That was my talk. Attendance could have been better but I guess with Joshua Bloch presenting Java Puzzlers, Cédric Beust with “A quick guide to modern languages and interesting concepts for the busy Java programmer” and Adam Bien with Glassfish at the same time, it wasn’t so bad.
Here is the link to the presentation as OpenOffice document. Feel free to post any comments or questions below.
2 Comments | 
Conference, Talk | Tagged: Groovy, Jazoon | 
Permalink
Posted by digulla
I wish I could link that presentation because it was the best I’ve seen in the whole show, both visually and how it was presented. So here is the link to the abstract. There is something to be learned by this talk for anyone who wants to demo a software: One human being can’t talk and use a computer at the same time. While David explained things, Bertrand wrote the code. Thumbs up!
And in this case, the visual candy didn’t distract from the fact that these guys were really showing off something that ought to have an impact. They showed agile web development with Apache Sling.
A sling gives you range and power and Apache Sling does just that. With just a few pieces of JavaScript added to an existing static HTML web site, they built a blog in roughly 10 minutes. Impressive. I’ve got to try this out myself, probably this weekend.
1 Comment | Conference, Software | Tagged: Java, Jazoon | Permalink
Posted by digulla
Thursday’s keynote was “Effective Java Reloaded” by Joshua Bloch where he presented a few key points from his new book.
The examples showed how to replace bit fields (or rather int constants which are used a bit fields) with EnumSet and EnumMap, and how to do lazy initialization for various cases effectively and correctly. If you’re a Java programmer who does more than “Hello World”, this book is a must have because it explains not only how to do things but how to do things elegantly and why.
Leave a Comment » | Conference | Tagged: Java, Jazoon | Permalink
Posted by digulla
In his talk, Dierk König showed ways to test a web applications with canoo webtest. There are several way to come up with a test script: Recording the user actions with a browser plug-in or by writing the script directly, for example.
He also explained the best ways to test an old application (just test what you can, look for NPE’s, for example, load all pages, make sure some properties appear). Of course, since the app wasn’t designed to be testable, you’ll be limited in what you will be able to test.
IFRAMEs, on the other hand, are not a problem, as are AJAX requests. The main issue with AJAX is that while they are still asynchronous, the test framework has some limitations as to what it can test (permutation of request order). Testing special code for IE and FF is not a problem, the framework supports some browser bugs, too. Also, you can have special code to login or to get the app into a certain state and use this code as a kind of “subroutine” in several tests to avoid code duplication.
Internally, webtest will use htmlunit to examine the HTML returned by the app and execute the JavaScript in it. So DOM manipulations can be tested, too.
It’s not really suitable for load tests, though, since it lacks the features to run concurrently on several computers at once. Use JMeter for that.
If you need to prepare the DB before the tests, use dbunit.
Leave a Comment » | Conference | Tagged: Jazoon, Testing | Permalink
Posted by digulla
In his talk, Alexander Snaps presented a framework called Hölchoko which allows to cache objects from the server on the client. This is a bit like Gears but for Hibernate. No magic bullet, just a layer over the OR mapper to push objects over the wire, cache them in a local DB and make the merge with the server more simple once you’re connected again.
See his blog for more details.
Leave a Comment » | Conference | Tagged: Hibernate, Jazoon | Permalink
Posted by digulla
After some technical difficulties (the only ones I saw during the whole show, well done Jazoon!), we got a short company placement. One or two sentences, next slide, that’s how it’s ought to be (if at all; I mean if I was interested in your company, I’d look at the web site and not at the presentation but I digress).
They presented the EL4J project which is the result of several years of developing web applications. From what I gathered, it makes it a bit more simple to wire web apps together using a bit of convention over configuration and Maven 2. It also has some Swing support in it.
Leave a Comment » | Conference | Tagged: Jazoon, Maven2 | Permalink
Posted by digulla
After spending an hour talking to Ted and keeping him away from the work he had to do, I attended the presentation of Jazz. Another talk that would have benefited greatly from a live demo. Walked out after a few minutes to see the GWT presentation. The presenter of that one had the same problem. *sigh*
Guys, we’re developers, not managers. Show us code and an IDE with a “Run” button.
Still stayed till the break so I could ask some questions.
Leave a Comment » | Conference | Tagged: Jazoon | Permalink
Posted by digulla
I don’t remember much from these keynotes except that Ted was great as usual and that the second keynote bored me to death. I did take some notes, though: I should have a look at Apache Sling (in incubation) and Erlang.
Ted gave some examples of simple questions which a third grader could solve but which most adults (even those with a degree) can’t solve in any reasonable time. Most needed one hour or more. One was this:
Take two sticks, one is 4 meters and the other is 5 meters. Throw them in a well which is 3 meters wide. In which height do the sticks intersect?
It took me 15 minutes to come up with 2.7 meters (or (5*sqrt(34)) / (5+sqrt(34))). Anyone?
Leave a Comment » | Conference | Tagged: Jazoon | Permalink
Posted by digulla
Jazoon Cut is a nice idea: You got a project, they give you 20 minutes to present it (i.e. “cut” as in “cutting edge”). In this Cut, we had NetKernel, iGesture, Interactive Paper, and Privacy Supporting Identity Systems. A rather interesting mix.
When we buy something, we hand over money. This money is untraceable. If the vendor passes it on to his bank later, there is no way anyone could tell that it was you gave him this specific bank note or what you bought with it (the vendor might know that but again, he couldn’t say which bank note you gave him). This is a good thing. If the bank could figure out what you bought, some people would become very interested in this data, for example marketing people. They are looking for a way to measure how easy we are to influence for ages.
But the area is getting more tight. If you had some RFID chips on you, say, one of those new passports or a contactless credit card, I could place some people in a shopping mall or city center with technology to track where you go. Under optimal conditions, an RFID chip can be tracked over the distance of 60 meters. That’s not much and I probably need a couple of radio stations spread over the city to do that but with such a system, I could find out what you buy.
“Now,” you say, “I can’t be identified by that,” and you’d be wrong. Some credit cards will offer all the details stored on them (enough to buy something with that data in the Internet) when asked. For the rest of you, you’re lucky until someone figures a way out to do that. Nonetheless, even if I don’t know your identity I can track you. So if your last stop was at an expensive jeweler, chances are that you have enough money that it’s worthwhile to mug you.
And I can pick you from a safe distance of 20 to 60 meters, follow you around out of sight and wait for the perfect moment to strike. Oh, and better not step into some sex shop because I’d know. In fact, I can track your movements for a couple of days, find out where you live (and thus your identity). All without you ever knowing that I even exist.
I hope I have made you understand that the question is not that you have nothing to hide (which is not true; when was the last time you filed a correct tax declaration?), the question is what evil someone could come up with if he knew something about you. The problem with this question is: Nobody knows the answer until someone comes up with a new evil that nobody else thought about so far!
In his talk, Thomas Heydt-Benjamin showed how you might be able to have both: Comfort and security. The attack described above wouldn’t work if the range of the RFID chip in your credit card would be reduced to a few centimeters. It would still be comfortable if you had to put it on the desk for a moment, making hard contact with the surface to be able to read it. Surely, you would notice if someone followed you holding a strange device to your pocket.
The next thing is the data on the card. The vendor needs the data to know who you are and if your credit is valid. But actually, he does never have to see the real data. The only thing he needs to know is “credit is valid” or not. He doesn’t need your credit card number. Or the name. Or the expiration date. Or the security code on the back. What could be done is this:
You check into a hotel. You present your passport to the reader device on the desk. On your side of the screen, you can select which data the hotel guy can see. To allow the police to track you in case you didn’t pay your bill or you’re involved in some kind of crime, the hotel’s computer gets an encrypted code that identifies you. For everyone who can’t decrypt this key, it’s just a long, random string of data. For all legal means and purposes, you’re as anonymous as you want. While this might not make much sense in the hotel scenario (hotel staff hates it to call everyone “Mr. Smith”), it starts to make sense on the Internet.
You’re stuck in some kind of game and want to check the walk through. Only, the game is for people over 16. So the site with the solution should check your age because the walk through contains all those images which were the reason for the age limitation. In this case, you only want to tell the site your age or rather that you’re older than 16 and nothing else. You don’t want to tell them your name, or where you live. Otherwise, the police might decide to shoot you for reasons of precaution (this is an example, okay?).
Or let’s face the truth: 99% of the Internet is pr0n. And you surely don’t want to leave your personal details with people who treat women like in the movies they sell.
With the Higgins framework, such things are possible. This framework allows to transfer data like “I’m older than 18” in such a way that the other side can be sure you are even though they will never find out what your real age is or your name. At the same time, it doesn’t allow for illegal activity because you can be identified by your IP address and when the police compares the data sent to the web site in question and your passport, they can prove without doubt that it was your passport that was used in the transaction.
At that time, you want a passport that can’t be skimmed in the subway.
While I talked to Mr. Heydt-Benjamin, he also explained to me that certain pacemakers contain a radio interface. Which makes sense. By this interface, you can query for the patient’s data (name, for example) and you can also control the pacemaker. This interface is not protected by any encryption or password. So you can see the heart curves recorded by the sensors. But you can also change the sensor settings of the pacemaker. This is actually what happens when the doctors adjust them to your needs after the surgery.
The scary part is that the pacemaker has a function to stop a heart. This is necessary to “heal” certain kinds of heart rhythm irregularities like ventricular fibrillation. Now if I’m a hacker and I don’t like you, I can turn off the sensors and stop your heart. The device will try to start your heart again after stopping it but that will fail because the settings of the sensors will prevent it to get any feedback.
So if you can see a large antenna at the horizon, the words “denial of service attack” might make you feel a little bit uneasy in the future if you do need a pacemaker.
Leave a Comment » | Conference | Tagged: Jazoon, Security | Permalink
Posted by digulla
Jazoon Cut is a nice idea: You got a project, they give you 20 minutes to present it (i.e. “cut” as in “cutting edge”). In this Cut, we had NetKernel, iGesture, Interactive Paper, and Privacy Supporting Identity Systems. A rather interesting mix.
This talk really intrigued me. As we all know, the “paperless office” really means “kill more trees”. Every year, the work consumes about 5% more paper and that’s despite declines in book and newspaper sales. The guys around Nadir Weibel came up with a system to link paper with the screen. When Nadir started to draw on the screen as he talked, nobody noticed at first. We were thinking he used a graphics tablet or something like that but he actually used a clipboard with a few sheets of paper on it. The paper was just normal paper with the exception of a fine grid of points printed on it which you can barely make out (The concept is explained here). You’ll need a special pen that can recognize that pattern but after that, you’re set.
The iPaper guys have created two demonstrations of their technology: PaperPoint and PaperProof. The former is a printout of a presentation with a menu and some buttons printed on the paper. So you can use the pen to control the presentation just by using your pen. You want to jump to a certain slide? Draw a dot on the “here” “button” on the printout and the computer will recognize where you are on the printout and sent the command to your presentation software. There are options to select a color and line width and then you can just draw on the paper and the same lines will appear on the screen. Hint: You will want to sit down when you do that; drawing something more complex than a little arrow while juggling the clipboard isn’t for the easily irritated.
Not convinced? Well, PaperProof takes it step further. You don’t actually have the computer running while you use iPaper. What you can do is print out some long text (like the book or article you’re currently working on). Then you go out, relax in your deck-chair with a nice drink at your side and the sun above and edit that text, making corrections, marking errors, etc. With the traditional way, you eventually return to your computer and then you have to go through all that again copying everything you did from paper into your word processor.
PaperProof does that for you. It can recognize a few gestures and your handwriting. So when you return in this scenario, you start your computer, sync it with the pen and when you open your text document, it will already contain all the annotations, error corrections and insertions you made with your pen. Editors and authors around the world, isn’t that a dream come true?
Leave a Comment » | Conference | Tagged: Jazoon | Permalink
Posted by digulla
Dark Views 