The Death of Ontology
2008-12-29 | Filed Under Programming
Once upon a time, all good software used some sort of a command language. Whether it was a word processor like Emacs, a typesetting program like TeX, or even something like a graphing program, everything had a command line at the bottom and some kind of command language that could be used to control it. Learning to use a piece of software meant reading the manual to see what commands it had, and what kinds of modifiers and arguments those commands took. There was, I expect, a whole science behind the creation of good command languages. I know, for instance, that many allowed you to use abbreviations so as they were unambiguous, so the better designed ones used a vocabulary that was carefully selected to be memorable but with no words that shared more than a couple of leading letters.
Then with a single innovation, the entire science of command language design became forever irrelevant. [More...]
Post Links
Permalink | Trackback | Leave a Comment
How Long is an Email Address?
2008-12-17 | Filed Under Programming
Suppose you are setting up your database table, and you want to create a column to store an email address. How many characters should you allow in the field? [More...]
Post Links
Permalink | Trackback | 2 Comments
My Security Nightmare
2008-12-04 | Filed Under Programming
As Willie Sutton didn’t say, “I rob banks because that’s where the money is.”
I work for a bank, and so I worry more about security than most programmers. After all, if a hacker were were truly motivated and competent who would they pick to go after? Probably a bank (the other good option is political or corporate espionage). Recently I saw two security-related stories which, when combined, form my ultimate nightmare: an effective attack for which I cannot imagine a possible defense. [More...]
Post Links
Permalink | Trackback | Leave a Comment
Election Guide, Nov 2008
2008-11-01 | Filed Under Politics
Here is a description of all items that will be on my local ballot for this upcoming election, along with my own personal recommendations on how I expect to vote, and why. For quite some time now, I’ve done this sort of research before elections; this time I decided to write it out. [More...]
Separation of Concerns
2008-10-27 | Filed Under Uncategorized
Once upon a time (in the dark ages of web application development) we built our applications as a single monolithic Perl CGI script, or perhaps a large JSP file containing the entire application. [More...]
Many ways to attack websites
2008-10-09 | Filed Under Uncategorized
Developers of web applications have quite a few different kinds of “attacks” to worry about. I will try to describe the major categories I know of, including one which is “new” as of the past month or so. [More...]
Post Links
Permalink | Trackback | Leave a Comment
Threadsafe Java Servlets – a solution
2008-10-07 | Filed Under Programming
In a previous post I wrote about how nearly all web applications built on Java servlets suffer from potential threading issues. Web browsers can make multiple simultaneous requests, which will result in multiple threads concurrently modifying the (not threadsafe) HTTPSession. Most people just ignore the problems (which strike rarely), some serialize all requests for the same session, but neither of these works as well in a world where AJAX-based user interfaces are becoming more common. I hope to describe the basic outline of a solution; explaining, as I go, the reasoning I used in coming up with it. [More...]
Post Links
Permalink | Trackback | Leave a Comment
Threadsafe Java Servlets
2008-09-23 | Filed Under Programming
Web servers are inherently threaded applications: their primary purpose is to serve up a website or web application to a large number of users. Essentially all of the frameworks for creating web applications, such as Java’s “servlet” specification and all of the structure built on top of it, provide built-in support for handling queries from different users simultaneously, and they make it possible for these threads to operate “safely” (without data corruption) so long as a few basic rules are followed (“Don’t store anything in the servlet instance variables.”, and “Don’t access anything stored in static variables unless it is threadsafe.”).
However, threading issues for web servers are not limited to the fact that there are multiple simultaneous users — it is also possible to be processing multiple HTTP requests a single user at the same time. [More...]
Post Links
Permalink | Trackback | 6 Comments
How to email MY blog posts from Outlook
2008-09-15 | Filed Under Uncategorized
This post is mostly for my own use; it updates a previous posting with the details of exactly how I am sending out the email version of these blog postings. [More...]
Post Links
Permalink | Trackback | Leave a Comment
The Secret to Making Chrome
2008-09-15 | Filed Under Programming
Google has released a new browser, “Google Chrome“. It features quite a few innovations: some user interface innovations include tabs above the menus and URL bar, a single field combining the URL and search fields, search and status bars that disappear when not in use and a home page showing small versions of your 9 most-visited sites. Perhaps most interestingly, it runs each tab and plug-in in a separate process so errors or slow-downs in one cannot affect the rest. It also features a strikingly fast JavaScript engine (for those fancy “Web 2.0″ AJAX pages) and some interesting security innovations like “scoping” pop-ups to remain over the page that generated them. And it supports a porn mode… sorry, “Incognito Mode” where no record is kept of your browsing (is this because Google knows something about our browsing habits?). [More...]