This page has been translated to Chinese by monklof.

I started writing down this list as a personal reminder of topics I had the chance to discuss with colleagues and friends, and that I wanted to deepen...

I'm not a big fan of asking technical questions in job interviews: I rather prefer to sit together with candidates in front of some real code, hands on the keyboard, facing a real problem, and have a full day of pair programming, hopefully rotating with all the other team members. Yet, I feel some technical questions could be a good starting point to begin an engaging and nice conversation, and this can be useful to get a deeper knowledge of each others.

This repo collects a number of back end related questions that can be used when vetting potential candidates. It is by no means recommended to use every single question on the same candidate: that would take hours, and would have no sense at all, as they cover a too broad set of topics for a single developer's to possibly know. Browse the section you find more relevant for your context, and pick the questions that give you more ideas on the conversation to have.

Most of the questions are open-ended, and some of them just don't have a right or a wrong answer. On the contrary, they are intended to be used as the starting point for a conversation that hopefully tells you more about the person's capabilities than a straight answer would. Personally, I would even choose the questions whose answers are not yet clear to me.

Again, I stress that just asking questions is hardly sufficient. Complete the interview with a long pair programming session with your candidates: it is one of the best opportunities to know each others' style and approach and to let candidates know some details about their future day job.

This project is admittedly inspired by Front-end Job Interview Questions by @darcyclarke

Sooner or later I will complete it with the relative answers. Feel free to contribute, it would be highly appreciated!

1. Questions about Design Patterns
2. Questions about Code Design
3. Questions about languages
4. Web Questions
5. Databases Questions
6. NoSQL Questions
7. Code Versioning Questions
8. Concurrency Questions
9. Questions about Distributed Systems
10. Questions about Software Lifecycle and Team Management
11. Questions about logic and algorithms
12. Questions about Software Architecture
13. Questions about Service Oriented Architecture and Microservices
14. Questions about Security
15. General Questions
16. Open Questions
17. Questions based on snippets of code
18. Bill Gates Style Questions

Q: Why are global and static objects evil? Can you show it with a code example?

A: Static varables represent global state - even if encapsulated in an object. It's hard to reason about and test code using static variables. The reason is any other code could be modifying the variable and so it's difficult to reason about its current state.

Prefer the singleton design pattern over static. It's easier to transform from a singleton to multiple objects vs using static variables.

Q: Tell me about Inversion of Control and how does it improve the design of code. A: Inversion of control is a design principle in which custom written portions of a computer program receive the flow of control from a generic framework. This is different from traditional procedural programming where the custom code calls reusable libraries to take care of generic tasks.

Inversion of control increses the modularity of software, making it more extensible than the former traditional approach. You see inversion of control approaches in many popular windowing and application development frameworks today. IoS, Windows API, Android etc all feature the use of inversion of control as the core programming pardigm.

. Service Locator Pattern . Dependency Injection . Template method design pattern . Strategy design pattern

Q: The Law of Demeter (the Principle of Least Knowledge or LoD) states that each unit should have only limited knowledge about other units and it should only talk to its immediate friends (sometimes stated as "Don't talk to strangers"). Would you write code violating this principle, show why it is a bad design and then fix it? A: The law of Demeter is succintly summarized as "when one wants a dog to walk, one does not command the dogs legs to walk directly; instead pme commands the dog which then commands its own legs"

its advantage includes the resulting software tends to be more maintainable or adaptible since the caller does not meed to understand the internal structure of other objects.

The problem adhering to the LoD is it leads to narrow interfaces. In order to complete any non-trivial activity, you will need to create wrapping methods to call collections of functions togrether. Sometimes this will add noticable time and space overhead to the binaries.

Q: Active-Record is the design pattern that promotes objects to include functions such as Insert, Update, and Delete, and properties that correspond to the columns in some underlying database table. In your opinion and experience, which are the limits and pitfalls of the this pattern?

A: The active record pattern is an architectural pattern found in software that stores in-memory object data in relational databases. It's an approach to accessing data in a database. A database table or vieew is wrapped into a class. The object instance represents a single row in the table. After creation of the object a new row is added to the table upon save. Updated objects also update rows in the table. The wrapping class also implements accessor methods (insert, update, delete) for the table or view.

Active record has problems with testability. Because databse interaction and application logic is coupled to the object, testing an active record object without a database becomes difficult. These negative effects can be managed by mocking or via dependency injection frameworks to substitute the real data teir with a similated one.

An active record pattern also, due to strong coupling of database interaction violates the single responsibility principle and separations of concerns. If you think about it, a naively implemented active record pattern will also contain business logic - and this monstrocity now contains business logic as well as persistence. Compared to a multi-teir architecture this is difficult to reason about or refactor as knowledge about the business domain improves. It's also more difficult to adapt these active records to changing data teir requirements. Because of this, the active record pattern is best and most employed in simple applications that are forms over data with CRUD functionality - or only as one part of an architecture, the data teir.

• Data-Mapper is a design pattern that promotes the use of a layer of Mappers that moves data between objects and a database while keeping them independent of each other and the mapper itself. On the contrary, in Active-Record objects directly incorporate operations for persisting themselves to a database, and properties corresponding to the underlying database tables. Do you have an opinion on those patterns? When would you use one against the other?

Active record's pros and cons were discussed above. Here we'll discuss Data Mapper, discuss the differences between both and compare + contrast.

Unlike Active Record data mapper acts a layer between the business domain of the application and the database that persists data. While active record seeks to invisibly bridge the gaps between the two as seemlessly as possible, the role of the data mapper is to allow you explicitly consider the two more independently. Hibernate is an example of the data mapper patter.

Pros . Allows for greater flexibility betw4een the domain and the database. If you have less control over the database schema, this might be a good idea. . Can be more performant. Because there is no layer of abstraction and indirection between domain objects and the database, there is more opportuity to have the data mapper make more efficient use fo the database.

Cons. . Hard to setup. Active Record is designed to be simple to introduce with little configuration from the end user. With Data Mapper, the user has to invest more effort and think harder about how to configure the data mapping.

Guiding Principles.

• If your application is simple and does not have much logic use an ORM based on Active Record.
• If your application needs to abstract domain objects from the database representation use an ORM based on DataMapper
• If performance is a concern, don't try to optimize the ORM queries and use pure SQL with a data mapper.

• Why it is often said that the introduction of null is a "Billion dollar mistake"? Would you discuss the techniques to avoid it, such as the Null Object Pattern introduced by the GOF book, or Option types?

Null is a problem because it essentially subverts type checking at static time. Because any object can be a null and toss an exception when you attempt to use it, your object oriented code is basically a collection of unexploded bombs.

Naive programmers may think "you just have to do more error graceful handling", but that still assumes that one is aware of all the situations an object can be null - which is a less obvious endeavor.

A summary of the reasons why Null is a mistake.

1. Null subverts types

x.toUppercase()

With static type checking the compiler will succeed with toUpperCase is x is of type String or fail if x is of type Socket. But the problem is every type is actually of type T or null. So at runtime if x is null your program will explode.

2. Null is sloppy.

if (str == null || str.equals(""))

if (string.IsNullOrEmpty(str))

^^ nuff said. because of what we discussed in 1. above, we have to do these checks to avoid explosions.

3. Null is a special case.

char *myChar = 0;
std::cout << *myChar << std::endl; // runtime error

The reason why we allow ^^ is because NULL is a special case in strings. In all other scenarios like below

char *myChar = 123; // compile error
std::cout << *myChar << std::endl;

the compiler will scream about it.

4. Null makes poor APIs

Some APIs will use NULL to simultaneously represent the absence of cached data (perhaps due to a timeout) and the absence of data in general. Don't do this, it's difficult to disambiguate and will lead to expensive recomputation to validate.

5. Null exacerbates poor language decisions.

int x = null; // compile error

Integer i = null;
int x = i; // runtime error

Nuff Said.

6. Null is difficult to debug.

Consider this example.

#include <iostream>
struct Foo {
    int x;
    void bar() {
        std::cout << "La la la" << std::endl;
    }
    void baz() {
        std::cout << x << std::endl;
    }
};
int main() {
    Foo *foo = NULL;
    foo->bar(); // okay
    foo->baz(); // crash
}

Compiling with gcc, the first call will succeed and the second will fail.

In the first case, foo_bar is known at compile time and inlined.

Howevef if we reqrite Foo as

#include <iostream>
struct Foo {
    int x;
    virtual void bar() {
        std::cout << "La la la" << std::endl;
    }
    void baz() {
        std::cout << x << std::endl;
    }
};
int main() {
    Foo *foo = NULL;
    foo->bar(); // okay
    foo->baz(); // crash
}

int main() {
    Foo *foo = NULL;
    foo->bar(); // crash
    foo->baz(); // crash
}

and call main() foo->bar() will crash. This is because the rewrite as virtual will force a v-table lookup, in this case the lookup will identify the type and the NULL ptr reference will fail.

7. Null is not composable.

Solutions

We need an entity that contains information about (1) wether it contains any value and (2) the contained value. And it should be able to contain any type. This is essentially the optional type Option[T} popular in Java 8+, Swift, Scala etc.

A: Many state that, in Object-Oriented Programming, Composition is often a better option than Inheritance. What's you opinion?

Composition is generally favored over inherirance because it gives the design more flexibility. it's more natural to build (and represent) a business domain out of various components rather than find commonality beteween them and create a hierarical relationship. For example, a gas pedal and a wheel share very few common traits - but are both vital components in a car. it's easier to compose a car out of their individual behaviors rather than find commonalities to derive from and inherit. Composition in general provides a more stable business domain in the long term as it is less prone to the quirks of the hierachy.

A common drawback of comoposition over inheritance is that methods provided by the composed compoennts may have to be implemented in the derived type even if they are forwarding methods. Inheritance in the other hand does not require all the base class methods to be implemented in the derived type. In this case, the derived class only needs to implement (override) the methods having different behavior from the base classes methods. This can require significantly less programming effort if the base class contains many methods for providing default behavior and only a few of them need to be overridden with the derived class.

Q: What is an Anti-corruption Layer?

A: An anti-corrupton layer implements a facade / adapter layer between different subsystems that do not share the same semantics. it translates requests that one subsystem makes to another subsystem. the pattern is used to ensure that an applications's design is not "corrupted" by dependencies on ouside domains. It's very popular to use this pattern to intregrate legacy systems with more modern equivalents. Expect to see this in use for gradual migrations where different features of a larger application are moved to a modern system over time.

• The layer may add latency to calls between two systems.
• The anti-corruption layer is a new service that must be managed and maintained.
• Consider how this layer will scale.
• Consider if you need more than one anti-corrupton layer. You may want to decompose functionality into multiple services using different technologies / services. There could be good reasons to partitoin the anti-corruption layer.
• Consider how the anti-corrupton layer will be managed in relation with other applications or services. How will it be integrated into the monitoring, release and management amd configuration process.
• Maintain and monitor transaction and data consistency of this layer.
• Consider if the layer needs to handle all communication between different subsystems or just a subset of features.
• if the anti-corrupton layer is part of an application migration strategy, consider if it will be permanent or retired after all legacy functionalty has been migrated to the modern solution.

Use the anti-corruption layer pattern when you intend to migrate a platform over multiple stages but need to maintain integration between new and legacy systems over time and/or if systems need to communicate over different semantics.

Q: Singleton is a design pattern that restricts the instantiation of a class to one single object. Writing a Thread-Safe Singleton class is not so obvious. Would you try?

package com.usableapps.singleton;

public class ThreadSafeSingleton {

    private static ThreadSafeSingleton instance;
    
    private ThreadSafeSingleton(){}

    /**
     * This is syncronyzed and lazy. Only when getInstance is called will the caller
     * get access to the singleton.
     */    
    public static synchronized ThreadSafeSingleton getInstance(){
        if(instance == null){
            instance = new ThreadSafeSingleton();
        }
        return instance;
    }

    /**
     * The problem with the approach above is syncronyzed on the function is expensive. 
     * If the instance is already initialized there's no need to lock the entire object.
     * so we use double chained locking to ensure only one instance of the singleton class is created.
     */
    public static ThreadSafeSingleton getInstanceUsingDoubleLocking(){
      if(instance == null){ // first check no locking
          synchronized (ThreadSafeSingleton.class) {
              if(instance == null){ // second check
                  instance = new ThreadSafeSingleton();
              }
          }
      }
      return instance;
    }
}

object ThreadSafeSingleton {}

Note: Scala used to have a thread safety issue. https://issues.scala-lang.org/browse/SI-3007 Now fixed.

Q: The ability to change implementation without affecting clients is called Data Abstraction. Produce and example violating this property, then fix it. A:

Q: Write a snippet of code violating the Don't Repeat Yourself (DRY) principle. Then, fix it. A: Easy. Left for reader.

Q: How would you deal with Dependency Hell? A: Dependency Hell refers to the frustration of software users who have software packages which have dependencies on specific versions of a software package.

Assume two softare packages S1 and S2 have a dependency on library D. if S1 -> D1, meaning S1 depends on version 1 of D and S2 -> D2, if D1 and D2 are saved in a shared repo any incompaible changes from D1 -> D2 will cause S1 to break. Incompatible changes might not be avoidable. As software libraries evolve and the domain becomes well understood, it may become necessary to introduce new functionality / features / capabilities to a software package to enhance its functionality.

^^ is a simpler representation. More examples of dependency hell exist/

. Many Dependencies: Application requires many libraries - lengthy downloads and lots of space required. . Chained Dependencies: S1 -> D1 -> {L3 -> A1, C4 -> {F2, L2, X1}}. This happens a lot. Note the subtle representation of conflicts with C4 and D1. These conflicts may be inadvertent and if incompatible the application is unusable. . Circular Dependencies. A2 -> B1 -> A0

. Version Numbering - use a version numbering system. Preferrably semantic numbering with minor numbers tracking compatible changes. Use major numbers to mark incompatible changes.

• Private, per application versions / portable applications - localize all the application's dependencies so the application is in full charge of its dependencies
  • Variations of this include: side by side installation eg. Global Assembly Cache in .NET. Here the operating system introduces facilities to gurantee the application receives the explicitly requested version of the shared library.
• Portable applications - The application is coded in a way that makes it portable. It's essentially an implementation of the strategies mentioned ^^
• Smart Package Management - Package managers will perform smart upgrades e.g. Apt, Yum, Urpmi, Zypp, Portage, Pagman etc. They automatically resolve and upgrade dependencies and dependent programs when necessary.

Q: Is goto evil? You may have heard of the famous paper "Go To Statement Considered Harmful" by Edsger Dijkstra, in which he criticized the use of the goto statement and advocated structured programming instead. The use of goto has always been controversial, so much that even Dijkstra's letter was criticized with articles such as "'GOTO Considered Harmful' Considered Harmful". What's your opinion on the use of goto?

The reason why Goto is considered harmful is because goto, when used without consideration, severely breaks the logical structure of code leading to spaghetti code.

Now this is not to say all goto usage is bad. Goto usage where goto is only used to move forward in a function, and never backwards might be ok. This class of usage does not introduce a loop construct - and is always the simplest and clearest way to implement some behavior in C/C++ programs e.g. cleaning up and returning on error.

if (do_something() == ERR)  // Straight line
    goto error;             // |
if (do_something2() == ERR) // |
    goto error;             // |
if (do_something3() == ERR) // |
    goto error;             // V
if (do_something4() == ERR) // emphasizes normal control flow
    goto error;

^^ is typical usage in linux.

Q: The robustness principle is a general design guideline for software that recommends "Be conservative in what you send, be liberal in what you accept". It is often reworded as "Be a tolerant reader and a careful writer". Would you like to discuss the rationale of this principle?

So the rationale of the robustness principle was from Jon Postel's early TCP specification paper. "TCP implementations should follow a general principle of robustness...." He meant that programs should send messages to other machines that conform to specifications but recieve messages that are non-conformat as long as the meaning is clear. This was at a time when networks were not as reliable and of course he was trying to optimize and reduce re-transmissions.

Today, the robustness principle isn't necessarily lauded. Implementations using this philosophy have largely been the cause of variant behavior across different implementations. IMO it is better to allow only explicitly specified messages that follow the confines of the specification. At worst if you decide to process, log the non-conformant message. The robustness principle has also been the cause of multiple security bugs in applicatins.

The robustness principle can also be pedantically rewritten as "to produce compatible functions be contravariant in the input type and covariant in the output type".

Q: Separation of Concerns is a design principle for separating a computer program into distinct areas, each of ones addressing a separate concern. There are a lot of different mechanisms for achieving Separation of Concerns (use of objects, functions, modules, or patterns such as MVC and the like). Would you discuss this topic?

Separation of concerns is a design principle that segments a computer program into distinction sections. Each section addresses a separate concern - the concern being information or a detail that must be handled by the computer program. it could be networking, the architecture of the processor, the type of data the applicaiton must handle etc. The advantage of approaching programs with a separation of concerns mindset is it allows computer programs to be modular and simpler to reason about. If done correctly, applications can be put together by composing differnt separate components to solve a more complex problem. Also the individual sections can be reused, developed and updated independently.

One of the best examples demonstrating the success of a Separation of Concerns approach is the internet protocol stack.

• It is often heard that one of the most important goals in Object-Oriented Design (and code design in general) is to have High Cohesion and Loose Coupling. What does it mean? Why is it that important and how is it achieved?
• Why does array index start with '0' in most of languages?
• How do tests and TDD influence code design?
• Write a snippet of code violating the Don't Repeat Yourself (DRY) principle. Then, explain why is it a bad design, and fix it.
• What's the difference between cohesion and coupling?
• What is refactoring useful for?
• Are comments in code useful? Some say they should be avoided as much as possible, and hopefully made unnecessary. Do you agree?
• What is the difference between design and architecture?
• Why in TDD are tests written before code?
• C++ supports multiple inheritance, and Java allows a class to implement multiple interfaces. What impact does using these facilities have on orthogonality? Is there a difference in impact between using multiple inheritance and multiple interfaces? Is there a difference between using delegation and using inheritance? [This question is from The Pragmatic Programmer, by Andrew Hunt and David Thomas]
• Pros and cons of holding domain logic in Stored Procedures.
• In your opinion, why have Object-Oriented Design dominated the market for so many years?
• What would you do to understand if your code has a bad design?

• Tell me the 3 worse defects of your preferred language
• Why is there a rising interest on Functional Programming?
• What is a closure, and what is useful for? What's in common between closures and classes?
• What are generics useful for?
• What are high-order functions? What are they useful for? Write one, in your preferred language.
• Write a loop, then transform it into a recursive function, using only immutable structures (i.e. avoid using variables). Discuss.
• What does it mean when a language treats functions as first-class citizens?
• Show me an example where an Anonymous Function can be useful
• There are a lot of different type systems: let's talk about static and dynamic type systems, and about strong and weak ones. You surely have an opinion and a preference about this topic. Would you like to share them, and discuss why and when would you promote one particular type system for developing an enterprise software?
• What are namespaces useful for? Invent an alternative.
• Talk about Interoperability between Java and C# (in alternative, choose 2 other arbitrary languages)
• Why do many software engineers not like Java?
• What makes a good language good and a bad language bad?
• Write two functions, one Referentially Transparent and the other one Referentially Opaque. Discuss.
• Whats the Stack and what's the Heap? What's a Stack Overflow?
• Why is it important that in a language functions are first class citizens?
• Some languages, especially the ones that promote a Functional approach, allow a technique called Pattern Matching. Do you know it? How is Pattern Matching different from Switch clauses?
• Why do some languages have no exceptions by design? What are the pros and cons?
• If Cat is an Animal, is TakeCare<Cat> a TakeCare<Animal>?
• Why in Java, C# and many other languages constructors are not part of the interface?
• In the last years there has been a lot of hype on Node. What's your opinion on the use in the back end of a language that was initially conceived to run in the browser?
• Pretend you have a time machine and pretend that you have the opportunity to go to a particular point in time during Java's (or C#, Python, Go or whatever) history, and talk with some of the JDK architects. What would you try to convince them of? Removing checked exceptions? Adding unsigned primitives? Adding multiple-inheritance?

• Why first-party cookies and third-party cookies are treated so differently?
• How would you manage Web Services API versioning?
• From a Back End perspective, are there any disadvantages or drawbacks on the adoption of Single Page Applications?
• Why do we usually put so much effort for having stateless services? What's so good in stateless code and why and when statefullness is bad?
• REST and SOAP: when would you choose one, and when the other?
• In Web development, Model-View Controller and Model-View-View-Model approaches are very common, both in the Back End and in the Front End. What are they, and why are they advisable?

• How would you migrate an application from a database to another, for example from MySQL to PostgreSQL? If you had to manage that project, which issues would you expect to face?
• Why databases treat null as a so special case? For example, why in SQL SELECT * FROM table WHERE field = null does not match records with null field?
• ACID is an acronym that refers to Atomicity, Consistency, Isolation and Durability, 4 properties guaranteed by a database transaction in most of the database engines. What do you know about this topic? Would you like to elaborate?
• How would you manage database schema migrations, that is, how would you automate the changes a database schema is affected to, as the application evolve, version after version?
• How is Lazy Loading achieved? When is it useful? What are its pitfalls?
• The so called "N + 1 problem" is an issue that occurs when the code needs to load the children of a parent-child relationship with a ORMs that have lazy-loading enabled, and that therefore issue a query for the parent record, and then one query for each child record. How to fix it?
• How would you find the most expensive queries in an application?
• In your opinion, is it always needed to use database normalization? When is it advisable to use denormalized databases?
• Of of the Continuous Integration's techniques is called Blue-Green Deployment: it consists in having two production environments, as identical as possible, and in performing the deployment in one of them while the other one is still operating, and than in safely switching the traffic to the second one after some convenient testing. This technique becomes more complicated when the deployment includes changes to the database structure or content. I'd like to discuss this topic with you.

• What is Eventual Consistency?
• The Brewer's Theorem, most commonly known as the CAP theorem, states that in the presence of a Network Partition (the P in CAP), a system's designer has to choose between Consistency (the C in CAP) and Availability (the A in CAP). Can you think about examples of CP, AP and CA systems?
• How would you explain the recent rise in interest for NoSQL?
• How does NoSQL tackle scalability challenges?
• In which case would you use a document database like MongoDB instead of a relational database like MySQL or PostgreSQL?

• Why is branching with Mercurial or git easier than with SVN?
• What are the pros and cons of Distributed Version Control Systems like Git over Centralized ones like SVN?
• Could you describe GitHub Flow and GitFlow workflows?
• What's a rebase?
• Why merges are easier with Mercurial and git than with SVN and CVS?

• Why do we need Concurrency, anyway? Explain.
• Why is testing multithreading / concurrent code so difficult?
• What is a Race Condition? Code an example, using whatever language you like.
• What is a Deadlock? Would you be able to write some code that is affected by deadlocks?
• What is Process Starvation? If you need, let's review its definition.
• What is a Wait Free algorithm?

• How to test a distributed system?
• In which case would you apply asynchronously communication between two systems?
• What are the general pitfalls of Remote Procedure Call?
• If you are building a distributed system for scalability and robustness, what are the different things you'd think of in the case you are working in a closed and secure network environment or in geographically distributed and public system?
• How to manage Fault Tolerance in a Web application? And in a Desktop one?
• How to deal with failures in Distributed Systems?
• Let's talk about the several approaches to Reconciliation after network partitions
• What are the Fallacies of Distributed Computing?
• When would you use Request/Reply and when Publish/Subscribe?
• Suppose the system you are working on does not support transactionality. How would you implement it from scratch?

• What is agility?
• How would you deal with Legacy Code?
• Say I'm your Project Manager, and I'm no expert in programming. Would you try explaining me what Legacy Code is and why should I care about code quality?
• I'm the CEO of your company. Explain to me Kanban and convince me to invest in it.
• What is the biggest difference between Agile and Waterfall?
• Being a team manager, how would you deal with the problem of having too many meetings?
• How would you manage a very late project?
• "Individuals and interactions over processes and tools" and "Customer collaboration over contract negotiation" comprise half of the values of the Agile Manifesto. Discuss
• Tell me what decisions would you take if you could be the CTO of your Company.
• Are Program Managers useful?
• Organize a development team using flexible schedules (that is, no imposed working hours) and "Take as you need" vacation policy
• How would you manage a very high turn over and convince developers not to leave the team, without increasing compensation? What could a Company improve to make them stay?
• What are the top 3 qualities you look for in colleagues, beyond their code?
• What are the top 3 things you wish non-technical people knew about code?
• Imagine your company gives you 1 month and some budget to improve your and your colleagues' daily life. What would you do?

• Make a FIFO Queue using only LIFO Stacks. Then build a LIFO Stack using only FIFO Queues.
• Write a snippet of code affected by a Stack Overflow
• Write a tail-recursive version of the factorial function
• Using your preferred language, write a REPL that echoes your inputs. Evolve it to make it an RPN calculator.
• How would you design a "defragger" utility?
• Write a program that builds random mazes.
• Write a sample code that produces a memory leak
• Generate a sequence of unique random numbers
• Write a simple Garbage collection system
• Write a basic message broker, using whatever language you like.
• Write a very basic web server. Draw a road map for features to be implemented in the future.
• How would you sort a 10GB file? How would your approach change with a 10TB one?
• How would you programmatically detect file duplicates?

• When is a cache not useful or even dangerous?
• Why does Event-Driven Architecture improve scalability?
• What makes code readable?
• What is the difference between emergent design and evolutionary architecture?
• Scale out vs scale up: how are they different? When to apply one, when the other?
• How to deal with failover and user sessions?
• What is CQRS (Command Query Responsibility Segregation)? How is it different from the oldest Command-Query Separation Principle?
• The so called "multitier architecture" is an approach to design a client–server system aimed to keep physically and logically separated presentation, application processing, data management and other functions. The most widespread of the multitier architectures is the three-tier architecture. Would you discuss the pros and cons of such approach?
• How would you design a software system for scalability?
• Someone gave the name "The "C10k problem" to the problem of optimising network sockets to handle over 10.000 open connections at once. While handling 10.000 concurrent clients is not the same as handling 10.000 open connection, the context is similar. It's a tough challenge anyway, and no one is expected to know every single detail to solve it. It may be interesting to discuss the strategies you know to deal with that problem. Would you like to try?
• How would you design a decentralized (that is, with no central server) P2P system?
• You may recall that Common Gateway Interface (CGI) is a standard protocol for web servers to execute programs (CGI scripts) that execute as Command-line programs on a server, and that dynamically generate HTML pages when invoked by a HTTP request. Perl and PHP used to be common languages for such scripts. In CGI, a HTTP request generally causes the invocation of a new process on the server, but FastCGI, SCGI and other approaches improved the mechanism, raising the performance, with techniques such as preforking processes. Can you imagine why has't CGI eventually win, and was instead replaced with other architectural approaches?
• How would you defend the design of your systems against Vendor Lock-in?
• What are the disadvantages of the Publish-Subscribe pattern at scale?
• What's new in CPUs since the 80s, and how does it affect programming?
• In which part of the lifecycle of a software performance should be taken in consideration, and how?
• How could a Denial of Service arise not maliciously but for a design or architectural problem?
• What’s the relationship between Performance and Scalability?
• When is it OK (if ever) to use tight coupling?
• What characteristic should a system have to be Cloud Ready?
• Does unity of design imply an aristocracy of architects? Putting it simple: can good design emerge from a collective effort of all developers?
• What's the difference between design, architecture, functionality and aesthetic? Discuss.

• Why, in a SOA, long-lived transactions are discouraged and Sagas are suggested instead?
• What are the differences between Soa and Microservices?
• Let's talk about web services versioning, version compatibility and breaking changes.
• What's the difference between a transaction and a compensation operation in a saga, in SOA?
• When is a Microservice too micro?
• What are the pros and cons of MicroService architecture?

• How do you write secure code? In your opinion, is it one of the developer's duties, or does it require a specialized role in the company? And why?
• Why is it said that cryptography is not something you should try to invent or design yourself?
• What is two factor authentication? How would you implement it in an existing web application?
• If not carefully handled, there is always a risk of logs containing sensitive information, such as passwords. How would you deal with this?
• Write down a snippet of code affected by SQL Injection and fix it.
• How would it be possible to detect SQL Injection via static code analysis? I don't expect you to write an algorithm capable of doing this, as it is probably a huge topic, but let's discuss a general approach.
• What do you know about Cross-Site Scripting? If you don't remember it, let's review online its definition and let's discuss about it.
• What do you know about Cross-Site Forgery Attack? If you don't remember it, let's review online its definition and let's discuss about it.
• How does HTTPS work?
• What's a Man-in-the-middle Attack, and why does HTTPS help protect against it?
• How can you prevent the user's session from being stolen? Chances are you remember what Session or Cookie Hijacking is, otherwise let's read its Wikipedia page together.

• Why does Functional Programming matter? When should a functional programming language be used?
• How do companies like Microsoft, Google, Opera and Mozilla profit from their browsers?
• Why does opening a TCP socket have a large overhead?
• What is Encapsulation important for?
• What is a real-time system and how is it different from an ordinary system?
• What's the relationship between real-time languages and heap memory allocation?
• Immutability is the practice of setting values once, at the moment of their creation, and never changing them. How can immutability help write safer code?
• What are the pros and cons of mutable and immutable values.
• What's the Object-Relational impedance mismatch?
• Which principles would you apply to define the size of a cache?
• What's the difference between TCP and HTTP?
• What are the tradeoffs of client-side rendering vs. server-side rendering?
• How could you develop a reliable communication protocol based on a non-reliable one?
• Tony Hoare who invented the null reference once said "I call it my billion-dollar mistake" since it lead to "innumerable errors, vulnerabilities, and system crashes, which have probably caused a billion dollars of pain and damage in the last forty years". Imagine you want to remove the possibility to have null references in your preferred language: how would you achieve this goal? What consequences could this have?

• Why do people resist change?
• Explain threads to your grandparents
• As a software engineer you want both to innovate and to be predictable. How those 2 goals can coexist in the same strategy?
• What makes good code good?
• Explain streaming and how you would implement it.
• Say your Company gives you one week you can use to improve your and your colleagues' lifes: how would you use that week?
• What did you learn this week?
• There is an aesthetic element to all design. The question is, is this aesthetic element your friend or your enemy?
• List the last 5 books you read.
• How would you introduce Continuous Delivery in a successful, huge company for which the change from Waterfall to Continuous Delivery would be not trivial, because of the size and complexity of the business?
• When does it make sense to reinvent the wheel?
• Let's have a conversation about "Reinventing the wheel", the "Not Invented Here Syndrome" and the "Eating Your Own Food" practice
• What's the next thing you would automate in your current workflow?
• Why is writing software difficult? What makes maintaining software hard?
• Would you prefer working on Green Field or Brown Field projects? Why?
• What happens when you type google.com into your browser and press enter?
• What does an Operating System do when it has got no custom code to run, and therefore it looks idle? I would like to start a discussions about interrupts, daemons, background services, polling, event handling and so on.
• Explain Unicode/Database Transactions to a 5 year old child.
• Defend the monolithic architecture.
• What does it mean to be a "Professional Developer"?
• Is developing software an art, a craftsmanship or an engineering endeavour? Your opinion.
• "People who like this also like... ". How would you implement this feature in an e-commerce shop?
• Why are corporations slower than startups in innovating?
• What have you achieved recently that you are proud of?

• What's the output of this Javascript function?

function hookupevents() {
  for (var i = 0; i < 3; i++) {
    document.getElementById("button" + i)
      .addEventListener("click", function() {
        alert(i);
      });
  }
}

• About Type Erasure, what's the output of this Java snippet, and why?

ArrayList<Integer> li = new ArrayList<Integer>();
ArrayList<Float> lf = new ArrayList<Float>();
if (li.getClass() == lf.getClass()) // evaluates to true
  System.out.println("Equal");

• Can you spot the memory leak?

public class Stack {
    private Object[] elements;
    private int size = 0;
    private static final int DEFAULT_INITIAL_CAPACITY = 16;

    public Stack() {
        elements = new Object[DEFAULT_INITIAL_CAPACITY];
    }

    public void push(Object e) {
        ensureCapacity();
        elements[size++] = e;
    }

    public Object pop() {
        if (size == 0)
            throw new EmptyStackException();
        return elements[--size];
    }

    /**
     * Ensure space for at least one more element, roughly
     * doubling the capacity each time the array needs to grow.
     */
    private void ensureCapacity() {
        if (elements.length == size)
            elements = Arrays.copyOf(elements, 2 * size + 1);
    }
}

• ifs and in general conditional statements lead to procedural and imperative programming. Can you get rid of this switch and make this snippet more object oriented?

public class Formatter {

    private Service service;

    public Formatter(Service service) {
        this.service = service;
    }

    public String doTheJob(String theInput) {
        String response = service.askForPermission();
        switch (response) {
        case "FAIL":
            return "error";
        case "OK":
            return String.format("%s%s", theInput, theInput);
        default:
            return null;
        }
    }
}

• Can you get rid of these ifs and make this snippet of code more object oriented?

public class TheService {
    private final FileHandler fileHandler;
    private final FooRepository fooRepository;

    public TheService(FileHandler fileHandler, FooRepository fooRepository) {
        this.fileHandler = fileHandler;
        this.fooRepository = fooRepository;
    }

    public String Execute(final String file) {

        final String rewrittenUrl = fileHandler.getXmlFileFromFileName(file);
        final String executionId = fileHandler.getExecutionIdFromFileName(file);

        if ((executionId == "") || (rewrittenUrl == "")) {
            return "";
        }

        Foo knownFoo = fooRepository.getFooByXmlFileName(rewrittenUrl);

        if (knownFoo == null) {
            return "";
        }

        return knownFoo.DoThat(file);
    }
}

• How to refactor this code?

function()
{
    HRESULT error = S_OK;

    if(SUCCEEDED(Operation1()))
    {
        if(SUCCEEDED(Operation2()))
        {
            if(SUCCEEDED(Operation3()))
            {
                if(SUCCEEDED(Operation4()))
                {
                }
                else
                {
                    error = OPERATION4FAILED;
                }
            }
            else
            {
                error = OPERATION3FAILED;
            }
        }
        else
        {
            error = OPERATION2FAILED;
        }
    }
    else
    {
        error = OPERATION1FAILED;
    }

    return error;
}

This section collects some weird questions along the lines of the Manhole Cover Question.

• What would happen if you put a mirror in a scanner?
• Imagine there's a perfect clone of yourself. Imagine that that clone is your boss. Would you like to work for him/her?
• Interview me
• Why are Quora's answers better than Yahoo Answers' ones?
• Let's play a game: defend Cobol against modern languages, and try to find as many reasonable arguments as you can.
• Where will you be in 10 years?
• You are my boss and I'm fired. Inform me.
• I want to refactor a legacy system. You want to rewrite it from scratch. Argument. Then, switch our roles.
• Your boss asks you to lie to the Company. What's your reaction?
• If you could travel back in time, which advice would you give to your younger self?