Overview Of Man in the Middle Attacks

26. February, 2013

David Blake posted a current overview of Man in the Middle type attacks15 Surprising Ways You Could Fall Victim to a Man in the Middle Attack

These include:

  • Key-loggers (hard- and software)
  • Browser plugins
  • Cameras (a.k.a Shoulder Surfing)
  • Wireless attacks

The Difference Between Unit and Integration Tests

14. February, 2013

A unit test checks a certain feature of the software. When it fails, you usually know exactly where to look for a place to fix the problem. They are short, compact and fast.

They come at a cost, though: You have to replicate the setup code in your test.

This is an important point. To use a feature of your software, you always have some set up to do. This set up has to exist in your production code. For unit tests, you will have to copy some parts of this code into your tests because usually, the setup of the production code simply isn’t fine grained or flexible enough to be useful for tests. Think tests which check the error handling: Your production code usually can’t build mock objects that raise errors when certain methods are being invoked.

An integration test reuses the production configuration. It tests many features at once, in the same order and with the same or at least a very similar environment that your final application will use. They are high level and often much easier to set up. But that comes at a cost:

  • They are slow
  • When they fail, there will be many places which could cause the issue, so fixing them is more expensive
  • They break more often because you have more dependencies
  • Setting up a test for the “success” scenario will be simple but injecting mock objects to cause exact error states will be much harder

So be aware what kind of test you’re writing.

Things Users Don’t Care About

8. February, 2013

Things users don’t care about” is something every software developer needs to know about.

Kudos go to Thomas E. Deutsch for finding and telling me about it.

If You Want Them to RTFM, Make a Better FM

16. May, 2012

If you’re interested in the conflicts between software and documentation, Alex Lagarde wrote a great post about that: Intent Discovery – Part 1 : the intents behind softwares.

It explains what the different (and conflicting) goals are between the “technical space” (source code), “model space” (design and architecture) and “document space” (what people need to use the software successfully). And he promises some solutions with the new Eclipse project “Intent” (and the second post in the series).

EFF Tries To Sanitize Patent Law

23. February, 2012

The EFF has started a new campaign to clean the patent system.

I’ve blogged about the many problems of the parent system when it comes to software. If you care as well, at least spread the word. If you want to do more, check out the EFF site or maybe  help with the Patent Busting Project.

Martin Fowler Chimes Into Chorus Against Software Patents

9. August, 2011

In his post “Martin Fowler on Software Patents“, Martin Fowler joins the growing group of people who argue against software patents in their current form.


Smart Thoughts About Logging

13. July, 2011

Archanaa Panda wrote a good piece on logging and how to avoid some of the many pitfalls: High Performance And Smarter Logging

While the article is about log4j, most of it (except for the “if (log.isDebugEnabled)” part) still applies even if you’ve already moved to slf4j. I especially like that she enumerates all the various goals that you try to achieve with logging.