Wednesday, December 16, 2009

JavaOneRadio interview 2009

Was just going through some photos from earlier this year. Here's a shot of the interview I did on JavaOneRadio about location based services and my work at deCarta.

Sunday, December 13, 2009


Saturday, December 12, 2009

a==1 or 1==a

I was in one of Dave Nagle's lectures at Carnegie Mellon in which he explained that he'd once spent an inordinate amount of time on a bug hunt. The cause: 'a=1' ... a typo. He meant to type 'a==1'. To insure he'd never suffer that pain again, he coded all his boolean comparisons with the literal on the left hand side, like this: '1==a'. This prevents the typo '1=a' because the compiler won't allow an assignment to a literal.

After going on the exact same bug hunt myself, many years ago, I kicked myself for not following his advice. I've coded all my Boolean expressions in the "literal on the left" style ever since, and the compiler has saved me many a bug hunt.

To that paradigm I now have a small addition to make. I've started coding my string equals comparisons in literal-left style as follows: "something".equals(a)

This has the nice effect warding off null pointer exceptions when a is null. I think this literal left style is better than (a+"").equals("something") which is another trick for warding off null values of a.

Friday, December 11, 2009

Keep the hot air flowing

This is a funny satire of the climate change talks..."now powered exclusively by wind".

Saturday, December 05, 2009

Keep it on the DL

I came across what has got to be the most rarely used HTML element. Ever heard of <dl>? me neither. Stands for "Definition List". Inside a DL you put Definition Terms (DT) and inside a DT you put a Definition Description (DD). It actually is a very handy way to markup key/value pairs, such as "firstname: bob" or "Age:34". So if you've got some kind of Object and you want to markup its fields, give the DL a try.

Thursday, December 03, 2009

JTidy and handling HTML embedded in database strings

I've been dealing with an interesting issue. A customer's app needs to store documents created by end users. The document's are really just paragraphs created by the end user, using the YUI Rich Text/HTML editor. The user might also use the "plain text" editing mode, in which case they would actually enter tags like < h1> manually. With this freedom comes the inevitable possibility that they will enter invalid HTML. Since these documents will be stored in NextDB the user might also apply an XSLT transformation over the default HTML presentation of the result set.

The problem is that if the user enters invalid XHTML, like they just throw <blort&rt; into their document, then the XSLT will crash. The problem is made gnarlier by the fact that the documents themselves are likely to be fragments (and in fact they have to be fragments so that when they appear in the context of the default HTML presentation that they get treated as a valid portion of the overall document). In other words, if the user puts tags around their document, you have to strip those body tags off, so that the default HTML presentation doesn't have a nested body.

Enter JTidy. The JTidy library is all about handling crapped-up HTML, and fixing it on the fly. The journey to getting JTidy working was longer than I expected due to an unpleasant interaction with Maven. So, despite the fact that I had the most recent version of JTidy on my Netbeans's project's classpath, when I used Maven to startup Jetty using the mvn Jetty plugin, I would get runtime errors complaining that the method I was trying to call (tidy.setPrintBodyOnly(true);) didn't exist. So, like any good bughunt, the fub began. I knew that Tidy.class was somehow sneaking into my runtime classpath. The first place I looked was my local .m2 repository -- no joy. Finally occured to me that this must be an internal inclusion of an old Tidy jar by maven. When I ran 'grep -r Tidy.class' on my maven directory, I found that maven's 'uber jar' (maven-core-2.0.7-uber.jar) did in fact contain the older version of JTidy. Turns out if you look at the internal dependencies for Maven, you find that it depends on an old version of JTidy. So I unzipped the uber-jar, replaced all the JTidy classes with the latest and greatest, rezipped the jar, and ...badabing badaboom...problem solved. Bing bang boom, very good have a drink.

The actual coding took less than 2 minutes. Argghh talk about an 80/20 rule. Anyhow, JTidy does exactly what I want. Fix any crufted HTML that the user might enter, and then extract only the content of the body element (and even better, if the user doesn't include a body, JTidy fixes that first). So it all boils down to this (just to print the tidied content):

Tidy tidy = new Tidy();
tidy.parse(new ByteArrayInputStream((val+"").toString().getBytes()), System.out);

Epilogue: maybe should start using Jquery. Ironically, this rich text editor threw up on some tags I typed into this post, and I had to spend a few minutes cleaning up the mess!!!

Thursday, November 26, 2009

Good news on C02 Emissions

Obama's announcement, combined with China's recent pledge, is the first good news I've heard on climate change -- ever! Happy Thanksgiving!

Wednesday, November 25, 2009

Viterbi Maximum Liklihood Decoding

Last night I was following up on a hunch that the Viterbi Maximum Liklihood Decoding algorithm could have application for spell checking. I remembered this algorithm from a class I took at Carnegie Mellon called Digital Communications. I went back to the course book, and started reviewing the matter. I hadn't remembered this course book as standing out from others, but now I can really appreciate how well written it is. It has very clear treatment of the subject matter with well broken-out examples, that build throughout the topic. Sklar is a great writer, and he clearly loves the subject matter. I like his pithy conclusions at the end of each chapter. He has a flair for understatement:

"In the last decade, coding emphasis has been in the area of convolutional codes since in almost every application, convolutional codes outperform block codes for the same implementation complexity of the encoded-decoder. For satellite communications channels, forward error correction techniques can easily reduce the required SNR for specified error performance by 5 to 6dB. This coding gain can translated directly into an equivalent reduction in required satellite effective radiated power (EIRP), which consequently reduced satellite weight and cost."

After reviewing the Viterbi algorithm, I was curious about who this Viterbi guy was, anway. I'd also seen a chart in the Sklar book, attributed to the "Linkabit" corporation. Turns out Viterbi founded Linkabit, then later Qualcomm, an eventually donated $50 million to USC where the Viterbi school of engineering bears his name. Interesting story.

Oh, and it turns out the Viterbi algorithm does have applications to spell checking.

Sunday, November 22, 2009

Order-invariant Path Parameters with JSR-311 JAX-RS and Jersey

When defining web service resource URLs, you may find yourself in the situation in which you want path parameters to be viable in any order. For example, shouldn't these two URL's both be accaptable, and point to the same resource?


I've found that the best way to do this is to creat a single resource class, in this case Person, and to define subresource locator methods for "firstname/{firstname}" and "lastname/{lastname}". The trick is to return "this" in your subresource locator method, which affectively turns the subresource locators into a means to setting instance fields on the Person instance.

So when we look in the "PersonResource" class, our subresource locator method for 'firstname' is:

public class PersonResource{
private String firstname;
private String lastname;

@Path("firstname/{firstname}") //subresource
public Person getSubResource(@PathParam("firstname") String fname){
this.firstname=fname; //set instance field on this resource
return this;

@Path("lastname/{lastname}") //subresource
public Person getSubResource(@PathParam("lastname") String lname){
this.lastname=lname; //set instance field on this resource
return this;
The locator method for lastname follows the same patter. And that's all there is to it! I have not found this pattern covered or described in any of the docs for Jersey, but I have found it indespensible.

Creating "alias" URLs for Jersey JAX-RS JSR-311 resources

In REST we are supporting two syntaxes for accessing resources. Let's call it a "fully qualified" resource, and a "shortcut" to the resource. For example, to view a table with its fully qualified URL, you can enter a URL in the format:{account}/db/{db}/tbl/{tbl}

for example:

The "shortcut" URL would be:{account}/{db}/{tbl}

for example

There's a simple "trick" you can apply using JSR-311 to make your resource appear at two different URLs. First, start with your "fully qualified resource". For example, here is snippet:

public class TableResource extends AbstractSelectableResource{
@PathParam("account") protected String account;
@PathParam("db") protected String db;
@PathParam("tbl") protected String table;

Now, to make an "alias" or "shortcut" URL, just define a dummy class that extends the resource you want to make a shortcut to. The purpose of this class is simply to "mount" the resource on an additional URL. Be sure to include all the path parameters and their names must be identical.

public class ShortcutToTableResource extends TableResource{
//this class is intentionally empty

Now your resource will be available on both URLs!

Wednesday, November 11, 2009


A few weeks ago I installed JamWiki to document the new NextDB REST features:

I wasted a lot of time on XWiki, which basically was bloated, didn't work well, and basically produces a constant stream of stack traces. JamWiki works really well, it's nice and clean.

Sunday, November 08, 2009

New ideas for REST in

I've got some more stuff to work on with regard to REST. Here's a

support for relationships in REST URLs (calling them 'links')


The path parameters "from" and "to" describe the tail and the head of
the relationship, respectively. In other words, we can draw a
relationship as an arrow from one table to another table. This makes
'from' and 'to' the natural path parameters.

The REST URL above is equivalent to:

f1.uname='john' AND f2.uname='tom'


In the REST URL, you don't have to specify any constraint on the 'to'
side of the relationship. The following URL would retrieve *all* of
john's friends.


is equivalent to:

WHERE(TEXT name1){


You'll also be able to execute your named queries directly via rest:


So it all will play nicely with existing queries you have already
defined, and new ones you may define in the future.

I also intend to support cookies. So let's say you wanted to log a
user in via https, and then securely transmit his password with each
subsequent REST URL using regular HTTP (not https). First the user
logs in via a secure (httpS) rest access to a query you named LOGIN.
So the password below would not be in the clear, since the form on the
HTML page would GET to an HTTPS url. The URL is constructed
dynamically by the form on submission:;set-cookie

the 'set-cookie' matrix parameter tells nextdb to return a set-cookie
HTTP header with a value equal to cypher('xxxxxxxx'). I.e., nextdb
will encrypt the value that was sent in your request's REST URL,
wherever it finds ;set-cookie, and tell the browser to pass a cookie
named 'pwd' (in this example) with a value that is the encrypted
version of whatever is in the REST URL for the password in the pwd/
{password} path parameter. The set-cookie matrix parameter can occur
at any path segment in the URL, and would be applied to whatever path
parameter is described by the path segment.

from that point on you can use regular rest URLs and nextdb will
substitute into your URL the encrypted cookie value. So you can use
URL's like this in your application, for later actions that require a
user's password:


The get-cookie matrix parameter int the URL allows an HTML page to be
designed with static URLs, into which nextdb will dynamically
substitute the URL path parameters with values sent by the browser as
cookies. It's a bit of a mind bender but this allows a site be
designed with static URLs. The only dynamic URL ever generated by the
app is the single login query that sets the pwd/{password} path

so when nextdb receives the static URL above, it will first see that
the URL incudes a get-cookie matric paramter. NextDB will then look
for a cookie named 'pwd' sent by the browser (or other http client),
decrypt the cookie value, and place the value into the URL where it
finds the get-cookie matrix parameter:


The URL above is then equivalent to this NextQuery expression:



The net effect of this new style of REST url for queries and relationship traversal is to vastly reduce the amount of code an applicaiton has to write, and hopefully to make nextdb accessible to HTML/front-end developers.

Native REST support in

I'm really stoked on using REST to access I've setup a Wiki for and here is our REST wiki page:

Beeing down with a bad cold the last few days, ironically this has given me
some time to work with Jen from Dartmouth Design on using the REST features
to build some features for Project Have Hope. She has graciously offered to
share the preliminary results. So far we've used nextdb for creating
profiles of children to sponsor. The entire page, including the paging
links, profile data, and paypal buttons, is created by applying an XSLT
transformation to the table served up by nextdb. The result is sourced in an
iframe and loaded into a Joomla module. This appears to be a very nice way
to integrate nextdb content with Joomla. I'm also very stoked to see NextDB
used on such a worthy project.

You can read about the XSLT approach here:

This is the XSLT that is being used by Project Have Hope.

I've just learned XSLT so I think there are many things that can be done
smarter, and there is also a bit of cruft template in the XSLT that is never
used (for example the 'append-pad' template is never used) and needs to be
cleaned up. But that aside, it's an amazingly small amount of XSLT
considering this XSLT is the *only* code required to bring together this
dynamic page.

Monday, August 03, 2009

Three Views of REST resources

whew. Just hacked most of the day away learning how to make a custom JAX-RS provider to generate an HTML view of a resource using an XSLT transformation on the XML.

public class UsersProvider implements MessageBodyWriter {
public void writeTo(Users users, Class type, Type genericType, Annotation[] annotations, MediaType mediaType, MultivaluedMap params, OutputStream os) throws IOException, WebApplicationException {
try {
JAXBContext jc = new JSONJAXBContext(JSONConfiguration.natural().build(), new Class[]{users.getClass()});//JAXBContext.newInstance(users.getClass());
DOMResult xml = new DOMResult();
jc.createMarshaller().marshal(users, xml);
StreamSource styleSheet = new StreamSource(getClass().getResourceAsStream("/stylesheet/Users.xsl"));
Transformer transformer = TransformerFactory.newInstance().newTransformer(styleSheet);
transformer.transform(new DOMSource(xml.getNode()), new StreamResult(os));
}catch (Exception ex) {
throw new RuntimeException(ex.getMessage(), ex);

public boolean isWriteable(Class type, Type genericType, Annotation[] annotations, MediaType mediaType) {
return (Users.class.isAssignableFrom(type) && mediaType.isCompatible(MediaType.TEXT_HTML_TYPE));

public long getSize(Users arg0, Class arg1, Type arg2, Annotation[] arg3, MediaType arg4) {
return -1;


In the end it's actually quite easy, but what threw me off was that JAX-RS has built-in support for the serialization of List<t> where T is a JAXB annotated class. The problem is that my custom provider, which applies a stylesheet to the XSL necessarily bypasses the built-in support for collections of JAXB annotated classes. Therefore, the method in my resource can't return a List. Instead, I created the Users (note the plural "s") wrapper class, and JAXB annoted it. Note incredibly annoyingly named accessor method, "getUser". Unfortunately, this had to be named in the singular, due to a quirk of JAXB. Naming it "getUser" produces
<!-- etc -->

versus naming the accessor method in the plural produces (note redundant plural users):
<!-- etc -->

so here is the JAXB annotated "wrapper" class for use instead of returning a raw List from the Resource method:

@XmlRootElement(name = "users")
public class Users {

private List users;

* @return the users
public List getUser() {
return users;

* @param users the users to set
public void setUsers(List users) {
this.users = users;


then the Resource method just looks like this (note that it returns the Users wrapper class):

public Users getUsersHTML(@PathParam("user") String username) throws Exception {
Users users = new Users();
return users;

JAX-RS and Jersey

I spent the better part of the day messing with Jersey, an implementation of JAX-RS. I really like the built-in support for XML and JSON, as well as the JSONP support. The one thing that feels missing is some build-in support for creating lists of URIs. For example, if you have a User resource at Path .../user/JDoe, then plain old ".../user" ought naturally to return a list of URIs, one for each User. It would be nice if there was some support for that in the framework. Other than that, I really like JAX-RS and Jersey.

I'll probably wind up implementing my own providers for generating simple HTML pages and JSONP-HTML.

Tuesday, July 21, 2009

JSON, in retrospect

In May of 2006, I sent this message to a friend. It's funny that the "see for yourself" page is no longer titled "see for yourself", probably because people actually did "see for themselves" and perhaps reached a conclusion similar to the one I reached below. In hindsight, JSON is wonderful and I still consider it to have different use cases than XML. I continue to heavily use both JSON and XML in my day-to-day tasks.

From: Geoff Hendrey
Sent: Wednesday, May 24, 2006 10:31 AM
To: Brent Hamby
Subject: Json questions

Hey dude,

I went to the json "see for yourself" page: to compare the Json equivalent of XML.

I copied each of the examples into notepad and wrote down the size-on disk:

json size (bytes) XML size (bytes) (json size)/(XML size)
604 630 95%
252 221 114%
630 656 96%
3554 10708 33%
898 1150 78%

AVG (json size)/(XML size)

Based on an average size compaction to 83.2% of the XML size. Also, if you look at the 4th example they give (line 4 of the table above), they did a Json version of web.xml. Now web.xml is a notoriously bad XML design. It basically doesn't use ANY attributes, so you get pretty nasty tag bloat. So if we drop the 4th comparison, as being kinda silly, we get an average compaction to 95.4% of the original size. Is saving 4.5% really a big advantage?

I also saw several statements on the json web page that I would put in the "wacky" bin. This may just be personal preference, but I found the XML documents much easier to read than their json equivalents. The Json looks, to me, like "code", kinda like a snippet of PERL or something.

Anyway, it seems clear that being able to easily marshal an object representation of your data makes it much easier to develop software in any programming language. But it seems to me that json is munging this idea up with the wire format, which to me are orthogonal concerns.

Saturday, June 20, 2009

JavaScript downloaded function executor

Ran into a really annoying problem trying to use the YUI text editor in a jqueryUI modal dialog. I am using jquery to load a file "richEditor.html" that has my YUI editor on it. Problems:

  1. required YUI script and link tags, that are needed by YUI, are defined on my page richEditor.html. I need to be move said tags from head to body, because jQuery.load function only loads the body of the HTML page.
  2. said script and link tags *begin* downloading from yahoo when jQuery calls your load callback function. That's becuase richEditor.html itself has been downloaded by jQuery, but the said script and link tags referenced ON richEditor.html have only just begun asynchronously downloading. So if you need to access a function in one of the script tags that is downloading, you have no way to be sure the function has completed downloading.
As a solution, I wrote this JS Object that will simply try to invoke your function, and try again, after a configurable delay, up to maxTries. If the function fails to execute maxTries times, a fail handling function, provided by you, is executed.

Here is the Object:

function DownloadedFunctionCaller(funcToInvoke, waitMS, maxTries, _failHandler){
var funcToInvoke = funcToInvoke;
var waitMS = waitMS;
var maxTries = maxTries;
var failHandler = function(){
alert("Unable to access the network. Please reload the page or try again.");
if(null != _failHandler){
failHandler = _failHandler;
var that = this;
var tries = 0;
this.invoke = function(){
if(++tries >= maxTries){
setTimeout(that.invoke, waitMS);

and here is an example of using it to invoke a function named setEditor that is defined
in an external file, richEditor.html. The setEditor function will only work if all the YUI scripts are downloaded, hence the need to use the DonwloadedFunctionCaller

var div = $("<div></div>");
div.load("richEditor.html", null, function(content){
var invokeMe = function(){
setEditor("Script loaded and executed.");
new DownloadedFunctionCaller(invokeMe, 500,10,function(){
alert("failed to download rich text editor")

If you click on this screengrab, to get a bette look at it, you will see that the text "script loaded and executed" has been set into the YUI editor's text area by the successful invocation of the setEditor method.

Saturday, May 23, 2009

random lines of poetry

I woke up early this morning around 6:30 thanks to Claritin-induced sleep deprivation. I started hacking on server code for automatically building "tables of contents" for very large database tables. I'm using a bunch of Yeats poems, and The Iliad as sample rows in the database. It makes debugging a lot more fun when the data is interesting. It's also a great way to read random lines of poetry. Here is a great stanza from the Iliad:

Generations of men are like the leaves.
In winter, winds blow them down to earth,
but then, when spring season comes again,
budding wood grows more. And so with men--
one generation grows, another dies away. (Iliad 6.181-5)

Did you know the phrase "another one bites the dust" is lifted from the Iliad?

Grant that my sword may pierce the shirt of Hector about his heart, and that full many of his comrades may bite the dust as they fall dying round him."

Saturday, April 11, 2009

Tesla rocks...

Aside from the fawning interviewer, this is a great interview with the CEO of Tesla Motors.

It would be criminal if Tesla didn't receive the funding they need. To see a loser like GM sloshing in bailout funds is a sickening contrast.

Tuesday, March 31, 2009

Nextdb in 120 seconds

Sunday, March 22, 2009

Back in one piece...

Spent the weekend near Tahoe in Truckie. We got 1.5 ft of snow between saturday night and sunday afternoon. Nevertheless Emily and I decided to drive back as soon as I-80 opened so we could get back Sunday night and not miss Monday at work. Tire chains are a real pain in the butt. Both my chains snapped. Fortunately I was able to pull to the side of the road in a relatively safe location (meaning semis were roaring by like 4 feet from me as I crawled under the car to disentagle the chains from the half axle - getting fairly mired in much at the same time). Tire chains are required at times on I-80, but they honsestly seem like very unsafe garbage. The road is littered with broken chains. My theory is they are designed to be a deterent to drivers, more than an actual functioning safety mechanism. Anyway, chain chaos aside, we had a very relaxing weekend watching snow fall on evergreens (I was tempted to say Snow Falling On Cedars, but I refrained).

Actually, I just checked the DOT report for I-80:

"Enter Highway Number(s)
You can also call 1-800.427.7623 for current highway conditions. Mobile

Click It or Ticket

This highway information is the latest reported as of Sunday, March 22, 2009 at 21:50 .

I 80



Wednesday, March 18, 2009

Tuesday, March 17, 2009

From Willow Tea Room, Glasgow

Monday, March 16, 2009

Photos From Scotland

In 2006 I took a trip to Scotland for an OGC meeting, and had the weekend to roam around. I visited the National Library and did a little geniological research. After a fair bit of cross-referenced parish records, pre-census, I believe I located the birth records for my great, great, great, grandfather and grandmother. Unfortunately the library closed right when I pieced it all together, but that's my next trip I guess. The microfilm will still be there!

One of the most fascinating aspects of Edinburgh and Glascow was there role in the Arts and Crafts and Art Nuveau movements. Phoebe Anna Traquair (P.A.T) was one of the female artists who figured prominently in this movement. If you ever have a chance to visit the Mansfield Traquair church, do not miss it.

You can get a better look, here:

If that doesn't blow your hair back, get a look at this amazing painting by P.A.T.. Oh, wait, take a second look, it isn't a painting! It's SILK EMPROIDERY!!

It's almost incomprehensible that a few years ago, the Mansfield Traquair church was being used as a brick storage facility. Thankfully, it was recently rescued an restored. For the life of me I cannot understand why P.A.T. and John Duncan are not better known. Please read this blog to see some more breathtaking work by P.A.T.

I am so awestruck by John Duncan's St. Bride that I recently aquired a canvas reproduction of it from an obscure source on the web. Here is a shot of it gracing my living room.

Scotland has lots of badass wildcats, which came to America as stowaways, and became the big Main Coon cats.

Loch Ness... of course. On the way there we passed the spot where the Battle Of The Shirts (or lack thereof) took place. It turns out that fighting a clan battle in sweltering heat with armor is a good way to die of heat stroke. So it probably seemed like a reasonable idea is to call for a "time out" because of the heat, and take a dip in the loch. Unfortunately, it turned out to be a very bad idea to agree to fight the second half of the battle without armor because of the heat. The horrific mutual slaughter that ensued, fought with claymore broad swords and battle axes left just 12 survivors in total, and the Loch was litterally red with blood for days.

Sunday, March 15, 2009

Another Gem from William Morris

For the Bed at Kelmscott

The wind's on the wold
And the night is a-cold,
And Thames runs chill
'Twixt mead and hill.
But kind and dear
Is the old house here
And my heart is warm
'Midst winter's harm.
Rest then and rest,
And think of the best
'Twixt summer and spring,
When all birds sing
In the town of the tree,
And ye in me
And scarce dare move,
Lest earth and its love
Should fade away
Ere the full of the day.
I am old and have seen
Many things that have been;
Both grief and peace
And wane and increase
No tale I tell
Of ill or well,
But this I say:
Night treadeth on day,
And for worst or best
Right good is rest.

ProPublica: Jouranlism in the public interest

I'm replacing my daily reading of the New York Times Online Edition with that of

Basically, none of the major news outlets can be trusted. This is just a fact. Remember before we went into Iraq how the New York Times ran breathless stories on Sadam's vast underground bunker complex. It was all just a load of shit.

So now I'm going try getting my news from ProPublica, because their mission is to reinvigorate investigative journalism.

Friday, March 13, 2009

Developers are starting to catch on!

Here is a link to a blog post written by a developer at SolutionSoft, about NextDB.

It's a great post, and I think it illustrates how easy nextdb is to learn, and use. Nextb is getting preety close to exiting alpha and entering Beta. During the Beta we will have our "subscribe" buttons up on the site. We are targeting price points that are basically below the noise for even a personal account, so affording nextdb should not be a problem for anyone.

Brent is busy developing and refining a new set of utilities for adding forms to your AJAX apps. The forms will automatically configure themselves based on the content of your table or query, and will be CSS friendly.

I'm working on a notification system that will allow you to receive email when data is inserted into a table. You'll be able to request digests, as well as create email templates that receive data from the inserted row in order to create a personalized, pretty email.

Sunday, January 25, 2009

ulimit -n .... the saga continues

Man, I thought I had put the "ulimit -n issue" to bed once and for all with these configurations in CentOS. So, it was with great chagrin that I recently executed a "ulimit -n" and saw 1024.

Argghhh. Will this issue never end?

I've added "ulimit -n 100000" to my .bash_profile, and now I have confirmed that after logging into a new session, that the new ulimit of 100000 files is in effect.

I'm not happy with putting this in my .bash_profile, but the alternatives looked too dangerous and or flakey.

Wednesday, January 21, 2009

some recent tech photos

At deCarta I am building a new map tile system for our servers. Krish installed it on a floppy drive! That was pretty funny.Brent and I went to the Cloud Connect conference. We tried to pay attention but we were too busy hacking :-)
Panel discussion at Cloud Connect was lively to say the least. I thought the dude from was going to smash a chair on someone. But seriously, he is a very sharp dude. Would not want to debate him.

Wednesday, January 14, 2009

Test reviews Widget

Please don't say "meme" with a straight face

It's early, I'm grouchy, and I've seen the word "meme" one too many times. People: please, please don't use the word "meme" to describe internet trends, or anything else for that matter. It's just silly. It's like putting plastic spinny rims on an '83 celica. It's basically gheto-bling.

Thursday, January 08, 2009

The Wanderings of Oisin

I was trying to find an extant copy The Evergreen Periodical, when I came across this intersting read on the Celtic revival's influence on art nouveau, which in turn led me to The Wanderings of Oisin by Yeates.

"An old man stirs the fire to a blaze,
In the house of a child, of a friend, of a brother.
He has over-lingered his welcome; the days,
Grown desolate, whisper and sigh to each other;
He hears the storm in the chimney above,
And bends to the fire and shakes with the cold,
While his heart still dreams of battle and love,
And the cry of the hounds on the hills of old.

Hacking JS-Kit reviews widget

I just installed the JS-Kit reviews system on my blog below. I was amazed to find the following security holes:

1) no CAPTCHA protection on posts. This means you can flood the reviews with bogus reviews and spam. Want to bring down the reviews system? Just write a 4-line script to execute this URL in a loop:

2) Email span the person who posted a comment you don't like! This one is really amazing! Want to send someone 1000 emails anonymously? Same technique as above, just make it a comment instead of a posting, and the person who made the original posting gets 1000 emails!

test a reviews widget

Tuesday, January 06, 2009

annoying CENTOS problems raising ulimit

My last attempt to raise the open file count on a CentOS server apparently failed. After much dicking around, here is a set of steps that I believe will successfully raise the limit (don't be fooled by whatever you try. If you do a 'ulimit -n' and the returned value is 1024, you have not succeeded in raising the limit).

I did a bunch of reading, and found two postings, that combined seem to have succeeded in upping the max files to 65535.

Mainly I am writing this down so we can remember what the hell I did. These are the two useful posts:

in summary:
1) edit /etc/sysctl.conf to add this line:
fs.file-max = 200000
2) sysctl -p
3)switch to /etc/security/limits.conf and add ther following lines

* soft nofiles 65535
* hard nofiles 65535
4)ulimit -n 65535

I think this worked this time because when I do 'ulimit -n' it returns 65535, whereas prior it always returned 1024. In our previous attempt we only did step 3.

The 200000 value is excessive, but who cares.
I am working on a widget for adding reviews to blogs and websites.

Saturday, January 03, 2009

test review widget

I am working on a widget for adding reviews to blogs and websites.

Friday, January 02, 2009

Tahoe Trip