, or show off your own solutions to our Capture the Flag challenge! We're hosting a CTF Meetup at our office this Thursday.

The CTF organizers (Sidd, Andy, and I) will be giving a walkthrough of how to solve each level of the challenge. Beer and snacks are on us, and people of any technical skill level are welcome.

RSVP via our Meetup event.