From the QWANtify Blogs
As I stated in my first post, I attended RailsConf for the first time this year. The conference was presented with the help of O’Reilly Media and Ruby Central. I thought they did a really nice job of keeping everything running smoothly. I thought the keynotes were the best part of RailsConf. There were keynotes by David Heinemeier Hansson, Avi Bryant, Ze Frank, Tim Bray, Jamis Buck and Michael Koziarski, and Dave Thomas. I found it interesting that many of the keynotes were not on the technical aspects of Rails but more on community and the evolution of software development.
Ze Frank’s keynote wasn’t even related directly to the software development field. It was more about how technology is now allowing people to express their creativity in new ways, such as through internet websites and tools. He talked about how anyone can now be an author and how that has created a huge influx of new creative material to the internet. He said people basically have three options when it comes to the authors of this new content.
1. You can ignore them.
2. You can try to control them.
3. You can shut them down.
I probably enjoyed his keynote the most because it was very, very funny and entertaining but also because it was really deep.
David Heinemeier Hansson’s keynote summerized what has happened over the last couple of years with Rails and then discussed where Rails is going with Rails 2.0. He said Rails 2.0 would focus onRESTful principles but would not be hugely different from what we have now. He also mentioned the following items that would be in 2.0 as well.
- Breakpoints will once again be working in Rails and will have some additional features such as the ability to step up and down in the strack.
- HTTP Performance will be improved using caching techniques for static files such as Javascript and CSS files.
- Query caching will be improved behind the scenes.
- There will be a mime type render that can be used in actions to render different view formats including custom ones.
- The environment.rb file will be split up and better organized.
- Migrations will be improved so the type information is not repeated over and over again in a migration.
- HTTP Authentications will be used more for computer API interactions.
- Rails will generate projects assuming they are going to use the MIT license. If you don’t want to use the MIT license for your project you will need to manually change it.
- Some functionality of Rails will be moved out to plugins based on how well it fits in with the Rails 2.0 core. Also, currently deprecated functionality will be removed.
Many of the speakers such as Dave Thomas talked about the importance of creating a great community presence around Rails and improving the image of the Rails community in the eyes of the world. Throughout the conference people were encouraged to donate money to charity, for example. This started with the Charity Tutorial put on by Pragmatic Studio(which I attended and was a great overview of Ruby and Rails). People interaction was reenforced by the speakers and through the Bird of a Feather sessions at the end of each day. People also gathered during the provided lunches for discussions and short coding sessions.
All in all the conference was really interesting and I came away from it with more motivation to take part in the community. I also learned some interesting stuff through the sessions, although I think this is an area that could be improved upon next year. I often found myself in sessions that had content that I already new or was much simpliar than I expected. It would have been nice if the sessions were organized more by level of expertise or a similar rating next year. However, it was still incredible informative and I would highly recommend for others to attend next year. I would also highly recommend for novice Railers to take the Pragmatic Studio’s tutorial if they get the opportunity. It is a great way to quickly get up to speed with the basics of Ruby and Rails.
Filed in: Team Member Blog 1ruby
A couple of short articles have surfaced recently outlining what Microsoft wants to do with web browsing in the future. The first, http://www.newscientisttech.com/article.ns?id=mg19426046.400&feedId=being-human_rss20, describes how Microsoft wants to be able to identify everyone browsing on the web. This would be a terrible blow to privacy. The greatest thing about the Internet is the ability to view anything you want with relative anonymity. Now, granted, you’re identifiable via your IP address, but you can get around this by using anonymizer services. Fortunately, all of the ways to gather information that are listed in the article can be bypassed. It mentions that Microsoft is thinking about creating a new cookie program to record pages visited, using your browser’s cache, or using proxy server logs to retrieve browsing data.
Sounds like spyware to me. Users don’t put up with spyware secretly grabbing information off of their computers, and I hope they won’t put up with this either. The easiest way around this is to not use Windows as an operating system. All of these sniffing programs or browser cache reading programs will have to be embedded in Windows or Internet Explorer. The proxy server is a little trickier, but I’d be willing to guess that the vast majority of proxy servers worldwide run on UNIX and not Windows. Even if you don’t use a Windows operating system or don’t use Internet Explorer, I’d still recommend that everybody change their privacy settings on their browser to always ask for acceptance when attempting to set a cookie. I think most non-techie people would be amazed at how many cookies are set when browing the web.
The second interesting article, http://www.theinquirer.net/default.aspx?article=39662, describes a new “Identity Layer” for the Internet. This in and of itself is a great idea. Being able to know with the click of a mouse button the identity of a person or a website and being able to verify that identity is a good thing. The interesting thing about this is that Microsoft wants to go it alone. It’s intriguing that they want to create the infrastructure and specifications surrounding this technology. There are efforts in place that are working on such a technology (Liberty Alliance, http://www.projectliberty.org/) in a much more open fashion than Microsoft will ever attempt.
Once again, it seems like this is just a way to “own” more of the Internet and more of the data on everyone. It’s great to be able to verify identities, but it has to be done with an open standard for transparency purposes. It’s hard to trust an authority when that authority has a poor track record when dealing with personal privacy. Unfortunately, Microsoft has so much clout and market share that they seem to be able to muscle their way into everything they take on.
I challenge everybody to be more vigilant when browsing and to think about how their data is used online. Things won’t change unless everybody is aware of what happens to their data.
Filed in: Team Member Blog 2privacy
I think the title of this blog posting is more than appropriate. It summarizes quite clearly that something new is on its way or has recently arrived. For me this week has been full of beginnings and firsts. One you may have guessed is the creation of my blog here at QWANtify. It is something I have been meaning to do for ohhhhh… about 6 months that just has not seemed to materialize. So what is different now, why create my blog now. Well, I have had an opportunity to go to an event that gave me something to write about. I went to RailsConf 2007. In fact it ended only 5 hours ago (it took that long to get the wireless in my room again :) ) and it was great. Since this is my first posting, however, I am not going to go into the details of the conference now. I will leave that for my following posts. Instead I will give you a little bit of an intro to me.
My name is Josh Swan and I am a software developer for a company in Madison, WI called QWANtify (that bit may be a bit obvious from my blogs name and url). I have been working in Java for around 5 years professionally but have a wider array of skills than just Java. For example, right now I am functioning more as a web service architect at work and outside of work I am building Ruby on Rails projects. Interests I have include agile development and project management practices, Ruby on Rails, Test First Development, Behavior Driven Development, application integration technologies, and problem solving in general. I’m the kind of person that if I’m trying to solve something I will have a hard time going to bed at night if I can’t figure out a solution. I also tend to be a bit of a jokester too, just to warn you. :-) I like to answer questions and help people when I can, so feel free to email me at josh.swan@qwantify.com or post comments to this blog.
Filed in: Team Member Blog
So in my last post I talked about getting my web stack setup. I have Apache 2.2 using Mod Proxy Balancer talking to a Mongrel Cluster with MySQL as the database. I copied over one of my test apps and everything is working fine. Now I wanted the ability to deploy to production from any where with an internet connection. Since I do all this on my spare time sometimes I am coding over my lunch hour from a restaurant.
Thus I read up on Capistrano. Okay let me just say Capistrano ROCKS!!! I can’t believe how great of a deploy tool this is.
This was so easy to do. First I read this Shortcut (its on Safari) : Mongrel
I used that shortcut to make sure I had Mongrel setup and running right.
Next I went online and found lots of different ways to setup Capistrano. Then I stumbled across this shortcut (Again it’s also on Safari): Capistrano.
This worked great. This shortcut talks specifically about setting up Capistrano with small steps that help you prove it is working and what would probably be going wrong. I hit a few issues and this shortcut has all the answers. Also Capistrano was originally created when everyone was using FastCGI. This shortcut leads you down the road of using Apache and Mongrel which is what I am using so again this was perfect.
So I took my test app I have been making and with in a day I read the Capistrano Shortcut and got my app deploying. The next day I went to a local restaurant and pushed out an update over my lunch hour! AWESOME!
So I have started working on the another app at home. Part of the reason for the delay in my posts. Well Over my lunch hour I took that app, applied all the Capistrano Configs, Setup the Production Environment and Databases, and finally deployed the application all in my lunch hour. I have NEVER setup a production environment that fast before.
RAILS ROCKS!!
Filed in: Team Member Blog 4general
Microsoft’s Platform Strategy Director and head of Microsoft’s Linux Labs, Bill Hilf, made some rather interesting comments recently about Linux. He’s proclaiming that Linux has ceased to exist in 2007 and that the open source movement is dead because many of the developers actually have paying jobs to work on Linux programs. He went on to mention that the rise of Linux had nothing to do with Linux itself, but with the rise of Apache, MySQL, and PHP and the usage of them on the Linux platform. He described those three stalwart components of many web servers as the “Visual Basic of open source”. Oh yeah… IBM, his former employer, also decided to start a standards war by promoting the Open Document Format because they wanted a part of the Office market and people just don’t want the ODF.
Wow! I don’t even know where to begin on this. I don’t know if this is just the standard FUD that comes out of the Microsoft camp, or if Mr. Hilf really believes what he’s saying, but it’s certainly absurd on many levels.
I can start by saying that I’m pretty sure that Linux still exists right now. Gentoo just released the 2007 version of their base installation. My laptop is running Linux just fine. It hasn’t fallen apart. I’m writing this inside version 2.2 of OpenOffice, which still works and supports ODF as its default document format. Things are good as far as I can tell.
Even though Linux isn’t quite ready for the desktop for the average Windows or MacOS user, it has made great strides. The real power is in using Linux as a server platform. It’s certainly not going anywhere anytime soon. On the server the LAMP stack has worked quite well. It’s possible that the AMP combination had the side effect of raising the awareness of Linux, but my guess is that’s more due to performance on Linux vs Windows than anything else. Also, I’m surprised that Mr. Hilf would compare anything to Visual Basic since that’s less of a “real” programming language than PHP (obligatory VB dig).
I’m not sure why people wouldn’t want the Open Document Format. What it does is create an open standard for storing various document data that has no vendor lock-in associated with it. It will force office software vendors to really compete with their products rather than relying on their locked-in format to keep a person from switching to a different office product.
I don’t see it as a bad thing that programmers are getting paid to write Linux and open source software. They need to make a living, too. If a company wants to sponsor the creation of an open source product, that’s great. It makes it even more likely that the product will continue to be improved upon than if the product was created by a programmer who was in between jobs or creating the product in his or her spare time.
So, in deference to Microsoft and Mr. Hilf: I’m sorry, but I don’t think that Linux is going to go away anytime soon.
Here’s a link to an article (PHP, no less) about this, and another link to the Slashdot story.
http://www.bangkokpost.com/090507_Database/09May2007_data05.php
http://linux.slashdot.org/article.pl?sid=07/05/14/2038250
Filed in: Team Member Blog 5linux
I’ve decided that I really need to be more multilingual. Not in the sense that I should speak another verbal language, though that would be a really great idea, but in the programming language sense.
All of the languages that I’ve learned in the past are standard procedural, object-oriented languages. There is a whole other realm of languages which I hadn’t really taken a look at before, functional programming languages. That’s one of the things that really stands out about Ruby. Ruby has a wide range of uses, but the most noticeable thing about it is that even though you can use it as an object-oriented language, it contains a lot of functional programming paradigms.
Functional programming is a bit strange to wrap your head around if you’ve never really used it before. The entire structure is based upon Lambda Calculus which seems to be nearly impossible to understand unless you’ve got a degree in mathematics. Lambda Calculus basically says that you can represent everything as a function that takes one argument and that argument can be another function. There are ways to represent the natural numbers, standard arithmetic, and even logic functions via Lambda Calculus. It’s pretty heady material to read.
I got curious and started taking a look at Scheme. Scheme is a derivative of Lisp, which makes it one of the “parentheses” languages. Lots and lots of them. It’s no worse than having curly braces everywhere, really. Functions are first class objects. It uses stack notation to perform arithmetic, so there is no operator precedence. It’s a really interesting language. I haven’t really used it for anything yet. I’m still looking through the language specs trying to figure out everything it can do. I’m sure I’ll have more things to say about it in the future. Until then, I’m just going to have some fun with it.
Filed in: Team Member Blog 6languages
Welcome my second rambling about using Ruby on Rails!
I have MySQL configured correctly now. It was very easy to do with the MySQL GUI Admin tool. Unfortunately the tool it’s self isn’t very stable. It would lock up a lot when viewing users. I’m afraid I may have to uninstall the Ubuntu install packages version and install it my self. Like I’ve had to do with Apache, Subversion, and RubyGems.
What’s that you say? Yes I did just say I had to manually install Apache and Subversion. It turns out Ubuntu only has Apache 2.0 available and not Apache 2.1 or 2.2. I’ve seen many posts about people complaining about it, but no sign from the Debian or Ubuntu people that they will do anything about it. So I had to go install it my self. OH this also broke SVN because I used Apache to access Subversion so then I had to download my own Subversion and build it my self. Turns out that was for the best too because again the Ubuntu version was 1.3 and the latest SVN is 1.4. So Ubuntu / Debian is on my naughty list right now. Still it is much easier to work with than any of the other distros so I would use it over any other Linux. Of course right now I am starting thing about buying a Mac Mini just to run as a server. ;-) If only Apple did cost so much. I just can justify spending that much on hardware when I can build a better box for less.
Luckily I found this one blog that has to articles on this. THIS talks about installing Apache 2.2. THIS talks about taking that Apache 2.2 and installing Subversion. I did have to do a few things different though. I use SSL so when I configured Apache I also had to do —enable-ssl. Also when I built Subversion I had to make sure I had the Development Files for Neon which I did use the Ubuntu Software Management tool to get. If you don’t do that then Subversion cannot access a repository over http or https. David Winter thank you for the two awesome articles and you are my new hero.
So why did I need Apache 2.2. Good question. After I got MySQL configured I tried to setup Mongrel Clusters. That was simple and easy thanks to RubyGems and the quality of Mongrel and Mongrel Cluster. Then I tried to load balance my Mongrel Cluster behind Apache. The suggested way to do that is use Mod Proxy Balancer, but that requries Apache 2.1 or Apache 2.2 and NOT Apache 2.0. Thus I spent another weekend to find this out and then going through manually building Apache 2.2 and Subversion.
Now though I can tell you all I have an awesome server stack. Apache using Mod Proxy Balancer talking to Mongrel Clusters. Why is this so cool. Well now I will automate my build using Capistrano.
I’ll save that for next time. ;-)
Filed in: Team Member Blog
I recall a few weeks ago, one of my wife’s brothers was visiting and installing a piece of software on her computer. I casually mentioned as he was downloading that he should grab the MD5 checksum so that he could compare it against the downloaded file. He said that he didn’t even know what that was.
Verifying a checksum is a fairly important step in validating that a file that you have downloaded is definitely the file you expect it to be.
Here’s how it works:
- The person with a file for download will use an MD5 utility to generate an MD5 hash.
- The file and the text of the hash will be put onto a server for download.
- The downloader downloads the file to his or her computer.
- The downloader uses an MD5 utility to generate an MD5 hash of the downloaded file.
- The downloader compares his or her results to the posted MD5 hash. If they are the same, then the file is legitimate. If the hashes are different, the downloader should not open the file.
Of course, this does mean that there has to be a certain level of trust between the downloader and the website from which the file is downloaded. Files and checksums can be replaced to look legitimate when they may include viruses or other worms in them.
On a Linux system the utility md5sum is usually installed by default. For Windows systems there are various third party utilities that can be downloaded to calculate hashes. One is called digestIT and can be found at http://www.kennethballard.com/modules/xproject/index.php?op=viewSummary&pid=2. The md5sum command line utility has a Windows version which can be found at one of a number of links listed on OpenOffice.org’s website http://www.openoffice.org/dev_docs/using_md5sums.html.
The output of an MD5 hash is a 32 byte hexidecimal number which can be a little tough to manually inspect, but the Windows programs usually do the comparison for you. Some websites have started using SHA1 hashes (which generate 40 byte hexidecimal numbers) instead since SHA1 is more secure and harder to find hash collisions for. Many of the Windows programs will also perform hashing for this and other algorithms. In Linux, the OpenSSL program can calculate many different hashes.
The actual algorithms aren’t too complex, but the discussion takes up a fair amount of space. I may post about those at a later time.
I’d encourage everyone to use the checksums when they are available. Even if you’re downloading from a trustworthy website, you never know if the files have been surreptitiously replaced. It’s a good security habit to get into.
Filed in: Team Member Blog
