Skip to content

Variations of Murphy’s Law

05-Jul-07

I had a very unpleasant variation of Murphy law.

It all started as a normal Tuesday morning, it was actually a beautiful morning. Things were looking good, I had finally come up with a sane design, and a proof of concept for some cryptographic work I’m doing. I was ready to start implementing the libraries; I was happy, no I was actually ecstatic. Woke up my laptop, the screen stays blank, no sweat, will do a cold reboot, so I do that.

The laptop starts booting, all is good, I log in, start working and notice my screen is flickering! WTF? suddenly it goes black! I start trying to revive it, and to make a long painful story short, I spent the morning disassembling the laptop, and on the phone with a Dell sale rep, to see if I could get a new LCD screen, I was told they had to check availability and price, he asked me to call back in a few hours. hanged up, went back to my desk, sat at my new chair and ended sitting in the floor! the damn thing broke! Now I was getting a bit pissed, just a bit.

A few hours later I grab my cellphone to call Dell, and the damn thing is dead! it’s unresponsive, does not turn on. At this point I’m really pissed it’s a new phone! Is someone pulling a prank on me or something? Because this does not hold to Murphy’s law, I mean the law is clear, if there are multiple things that can go wrong, the least expected is the one to occur, but man I mean three things! that’s a variation to the law, and not a fun one at all.

When I finally talk to Dell they quote me a whopping $US 1,000.00 for a new LCD screen (My laptop’s warranty expired) plus shipping and insurance.

Next up, get a call from my wife, the family vacation we were planning, had to be canceled, due to her vacation being postponed by her boss! now this is just ridiculous, all in one day! One long, long day.

In short, I have to buy a new computer (because it does not make sense to pay 1k for a screen when I can get a new laptop for that money), a new chair, and my phone is still being repaired, because they didn’t want to exchange it, even though it’s less than a month old!

So if you have any horror stories of Murphy laws or it’s variations, please feel free to share, I’ll feel better If I know I’m not the only one with this bizarre events happening.

Filed in personal | | Comments (7) »

Programmer vs. Developer

27-Jun-07

For years I have ignored the programmer vs. developer problem. For those of you that don’t know of this problem it’s quite simple: There is a trend in some IT circles to regard programmers as second class citizens, as code cowboys that are trigger happy, and are just good for writing code.

Right now if you Google programmer vs. developer, you will get articles on how developers:

  • Design the application from the ground up.
  • Write specs, and documentation.
  • Write test cases.
  • Write unit tests.
  • Write code.

Instead a programmer:

  • Write codes.
  • Fix bugs; if you are lucky.

Well I don’t know about you but that does not seems like a real picture to me. People can call themselves whatever they want, you can call yourself a programmer, developer, engineer etcetera. Hell there was guy at my former employer that referred to me as “Engineer”, let me tell you I’m not an Engineer don’t have the degree, don’t have the know how. The point is that the word developer to my knowledge is a relative new term, while programmer is a much older term. Maybe the reasons of such distinction is to differentiate the real programmers, from the posers? I don’t know.

The truth is that when I hear the world programmer I think of people like:

For a more complete list please go here.

If you take the time to visit each of the links above, you will see some are referred to as:

Those who know me, might be perplexed I left out from the list, who to me is a great programmer and someone that I admire, that is Donald Knuth. Dr. Knuth is to me is a master, any other title in my opinion falls short of his achievements.

Now I’m sure you are asking yourself, what is my position, if I failed to make my position clear from the statements above let me just say, I don’t believe in labeling, that said I don’t consider myself to be one or the other, but if you push me I have to go with Programmer.

I know a lot of people that ware the title “developer or programmer” and are neither. Programming is a lot more than writing code in your favorite language, and to me there are only: good programmers or bad programmers –of course the posers, but those are easier to spot.

I leave you with this little snippet from Donald Knuth:

Languages come and go much faster than I can write books. That’s why I chose to explain algorithms in English, not in the language of the moment. Readers learn a lot by converting from English to their favorite language; The Art of Computer Programming emphasizes things that are independent of languages. No matter what programming language is hot, you need good ideas to express in those languages. If you want your algorithms to be prepackaged, fine, but then my books aren’t written for you.
Actually I’m extremely glad to see the continuing development of languages, not only because programming languages are getting better and better in important ways, but also because such work soaks up a lot of people’s energy-therefore computer scientists don’t write papers that I would otherwise have to read, and I can get my books finished a lot sooner.

Filed in music, programming, technology, thoughts | | Comments (3) »

Computing without a mouse

24-Jun-07

As most of you know I have been dealing with tendinitis for a couple of months now, I have found a way of positioning my hands on my laptop keyboard that enables me to type without any pain, and so far without making the condition worst. I did not invent it, I found a post on a newsgroup, it’s quite simple for those that want to try it.

Instead of placing your fingers on the home row (asdf | jkl;) I place it like so (qwef | jiop) this puts my wrists on a angle similar to what an ergonomic keyboard has, as I said works for me, will probably not work for you, we are all different.

To avoid using the mouse, I’m using a keyboard launcher application called Deskbar, it’s quite nice. In OSX you have: Quicksilver, in Linux/Gnome you have: Deskbar, in Windows you have: Launchy.

For browsing the web I’m using FireFox with Conkeror, this is a keyboard driven FireFox interface, it uses Emacs keybindings by default, but you can customize it to use whatever keybindings you prefer.

For coding/writing/blogging/irc/IM/email I use Emacs, with quite a few elisp code I’ve written to handle repetitive tasks for me, as well as elisp code by other authors.

By no means I am advocating you use or try any of the above programs, or do I think they are the best. They are the best for my use.

Other things I’m planning to do in the shot term is buying myself one of this Aeron Chair I don’t think I need to explain why I’m going to buy one of this, but for those that need the explanation, Google is your friend :).

I hope this post can help those with the same problems I am facing, and making computer use pain and injury free.

Filed in health, thoughts | | Comments (2) »

Weblogger

23-Jun-07

In my quest for being more efficient, I’ve been playing around with Weblogger.
I know most of you are not interested in Emacs, but just in case someone
besides me uses Emacs as it’s default editor, this might be helpful or just plain cool.

Filed in personal, programming, technology | | Comments (0) »

The art of programming

21-Jun-07

There has been a lot said about code being art, and there are quite a few different reasons for this, but I won’t go into them here. There is truth, in that code is art, the problem is that in most cases, programmers misunderstand the term art, and believe that art is whimsical, people look at a painting done by Jackson Pollock using his drip technique and they go:

“Oh, but I can do that!, it just paint splashed in a canvas! How hard can it be?”

The same happens when they hear a cool Rock song:

“Oh! I’m going to be a guitarist, and land me some chicks! How hard could it be to play guitar?”

Well as it turns out, it’s easier to play three chords on a guitar, than to paint like Jackson Pollock or Picasso. But the premise of art being simple, does not make it easy, the same way, that it being complex, does not make it hard. Learning a programming language, is not an easy task, it takes weeks or days to “learn”, but years to use it correctly; just like some one can learn the notes on a pentagram, and the scales, in weeks, but it will take them years for them to write a Symphony.

There is a lot more to just sitting down and banging words out on a keyboard, you need to:

  • plan or design.
  • structure the information your code is going to handle (data structures)
  • the efficient use of said information (algorithms).

There are those that believe, that all the above is only needed for big projects –They believe so because they read articles on how Linus wrote GIT on a few days, or how “X” wrote “Y” in three days. They are wrong.

The truth is that you won’t see me with a UML program, doing diagrams, use case scenarios, and class diagrams, not because I don’t like them, I like them, and use them, when communicating ideas to others, but for the most part I the design in my head, and can visualize it. Before I even consider writing code, I work out the different scenarios in my head, this is easy to do for me, but it might not be easy for you, and that’s fine, sometimes I need to do an outline, or a brain map, before writing code, this is all part of the process of writing.

It’s the same way for a composer when he’s got a commission for a new piece, composers can’t wait for the muse to come when they have a due date for the work –oh, yes composers, writers and painters have due dates.

Composers devise ways of making themselves efficient, and be able to complete their work with enough time, to proof read, re-write, revise, etcetera.. It’s here where some programmers deviate, once the code is written, compiles and runs as expected, only a bug , will make the programmer look at the code again.

Programmers don’t proof read, and they sure as hell don’t like to re-write, and revising is not liked much either. Some do unit testing, which in some cases can cause the programmer to go back, and refactor/revise the code, but in most cases, the programmer just fixes the bug, and does not even care to investigate why the bug was there in the first place, also programmers don’t really look for the most efficient way to code, they avoid making their life easier.

This brings me to the fact that most programmers don’t think about their craft; there are hundreds of books about the craft of music composition, writing a novel, and very few that deal with the craft of programming.

Most programmers don’t even realize that programming, goes beyond the language being use, the language is just a tool; you don’t see painters having flame wars on whether the smaller brush, is better than the bigger brush, for doing a sky line? I’ve never seeing construction workers arguing about which brand of hammer is the best for the job, but you will see that with programmers.

After a long time working on different teams, with different tools (languages) I’ve concluded that most programmers don’t take their craft seriously, and in most cases they sabotage themselves, by not taking the time to look for ways of being more efficient with their time, and their code.

Programming is an art, there is no question about it in my mind, but for it to reach the level of recognition, of the other arts, there is still a long way to go. The knowledge of algorithms, logic, design, and the abilities to do this things well, are worth nothing, if they are not accompanied by thorough, efficient and intelligent coding, do not fool yourself into thinking, that you will be able to make a finished product in a few days. Care for your code, at the end it’s your creation, it exists because you exist, and you made it.

Frederick Brooks had the following to say in his book, “The Mythical Man Month: Essays on Software Engineering”:

The programmer, like the poet, works only slightly removed from pure thought-stuff. He builds his castles in the air, from air, creating by exertion of the imagination. Few media of creation are so flexible, so easy to polish and rework, so readily capable of realizing grand conceptual structures.”

Filed in art, programming, technology, thoughts | | Comments (7) »

I’m so humble…….

20-Jun-07

Today started as most morning, hectic and painful, specially because for some reason my right hand was very sore and swollen, it was all well as I was scheduled to see my Doctor in the afternoon.

I arrived at his office, he was running a bit late, so I sat with the other four patients that were waiting, it wasn’t all bad he has a nice waiting room with WIFI and TV and current magazines and news papers. He got in a few minutes later, and the first thing he does, is notice my swollen hand, and starts questioning right then and there; Was I playing the guitar? Was I over using the computer? What happened?

I’ll tell you what happened I had to change a tire, that’s what happened. He immediately injected something or other to reduce the swelling, and told me we needed to wait a bit, to see if the swelling goes down, to do the treatment.

So here I am, in pain, real pain, when this guy near me try to start a conversation:

The humble guy: Are you a musician?

Me: Yes.

The humble guy: What do you play?

Me: Guitar and Piano.

The humble guy: Who do you play with?

Me: Myself… I don’t play with anyone, I can’t play due to my condition.

The humble guy: You know, I’m a very humble person, I’m so humble that I’m going to tell you something you might not know.

Me: Ok……..

The humble guy: I’m the best guitarist of this country.

Me: Trying not to laugh my ass off. Really? How nice, good for you.

The humble guy: If you need lessons or anything contact me, here is my card.

Me: Thank you, What type of music do you teach?

The humble guy: Bachata, what else? There is nothing better!

Now I know this was really happening because I was quite in a bit of pain. I’ve seen this type of thing a lot, not only with musicians also in the IT field, there are quite a few people that have incredible egos, my experience is that 99% of them are full of manure, but of course I have no prove this guy is in fact full of it, for all I know he can be the Carlos Santana of the Bachata.

It was quite funny though, specially his facial expressions, and when he started mimicking guitar lines with his voice that was precious, I’ve never been so desperate to get on with the treatment (which consist of cortisone injections, not nice I tell you), I also have never seen a room empty so fast in my life! 

Filed in personal | | Comments (7) »

Bill Gates finally gets his Harvard degree

08-Jun-07

Yes, that’s right, Mr. Bill Gates, holds a Doctorate degree from Harvard University, In what major you ask? Wait for it…………. well read it for yourself. I don’t know much of Mr. Gates life, or what his major was, when in Harvard, but if I were the Dean, and trustees I would give him the Degree, but not in that major.

That’s just me, opinions are more than welcome, in the comment section.

Filed in misc, news | | Comments (2) »

Source code management craziness

08-Jun-07

What the hell is going on? I am totally for competition, variety and completeness, but the surge of source code management tools is getting out of hand!

  • Git: According to Linus and some kernel developers, it’s IT. There is nothing better, oh and SVN and CVS suck and you are either a sucker or a moron if you are using CVS or SVN! (That’s the gospel of Linus, not mine.)  I agree with him that merging is the key.
  • Darcs: Is another distributed SCM, this one uses, smart; which according to the site, is a unique algebra of patches.
  • Mercurial: Yet another distributed SCM, there are quite a few projects using it.
  • Bzr: Which is yet another, though I find it quite nice in Linux, because it lets you work with existing CVS and SVN repositories, of course you need a plugin that only works in Linux.

And there are many, many, more, commercial, shareware, open source, etc.. The premise of all this, is that CVS sucks, and SVN is not good enough, to tell you the truth I feel these guys are making CVS a more desirable alternative, because while CVS has a lot of issues, they are well known and documented issues, with well known and documented work arounds. I feel more attached to CVS every passing day, It’s true that I’m used to CVS, but I have and still am giving the SCM mention above a shot, and I’m currently using SVN too.

I used to love SVN, until I had to do some real work, that needed to use the full power of the SVN, and it worked ok, but things that I was told were easy, were in fact hackish, and not all that simple. Setting SVN up is a simple affair, but the way to manage keywords and properties is not trivial, as it should be, and there are a few others things that should be simple and easy to use or administer, but in turn are quite difficult.

CVS is alive and well on many projects, both Open and closed, and I believe, it will keep a good share of the market. I’m not saying the above software is not good, it is, but they are bombarding us, and some projects are using different SCM for different modules for reasons I don’t know and will probably wont understand.

I do agree that the distributed model is very appealing and in theory is ideal, that git and the others like it, make merging trivial, and it’s quite smart too.

But that does not mean CVS or SVN is less than the above, in fact some of the largest code bases are served and managed in CVS and SVN (Yes code bases bigger than the linux kernel, a lot bigger), without problems, yes they have policies and standards in place to minimize issues, but that’s not because of CVS, it’s the nature of a big project, you need consistency, and safe guards. So in a organized work model, the distributed system may be more chaotic, and inefficient than CVS or SVN.

The sad part, is the new crop of SCM looks more of a recursive re-envention of the wheel, with very little new or unique features, that would merit one over the other. It’s like a collective exercise on how to make a distributed SCM.

Let’s see what will come out of all this SCM crazyness, hopefully something will make our collective life easier.

Here is the video of Linus on Git.

[youtube=http://www.youtube.com/watch?v=4XpnKHJAok8]

Filed in programming | | Comments (2) »

Long time no write….

08-Jun-07

It’s been a while since my last post, alas a lot of things have change since then.

To start I’ve become formally unemployed, I say formally, because I am freelancing, and I’m trying to start a company. On the time I was working for my last employer I was physically and mentally exhausted, so much so, that I’ve spent the last month and half being poked in every way a living human being can be poked (Well almost every way, no prostate exam for me yet. yay!).

One of the things that really made me happy, was that I was able to play guitar again, I had to stop due to tendinitis, as I reduced my computer use quite a bit, it seemed to be better. Sadly it only seemed, because tests discovered that my tendons are in very bad shape, and the Doctor recommended I stop playing, as it was hurting not only my tendons, but I had pinch nerve, which cause occasional discomfort, and I had developed a triggered finger, which didn’t manifest itself while playing, but if I used the computer right after playing, my index finger would start dancing on it’s own, not fun I tell you. The doctors advised that if I needed to use a computer, to use a ergonomic keyboard which I have, but don’t use (I use my laptop 100% of the time, so that’s is a bit of a pain to have an external keyboard) and to get an ergonomic mouse, to alleviate trigger finger (which can cause focal dystonia) *sigh*. There other medical issues but those are under control for the most part.

Now this has made me think and study the way I interact with a computer, you see this days we are mostly mouse driven, most application don’t have key bindings for the most important features, and when they do, they can be quite uncomfortable. The web is basically mouse driven, with the exception of gmail, and google reader, that have sane key bindings, although gmail key bindings could be a bit more extensive. I’m sure there are other sites, that have sane and useful key bindings but those are not among the sites I use. Their are a few firefox plugins that make firefox to be more keyboard driven and that is nice. Windows for the most part is quite usable with a keyboard, ironically Linux with gnome and kde, are not as keyboard driven or friendly, and can be a pain to navigate sans mouse.

As I dabble with programming I have come to really valued the old editors, I’ve always been a big fan of both emacs and vi (yes that sounds weird, but I believe they are both good, and they are both worth learning) this editors were made at a time where computing was keyboard oriented, so they have amazing keyboard support, you can make your own key mappings, or re-map the existing ones (which I’ve done in emacs, to avoid doing chords).

On the whole, I’m happy, I have time to play with my kids, I have little to no stress, and will do everything I can to keep it that way, It would had been nice not to have the tendinitis, and be able to play, but as they say you can’t have everything.

So in conclusion I am in fact alive for those who care, and for those who don’t well, you know ……….

Filed in personal | | Comments (5) »

Secure programming

28-Mar-07

Programming is a complex task, and it’s even more complex when you add security to the equation, there are lots of manuals on the Internet, and books on amazon that deal with secure programming, mostly they either geared to web developers or C programmers. What has prompted me to write this is the fact that I’ve been tasked with working on a application that will be used to performance test a system, now this little tool needs to simulate 1,000,000 transactions, everything is OK until I see the code.

The first thing out of my mouth was WTF! I’m not very good at this programming stuff I’ll admit it up front, but what I saw was disturbing. I can not show you the code, because well I’m bound by NDA’s. Nn a few hours of reading I found out the following:

  • Authentication routine is completely and utterly useless.
  • There are several exploitable buffer overflow.
  • Memory leaks, that make Niagara falls look like a dry pond.
  • String format vulnerabilities.
  • Among many others.

In short this a good example of how not to code! All the above issues could have been solved with simple common sense tips:

  • In a routine, always check that the parameters passed, are what you are expecting, do this before anything else. Most Java programmers that I know suffer from this.
  • Make sure that the buffer being passed to your method is of the correct/expected size before doing a strcpy() or strncpy(). Here is a little well known fact, strncpy() is safer than strcpy(), but it’s not safe from misuse, so double check the size/length of the destination where strings are being copied, specially if they’re passed as a parameter to a method, typo’s, miscalculation can make your code vulnerable to a buffer overflow, or in a better case corrupt your stack.
  • Don’t malloc a static variable inside a method, that is going to return said variable, just don’t! ….. alright I’ll explain the reason is very simple, you cannot free the variable, because you need to return it, so the caller of the method needs to take that responsibility, in some cases it might be the only way to go, and you document it, so you don’t forget to free() it, but if it’s not imperative don’t do it!
  • Do not down cast, casting a long to a short might seem exciting, but there are some things that you shouldn’t want to do, or find out why you shouldn’t do it. If you know what you are doing, then you do not need to downcast, if you don’t know what you are doing then I suggest: You walk away from your keyboard slowly.
  • For the love of God, I know you are smarter than me, I admit it, but please, please, just because you got an A on your algorithm class, does not mean you can take a MD5 Hash, slice it in sequence of 8 bits, compress it to a 8 char string using a pad, and expect it to be secure. If you are spending the CPU cycles generating the MD5 hash for pits sake, use the damn hash!!! While established you are smarter than me, chances are you are not smarter than Bruce Schneider or Donald Knuth. Slicing a hash using the above method as a password encryption mechanism, is a open invitation for deep anal probing by the l33t in this internet world. If you don’t know why it is insecure, think about it for a bit, you’ll get it, believe me If I found it you’ll understand it.

There is another trend that annoys me greatly, it has nothing to do with security, it’s just most programmers, do not put their name and date on the code they’ve just written. I can forgive not putting your name specially if you are not proud of the code, or if it’s company policy, but the date of creation and date of modification? It is quite useful specially when you have to track down a change.

It’s been a while since I blogged, but hey I’m sure I was not missed.

Filed in programming, technology | | Comments (3) »