Smart Thoughts About Logging

13. July, 2011

Archanaa Panda wrote a good piece on logging and how to avoid some of the many pitfalls: High Performance And Smarter Logging

While the article is about log4j, most of it (except for the “if (log.isDebugEnabled)” part) still applies even if you’ve already moved to slf4j. I especially like that she enumerates all the various goals that you try to achieve with logging.



New Website for Maven Tools For Eclipse (MT4E)

13. July, 2011

My Maven Tools for Eclipse (MT4E) project has now a wiki page:

And I’ve started to convert the tools from Python to Groovy.



Zero Bug Tolerance Intolerance

12. July, 2011

Jim Bird has written a great post about reasons to fix bugs and reasons to leave bugs alone: Zero Bug Tolerance Intolerance

Restarting a Java App

9. July, 2011

Leo Lewis posted some code to restart a Java app.


8. July, 2011

It seems a dream of mine has come true: A language like Python, compiled into something that can be executed as fast as Java or C++ and which allows to extend the compiler at compile time.

Ladies and gentlemen, please a warm welcome for Boo.

Guess I’ve found a reason to install Mono.

TNBT – Avoiding Common Errors

7. July, 2011

Writing secure code is ever more important. There are lots of examples: HBGary, Sony, Google.

Even if you’re not one of the biggest companies out there, security starts to become important as soon as your code can be accessed from the Internet. And frankly, which code today can’t?

What’s worse, the problems are always the same: SQL injections, not validating input, using code from somewhere else which is vulnerable. These problems are neither hard to find nor hard to fix. It’s only too much effort to add the necessary checking and warning code to the existing compilers.

So here is my assumption for my “The Next Best Thing” series of articles: The programming language will allow to define patterns like FindBugs and PMD that the compiler will check at compile time and which the VM checks at runtime to fix or at least warn about such security problems.

With tools like MoDisco and Moose, it’s possible to go one step further: It could analyze and display the code in ways that you haven’t seen before (think Code City) to find patterns in the code automatically and warn you about something that you might not have realized, yet.

For example, if you use a certain call sequence everywhere in your code but one place, it’s probably worth a look.

Of course, this begs for a way to add lots of additional information to source code. As I said before, we probably want better editors than the plain text editors we have today. It should be possible to include images and formulas in code. Wiki documentation. And things like “yeah, I know, this is different from the 365 other places!”

Sounds a bit like annotations but frankly, Java source code can just get you so far. DSLs come to mind but they don’t allow to extend them with arbitrary extra bits of information. It should be possible to overlay a DSL with another DSL so you can mix various information in one place.

Related Articles:

  • The Next Best Thing - Series in my blog where I dream about the future of software development

Java Finalizer Exploit

6. July, 2011

Did you know that your Java code may be vulnerable to an exploit based on finalization? I didn’t.

This article from IBM’s developerWorks explains how it works.

Basically, you can safe a reference to an object in the finalize() method. At this time, the object may even be in an inconsistent state (the finalizer will be called when the constructor threw an exception).

As for the solution: I don’t like it very much. It adds even more clutter to the existing code and doesn’t relay its purpose very well. Someone refactoring the code might feel tempted to remove the “useless additional constructor.” Worse, you need to do this in all your classes which check their parameters.

I would prefer a solution where the compiler or some other tool fixes these issues by generating the necessary code. Especially if you look at more complex cases: What happens if an exception is thrown at a later stage of object creation? Your code is still vulnerable but it seems to be safe. How would you know?

Maybe a better solution would be to check the heap for references to any finalized objects and throw an error “finalization failed”. But that’s probably impossible without breaking backwards compatibility.

Or Oracle could invent a better solution for the finalization problem (which is basically garbage collection for non-memory-resources) so we would not need finalizers anymore.

Israel Added to List Of Countries That Tend To ‘Promote, Produce, or Protect’ Terrorists

4. July, 2011

A couple of days ago, “U.S. Designates Israel as Country That Tends ‘To Promote, Produce, or Protect’ Terrorists; Also Calls Israel Anti-Terror Partner

Well … keeping more than two million people in the world’s largest prison was bound to “pay off” one day.

Makes me wonder: When will the US add itself to this list? Illegal prisons like Guantanamo are a perfect excuse to turn some frustrated soul into a terrorist.

I wish the fools in government would have let Obama close this revolting institution. But as usual, they hope the mess will explode in someone else’s face.

Good Food From the Roof

3. July, 2011

UrbanFarmers is a small company that has developed a simple way to grow food on the roof: Take a standard cargo container, put some plants in a greenhouse on top of it and fishes in huge water tank inside the container. Meet the UrbanFarmers BOX.

The water is pumped to the plants for irrigation. It contains the wastes from the fishes which fertilize the plants. The plants clean the water which goes back into the fish tank.

Unlike other irrigation systems, this one has only a small loss of water. It needs no artificial fertilizers. There is no need for pesticides or fungicides because of the greenhouse. The fishes don’t need antibiotics.


Get every new post delivered to your Inbox.

Join 315 other followers