At the restaurant

22. December, 2009 at 09:40 | In Fun | Leave a Comment
Tags:

After having been served a soup, the patron calls the waiter: “Please try the soup.”
The waiter is alarmed: “I will return it to the kitchen immediately!”
“No, no!” The patron shakes his head. “Please try the soup.”
W: “Is it too hot?”
P: “No. Please try it.”
W: “Too salty?”
P: “No. Please try it.”
W: “Is the taste not to your liking?”
Patron is getting irritated: “No. Just try it, will you?”
The waiter is confused and bends down, pauses. “Where is the spoon?”
Patron: “Ah!”

Finding unindexed foreign key columns

15. December, 2009 at 15:38 | In Software | Leave a Comment
Tags: , , , ,

If you’re using Oracle and you have tables with foreign keys, then you must remember to add indexes to all the columns in the referenced tables (i.e. the foreign tables). If your schema has more than two tables, it’s hard to make sure all the necessary indexes exist. Fret no more and let Oracle do (most of) the work for you:

select table_name, constraint_name,
       cname1 || nvl2(cname2,','||cname2,null) ||
       nvl2(cname3,','||cname3,null) || nvl2(cname4,','||cname4,null) ||
       nvl2(cname5,','||cname5,null) || nvl2(cname6,','||cname6,null) ||
       nvl2(cname7,','||cname7,null) || nvl2(cname8,','||cname8,null)
              columns
    from ( select b.table_name,
                  b.constraint_name,
                  max(decode( position, 1, column_name, null )) cname1,
                  max(decode( position, 2, column_name, null )) cname2,
                  max(decode( position, 3, column_name, null )) cname3,
                  max(decode( position, 4, column_name, null )) cname4,
                  max(decode( position, 5, column_name, null )) cname5,
                  max(decode( position, 6, column_name, null )) cname6,
                  max(decode( position, 7, column_name, null )) cname7,
                  max(decode( position, 8, column_name, null )) cname8,
                  count(*) col_cnt
             from (select substr(table_name,1,30) table_name,
                          substr(constraint_name,1,30) constraint_name,
                          substr(column_name,1,30) column_name,
                          position
                     from sys.user_cons_columns ) a,
                  sys.user_constraints b
            where a.constraint_name = b.constraint_name
              and b.constraint_type = 'R'
            group by b.table_name, b.constraint_name
         ) cons
   where col_cnt > ALL
           ( select count(*)
               from sys.user_ind_columns i
              where i.table_name = cons.table_name
                and i.column_name in (cname1, cname2, cname3, cname4,
                                      cname5, cname6, cname7, cname8 )
                and i.column_position <= cons.col_cnt
              group by i.index_name
           )

Isn’t it a beauty? Thanks to Tom.

Groovy Eclipse V2 M2

14. December, 2009 at 21:05 | In Software | Leave a Comment
Tags: ,

It’s been a couple of days since the Milestone 2 of the new Goovy Eclipse V2 plugin was released. If you’re developing with Groovy and you’re using Eclipse and you’ve been living under a stone, get it now. It’s so much better than the old Groovy plugin.

In word: Development with Eclipse has become Groovy, again.

Links:
Groovy-Eclipse 2.0.0M2 New and Noteworthy
Groovy-Eclipse 2.0.0M1 New and Noteworthy

When to micromanage

11. December, 2009 at 20:15 | In Philosophy | 1 Comment
Tags: , ,

When it comes to work, there are two extremes: There are those people who are enthusiastic and, once started, can hardly be stopped and there are the ones which think “Monday, 9:00am, and the weeks still isn’t over”.

Micro-managing the former will make them quit (or as Joel Spolsky put it: “Doesn’t micromanagement turn smart people into robots?“). Not micro-managing the latter will result in no work being done.

Which explains nicely why it’s a pleasure/pain to work with some craftsman: Some of them love their job, they delight in producing a perfect result which will make the customer happy. And the other ones can’t be bothered.

Why WYSIWYG doesn’t work II

7. December, 2009 at 20:15 | In Software | Leave a Comment
Tags: , , ,

In my old post “The Space Between Two Characters“, I wrote about some flaws of WYSIWYG. Since then, I got some feedback.

The real issue behind the issues with WYSIWYG is that it doesn’t work while you edit the document. The concept is flawed, not the implementation. It is flawed because it omits some vital information that you need for editing. The information is omitted because it doesn’t make sense anymore as soon as you print the document on paper. And WYSIWYG means “if you don’t see it, you won’t get it.”

So it makes sense to omit feedback on where ranges start and end, what kind of break follows after a line, there the handles for a table are. But most WYSIWYG editors today have a “show invisible” option. Word can show you all those invisible characters so you can see “oh, this is a tab and not a space”.

For this to work, we need a tight integration between the editor model, the renderer and the view. The problem here is, as usual, performance. If you add all the hooks you need to be able to show nice visual feedback in the view, printing to a printer will be slower.

How much? Well, not much. Anymore. You’re quadcore will be 95% bored. It will need memory. How much? Well, to remember the bounding boxes for all letters rendered on the screen takes at most 4′608′000 bytes (“i”, 8px font, 30″ display with 3840×1200). That might seem like a lot but almost no PC sold next year will have less then 4GB of RAM, not even the Netbooks. My mobile phone comes with 32GB!

For printing, the values are usually much smaller. A normal page of text has around 1′500 to 2′500 characters per page and for printing, you just need to remember the current and maybe the next page (unless you need a page count but with todays CPUs, you can layout the pages twice).

So the final obstacles is code complexity. OO has helped a lot to cut down complexity in algorithms but there are problems which you can’t solve nicely with OO, for example “run this algorithm but replace line 5 with …” or “before … run …”.

AOP has come to solve this but it has failed to deliver so far. Maybe this is because point-cuts are too complicated to formulate, maybe because the debuggers can’t handle this case well, maybe because the setup is too complex or the resulting code is too fragile. Or because people are afraid of the leap of faith it takes to use it.

Forcing users to use insecure passwords

30. November, 2009 at 19:15 | In Software | Leave a Comment
Tags:

Q: What’s the most efficient way to force your users to use insecure passwords?
A: Try to force them to use secure ones.

What’s a secure password? It’s complicated, unguessable, easy to remember, contains several strange characters, different per site, changed often.

But how much security can you buy with that?

Changing your password helps to lock out people who have cracked your password. But unless they are in for long time surveillance, crackers will abuse your account within five seconds of cracking it. In the usual scenario, (i.e. when the crackers is not your better half), changing your password buys you nothing. It’s enough to wait for a mail which says that you account has been cracked and change the password then.

Different passwords for sites looks like a good idea but this only has an effect when a cracker manages to crack your password in one place and has list of other accounts. Usually, they crack your account for a specific purpose, not to compete in a find-them-all contest. So that doesn’t buy us much, either.

Strange characters look like a good idea until you travel and sit in front of a foreign keyboard in an Internet cafĂ©. Yay, hide and seek! And if you’re using a complex algorithm to build your password which includes strange characters, you’ll encounter the odd site which expects you to either have more or less strange characters in your passwords. Also, unless you’re a software developer, you’re not used to all the strange symbols which your computer can produce.

Easy to remember is at odds with hard to guess and complicated.

Lastly, good passwords don’t protect you against the most common forms of attack: Phishing and keyloggers.

Links: “So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users” (Cormac Herley, Microsoft Research)

Akaelae

28. November, 2009 at 13:22 | In Comment, Fun | Leave a Comment
Tags: , , ,

Don’t ask me how to pronounce that, I have no idea. Akaelae is a web-comic by Tiffany Ross. It’s one of those rare gems that warm the heart (and not only by raising your adrenaline level). If you like Stan Sakai’s Usagi Yojimbo or Elfquest, you’ll live this, too. It’s the story of a couple of childhood friends that get in all kinds of adventures at school, home, even space. The focus is rarely on the action but on the emotions and reasons of the characters. It’s about how people can hurt each other and how they deal with it. Here is an example: Darrik, a young, lonely black fox is moving to a new room and wants to say goodbye to a shy albino fox that’s living on the same floor. During the chat, she tells him that the wolves are only keeping them to sell them as slaves later. Which is why she is refusing to take the proficiency tests.

Darrik is confused. “Then aren’t you useless to them? If they’re running a slave trade? Wouldn’t they just sell you instead of feeding you, giving you clothing, art supplies, medical attention?”

Conclusion: Buy. You can find the whole story in the archive or support the starving artists by buying her books as PDF downloads over Lulu.

If you get confused with the characters and the names, visit the ComixPedia page: “The Cyantian Chronicles“.

Note that the Cyantian.net site has some technical difficulties (like images not showing up) now and then, but Tiff is always quick to fix that. Drop her a polite note if something lingers for more than a few days.

Adopt a line of code!

24. November, 2009 at 20:16 | In Fun, Software | 2 Comments
Tags:

Why spend all your hard earned money on on-line porn when you can have an offspring by adopting a line of code?

Here are the three latest additions to my family:

Dobalina Digulla:

Oliver Digulla:

Maurizio Digulla:

Another example for “security” by obscurity

24. November, 2009 at 19:13 | In Uncategorized | Leave a Comment

Sometimes, you’ll need a catchy example why “security by obscurity” is such a bad idea. Here’s one: “Starring The Admin.”

The gist is that a developer of an application was too lazy to implement proper user roles. So the solution was “if the login has ‘**’ in it, I’ll grant admin rights”. That’s it. Anyone can get admin rights just by appending “**” to their login (the app will remove the “**” from the login before checking the it so no changes to the user database are necessary).

Cool, eh? And so simple!

Why You Should Be Rabid About Your Tools

19. November, 2009 at 17:14 | In Comment, Philosophy, Software | Leave a Comment
Tags:

Rands writes:

The lesson: the correct tool is exponentially more productive.[...]As an engineer, there is a short list of tools that you must be rabid about. Rabid. Foaming at the mouth crazy.

Wise words. If your tools don’t make you exponentially more productive, you must change them. Every engineer can write an application using Notepad. But if you care about quality, timeliness or sanity, then find the right tool and use it.

Next Page »

Blog at WordPress.com. | Theme: Pool by Borja Fernandez.
Entries and comments feeds.