Literate programming (by alaric)

I wish I'd been there for this conversation:

http://www.gyford.com/phil/notes/talks/e/euro_foo_camp_jo_walsh_literate_programming.php

However, I'm far too boring to be able to make it to exciting geek events like that 🙁 Maybe one day, when I've been freelancing for more so have spare money for travel and can take more time away from work...

I've studied literate programming, so I'd probably have been able to help explain it there. My own interesting idea, however, is that a programming language could have inbuilt support for being in development.

Here's what I mean. How many times have you seen:

/**
 * Returns true iff the specified user should be able to perform the action
 * by checking the access control database.
 */
boolean checkAccess (String username, Action desiredAction) {
  return true; // FIXME: implement access control database
}

Or FIXME comments saying that a bit of code ought to be rewritten to be faster, or refactored on general principles, or something.

What I envisage is that you could instead write:

/**
 * Returns true iff the specified user should be able to perform the action
 * by checking the access control database.
 */
boolean checkAccess (String username, Action desiredAction) {
  return test_harness (true, "Access control check for " + username + " doing " + desiredAction);
}

test_harness is pretty much just a function that returns its first argument, or (depending on a compile flag or something) maybe gives the developer (at run time) the option of specifying what it should return, so he can test the behaviour of code when an access control rule is refused (the second parameter being a prompt).

But when you compile the application in "release" mode, the presence of test_harness becomes a fatal error. Thus protecting you from forgetting, and releasing test harness code into the wild.

Another construct would do nothing to the semantics of the program, just prevent it from compiling (with a custom error) when not in debugging mode. This could be done with something like this in C:

#ifdef RELEASE
#error Whoa! Replace this quick hack of a cache with something that actually frees unused memory, will you?
#endif

...but it would be nicer to just write:

#fixme Whoa! Replace this quick hack of a cache with something that actually frees unused memory, will you?

Anyway. Not quite literate programming per se, but something related to it; by giving semantics to certain kinds of comments that have special meaning, we're still blurring the divide between code and comment in a useful way.

I’m a mad scientist (by alaric)

Watching Spiderman 2 has reawakened my long-slumbering desire to build a giant Farnsworth-Hirsch Fusor and stand in front of it cackling, with the cold blue light of fusion casting my twisted shadow into the dark be-girdered heights of my workshop.

There's not many things you can build from off-the-shelf components worth a few hundred pounds that will create a glowing sphere of fusing plasma to hang in space before your very eyes.

Except, unlike the fusion device in Spiderman 2, it has at least a glass-walled chamber to keep the air out and fusion fuels and exhausts inside, and if you stood in the room with it running without shielding, you'd be bathed in unhealthy radiation.

But for all the blatant silliness of the fusion device in the film, I was delighted by the many ways in which it did resemble a fusion device you could build from mail-order parts in a disused warehouse 🙂

CHROME and IRON data typing (by alaric)

IRON schemas and the CHROME type system are intertwined... more accurately, I'd say the latter was a superset of the former.

Let me give a few examples of my requirements for the system. Read more »

ARGON cryptography (by alaric)

I thought I'd like to discuss the design decisions behind the rather brief description of the "security levels" mentioned on the MERCURY page. Don't worry, you don't need to go and read it first - I'll duplicate everything in this post.

To summarise, my design requirement was to implement a cryptograhic architecture for both communications and storage of sensitive data, which allows for:

1. Both parties in a communication may have differing security requirements; the maximum of both need to be met
2. Security levels need to be specified in a way that is future proof; eg, DES would have been unbreakable in World War II, but nowadays it should only be considered suitable for relatively unimportant data
3. Physical communications links may have a certain element of external protection, rendering encryption an unnecessary burden; a cluster of servers locked in a highly screened server room together should be able to communicate sensitive data between each other in the clear, or with a fast lightweight encryption algorithm - after all, an assailant in the room with them could easily interfere with the machines themselves to get them to divulge their keys. However, the same information being shared across the public Internet would need heavy encryption, or be banned altogether.

4. Communications links and data storage devices might have a maximum security level of information they can be trusted to at all, no matter how heavily encrypted it is, because any crypto algorithm is potentially breakable.

   Read more »

Protocol agnostic middleware (by alaric)

It strikes me that perhaps one of the reasons that middleware hasn't taken the world by storm is that middleware tends to require some inconvenient protocol to access it.

Even the Web Services folks with SOAP and friends don't seem to have changed the world much, for all the effort of choosing a protocol that clients can be knocked up for easily from scratch in most environments.

However, in my work for Frontwire, I've ended up creating a server that does things in response to:

• Java RMI calls
• Work for it to do being directly inserted into an SQL database
• Scheduled events
• HTTP requests
• Incoming emails
• FTP uploads

What does that tell us about currently available middleware "solutions"? Read more »