Archives for the month of: January, 2007

We’ve been discussing and sharing thoughts for some time now with Matthew Foemmel on various problems all related to building Java code using Rake. And it’s been quite an interesting discussion. As we realized that our visions and interests had a lot in common, we decided that our respective projects, Raven and JRake, could be merged into one. Working together, we’ll probably be able to build a much better tool. Besides, it’s always more fun to collaborate, share code and ideas.

For pragmatic reasons, meaning that it’s always a pain in the ass to find a good name, development will happen within Raven. Not that Raven is such a good name (it’s actually far too close to Maven, people seem to think it’s a Maven clone even if it’s actually a totally different beast ) but at least it’s there. So we’ve already started doing some stuff for a future 2.0 branch. Pretty exciting stuff.

I’ll blog more about what we’ll be working on, the improvements and new features that are coming. I believe Matthew is going to do the same on his blog so you can already update your RSS reader. Building Java code is definitely going to become easier and easier…

Picture by superlocal

I’ve finally finished the building of Raven‘s Java Gem repository. It’s right there:

http://gems.rubyraven.org

In case you were wondering there’s exactly 11 256 gems. I think Rubyforge has about 5 000 of them so that’s HUGE! But there’s also a lot of junk, the Maven 2 repository isn’t what I would call clean, there’s some redundancy mostly due to package naming changes. So if you spot duplicates or bad gems, don’t hesitate to report it using Raven’s bug tracker.

I expect the repository to be useful not only for Raven, the availability of an index of almost all available Java artifacts is, IMO, invaluable for many usages. Just for the kick of it you can try:

gem install –source http://gems.rubyraven.org xstream-xstream

I’ve also published a new release for Raven, already 1.2.2! There’s no big change yet but it uses the new central Gem repository as a default for auto downloads. So instead of using gem, just create your project rakefile like the following:

dependency ‘compile_deps’ do |t|
    t.deps << [‘xstream’]
end
javac ‘compile’ => ‘compile_deps'

Download will automatically happen, picking the latest version. But this is a bad habit only useful for prototyping though, I would always recommend using explicit versions.

Thanks to a very nice donation from Tom Ayerst, there’s going to be a central repository of Java Gems. I’m currently running a small script that gets all jars from Maven repositories and wraps them in a Gem. Those are going to be published on a public website. So very, very soon you will be able to get jars by using RubyGems! And using Raven is going to be even easier!

You won’t have to build your own Gem repository anymore, one is going to be provided. It’s just going to be about writing:

dependency ‘compile_deps’ do |t|
t.deps << [{‘commons-logging’ => ‘1.0.4’}, ‘commons-pool’]
end
javac ‘compile’ => ‘compile_deps’

And voila! The missing libraries will be installed in you local gem repository automatically from the central one and used from there by Raven. Just one more thing before I let you go: yes, Raven has a dependency management system similar to Maven, but NO Raven isn’t like Maven. It’s a totally different beast and if you’re not convinced, just give it a try.

Thanks again Tom!

Picture by alphadesigner.

I just came across a post from Nicolas G. Carr giving some credit to the current idea that some day, the whole net will go down because of the surcharge brought by the muliplication of video diffusion services on the net. This is a pretty common idea these days that I’ve seen mirrored here and there. To Nicolas’ credit he ends up his post smoothing up a bit the Nostradamus style-prediction with:

“The video boom, and the Venice Project in particular, may not bring the Net down, but it will likely reveal whether the current “abundance” of bandwidth is a lasting phenomenon or just a transitory one.”

The truth is, the bandwidth scarceness is an impression caused by a local limitation in the U.S. The internet infrastructure is aging here. My DSL line is bringing me 1.5Mbps which is supposed to be fast. Before moving from France, I used to have 10 to 12 times more which is pretty common in Europe. And I’ve been over 5Mbps for at least 3 years. Several ISPs provide video on demand and several TV channels over DSL over there, which doesn’t mean a few videos here and there but a permanent video stream. Granted it’s only between your ISP and your home and not at the whole Net scale but it’s a proof that the technology exists and it’s already mainstream.

Heck, there’s been over 100Mbps in Japan for more than a year now with fiberglass. They have a definite advantage: the country is small, very urban with high population density. Investing in wire infrastructure is definitely worthy.

So if there’s a bandwidth shortage to come, it’s not going to be global but most probably local to North America. My hunch is that the network being the oldest here, it’s also the first one to hit the wall. And the country is pretty large which makes renewing the lines very expensive. Nobody wants to finance the infrastructue renewal when it’s far easier to continue the exploitation of an existing network. Paradoxally, the country where the Internet business is the most developed is also far behind in terms of bandwidth availablity.

Eventually, the Internet giants will find this limitation annoying. The Net users and the Net providers could very quickly find common interests.

This a post where I’m going to say a lot of good things about a commercial product. However I don’t work for the product company, nor do my 16 years old brother, my mother or my wife. I’m not paid for writing whatever I’m going to write, I’m a free man (well, a married free man). Plus, given the popularity of my blog, this post wouldn’t worth more than 50 cents which is far under my minimum donation threshold of $20 or 17 euros (payable by wire transfers).

I’m a Linux user for quite a while now and have always been annoyed by people sending me videos or documents that are Windows specific. You know, these very interesting PPS. However for most of these there’s an alternative like OpenOffice for the aforementioned document types. However it’s not perfect, the document will never look quite the same which can be really annoying. I also have a personal weakness for which I haven’t been able to find a workaround so far: M$ Money.

But all these problems are now history, once again the pinguin wins! I’ve rediscovered CodeWeavers CrossOver and it’s really great. It wraps Wine with all kind of goodies so that you don’t spend a whole week to get something starting but crashing every 2 minutes. To install the Office suite for example, just give it your installation CD or the setup executable. Then it runs the Office install. Exactly the same one. And the Windows reboot simulation is only 5 seconds if you see what I mean.

I’ve also found a solution to my nasty M$ Money addiction by switching to Quicken, its pretty similar and also runs on CrossOver. Life is so beautiful sometimes, I’m almost crying. I can even run Internet Explorer with Beryl transparency! But I don’t do use it too often, who knows, a worm could sneak in.

Now I can say that I’m really a free man (well, free from W$, as I’m still married), I can run everything from my beloved kubuntu. No more dual boot. No more old laptop running Windows. Happy ever after.

By the way, to finish the commercial review, I didn’t break my wallet. CrossOver is only $40 which is about two minimum donations or one generous one.

Update: I’ve just found out that CrossOver also supported iTunes. It’s an older version (4.9) but that doesn’t matter much. The point is I can now stream to my Airport Express wih Linux! No more buggy and unsupported raop_play for me.

I still keep on opening and closing my car. It’s easy, I have a small remote for it, just like almost everybody nowadays. But what for? I came to think of it today. I don’t have anything of value in it, my radio is probably worth $20 and the only other significant valuable is a pack of chewing gum. So why do I close my car? Hell, because that’s what everybody does. It would be pretty stupid to get a window broken because some stupid guy was short of chewing-gums though.

I’ve also been thinking about convertibles. These cars are almost always open and it’s not really a problem. So why do I still close my car? Well, as I said, the functionality is there and it’s pretty harmless. Harmless? I’m not really a specialist about car parts but a security system closing four doors plus the trunk, locking and unlocking working both with a small remote and a pretty complex key must not be cheap. I would say a grand, maybe two.

What do I care most about here, the car itself or the pack of chewing-gum? Wouldn’t these couple of thousand dollars be best spent securing the car ignition instead of the whole car cockpit? Security is all about money, if there’s a quick and cheap way to steal something of value then it’s going to be a very popular stealing item. You just have to make the stealing price high enough so that it’s not worth stealing anymore. Another thing to consider is what you want to make secure. It’s fairly easy to make a small ignition system attack-proof, the car cockpit is another story and the obvious weak points are windows. Roughly, the bigger, the harder.

So I think I would be much better off with a car that doesn’t close.

Securing software is pretty much the same thing. I’ve been working for companies spending large amounts of money to implement senseless security procedures. Forcing the usage of different protocols on both sides of a DMZ. Not opening firewalls for perfectly valid communications, pushing the generalization of SOAP/HTTP (which brings its own pains). Securing on the large instead of securing on the small.

In security maybe more than anywhere else, one size fits all doesn’t work. Secure only where it makes sense and do it on the small.

Picture by ac_jalali

Follow

Get every new post delivered to your Inbox.