Tuesday, October 23, 2012
PS: That includes not naming functions, variables or classes with "error" in the name.
Monday, October 22, 2012
If you are the owner of the car in the picture then you are not likely to be paying anything. This is a pseudo public space but I'm certain that the property owner was not expecting to have to burden the cost of charging every electric car out there. And I'm certain that homeowners are not interested in replacing all of their receptacles with secure alternatives.
Thursday, October 18, 2012
Coincidentally Google announces Dart 1.0, Firefox announces Rust 0.4, Google's GO is making headway ... but most telling is the article, I read today, criticizing FogBugz for implementing their cornerstone application using a proprietary and internal language and toolchain (Wasabi which looks like VB).
So my intuition tells me that if Oracle does not make some serious corrections "we" are about to experience a paradigm shift akin to the magnetic swap that the mad scientists have been talking about for the last 10 years; because:
- business owners need to reduce their risk - general security and maintain control of the API
- increase their intellectual property - proprietary toolchains would add some value if they work
- reduce programmer turnover - in a way proprietary languages will not actually enhance individual marketability (of course you have to get them first)
But if you cannot afford to design and implement a first class programming language... then you're forced to develop a DSL. And if you cannot afford that... then you have to use someone else's or something that is open source and liberal (nothing with the GPL; stick to MIT, BSD, and a few others)
In conclusion, and I hope I have connected the dots, there will be a major fracture. A small portion of the developers and businesses are going to go for the 100% commercial toolchain like Objective-C, iOS, .CLR/.NET and then there is going to be another group that is going to go completely open source as in perl, python, ruby, GCC, GO, Dart, Rust, and internal DSLs.
- Java might fork with a reasonable replacement but the devs working on the commercial version, who are responsible for the current state of affairs might poison the same tree.
Sadly, Google's current price drop might have something to do with the Java security issues as it was recently reporting that Android had it's own security issues.
It's clearly a sad state of the industry. It feels like a huge grey cloud overhead. I hope it's just a little rain and not a flood.
Sunday, October 14, 2012
(a) there was a time when your social security number was truly secret. Now everyone from the cable company, ISP, newspaper boy, lawn service, High School, University, hospital and doctor wants your SSN and we give it freely and without challenge. Who really knows why a doctor or newspaper delivery service needs my SSN. Are they going to sue me into and after I'm buried? In Sweden the SSN is sacred; I'm just not sure how they get around the problems we have. (could be functional and/or legal)
(b) There is no privacy on the internet. Whether your using any of the big name browsers, you never login, you always use other people's computers or cyber cafes. The challenge is that between the ISP, browser manufacturers, super/affiliate advertisers, search engines; they where where you have been and where you are going. Not even the like of TOR is going to save you. Same goes for the anonymous breadcrumbs you thing you are dropping. They will always lead "them" back to you.
In a side note. If you've ever seen or purchased from one of those "as seen on tv" infomercials. The deals are great. Essentially you pay for shipping which costs them much either, however, it does offset their costs somewhat. The "play" for these companies is to get you to buy something. Anything. This way they capture you personal information which they will resell at a profit. This is how all of these marketing machines work. One interesting thing... I have never experienced an increase in the amount of spam I receive. Hmmm.
Another side note. Over the last 18 to 36 months there have been some data breaches amounting to tens or hundreds of millions of credit card numbers and personal information. So why haven't more people been complaining about credit card fraud? Why haven't news programs done additional reporting? I wonder if we're being marketed to because the credit card infrastructure is just not that sophisticated.
Thursday, October 11, 2012
Does spotify really generate $120.00 in advertising per user per year or is the advertising merely the friction that is necessary to get the user to convert to a subscription?
The crazy thing... spotify offers two subscriptions at $60 and $120 per year. And Pandora offers a similar subscription at $38/year ... but pandora's player might be enough friction to get me to move.
- There is no such thing as email privacy.
- Most email travels through the internet from point to point in the clear
- So called legalese on the email footer about intended recipient and communication has not been tested in court and it not binding.
That said, if you have a private email server that you think is secure and you use it exclusively because you want secure email that is not to be seen by the prying eyes of big brother or even Google, Yahoo, Hotmail, Facebook or other... then you are sadly mistaken and misinformed.
Just because you have an uber secure email server does not mean that the recipient has the same. So then the real question becomes... Why not use Gmail yourself?
Wednesday, October 10, 2012
However, there is one thing that I have to remind myself of. "Trusted Source". With that recent Russian malware scare I can only imagine that the internet scale is going to slow and that sandboxing and trusted source are going to be required. For that matter I have already started to adjust to a Microsoft desktop at work and in my VMWare at home.
And of course if it's a hoax ... then I wish a thousand papercuts on the perpetrator.
PS: I'd rather be using OpenBSD!!!
Wednesday, October 3, 2012
Some of the foreshadowing can be seen in the book Mythical Man-Month although it's never addressed as such. Being in the thick of things I see this time and time again yet even if the project really is going to fail; at the very least it should not be a self fulfilling prophecy. If the project is going to fail then let it fail on it's own merits and not from a lack of trying. (Just my two cents).
(1) defines the death march and the forces/actions that make it happen
(2) death march projects come in all sizes
(3) Why? Dilbert, Politics, Promises, Optimism, Startup Mentality, Marine Corps Mentality, Intense Competition, Intense Regulation, Unexpected Crises
(4) Why people participate
People in Death March Projects
Tools and Technology
Death March as a Way of Life
Sniff - "sniff's out change early" - this rodent senses that change is coming and prepares early looking for new cheese.
Scurry - "scurries into action" - this rodent is never satisfied with the current stash of cheese and is always on the move looking for more cheese.
Hem - "denies and resists change as he sees it will lead to something worse" - this rodent will consume the current stash of cheese and once finished might still not be inclined to look more cheese thinking that the cheese might come to him.
Haw - "learns to adapt when he sees changing can lead to something better" - this rodent is waiting for for proof that there is something better out there.
And in summary Johnson directs us to the handwriting on the wall:
Change Happens - they keep moving the cheese
Anticipate Change - get ready for the cheese to move
Monitor Change - smell the cheese often so you know when it's getting old
Adapt to Change Quickly - the quicker you let go of old cheese the sooner you can enjoy the new cheese
Change - move with the cheese
Enjoy Change - savor the adventure and enjoy the tase of the new cheese
Be Ready to Change Quickly And Enjoy It Again and Again - they keep moving the cheese
In Summary: "Move with the Cheese and enjoy it"
Tuesday, October 2, 2012
(1) You need to decide what exactly you hope to get out of a logging session. Are you going to be debugging bugs, crashes, or other critical events like a forensic accountant or like a whack-a-mole?
(2) Are you going to use flat files, how big will they get, how many files will you keep around? All very important when thinking about backups, disk space, maintenance, recovery, and so on. You might also be thinking about the different versions of syslog-like tools where you can ship the events remotely.
(3) Are you going to store the logs in a DB on the local system and then use sharding to allow for more permanent maintenance? This is interesting because the searching can be easier than grep, awk, etc... Also, considering (4) grouping related messages is easier and you can use SQL-like reporting tools.
(4) Are there some pre-optimizations you want to perform like all logged entries are stored in temp storage until the transaction is complete. Then the data is shipped to the repository for storage.
Treat all of your code the same. Whatever level of logging you are performing you should be consistant throughout your application. This way you will not be surprised by your results and you will not have to worry about "and then a miracle occurred)
What to Say, Where to Say it
If you are processing transactions then make sure that you create a transaction ID as soon as possible and start using that ID with every log message related to this transaction. This is necessary so that you have a thru-line and so the transaction can be traced.
Also make sure that you are clear as to the intent of the function and what the results were. That also means that the type of entry should make sense. INFO, WARN, ERROR, EXCEPTION and so on.
You might even time the execution of the function.
One thing to be wary of. Logging can consume your disk, disk I/O, CPU, memory, message queues, database. You can spend more time copying, moving, and filtering your messages that it might effect the ability to produce meaningful results.
For example, using a Redis pub/sub in order to log transactions might seem like a good idea, however, if you consume all of system memory you may end up swapping and then net result is going to be poor performance.
Monday, October 1, 2012
What I did like was the inclusion of detailed questions and answers. In many ways I felt like a dungeon master preparing for battle with the players.
The book was intended for the job seeker, however, I wish there were a book for the hiring manager. While smart and get's things done is an interesting book it fails to be a true guide book. If you owned a business would you defer your hiring selection or veto process to the most junior contributors?
"programming pearls" is probably a better book for "problems".
One of the hallmarks of a good open source project is just how complicated it is to install, configure and maintain. Happily gitlab and the ...
CoreOS and Tectonic start their pricing at 10 servers. Managed CoreOS starts at $1000 per month for those first 10 servers and Tectonic is $...
[updated 2011.09.30] yet another response to Agile is good. When you have so much of you career invested in something like Agile, XP etc... ...
I have not had success with the touch drivers as yet. The touch works and evtest also seems to report events, however, I have noticed that ...