10K on StackOverflow

20. May, 2009

Just a little celebration that I finally reached 10K on SO 🙂

Why New Technology is so Complicated

14. May, 2009

Ever wondered why the new cool thing is so complicated? There is a very good article which explains just that. In a nutshell: When the technology is invented, it’s invented by experts in the field. They have toyed with this idea for years, refined it, applied it in numerous projects and honed it until something new and useful came out.

Next come the early adoptors which are usually also experts in the field. They are always searching for a new, better solution and they are actively searching. The also have the background to understand what a new technology means for them, since they have the experience.

After that comes the normal user. The normal user has little idea what is going on, she just “wants to solve this simple problem.” The documentation (so far only written by experts for experts) mean little to her since she simply doesn’t have the background. She also doesn’t want to become an expert, this is usually going to be a single-strike project, so there is no intention to spend any time on learning the technology.

env.js is Back

11. May, 2009

After quite some time of inactivity, env.js is back. There is a Google group and a git repository.

In case you’re wondering what env.js is: It emulates a web browser in pure JavaScript. What on earth could that be good for? This allows you to run your web application in a unit test. You can write your JavaScript, load env.js, your own code and then run it. You’ll have access to document, events, the DOM, everything. No browser bugs, yet, but that will probably come, too. With this gem, you can finally run your web app in a single process, with every bit of information readily available to your IDE’s debugger. No more messing with a remote or local web server, deploying your application and hoping that Tomcat could reload all classes, no more external browser process and guessing what might cause the odd behavior.

Engineering SciFi

10. May, 2009

There are two types of people playing role playing games (RPGs), I call them the “story gamer” and  the “power gamer”. The story gamer likes a grand story while rules and dice rolls are a necessary evil. The power gamer enjoys the story but they relish in taking the rules to the limit. And they have their own definition of “limit”. While a story gamer likes to her “you switch on your personal force field and the bullets bounce off, sparking blue ripples that run over the surface of the field,” the power gamer asks “how does this screen work? Can I fry an eggs on it?”

In traditional SciFi, the inner workings of something are often a mystery. Space ships activate their force fields, protective screens, incoming fire gets deflected — or not, depending on what the author needs. But how do they work? Really? While this might sound like a silly question, it opens a whole new world: When you understand something, you can be creative with it. So how does a force field work? Can it be activated when something is blocking the space it will occupy in a moment? Is it a quantum effect or psionic? Magic? If it’s a personal shield, does it flow around the body or is it like a big bubble? If it’s a big bubble, how do you plan to charge through this door? If it can’t be activated when something is blocking it’s path, do you have to back away from any kind of cover to turn it on? Or if it can be activated, what happens when you lean against a wall? Are you stuck? Can you use the same effect to block a door, then? If nothing can pass through, how do your bullets get out? How about sound? Air?

Is the surface dull or slippery? If it’s slippery, how can you walk? If the field is guided through a mesh in the soles of your boots, how long does it take to rise after stumbling when you hands can’t get a hold? How do you plan to stand up when the enemy knows all this and tries anything to pin you down on the floor like a slippery fish? If it’s dull, what causes this? Is the field uneven? Is it static uneven or is there a ripple which sands off any surface you touch? Does it only stop solid matter? How about liquids? What happens when you’re pushed over a cliff? Get hit by a Molotow-cocktail? If the field stops bullets, how about light? If you can look out, can I blind you with a bright light? Cut you with a laser? If the laser is stopped, how can you see anything? And why is the field clear? Shouldn’t it be completely opaque in this case?

The answers to these questions tell us how a force field works and this gives us the basic blocks to build strategies. If the shield stops all matter, I must avoid lasers and heat weapons. And I need both an air supply and radio, so I can still talk to my team. If the air supply fails, that doesn’t render the screen unusable but I can only keep it up for a few seconds. Don’t forget that, in battle, you need much more oxygen than normal. If air can’t pass, I can use it as a space suit. It also means that the shield is rigid: It must create am opposing force to stop the matter trying to get through. So how can I move? How can the shield tell apart bending an arm from deflecting a baseball bat? Will it help when someone is bending my arm? How about being crushed under a tank? When something comes in, where does the energy go? In this universe, energy can’t be destroyed, it has to go somewhere. So when bullets come in, do I get pummeled? How is the shield projected? Can I put the projector in my pocket or do I have to wear a projector mesh that covers the whole body? Can this mesh have holes for your hands and head? Does that mean these parts are unprotected? That would allow to wear the shield as a flack vest. Or can I have projectors in the sleeves and around my neck which extend over my hands? Is the field perfectly clear or does it have a color? If there are holes, how about malfunction? Is there a chance to cut off my own head by switching it on? If the shield needs a lot of energy, how do I carry that along? How do I camouflage this? Or does a shield turn me into a beacon with a large sign “kill here”?

As you can see, all these questions have an impact on how I can use the shield during a game or in a story. It makes things more complicated, but it makes things more rich because I can start to work with these things. Story gamers expand the horizon but power gamers give it detail.

Fighting Child Pr0n on the Net

8. May, 2009

Child abuse is something I keep an eye on and about which I have a strong opinion. In the last few weeks, German politicians discovered the topic. Foremost, our Minister for Family, Ursual von der Leyen, started a crusade to implement Internet filter technology at the ISP level to “fight” child pr0n. Note my subtle attempt to influence your opinion by using “crusade” which means to go to a foreign place, lay waste to the land, kill everyone there, in the name of all that is Good and Just.

Let’s see what the new law is trying to achieve. If you happen to click on a link that leads to a child pr0n site, you’ll see a stop page instead, explaining that you were about to see illegal content. While she insists that this will have no further consequences (especially, the time and IP will not be logged, the minister promised in a radio interview), there are already voices who want that data. Other voices already start crying “why don’t you block pirate sites, too?” We Germans know all too well how great censorship works, how easily it starts small, how fast it grows and what kind of persons it attracts. Not convinced? Let me give you some examples.

You’re browsing the web, follow an ad, and suddenly, you see the stop page. No harm done. Unless some clever guy at the ISP is making a private copy of the stop server’s log. And calls you the next day (since he can easily figure out who you are), threatening you to tell everyone about your disgusting character. Think about a moment how you would defend against such an attack. How would you explain to your wife/husband if it wasn’t you answering the phone?

Everyone knows how to secure a WLAN. Well, everyone, who knows more about WLAN other than how to buy one. So there are still many unprotected WLANs out there and guess who will go to jail after a criminal has used one of them to download lots of child pr0n. If it’s not a WLAN, then you’re better an expert in protecting your computer against viruses and remote control exploits. I mean, everyone is. There are no bot-nets out there, counting thousands of computers, where a criminal can do anything they damn well please, knowing full well that all the blame will go to the fool who owns the PC.

Or you’re like me and find child pr0n disgusting. Only, even downloading such an image is a criminal offense. So … when I would stumble upon something, I could not report that to the authorities because they would first arrest me, before considering going through to the tedious and probably futile process of trying to figure out who owns the domain where I found that stuff. If I would claim that a German domain contains child pr0n, the ISP would have to take down the site without being allowed to check whether my claims are true! If they did, the police would have to arrest them! Otherwise, the owner of the site could argue in court why he was being prosecuted and they were not. Before the law, all are equal, are they not?

To protect the people working at the German ISPs, the list of blocked sites must be secret. If that single sever is not working correctly (and how would you check that without going to jail?), this ISP is going to have a whole lot of very upset customers who suddenly see stop pages for legal sites. Or, the other way around, the server is not blocking something it should. How do you argue in court that a site which should have been on the list wasn’t blocked? It’s a secret list, you must not look at it!

So instead of spending money to create a help line for abused children, helping mothers and fathers to leave an abusive other, making the topic a non-taboo, so we could speak about it, politicians propose that we just don’t see the problem anymore. Sounds like a simple solution. We all know how good a simple solution sounds and how rarely they work out.

No criticism without a better proposal. If you don’t like thought-provoking ideas, this is not for you. Go away. Don’t read on. You’ve been warned.

All laws making temporary ownership of a small number of images must be revoked. Anyone on the planet must be allowed to report these findings without having to fear any kind of prosecution. No Internet censorship. Instead, we block access to domains which are run by registrars that boast not to comply to any law. That’s simple because we can block by IP (the list above would contain site names and as someone who knows what that means technically, that gives me nightmares). Anything left over must then come from a law-abiding registrar and those can and will take down such sites. Furthermore, they can quickly turn over the details about the person behind the offering, so they can be prosecuted like any other criminal. That doesn’t even need a lawyer or judge or court, anyone working for the ISP could check the site (because they won’t go to jail anymore), see what is going on and pull the plug within minutes. Before the police could hang up the phone, they’d have the name and address of the owner of the site and half an hour later, someone would have to answer some serious questions. And even if that person couldn’t be found, the site would be gone  forever, for anyone on the planet (instead of just for the 80 million Germans).

To find such sites, I’d turn to locked up, incurable offenders. Since they are incurable, they are effectively locked up forever. Why not use that as an advantage and, with their prior consent, give them a computer, a fat Internet connection and a well-loaded credit card? They could even locate material in closed user groups and fast-flux-networks, something a filter list will never be able to do. Everyone would get what they want. Cynical, but still true.

Radical? Maybe … but how would you call a “solution” which leaves the victims to suffer and the offenders free to cause more pain? Because that’s, in a nutshell, what the current proposal is all about. It’s probably a pure coincidence that such an important issue comes up close to the reelections.

Next time you see someone pointing and screaming at something, remember that they point at themselves with three fingers.

Why aren’t IDEs intuitive?

8. May, 2009

Mark asked a simple question on stackoverflow.com:

This is stupid. Why can’t an IDE be intuitive enough that you can “good” at it immediately, and “great” after picking up a few shortcuts?

My answer is: Because computers aren’t powerful enough for this, today.

In the most simple case, the IDE would need several ways to layout the data on the screen, it would need several predefined keymaps with shortcuts (because different people do different work in the same IDE) and it would need a way to figure out who is using at right now to switch defaults. You would need to write two times the amount of code to implement all this because some thing are they way they are because the rest of the code is the way it is. IDEA can’t compile in the background, Eclipse can. To allow both ways of working, you would have to rewrite parts of the compiler API, the way the compiler talks to the UI, and in the IDEA case, you’d probably have to change the compiler itself.

Taking this one step further, the IDE would need to learn how the user works, what (s)he cares for, how (s)he thinks. The user is always resizing the console after starting the program? Let’s do it for her. It irritates the user that the IDE hangs for the fraction of a second when the IDE switches to the debug view? Let’s load the debug code in advance in the many spare seconds while we wait for anything to do.

Trojan on ATMs

2. May, 2009

A few weeks ago, I stumbled over this: It appears that criminals have managed to install a Trojan on Russian ATMs. The Trojan would collect card data and pin numbers over the day and during the night, a “money mule” would collect a receipt with the numbers (which would look inconspicuous since a lot of people ask for a printout of their transaction). But this kind of attack is a new quality.

Home computers are administrated by … well … ignorants. People who want to use a computer, not understand it. For them, this box eats electricity and magically produces fancy graphics on the screen. They know how to email but they have no idea how mail works, they are oblivious to what actually happens when the computer sends an email. So it’s little wonder that most computers out there are infected with various kinds of viruses or Trojans and why “MAKE MONEY FAST” schemes still work so well.

The guys who build ATMs, on the other hand, are no ignorants. They ought to know exactly what they are doing and that someone can tap into the process is a new dimension. This is the difference between mugging innocent night owls and planned bank robbery. Computer crime has become as professional as the non-virtual counterpart. My guess is that we’ll need much more powerful computers in the near future which can store and access petabytes of data. Computers who can tell a legitimate operation from an illegal one and who can protect themselves against abuse. Computers who are powerful enough to watch every operation they are processing. Instead of only being able to crunch numbers, they need to understand what they do and how far reaching the consequences of an operation are.

It’s time for an immune system for computers. If we’re wiped out by Skynet in the not-so distant future, we’ll have to thank the mob.