After reading some odd posts, accusations, and recriminations on Digg, I decided to take a peek at how integers work in Java 1.5. Observe this simple snippet from the middle of my test:
i1 = 127; i2 = 127; i3 = 127;
i1 = 128; i2 = 128; i3 = 128;
Looks simple enough... set three integers to the same number, test if they are the same, and print true if they are equal... but here's the output:
Analysis: apparently 128 does not always equal 128... Whoops!
My gut feeling is that this should never be possible. It wasn't in Java 1.4, or any other language I know... Of course, I left out the most important part of my test code -- the declaration:
Now it should be clearer to the Java bunnies... The variable i1 is an integer primitive, whereas i2 and i3 are Integer objects. As we all know, the equals operator i2==i3 tests if two things are the exact same object in the computer's memory... whereas the equals method i2.equals(i3) tests if they have the same value. That's an important distinction for any object-oriented language.
So, what's the big deal? This was always a problem, right? You'd have the same issues in all versions of Java.
Yes, but that's not the point... In older versions of Java the code would have to be this:
i1 = 128;
i2 = new Integer(128);
i3 = new Integer(128);
Autoboxing is basically shorthand. It allows you to define and change the value of objects as if they were primitives. The first code snippet would never compile in Java 1.4, and nobody was confused about it. Now, I'm all for shorthand... but this is going to cause more problems than it solves.
If you just take the first code snippet, any reasonable person would balk if all tests didn't return true. If you were forced to set the new values as if they were objects, then any proficient Java hacker would know to use the equals method. But if you use this shorthand all over, you might forget if that variable is an object or a primitive.
Even if you do use the equals operator with numbers, you still have to be careful with types. There are four kinds of integer objects, Byte, Short, Integer, and Long. Count 'em, four! Naturally, if you want to compare numbers, you need to use the equals operator. However, you better make sure that the objects are the same type... otherwise zero will not equal zero:
Long l1 = 0L; // autoboxing shorthand
System.out.println(l1.equals(0L)); // true
System.out.println(l1.equals(0)); // false
The first test compares a Long with value zero to another Long with value zero... the second compares it with a Integer with value zero. Although they are both integers in the abstract sense, they are different types of objects, so the equals operator fails. Zero does not always equal zero.
I stand by my assertion that object-oriented zealots encourage people to abstract away the wrong information...
Note, this behavior makes total sense for almost all objects: if they are not the same type, how can the equals method possibly make any sense? But some argue, as I do, that primitives are already special cases, and should be treated as such... especially when you are talking about integers. Every hacker knows you shouldn't compare a zero integer to a zero floating-point number... but zero should equal zero for all integers, regardless of sub-type.
Sun should have tried harder to make sure things make the most sense to the most people... they shouldn't simply pander to those who drank the object-oriented kool-aid. Somebody from the C programming world would expect a compiler warning... people from the PHP/Python/Perl/Ruby camp would expect it to 'just work'. Even Java 1.4 folks would look at it sideways for a moment...
In either case, prevent the uninitiated from writing financial apps in Java!
This has been in development for around ten years, and has demonstrated an incredible ability to break down smog into more manageable compounds. By repainting (or repaving) 15% of urban surfaces, they suspect you could cut pollution in half.
Not only that, but it even acts as a preservative. By covering a concrete surface with it, you can significantly reduce the damage caused by acid rain.
And its also pretty darn cheap... it would only increase the cost of a small five-story building by about $100.
Imagine how much cleaner California would be if they paved their roads with this stuff. Or how much cleaner New York City would be if they used this in plaster or paint.
That has got to be the best invention from Italy since the pizza... or maybe the Ferrari.
CNN has an excellent article on Neil Gershenfeld, who is definitely on the list of Coolest Geek Ever. He's an MIT professor who teaches the course How To Make (Almost) Anything.
He also forsees a future where the printers attached to your computer can not only create newsletters and photos, but also three-dimensional objects like chairs and electronics.
Woah... so why isn't this a Half Baked idea? Well, because he's already damn close:
Want a new dining room chair? You'll design it on a PC and press PRINT, and your personal fabricator will create it for you right before your eyes. Just make sure tray No. 2 has enough wood.
The scaled-down model is a ways out, but factory-sized units are already available! He already has 15 around the world. He calls them Fab Labs. These are about $40,000 a pop, and come with laser cutters, sign cutters, milling machines, amongst others. All the pieces are tied together with open-source CAD/CAM software to help you design and make (almost) anything. You can make computers, robot cars, even small buildings.
Heck... given enough materials it might be possible for a Fab Lab to make little baby Fab Labs!
Naturally, there are issues with scale. A specialized factory will be able to make products more efficiently than a Fab Lab. However, those specialized factories require so much initial capital to create, and might be outdated in a year. Therefore, the generalistic Fab Lab might soon be the optimal choice. Soon we may never have factories again... just designers solving the latest problems!
I know what I want for Christmas...
I'm excited about Django... Ruby On Rails is OK, but Ruby is a little too much like Perl for my tastes. If any language is going to knock Java down a notch, it will have to be powerful AND simple. There's too much black magic in Ruby... which makes it hard to maintain somebody else's code.
Anyway, the authors have decided to release the book open source, and are slowly making it available to the public: http://www.djangobook.com/
I'm really impressed with how they did this... only the first four chapters are available at the moment, but that's enough for you to get an idea of how easy it is to create web applications with Django. They focused on a simple framework that can be extended... unlike enterprise Java, which is a mind bogglingly complex framework that requires great effort to simplify.
But enterprise Java pays my bills, so I shan't complain... much...
The web version of the book has a nifty comments feature... you can leave feedback for each paragraph, so its easier to comment and correct their hundreds and hundreds of errors. The book application itself is an impresive example of online collaboration.
This should be an excellent book when its finished...
A collection of very relevant and totally true statements about SOA. A snippet:
- SOA is the only thing Chuck Norris can't kill.
- SOA is not complex. You are just dumb.
- One person successfully described SOA completely, and immediately died.
- If a tree falls in the forest, SOA knows about it.
- In a battle between a ninja and a jedi, SOA would win.
I didn't know that one about the ninja... I guess you learn something new every day.
Kind of a mild shock... there have been rumors running around lately. Of course, there were rumors running around for the past 4 years that Oracle was shopping around for a Content Management company. I shrugged it off as wishful thinking, but here we are...
I'm interested in how this thing will take shape. It's not a done-deal yet, and I know very few details... the Stellent folks will be giving us a FAQ at the company meeting on Friday.
I'll share whatever details are fit for civilians tomorrow... unless blogging is totally banned!
My coworker Rick Petty and I put together our own version of the cylon pumpkin I mentioned earlier. I had intended on following the instructions from evilmadscientist.com, but Rick intervened. "That's really old school," he opined... and convinced me to instead use a AT Mega 8 microcontroller.
The circuit was much simpler... far fewer wires. And then I could program the controller in C code with AVR GCC. And these chips only cost a buck! Much easier than the original plan.
Yes, for Halloween this year, I programmed a pumpkin.
The circuit is much simpler because all we need is LEDs with the positive end connected to the chip, and the negative end bussed through a resistor to ground. Then we can turn the pins on and off at will with the microcontroller. We used some super bright LEDs, and a 10 ohm resistor.
On the chip, we connected pins PD0 through PD7, and PC0 through PC6 to the LEDs. All microcontrollers also need a voltage regulator to supply the correct amount of voltage to the chip. We used 9V AC input, but needed 5V DC for the chip, so we used a
LM7805 voltage regulator, and a 100 microfarad capacitor.
I whipped up a prototype on a bread board, but the chip was busted. So I relied on Rick's inventory, and superior soldering skills to make the final version last weekend. He also gave me a crash course in microcontroller programming so I could write the code to run the dang thing. The final version lit up one pin brightly, dimly lights its immediate neighbors, and slowly panned from side to side.
To get the code on to the chip, we had to use what's called an AVR In-System Programmer. Plug the USB end into your computer, and the other end to power, ground, and the MISO / MOSI pins on the chip. It communicates over a serial bus, so you can even program you chip to output "Hello World!" if you are so inclined...
I really enjoyed this project, and I think Rick has got me hooked on microcontrollers. However, I would need a much better soldering iron to do this project alone... mine makes buzzing sounds and smells of ozone.
You don't gotta be Mr Wizard to know that ain't right...
I recently learned about something disturbing in Python... they have what they call a global interpreter lock (GIL). This means that only one path of execution will run in Python at any one time. They do not support multiple paths, such as Java's use of threads.
Essentially, if you want an application that runs multiple requests simultaneously (such as a web server), you need to spawn multiple Python processes. It also means its almost impossible for a Python application (in the abstract sense) to span multiple paths of execution.
Python's deal leader, Guido van Rossum, does not see this as a problem. Simply write your code to use multiple processes instead of multiple threads. Use events, such as those used in the Twisted Framework, and callbacks instead of threads if you want interprocess communication. It forces you to greatly simplify your code, and not do anything magic, which is kind of the Python credo.
True, a single request will be much faster if it uses the OS to schedule its time, and doesn't have the extra thread layer. However, interprocess communications is MUCH slower, so you should only do it when you ansolutely need to.
Sounds OK at first, but as my boss Sam White said, debugging interprocess communication is a baffling ordeal. In Java, debugging multiple threads is incredibly easy, because of the superior debugging tools. Of course, with Java threads you have the added danger of deadlocks, livelocks, and starvation. Oh my! In theory, the new concurrent libraries in Java 1.5 should fix a lot of these problems... but I'll reserve praise until I see them sufficiently battle-tested.
Anyway... as one astute commenter stated, he'd be fine with Python's GIL... if they would just build a fast, synchronized, multiple process dictionary object into the core language. Perhaps persisted on a filesystem and monitored with a semaphore. It gets a bit hairy if you want clustered servers...
Such an object would allow you to create a cache of information that is synchronized between multiple processes. That would be incredibly useful for caching resources, database tables, or user authorization information. If the Python geniuses could nail that one single problem, I'd bet 99% of all complaints about the GIL would disappear.
If there's a vote on what goes into Python 2.5 (or 2.6), that's on my list.
Threads? Bah! We don't need no stinkin' threads! If Python is good enough for Google, its good enough for you!
Apparently, I am one of about 265 Brian Huffs in the country, according to howmanyofme.com... how do you rank?
Brian is the 29th most popular first name. Not surprising. Huff is the 465th most popular last name... which did seem a bit odd. Surprisingly, there are only 50,000 John Smiths in the country...
Well, although the world is lousy with Brian Huffs, I can take heart in the fact that in a Google search for Brian Huff, three of the top 10 are about me :)
It even lights the LEDs in sequence, just like a good Cylon Raider... or a Cylon Centurion... or KITT from Knight Rider.
Its surprisingly not that complicated... the instructions cover a few microchips, some capacitors, a 9-volt battery, and some wires. Probably around $10 at Radio Shack.
I wonder which of my Battlestar Galactica fanboy friends will be the first to make this.
UPDATE: I did create one of these last weekend for halloween... but slightly different. Go see the results.
As you may or may not know, a lot of cyber crime is waged from networks of zombie computers, also known as botnets. This scary name refers to the hordes of personal computers that have been infected with spyware, adware, or viruses. Such computers are frequently involved in denial-of-service attacks, or to allow criminals to send spam, hide files, or generally cover their tracks.
Yes, if you have a computer virus, your computer was most likely involved in a crime. Anything from blackmail, to piracy, to smuggling child pornography.
The original attackers are getting harder and harder to find. The number of attackers is growing, they are more organized, and the software bugs are getting worse.
So what's the answer? I believe the first step is to begin fining individuals who have viruses on their computers. Yes, they are innocent victims, yes once a system is compromised its difficult to recover, but we need bold actions to solve this problem.
Punish The Victim!
Isn't this punishing the victim? Yes it is. And it may be the only solution.
These reverse-punishment systems are not unheard of. In Italy, just after World War 2, there was a huge rash of kidnappings. It continued for quite a while, during which the police were powerless to help... perhaps they were even in on the kidnappings.
Anyway, in a bold move, the Italian government decided to solve the problem by making it illegal to pay ransom.
The government reasoned, kidnapping is horrible and should be stopped. However, the government had little power to stop the kidnappers... but they did have power over the hapless victims. Therefore, they made it illegal to pay ransom on the grounds that it puts money into the hands of criminals, and makes kidnapping more common.
Now, a lot of these zombie networks perform denial-of-service attacks against medium to small business, as I've covered before. This can knock a small business off the internet entirely. They then demand money from the businesses to prevent future attacks.
So, why not make it illegal for these corporations to pay ransom? Isn't that a better analogy?
It would be, except these attacks never make the news, nor is there ever a police report. The companies want to hide the existence of the crime at all costs. So, we're back at square one.
The blame lays in two places: companies releasing software for wide distribution before it's been battle tested, and computer illiterate people who never follow basic security protocols.
So shouldn't we punish the software industry? Absolutely, but that will yield only limited success. Windows got a lot better after Service Pack 2, although IE is still a wasteland of bugs... However, even if Windows was rock-solid, that would still not prevent a foolish user from installing a piece of malicious software, or running services they don't need.
One Possible Solution
Here's what I believe should be the first few steps in the solution:
- Create minor fines (say $100) for any individual who connects a virus-laden zombie computer to the internet.
- Allow waivers for these fines for security researchers.
- Make it a law that the zombie's homeowners insurance company must cover the fine without a deductible.
This will force insurance companies to pay the $100 fine, if the user has homeowner's insurance. This will relieve most of the burden off of the user, at least for a time.
Since insurance companies are now involved, they can make demands of their policy holders, or risk a raise in rates. For example, they might require a computer safety course, similar to an auto safety course. Or they might give a break if you own for one of those $30 firewall/router combos from Linksys. They would probably give you a nice bonus for owning a Mac...
People have said for years that we need to get the insurance companies involved if there is ever going to be any progress on computer security / safety. That's what it took to prevent fires due to bad wiring or poor construction. But getting them involved is not easy if we only focus on software companies...
To really get the insurance industry involved, we have to punish the zombies.
These innocent victims are making the internet a dangerous place, and a haven for criminals. The solution to this problem is complex, and I do not believe we will find it until enough money is involved. If the insurance companies had to pay $100 per zombie, they would start out by passing that fee along to the customer... but would then rapidly look for a solution.
Estimates of the costs of cyber crime range from 10 to 100 billion annually, and its only increasing. Spending a few billion on a workable solution is a no-brainer.
The BBC recently reported on some interesting trends on corporate corruption. This study asked how frequently people lost business because the competition offered a bribe. In Hong Kong, 76% of people claim to have lost a contract because the competition offer a bribe. In Brazil is was 42%. In the UK, it was 22%. And 32% of people believe the problem is getting worse.
Hmmm... I don't think this is the most reliable metric... What's to stop a lousy salesman to say, "yeah, the deal was going along great, until the competition plunked two bags of money at their feet."
The standard metric is the 2005 Corruption Perception Index (CPI), which is also worth a peek if doing business abroad.
Another corruption index, which I liked a lot, was reported in the Atlantic Monthly recently... This one simply measured how many unpaid parking tickets that United Nations diplomats have.
Because of diplomatic immunity, diplomats from other countries do not have to pay parking tickets. However, its a simple nicety to either not park illegally, or pay the damn ticket if you get one.
The theory is that the number of tickets will reflect cultural norms about corruption. Quite clever...
Some individuals have a sense of entitlement regarding social status. Once they achieve a certain rank (ie. diplomat, CEO, or government clerk), they no longer have to play by the rules if it will enrich them. They might just consider bribery as one of the perks of the job. Such people exist in all cultures, but this metric might be a good indicator of how socially accepted it is.
Oddly enough, the number of unpaid parking tickets that the country's UN diplomats correlates nicely with the CPI. Countries with zero tickets include Canada, Israel, Norway, Sweden, and Denmark. Countries with hundreds of tickets include Kuwait, Egypt, Chad, Sudan, Bulgaria, and Pakistan.
Of course, this metric could be easily gamed. If Kuwait was losing foreign business, they could simply force their diplomats to pay their tickets... so it might not be as useful in 2007.
Bottom line, if bribery is a social norm, don't expect it to go away any time soon. If you are doing business in Kuwait or Hong Kong, be sure to bring big wads of cash.
I wonder if the IRS allows companies to write off bribes as a business expense?
I read an excellent essay today, called No Silver Bullet. Joel Spolsky linked to it from his blog about the future of Java. He said that to this day, it is one of the better essays on the limits of software languages.
The essence of No Silver Bullet is that there is a law of diminishing returns when it comes to new software tools and programming languages. At the beginning, the first few tools like compilers, C, and Unix increased productivity tremendously. However, every new technology gave fewer and fewer gains.
Why not? Because these tools are not addressing the actual problem.
Gathering requirements, transforming them into logic, and finally into a working application will always be difficult. There is no silver bullet to fix this. New tools and techniques help, but only so much. Java's memory management made some things easier, as did scripting languages with loose typing, as did the concept of reusable code modules. However, none of these were a panacea that allowed non-technical people to create applications.
No Silver Bullet is nearly 20 years old... considering how quickly the software industry changes, its remarkable how much of his advice is still relevant. Its also a sobering reminder at how skeptical we should all be about any fancy new tool or technique that promises productivity gains...
[ Next: Code Visualization Tools Are Crap ]
I blogged last week about a company named Allerca, which claimed to have bred hypoalergenic cats.
It turns out, not so much.
BoingBoing reported some very weird things about the company... such as the cats have a license agreement, so you're not allowed to sell them to other people! There was also an article at the San Diego Tribune that questioned their credibility.
Perhaps this was a publicity stunt for somebody who is close, but needs some extra capital before finishing... but that's a risky gabit, even if it is true.
One alert Boinger mentioned that the president of Allerca offered to breed a two headed cat for his father.
Creepy... and just in time for Halloween!
Oh well... its a good idea, but perhaps Allerca just doesn't have the stuff yet.
I guess being a dopey, sarcastic blogger means you don't get the cool press releases. Oh well!
At first glance, Apex makes me very nervous... if you don't know the innards of Salesforce.com, how can you create a safe, secure, high-performance application?
I had hoped that they would release tools could be run locally. That would allow you to do mashup between Salesforce.com data, and internal data repositories... alas, no. It looks like Apex will allow you to write custom apps so they will be hosted on Salesforce.com.
That will make it easy to do mashups of public data on the internet, but what about private data in your custom repository? Nothing yet.
Plus, you're still saddled with the limitation that somebody else over yonder owns your data, and you can't get at it with any current web-based APIs.
If they are paranoid about opening up their APIs, they should at least consider creating a Salesforce.com web appliance... synch data to a local server every once in a while, and allow Apex apps to run inside a paranoid enterprise.
Then I'd be in mashup heaven!
Google has recently discussed an interesting new project... the Google Truth Predictor.
They haven't released many details, but in theory they could index specific facts into a fact database, along with the source, and the number of people who have verified it.
Then, a user could type in a question, such as "the US economy has improved 5%", and search for its truthfulness (versus its truthiness).
In theory, Google would take this question, and break it down into a topic (the economy), a trend (improvement), and a measurement (5%). Then, they could compare it with all existing data, and supply a list of evidence for and against the statement. Then, based on some weighing scheme, they could associate a probability of truthfulness.
The supposed goal would be to know instantly whether a politician is lying or not...
I, however, am not so skeptical...
For example, lets say a congressman in a heated debate says "Every day my opponent visits Washington, a car bomb goes off in Iraq. Therefore, we should keep him out of Washington."
Strangely enough, this statement could be 100% true... but its just a coincidence, and therefore irrelevant. Its formally called the correlation implies causation fallacy. What would Google Truth® do with that statement?
Well, I'm no linguist, but it does seem that logical fallacies do have a similar pattern -- they usually have the word therefore in them -- therefore, a decent human language search engine should be able to identify these patterns. Once a pattern is found, it could also give a probability of a fallacious argument.
Even better, the search engine could warn the user that the statement was not actually a fact, and was probably designed to manipulate them. It could then educate them on what logical fallacy was being used, and why the speaker was being irrational.
Framing, however, is a more difficult issue. Calling the Inheretance Tax the Death Tax is a classic example of framing: use bad words to make something sound worse than it is commonly believed. Likewise, notice the terms Pro Life and Pro Choice. Both very positive sounding, and both designed to elicit a positive reaction.
Framing is as old as Alexander Hamilton. He called his political group The Federalist Party, and called the other guys the Anti Federalists... which in 1780 was the same as calling somebody Anti-American. Naturally, his party won more popular support.
This is despite the fact that Federalism by definition meant strong state governors, and a weak central government... despite the fact that The Federalists lobbied for exactly the opposite form of government.
I hate that Alexander Hamilton soooooooo much...
So, since framing is so context sensitive, how on earth can you defend against it?
The good news is that its really easy to lie, or throw out a logical fallacy, but its pretty hard to frame.
You can spit out a quick lie once to move on to a new issue, and never come back to it. However, to frame an issue, you need to repeat it over and over and over and over. If somebody asked you about the Death Tax five years ago, you probably wouldn't have a clue what they meant. But since it was repeated many times within the context of inheritance, you'd probably catch on.
That means that there is most likely a finite number of topics that are being framed in manipulative ways... and a critical thinker would probably catch them before they have infected the general population. Google could just keep a short list of these red flag words, and give a special warning when found.
My first test? Run Alexander Hamilton's old speeches through the truth predictor. Once it hits 0%, then I'm happy.
Sounds weird, huh? Usually they only fuse advertisements with TV shows when it comes to children's cartoons... and Star Trek... and product placement on Friends... and...
Anyway, it was loosely based on some kind of dystopian future, like 1984, where people were unable to turn off their TVs. Even the newscasters had TVs on while they presented the news. They would put a blanket over them so the viewers would not get distracted.
Anyway, one of the episodes was about people who tried to live off the grid, who called themselves "blanks". They did not have phones, or TVs, or ID cards. And they even read books. They were, of course, considered criminals.
At the beginning of the episode, one of these blanks was taken before a computer terminal by men in black suits. They scanned her hand, and it said something like "Citizen #00000000. Judgment: Guilty." She was led away into what we assume must be a prison, all while shouting "Blank is beautiful! Blank is beautiful!"
Ow. That line hurts my ears to this day. Its been 20 years and I'm still recovering.
What's this have to do with China? Well, in order to streamline their legal system, China has adopted computerized sentencing systems!
Yep... just type in what the criminal did, to whom, and any mitigating circumstances, and *ping* you get your punishment!
Now I'm not too sure what to do with this information... such a system could be good if the system is clogged with hanging judges who give people 10 years in prison for loitering... but once you take human compassion and experience out of the judicial system, its subject to extreme abuse.
And god forbid the clerk is a bad speller...
Hopefully these are just sentencing guidelines, and the judge will still be given discression. Otherwise, this is very bad news.
83%. An MIT-grade high champion nerd.
I believe the test is somewhat skewed against computer geeks who have degrees in physics and just happen to retain a working knowledge of the periodic table of elements. Or mabye I'm in denial.
<!-- ckey="46DF9D5B" -->
I was wondering when somebody would get around to doing this...
If Adobe intends to attract web developers to the desktop, they will really need to make it easy. Since they now own Flash, they might actually be able to pull this thing off...
I know its way too soon, but I'll throw in my two cents in the Apollo versus XUL debate, and side with Apollo.
Apollo only runs on OSX and Windows, and will probably have a larger footprint than XUL. However, Adobe plans on releasing a bunch of free command-line tools that make it easy to create Apollo applications. They'll probably have a tight integration with Flash Studio, but probably not other IDEs.
If you like Microsoft Visual Studio .NET, or Eclipse, better get used to the command-line stuff...
There are several sites like this, but I believe this is the only one who offers their data as an RSS Feed!
RSS Feeds are great, because then political junkies can get an instant fix, even when they're not watching CSPAN. Using the feeds, you could basically get an email every time your congressman voted, or refused to vote, along with info on the bill.
Having the data in an easily shared, XML format is a nice step towards transparency... but politics are so polarized these days that most of them vote along party lines. Often, you don't need 500 feeds, you really only need two.
Kind of disappointing... so I had better get busy mocking them.
So here's my latest mashup idea:
- Download the vote data for every senator via RSS
- Filter the data for votes that go against the party line.
- Do a mashup with Google Maps to display the districts of the offending congressman.
Now, any time a vote occurs, and somebody dares to challenge the status quo in congress, a little warning will pop-up over their district. It will contain the vote info, and links to learn more.
I call it The Independent Thought Alarm. It should help those thumb breakers in congress crack down on those pesky bipartisan coalitions, and their evil attempts to make the world a better place!
Now if I could only cross-reference it with how much pork-barrel spending each district gets... but the bill that would allow citizens to access a database of pork barrel government spending projects got killed... stupid secret senate holds.
Maybe next year.
UPDATE: For those of you coming here from googlemapsmania, this project is not yet complete... I hope to find time to finish it by next week or so.