Election Guide, Nov 2010
2010-11-01 | Filed Under Politics
Here is a description of all items that will be on my local ballot for this upcoming election, along with my own thoughts on the candidates. [More...]
Post Links
Permalink | Trackback | Leave a Comment
Eric Lippert Tree Challenge
2010-09-09 | Filed Under Programming
In his blog, Eric Lippert issued an interesting programming challenge. (Follow the link for details of the requirements.) Here is my solution. [More...]
Error message was ’3′.
2010-08-20 | Filed Under Programming
Just a brief entry so the NEXT time this happens I can search and find the solution. [More...]
Post Links
Permalink | Trackback | Leave a Comment
Viewing a dependency tree in Maven
2010-06-08 | Filed Under Uncategorized
To find out what dependencies you are getting and from where, execute “mvn dependency:tree”. Send it to a file using “mvn dependency:tree -Doutput=file”.
Election Guide, May 2010
2010-05-16 | Filed Under Politics
This coming Tuesday, we have primary elections. I have been doing my research on the candidates for the various races — all primary elections, and I am registered as a Democrat. I will summarize the results of that research here along with my endorsements and intended votes. [More...]
Post Links
Permalink | Trackback | Leave a Comment
Petitioning the FCC on Net Neutrality
2010-04-03 | Filed Under Politics
I sent the following message to the FCC, which is currently accepting public input prior to promulgating new rules on “Net Neutrality”. [More...]
Post Links
Permalink | Trackback | Leave a Comment
Logging APIs – Evaluating Options
2010-02-09 | Filed Under Programming
In my previous post, I defined a number of different features that logging libraries could have. This time, I will evaluate some Java libraries based on those features. [More...]
Post Links
Permalink | Trackback | Leave a Comment
Logging APIs – Feature List
2010-02-01 | Filed Under Programming
Logging is not the world’s most interesting computing problem, but it is important, and it’s been on my mind lately because people have been pointing out that my company’s use of logging is currently a bit of a mess and ought to be cleaned up. [More...]
Post Links
Permalink | Trackback | 3 Comments
Password in Pieces
2009-12-05 | Filed Under Programming
I came across the following question on reddit:
My bank on the online banking login instead of having a password field it presents you with 3 password fields 1 character each where it asks you for 3 characters from your password, chosen randomly. E.g. the 2nd, 4th and 7th.
I wanted to respond to this, because not only is it an incredibly misguided attempt at security which seriously weakens actual security, it also sounds familiar. Because a few months ago my employer considered doing something just like this. Let me recount the story [More...]
Post Links
Permalink | Trackback | Leave a Comment
Raising the limit on IDs processed
2009-11-13 | Filed Under Programming
It is a fairly simple screen for entering “mass alerts”. There are (omitting some irrelevant details) just two fields: one in which the user enters the text of an alert, and the other in which they enter a list of customer-ids specifying who we should show the alert to. This is normally pasted in from a spreadsheet by the users who are setting up new alert messages.
The feature that we need to implement (or “story” in Scrum parlance) is an increase in the maximum number of customers that can be set at once. You see, there is a “feature” that limits the number of IDs that can be set at one time to about 200. (“About” 200 because most id’s are 9 digits long and they are separated by whitespace; the actual limit is 2000 characters, enforced in Javascript as the field is input.) So when they need to set an alert on 600 IDs, they run through the screen 3 times. When they have 2.5 million IDs to update they open up a “story” for the development team.
I think we asked someone why it was limited to 200 IDs. No one is quite sure, but it’s probably to avoid overtaxing the database query or running a middleware service that takes too long… something like that. “Sure,” we say, “we can increase the limit.” We figure maybe we’ll group it in chunks of 200 and call it in a loop or something. We schedule it to be worked on in this month’s “sprint”.
A couple of man-days of effort go into building it. Some testing determines that (on much less powerful dev hardware) a single call can easily handle thousands of IDs without running into timeout issues — more than that, actually, as we left a factor of 4 or 5 for safety. So the front end breaks the list into chunks of that size. We thought we’d build it to handle unlimited capacity, but there’s an IE6 bug (yes, our corporate overlords require the use of and obsolete broken browser) that limits us to about 60,000 IDs.
Our Corporate Overlords
So we have completed the feature and the business can now enter more than 50x as many IDs at a time. But that’s not quite the end of the story. Because as part of regression testing, our QA staff does some exhaustive testing of the screen, and they discover that there apparently isn’t a limit on the size of other field, the one that contains the alert message. We check the database table for the appropriate max message length, and it turns out to be exactly 2000 characters.
Wait… I think I’ve heard that number before.
Apparently, whoever built this page in the very first place accidentally limited the length of the wrong field. There never was a reason for a limit on the number of IDs processed at once… the limit came entirely because of a bug. Yet we’ve been living with this absurd limitation for several years, simply because no one ever questioned the limit. (Or if they did question it, they got some vague answer like “I assume it’s for performance reasons.”)
I’m sure there is some lesson we should draw from this experience… I’ll leave it to you to figure out what the lesson is.