Finding unindexed foreign key columns

15. December, 2009

If you’re using Oracle and you have tables with foreign keys, then you must remember to add indexes to all the columns in the referenced tables (i.e. the foreign tables). If your schema has more than two tables, it’s hard to make sure all the necessary indexes exist. Fret no more and let Oracle do (most of) the work for you:

select table_name, constraint_name,
       cname1 || nvl2(cname2,','||cname2,null) ||
       nvl2(cname3,','||cname3,null) || nvl2(cname4,','||cname4,null) ||
       nvl2(cname5,','||cname5,null) || nvl2(cname6,','||cname6,null) ||
       nvl2(cname7,','||cname7,null) || nvl2(cname8,','||cname8,null)
              columns
    from ( select b.table_name,
                  b.constraint_name,
                  max(decode( position, 1, column_name, null )) cname1,
                  max(decode( position, 2, column_name, null )) cname2,
                  max(decode( position, 3, column_name, null )) cname3,
                  max(decode( position, 4, column_name, null )) cname4,
                  max(decode( position, 5, column_name, null )) cname5,
                  max(decode( position, 6, column_name, null )) cname6,
                  max(decode( position, 7, column_name, null )) cname7,
                  max(decode( position, 8, column_name, null )) cname8,
                  count(*) col_cnt
             from (select substr(table_name,1,30) table_name,
                          substr(constraint_name,1,30) constraint_name,
                          substr(column_name,1,30) column_name,
                          position
                     from sys.user_cons_columns ) a,
                  sys.user_constraints b
            where a.constraint_name = b.constraint_name
              and b.constraint_type = 'R'
            group by b.table_name, b.constraint_name
         ) cons
   where col_cnt > ALL
           ( select count(*)
               from sys.user_ind_columns i
              where i.table_name = cons.table_name
                and i.column_name in (cname1, cname2, cname3, cname4,
                                      cname5, cname6, cname7, cname8 )
                and i.column_position <= cons.col_cnt
              group by i.index_name
           )

Isn’t it a beauty? Thanks to Tom.

Leave a Comment » | Software | Tagged: , , , , | Permalink
Posted by digulla

Groovy Eclipse V2 M2

14. December, 2009

It’s been a couple of days since the Milestone 2 of the new Goovy Eclipse V2 plugin was released. If you’re developing with Groovy and you’re using Eclipse and you’ve been living under a stone, get it now. It’s so much better than the old Groovy plugin.

In word: Development with Eclipse has become Groovy, again.

Links:
Groovy-Eclipse 2.0.0M2 New and Noteworthy
Groovy-Eclipse 2.0.0M1 New and Noteworthy

Leave a Comment » | Software | Tagged: , | Permalink
Posted by digulla

When to micromanage

11. December, 2009

When it comes to work, there are two extremes: There are those people who are enthusiastic and, once started, can hardly be stopped and there are the ones which think “Monday, 9:00am, and the weeks still isn’t over”.

Micro-managing the former will make them quit (or as Joel Spolsky put it: “Doesn’t micromanagement turn smart people into robots?“). Not micro-managing the latter will result in no work being done.

Which explains nicely why it’s a pleasure/pain to work with some craftsman: Some of them love their job, they delight in producing a perfect result which will make the customer happy. And the other ones can’t be bothered.

1 Comment | Philosophy | Tagged: , , | Permalink
Posted by digulla

Why WYSIWYG doesn’t work II

7. December, 2009

In my old post “The Space Between Two Characters“, I wrote about some flaws of WYSIWYG. Since then, I got some feedback.

The real issue behind the issues with WYSIWYG is that it doesn’t work while you edit the document. The concept is flawed, not the implementation. It is flawed because it omits some vital information that you need for editing. The information is omitted because it doesn’t make sense anymore as soon as you print the document on paper. And WYSIWYG means “if you don’t see it, you won’t get it.”

So it makes sense to omit feedback on where ranges start and end, what kind of break follows after a line, there the handles for a table are. But most WYSIWYG editors today have a “show invisible” option. Word can show you all those invisible characters so you can see “oh, this is a tab and not a space”.

For this to work, we need a tight integration between the editor model, the renderer and the view. The problem here is, as usual, performance. If you add all the hooks you need to be able to show nice visual feedback in the view, printing to a printer will be slower.

How much? Well, not much. Anymore. You’re quadcore will be 95% bored. It will need memory. How much? Well, to remember the bounding boxes for all letters rendered on the screen takes at most 4’608’000 bytes (“i”, 8px font, 30″ display with 3840×1200). That might seem like a lot but almost no PC sold next year will have less then 4GB of RAM, not even the Netbooks. My mobile phone comes with 32GB!

For printing, the values are usually much smaller. A normal page of text has around 1’500 to 2’500 characters per page and for printing, you just need to remember the current and maybe the next page (unless you need a page count but with todays CPUs, you can layout the pages twice).

So the final obstacles is code complexity. OO has helped a lot to cut down complexity in algorithms but there are problems which you can’t solve nicely with OO, for example “run this algorithm but replace line 5 with …” or “before … run …”.

AOP has come to solve this but it has failed to deliver so far. Maybe this is because point-cuts are too complicated to formulate, maybe because the debuggers can’t handle this case well, maybe because the setup is too complex or the resulting code is too fragile. Or because people are afraid of the leap of faith it takes to use it.

Leave a Comment » | Software | Tagged: , , , | Permalink
Posted by digulla

Forcing users to use insecure passwords

30. November, 2009

Q: What’s the most efficient way to force your users to use insecure passwords?
A: Try to force them to use secure ones.

What’s a secure password? It’s complicated, unguessable, easy to remember, contains several strange characters, different per site, changed often.

But how much security can you buy with that?

Changing your password helps to lock out people who have cracked your password. But unless they are in for long time surveillance, crackers will abuse your account within five seconds of cracking it. In the usual scenario, (i.e. when the crackers is not your better half), changing your password buys you nothing. It’s enough to wait for a mail which says that you account has been cracked and change the password then.

Different passwords for sites looks like a good idea but this only has an effect when a cracker manages to crack your password in one place and has list of other accounts. Usually, they crack your account for a specific purpose, not to compete in a find-them-all contest. So that doesn’t buy us much, either.

Strange characters look like a good idea until you travel and sit in front of a foreign keyboard in an Internet café. Yay, hide and seek! And if you’re using a complex algorithm to build your password which includes strange characters, you’ll encounter the odd site which expects you to either have more or less strange characters in your passwords. Also, unless you’re a software developer, you’re not used to all the strange symbols which your computer can produce.

Easy to remember is at odds with hard to guess and complicated.

Lastly, good passwords don’t protect you against the most common forms of attack: Phishing and keyloggers.

Links: “So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users” (Cormac Herley, Microsoft Research)

1 Comment | Software | Tagged: | Permalink
Posted by digulla

Akaelae

28. November, 2009

Don’t ask me how to pronounce that, I have no idea. Akaelae is a web-comic by Tiffany Ross. It’s one of those rare gems that warm the heart (and not only by raising your adrenaline level). If you like Stan Sakai’s Usagi Yojimbo or Elfquest, you’ll live this, too. It’s the story of a couple of childhood friends that get in all kinds of adventures at school, home, even space. The focus is rarely on the action but on the emotions and reasons of the characters. It’s about how people can hurt each other and how they deal with it. Here is an example: Darrik, a young, lonely black fox is moving to a new room and wants to say goodbye to a shy albino fox that’s living on the same floor. During the chat, she tells him that the wolves are only keeping them to sell them as slaves later. Which is why she is refusing to take the proficiency tests.

Darrik is confused. “Then aren’t you useless to them? If they’re running a slave trade? Wouldn’t they just sell you instead of feeding you, giving you clothing, art supplies, medical attention?”

Conclusion: Buy. You can find the whole story in the archive or support the starving artists by buying her books as PDF downloads over Lulu.

If you get confused with the characters and the names, visit the ComixPedia page: “The Cyantian Chronicles“.

Note that the Cyantian.net site has some technical difficulties (like images not showing up) now and then, but Tiff is always quick to fix that. Drop her a polite note if something lingers for more than a few days.

Leave a Comment » | Comment, Fun | Tagged: , , , | Permalink
Posted by digulla

Adopt a line of code!

24. November, 2009

Why spend all your hard earned money on on-line porn when you can have an offspring by adopting a line of code?

Here are the three latest additions to my family:

Dobalina Digulla:

Oliver Digulla:

Maurizio Digulla:

2 Comments | Fun, Software | Tagged: | Permalink
Posted by digulla

Another example for “security” by obscurity

24. November, 2009

Sometimes, you’ll need a catchy example why “security by obscurity” is such a bad idea. Here’s one: “Starring The Admin.”

The gist is that a developer of an application was too lazy to implement proper user roles. So the solution was “if the login has ‘**’ in it, I’ll grant admin rights”. That’s it. Anyone can get admin rights just by appending “**” to their login (the app will remove the “**” from the login before checking the it so no changes to the user database are necessary).

Cool, eh? And so simple!

Leave a Comment » | Comment | Permalink
Posted by digulla

Why You Should Be Rabid About Your Tools

19. November, 2009

Rands writes:

The lesson: the correct tool is exponentially more productive.[…]As an engineer, there is a short list of tools that you must be rabid about. Rabid. Foaming at the mouth crazy.

Wise words. If your tools don’t make you exponentially more productive, you must change them. Every engineer can write an application using Notepad. But if you care about quality, timeliness or sanity, then find the right tool and use it.

Leave a Comment » | Comment, Philosophy, Software | Tagged: | Permalink
Posted by digulla

R&C Future: A Crack In Time

16. November, 2009

Ah, I like those long game titles. Anyone remembering Leisure Suite Larry in the Land of the Lounge Lizards? I have a feeling that a title says something about a game. If they care about the title, they care about the game.

Anyway, it’s jump, run and shooting time. Shooting with anything you can imagine and sometimes with things that you couldn’t imagine before. There’s a burp gun, a rocket launcher called “Negotiator”, a robot sidekick called Mr. Zurkon (always complaining that it can’t shoot at the innocent). I like its remarks. “Mr. Zurkon doesn’t need no pesky nanotec to survive, Mr. Zurkon lives from fear.”

Game levels are as colorful and nice as ever. Especially the Great Clock looks awesome with it’s red and gold and reflections. Ratchet finally has some fur on his ears. The levels are also pretty short, there are tons of mini-games, you can go hunt for Zoni’s to upgrade your ship, or Gold Bolts or upgrades for your weapons. Old time fans of the series will find all the good stuff again, like weapons that get better as you use them, pixel precise jumping sequences, there is an arena, and funny comments by the ton. Game play is fluent. I wished more game companies would take care of my time like Insomniac does: While the game installs on the HD, you get to see a long into movie which sets the scene. Two thumbs up for that.

The new stuff is that you can actually fly around space a bit, shoot asteroids for fun (and some bolts), play the main story or idle in some side levels. There are levels for the die hard jump’n’run people and shooter levels. And when I say “die hard”, I mean it. I’m not that bad at R&C but I’ve had to use the skip option once. Some of Clank’s jump sequences in the Big Clock are insanely hard. I must’ve died a hundred times in there. The logic puzzles are usually more simple on the “jump” side but it takes some brainpower to run yourself four times through a level, timing the switching of buttons just right to get all your copied through. And in time. Luckily, you can skip a puzzle. 95% for that one. For 100%, there should have been a way to revisit a puzzle to try it again.

All in all, they kept the great stuff and added a couple of nice, new features. The individual levels are short but plenty, so you can save often or take a break, and won’t have to start all over again.

Recommendation: Buy.

Leave a Comment » | Game | Tagged: , , , , | Permalink
Posted by digulla

« Previous Entries
Next Entries »