Firefox customization

Firefox, the lightweight browser based on Mozilla, has been garnering quite a bit of attention lately. I’ve been a Mozilla user since 0.5, but only use the browser component, so I thought I’d give Firefox a try. It works great, and is very similar to IE (by design, no doubt). But browsing is a habit of mine, and, like anybody else, I don’t like to change my habits. Luckily, it was easy to change Firefox to fit my needs.

1. Have the search bar respond to my shortcuts (i for google images, g for google search, q for qwestdex search). This was no different than setting it up for Mozilla.

2. Firefox by default saves form entries. I don’t like that–it’s the paranoid in me. Easily changed: go to Tools / Options / Privacy / Saved Form Information and deselect the “Save information…” checkbox.

3. Firefox blithely closes a window when there’s more than one tab open. Wow! I don’t like that at all–Mozilla gives me a warning and 99% of the time, I was aiming at the wrong window or had forgotten that I had multiple tabs open. Feedster handed me this post so I knew I wasn’t alone; a bit of searching on MozDev turned up this handy extension: tab warning. Installing this was a snap, and now my browsing experience is back to what I expected.

One problem I haven’t figured out how to fix: in Mozilla, when you open a link in a new tab, the new tab gains focus. In Firefox, the old tab remains in front.


Ease of programming

Much has been written about ease of use in software, but I think that ease of programming has an even bigger effect. Clay Shirky has a written an interesting post about situated software. Situated software is apparently social software written without certain ‘Web Software’ characteristics, and has some other unique traits. These include
1. not being as technically rigorous
2. capitalizing on ‘real world’ group knowledge without including that
knowledge in software
3. lack of generality
4. planned small number of users
5. accepted physicality
6. short lifespan
7. lack of scalability

His post simply acknowledges that social software (that is, software intended to be used by and relying on the strengths of groups) is becoming, much other software, easier and easier to write. This is due to a variety of factors:

1. Increasing awareness of computers. The PC has been around for 20 years, and is featured in more and more facets of life. This means that even folks who aren’t computer geeks have a basic understanding of how applications work and can be expected to use any applications that are interesting.

2. Open source and costless software reduce the cost structure. If you have to spend thousands of dollars (or hundreds of hours building) for a crucial infrastructure component (for example, a database, or a web server, or a set of client GUI libraries), it’s hard to justify if you’re just whipping something together for a small group. But if you have MySQL, Apache, and IE already provided free of charge, it’s a lot easier to build something interesting on top of these components. This also applies to technical knowledge. I’m on a mailing list for computer book authors and have seem quite a few lamentations about technical content being available for free on the web and cutting into book sales.

3. Programmers are expensive. Methodologies are expensive. Repeatable process is expensive. And all these are unneeded, if it’s going to be a small application used by a known and finite number of people.

4. Increasing ease of use. Tools like perl, MS Office, VB and PHP are made for throwing together quick applications. Sure, you can build large scale applications with these tools if you want, but that takes rigor and discipline. The reason it takes discipline is because these languages were designed from inception to make ‘easy things easy’ even for non programmers. Microsoft deserves plaudits for realizing this and developing their applications with the idea of a non-programmer building applications in mind. (Have you seen some of the wicked Excel spreadsheets your accounting department has?)

This trend is nothing new. In the 1960s, you had to control your video display system in your program; now you just call on MFC or Swing to handle the guts of the GUI. In the 1990s, you had to build your own state machine for each web application; now you just download one of the many frameworks out there and you get a state machine for free.

My question is, what does it do to society when everyone has some kind of understanding of software? To lean on the analogy with cars, I think you’ll end up with a similar division: a highly skilled, specialized, small workforce that builds software that’s easy to use, and a large class of users, who have varying degrees of understanding of the software, but use it in ways that the designers can’t imagine (how did you dent that?) in all facets of their lives.


Spamorama

I just ran across one of the most virulent pieces of weblog spam I’ve ever seen. It was an innocuous comment: ‘please help with my website…’ and the URL wasn’t ostentatiously bad:

pseudobreccia60 DOT tripod DOT com DOT ve (please don’t visit this site!)

pseudobreccia, in case you’re wondering, is a kind of rock. ve is the Venezuelan country code. tripod DOT com DOT ve points to ns4.hotwired.com as its authoritative name server. The comment wasn’t blatantly off topic. So, I wasn’t super suspicious of the site.

Being a bit curious, I visited it. What you get is some kind of flash application. It seems innocent enough, just an ad and an under construction sign. Viewing source shows you nothing, but every time you close the window, or change the location in the address bar, it pops up a new window with the same URL in it (I ended up having to shut the browser down entirely via the Process Manager before it would go away). But, the payload is a periodical full size window pop up with advertisements for, what else, p0rn. Shocking, I know. But the persistance of the app was amazing. I almost wish I had a flash decompiler just to take a look at what it was doing.

I was doing all this in Mozilla–I can’t imagine what it tries to do to Internet Explorer (sets up itself as your homepage, adds itself to your favorites) and I don’t want to find out.


The Grinder

I did some performance testing against a web application that I helped write this weekend. I used The Grinder and was quite happy with the beta version. This lets you write scripts in Jython and uses the quite nice HTTPClient library. The Grinder, like most other performance tools, has an admin interface (the console) and a set up distributed agents that are given tasks and communicate results back via the network to the console. I used the HTTP client, but it looks like you can ‘grind’ anything you can talk to via java, from databases to email servers.

I did run into a few problems. I’m using cygwin on WinXP, and had some difficulties running java from the command line. The fix was to use the cygpath command, like so:

#!/bin/sh
# to start the agent
JAVA=/cygdrive/c/j2sdk1.4.2_03/bin/java
CLASSPATH=`cygpath -p -w /home/Owner/work/grinder/grinder-3.0-beta20/lib/grinder.jar:\
/home/Owner/work/grinder/grinder-3.0-beta20/lib/jakarta-oro-2.0.6.jar:\
/home/Owner/work/grinder/grinder-3.0-beta20/lib/jython.jar`
$JAVA -cp $CLASSPATH net.grinder.Grinder

The client application that I was testing doesn’t use cookies (it’s a J2ME application, and the MIDP spec doesn’t support cookies out of the box). Or rather, it uses cookies, but only to grab the first one that the server sends, store it off, and then pass it back as a query parameter. This type of configuration isn’t The Grinder’s sweet spot, and I had to do a bit of hacking to make sure the appropriate cookie value was sent with the appropriate client request. It would have been nice to use contexts but The Grinder wraps the HTTPConnection in its own class. Apparently, if you are simulating use by a browser, cookies are apparently handled correctly. One gripe–there’s no javadoc for the main classes available on The Grinder’s website, so you have to grab the source if you want to see interactions between pieces (for example, how net.grinder.plugin.http.HTTPRequest interacts with HTTPClient.HTTPConnection).

I also mucked with some of the properties, primarily initialSleepTime. You’ll want to make sure that you read about these properties–I blithely uncommented what was in the sample grinder.properties and ended up with an obscene value for grinder.sleepTimeFactor.

After all the setup, I was able to hammer our server. I discovered two useful things: an error in our logout code, which threw exceptions around 10% of the time, and also discovered that our connection timeout between Apache and Tomcat was set incorrectly. Changing this from 0 to 1000 fixed the dreaded SEVERE: All threads are busy, waiting. Please increase maxThreads or check the servlet status error that I was getting. In addition to these two useful bugs, by making some assumptions about how the application will be used, I was able to gimmick up some interesting numbers about supportable users.

I like The Grinder a fair bit. It’s got a nice GUI. It’s still under active development. I’m a bit leery of using beta software (especially open source beta software), but a poll on the homepage convinced me to try the beta. By using this, I was also able to pick up snatches of python which is a new language to me (finally got to consult my long unused copy of Learning Python). I considered looking at JMeter, but The Grinder appears to be a bit more recently maintained. It’s no LoadRunner, but then again, it doesn’t pretend to be. All in all, if you’re in the market for a cheap, quick performance tool, The Grinder is worth a look.


Miswanting and web application frameworks

I’ve wanted to respond to this post by Kris Thompson where he predicts that “Struts will continue to lose industry acceptance as the MVC leader in the J2EE space” in 2004 for some time now. I believe this is happening already; if you read the blogging community or some of the industry rags, it seems like other alternatives to Struts are being promoted (not least of which is JSF). But there are still tons of Struts applications out there being built every day. There have been over 2000 messages on the struts mailing list for the past year (granted this number is declining–perhaps because folks are GFTFA [googling for the fcuking answer]).

This article explains why I continue to develop in struts: “A wider range of slightly inferior options, then, can make it harder to settle on one you’re happy with.” There is definitely a wide range of J2EE frameworks. In my case, these alternatives to struts are not inferior because of any technical shortfall, but rather because I have to learn them.

(An aside: I have programmers’ optimism as much as anyone else. But after a few years in the industry, I’ve realized that while I feel I can learn a new technology as quickly as need be, in order to really understand the pitfalls of a framework or API, I have to “build one to throw away.” I really do.)

Please don’t take these statements as a whiny “I don’t want to learn anything new.” That’s not true. But my time is finite, and the project deadlines are always creeping up. And struts works well enough for my problem set.

And that’s why struts is going to be around for a while yet.


Do you know where your sensitive files are? Google does.

Googling Up Passwords points out that Google‘s spiders crawl web server error messages and other misconfigurations just as easily as they crawl real content. For simple sites, like mine, there’s not really an issue. Static HTML doesn’t yield much of interest. For complex sites, like Amazon and Ebay, there is a phalanx of security experts waiting to pounce upon and patch the latest bug (perhaps not an entire phalanx, but those sites can and must afford security experts). But for the small workgroup web server, probably using MS products (for ease of use, convenience and training reasons), having such detailed examination of their web server available by keyword search is a disaster.

I often think of computers and cars in the same light. Automobiles were difficult to operate, prone to breaking down, and expensive during the early years of the 20th century. However, eventually, the technology standardized, the industry consolidated, and the car became a fundamental part of (American) life. Computers have only been accessible to common folk since the 1950s, so it’s not fair to demand the same level of reliability. Yet, how much more protean is the computer than the automobile? It took decades to get air bags installed and seat belts worn. How long will it take before folks have the same level of visceral, unconscious understanding of the perils of the computer?


Book Review: Legacies, A Chinese Mosaic

How much do you know about recent Chinese history? I knew a bit, but reading Legacies, A Chinese Mosaic, by Betty Bao Lord, really brought the recent human tragedies of modern China home.

Bao Lord intertwines two main themes: the story of her experiences as an American citizen who emigrated from China as a youngster and is returning as the wife of a American diplomat, and the stories of Chinese friends and acquaintances, often given to her on audio tape, and recounting the sordid and tragic tale of the last 50 years of China. She does all this against the backdrop of the mid to late 1980s and the Tiananmen Square protests by college students.

This book derives much of its power from the simple stories Bao Lord relates. Whether it’s the man who stays alive locked in his office (for years) because his son flys a kite to reminds his father of his presence, or the stories of the real life excesses of the Red Guards, burning any of the “Four Olds,” these stories are touching and real. Even her own family story has a certain pathos, as we learn about her grandfather dying three years before she was able to visit, her aunt calmly dying of cancer, and a sister who only learned that she was adopted by happenstance.

The Great Leap Forward, the Cultural Revolution and the other major events of modern Chinese history are only touched on as they affect the people in the stories told, but even that was enough to shock me with what this nation endured. In fact, it’s even more shocking than it was when I read about it in the history books, because the folks in the stories are real people.


With enough eyeballs…

I referred to Project Gutenberg obliquely here, but browsing their site I found that they’ve implemented distributed proofreading. This is a very good thing. I did one book, Hiram, the Young Farmer, for PG a few years ago, when I was in college and time wasn’t so precious. The OCR went quickly, but the proofreading was slow going and error prone; the story wasn’t exactly riveting, but it was in the public domain. (In fact, I just took a look at Hiram and found at least two mistakes. Doh!)

But Distributed Proofreaders solves the proofreading problem by making both the scanned image and the OCRed text available to me in a web browser. Now I can proofread one page at a time, easily take a break, and even switch between books if I’d like. Also, they’ve implemented a two phase review, much like Mozilla’s review and super review process. Hopefully this will prevent mistakes from being made, since these are going to be the authoritative electronic versions of these documents for some time. Linus’ law probably holds for text conversion even more than for software development.

Now, it wasn’t apparent to me from the website, but I certainly hope the creators of this project have licensed it out to businesses–I can see this application being a huge help for medical transcriptions (work from home!) and any other kind of paper to electronic form conversion.

Update:
It looks like there is a bit of a distributed.net type competition among the PGDP proofreaders.


Long running queries in servlets

The stateless nature of the web presents some user interface issues. Not least of these is how to handle long running processes most efficiently. Do you keep the user waiting, do you poll, etc? Remember, even if everything is going dandy, normal users like to see something.

This JavaRanch article is a good explication of how to use message driven beans and asynchronous access to data in the web tier to deal with these problems. It leans a bit heavily on WebSphere, but does seem to address some of Dion’s issues about there not being enough use of messaging systems. And it even throws a couple of design patterns in as well.


The people’s voice

Tim Bray points out Radio Vox Populi which is a really cool idea:

weblogs + web crawler + text-to-speech + mp3 streaming = talk radio for everyone.

Of course it could do with some filtering, or categorization, but it’s a cool idea. It actually jives with an idea I’ve had for a long time, which is to use text-to-speech, perhaps Festival, to burn cds of Project Gutenberg to create cheap books on cd (oh, should I listen to Boy Scouts on Motorcycles, by G. Harvey Ralphson or Armenian Literature, by Anonymous today?). That’d be cool, if you can handle listening to a robot voice.



© Moore Consulting, 2003-2017 +