I can't help but disagree here. Putting business rules into "The Database" is a sure way to limit the accessibility of those rules to external systems. Putting them into "The Application" allows allows a cleaner API-like access, available from other enterprise (we are talking enterprise software here, right?) apps.
Remember that the business rule you build into a report will probably be needed in an interface one day (ie: taxation on a charge of some kind), and that the tax rules will change much more quickly than you can imagine.
As someone involved in building and architecting ludicrously sized realtime transaction processing systems, I can honestly tell you that the answer is "whatever".
If you have lots more updates than accesses, you need your redo logs etc on RAW devices, no filesystem required, these will be your biggest bottleneck. The rest, well, just go for a decent hardware RAID implementation, since software RAID is a joke.
If you have lots more accesses than updates then it's your RAM which will probably make the real impact.
And at the end of the day, if you're looking at advice, and you're sporting a cheque in your pocket - ask the vendors to tell you which one you should buy! Ask the tricky questions and put their answers in your contract so that they pay you if they lie:)
Interesting that patent application 20030237048 in the USA Patent Office lodged on Christmas Day 2003 is for a Word processor for freestyle editing of well-formed XML documents
Abstract A word-processor that provides a freestyle-editing environment for editing an XML document while monitoring the XML document for well-formedness. The word processor monitors the XML document to determine if the XML document is well-formed and to automatically correct the XML document to maintain well-formedness.
Ten years ago when I was working for a grocery retailer in Australia they introduced fingerprint sign-in/sign-out.
you typed in your employee number, put your finger on the scanner and it said yea or nay.
Of course budding electrical engineer only working there to go through uni was interested in the accuracy:)
correct finger? - ok wrong finger? - still ok piece of paper in the way? - STILL ok someone else's finger? - guess what, still ok! end of a chicken drumstick? - not a problem, still ok.
In the end I determined that it didn't matter who the hell you were, it just looked for an occlusion and said 'yep - they're logged in'.
if the occlusion wasn't roughly finger shaped it seemed to reject, but that's it:)
Yes, you can, but the point is whether you teach by building up or down...
JoelOnSoftware has a good piece on the 'Law of Leaky Abstractions' which for me sums up the problem with using Access as a teaching tool.
When someone doesn't understand that their "report" is returning no rows because they really don't understand outer-joins, then you have frustration. SQL at least forces you to think about those things.
I'm guessing he wants two webcams which appear to a piece of video-conferencing software to be a single webcam comprising two images glued together.
Sounds like he wants a camera aggregator driver which glues together 'n' webcams into a single, larger (or PiP style) image.
I can't see that this is likely to be supported by anything. Most likely he'll want a piece of software which reads 'n' webcams in realtime and pastes them together (solving any refresh, synchronisation, resolution and format problems) and then presents that stream as a new, third aggregated webcam.
Ignore the fact that it's a check/cheque/Czech printing company and focus on the question.
I guess they have some sort of software which allows people to order cheques remotely (either dial up or internet) and have them sent to their business or house etc. This poses the security risk.
To me it sounds like there are three problems you're trying to solve:
1) Securing files stored at work. 2) Securing files while being transferred around at work. 3) Securing files when stored to take home.
I also assume that your 'recover access in case of being hit by a bus' requirement is also 'recover access if the physical security key is lost/left at home today/dunked in hot coffee'.
For #1 - I'll leave that to the paranoid masses out there, I'm sure they can come up with something.
For #2 - Logically you need to use VPN between your client and the server on which the files are stored. There's a heap of options out there...
For #3 - and assuming that you run Windows Clients and need 'free' access to the filesystem for your weird applications, I haven't seen any good, open-source method. The alternatives are things like native NT/XP security (no integration with your hardware 'key') and variants on PGPDisk and DriveCrypt (could have the keyfile on a USB key). The only open source thing I've seen is axcrypt which currently doesn't support external keys.
My question is, who is paying your IS department's bills? Normally it's the revenue producing arms of the company (ie: R&D via sales). That means that they are there to Service your needs (Isn't that the 'S' in 'IS'?). While you have been hired for your engineering skills, they have been hired for their sysadmin (etc.) skills. Stop doing their work for them for free!
Re: Everything, including tools, in moderation!
on
Software Fashion
·
· Score: 1
This is similar to comparing Medication vs Placebo vs Nothing. A chemist sees taking a Placebo and taking Nothing as identical, but a psychologist recognises the difference.
In your example, at least the newbie applied some methodology to the approach! In the opposite case where they never read the book in the first place their newbie 'hole' in the design would be much much harder to trace. Your senior engineer could come in and see the high-level design for something based on pattern and review it (finding the hole) in a week. The same review for a completely home-grown approach would take months.
In the past year? Since NT3.5 (A staple on many corporate desktops for more than a couple of years) the admin/punter divide has been standard.
Yes, a lot of software assumes admin rights when it really has no place doing so (even OpenOffice for Windows requires Admin rights to install!) However, for a similar task under unix, try installing Perl and a bunch of CPAN modules on a per-user basis rather than a system-wide basis. (we do this a lot because different 3rd party apps require different perl versions). Don't even get me started on gcc.
The ass-u-mption is still that the package is going to be installed into/usr/local unless you've got the time to dig through a pile of less than crystal-clear documentation on how to install. And then once you've mastered the PREFIX stuff it still doesn't always play as nice as you think it should.
Anyhow, the assumptions of 'single user' or 'single system' are not Windows specific, they're made by both commercial and OSS developers all over the world.
Re:Everything, including tools, in moderation!
on
Software Fashion
·
· Score: 1
Must be a different person methinks - there's a lot of us corporate drones out there...
Re:Everything, including tools, in moderation!
on
Software Fashion
·
· Score: 1
Hallelulia Reverend - preach it Brother!
This is the most insightful comment I've seen here for a while.
I think their point on patterns is equally valid for UML, or TechnologyX in fact...
UML usage is often seen as an end in itself. Robin (intrepid co-author of this article) was once asked during a job interview: "What's your favourite UML Diagram?" What's the correct response to that? "Oh, Use Case Diagrams every time! Yeah, I use it for everything!"
However I think "Robin" should have read Joel On Software's Guerrilla Guide to Interviewing for the 'correct' response to that. If it was a smart interviewer, it wasn't a question designed to get an answer, but to elicit discussion about patterns and see if Robin really knew what they were and how to apply them. If they weren't a smart interviewer, and were really looking for an answer, then he/she is probably glad that the interview didn't go so well.:)
As far as I can determine from his article the synopisis is:
Some people say that number of virii per platform will be roughly equivalent to that platform's marketshare. They are wrong. Windows is different to the other platforms because: 1) On Windows, applications share architecture making cross-contamination easier. 2) On other platforms, there are more steps to perform to accomplish simple tasks than on Windows (implying that users really need to work at it to get infected). 3) On Windows platforms, most people run with admin rights because that's the default. 4) On Linux, most people don't because they're smart.
I have to say that I am an OSS advocate and Linux user, but I disagreed with almost everything this person says. To take his points on two basic levels:
1) The fact that 'consumer' applications and operating system are largely lumped together conceptually by users on Windows platforms is something the Linux community aspires to, not their key differentiator.
2) The idea that 'most' linux users don't run as root/admin, and 'most' Windows users do is not related to the operating system at all, but to the level of knowledge of each platform's user base. If Linux were to reach the unwashed masses' desktops then most there would either run as root, or have a very simple one-click method to run things as root (ie: to install stuff).
At the end of the day the social engineering of a trojan/virus on a linux box comes down to nothing more than writing a "hey check out this screensaver" perl script with an ascii encoded payload which prompts for the root password "to install it". Bada-boom, 'one-click' linux infection for the masses.
It's also important to remember that the 'alt' text should be used for all images for this specific case:
If you're displaying an image with the word "fish" in it, why not set the ALT text to "The word in this image is four letters long and describes a sea creature. Starting with 'f', and ending in 'sh', the second letter is 'i'."
Screen readers will read out the text, and unless the spammers get an NLP to understand your text, they'll still not get it!
This is interesting and sounds serious, since if you go out of a coverage area or drop out for a moment (ie: tunnel, poor cell handoff) then the same re-registration will happen.
I have sat through hours of DVD extras and have come to the conclusion that sound effects are done from scratch by sound gurus for every single movie. It's almost like professionals ALSO don't have a huge library to draw upon.
Ok, so maybe they don't do it from scratch every time, but they always talk about how they record everyday sounds and modify them, from swooshes for punching to clangs and ching sounds etc. I'm sure for a few dollars you can record your own high-quality sounds. Look at the "inside the matrix" DVD for one guy who describes the sound made by the keanu power-plant sphincter door (the one that keanu is 'flushed' through') as a 'choonk'ing sound comprising a heap of different sounds, everything from a tyre iron hitting an empty tire to a wet fish hitting a bench.
Try a search for 'foley' for a host of groovy techniques to make sounds.
Well, I know of at least one enterprise which has abandoned GCC since they needed 64-bit functionality which GCC didn't support properly. I guess this is the same thing...
Slashdot Mirror
I can't help but disagree here. Putting business rules into "The Database" is a sure way to limit the accessibility of those rules to external systems. Putting them into "The Application" allows allows a cleaner API-like access, available from other enterprise (we are talking enterprise software here, right?) apps.
Remember that the business rule you build into a report will probably be needed in an interface one day (ie: taxation on a charge of some kind), and that the tax rules will change much more quickly than you can imagine.
This post is just an excuse to have my sig read.
As someone involved in building and architecting ludicrously sized realtime transaction processing systems, I can honestly tell you that the answer is "whatever".
If you have lots more updates than accesses, you need your redo logs etc on RAW devices, no filesystem required, these will be your biggest bottleneck. The rest, well, just go for a decent hardware RAID implementation, since software RAID is a joke.
If you have lots more accesses than updates then it's your RAM which will probably make the real impact.
And at the end of the day, if you're looking at advice, and you're sporting a cheque in your pocket - ask the vendors to tell you which one you should buy! Ask the tricky questions and put their answers in your contract so that they pay you if they lie
I know - it's a nice dream.
Asignee Name: Microsoft Corporation.
I wonder if they are related at all?
High Tech my arse.
:)
:)
Ten years ago when I was working for a grocery retailer in Australia they introduced fingerprint sign-in/sign-out.
you typed in your employee number, put your finger on the scanner and it said yea or nay.
Of course budding electrical engineer only working there to go through uni was interested in the accuracy
correct finger? - ok
wrong finger? - still ok
piece of paper in the way? - STILL ok
someone else's finger? - guess what, still ok!
end of a chicken drumstick? - not a problem, still ok.
In the end I determined that it didn't matter who the hell you were, it just looked for an occlusion and said 'yep - they're logged in'.
if the occlusion wasn't roughly finger shaped it seemed to reject, but that's it
Yes, you can, but the point is whether you teach by building up or down...
JoelOnSoftware has a good piece on the 'Law of Leaky Abstractions' which for me sums up the problem with using Access as a teaching tool.
When someone doesn't understand that their "report" is returning no rows because they really don't understand outer-joins, then you have frustration. SQL at least forces you to think about those things.
I'm guessing he wants two webcams which appear to a piece of video-conferencing software to be a single webcam comprising two images glued together.
Sounds like he wants a camera aggregator driver which glues together 'n' webcams into a single, larger (or PiP style) image.
I can't see that this is likely to be supported by anything. Most likely he'll want a piece of software which reads 'n' webcams in realtime and pastes them together (solving any refresh, synchronisation, resolution and format problems) and then presents that stream as a new, third aggregated webcam.
Sheesh!
Ignore the fact that it's a check/cheque/Czech printing company and focus on the question.
I guess they have some sort of software which allows people to order cheques remotely (either dial up or internet) and have them sent to their business or house etc. This poses the security risk.
To me it sounds like there are three problems you're trying to solve:
1) Securing files stored at work.
2) Securing files while being transferred around at work.
3) Securing files when stored to take home.
I also assume that your 'recover access in case of being hit by a bus' requirement is also 'recover access if the physical security key is lost/left at home today/dunked in hot coffee'.
For #1 - I'll leave that to the paranoid masses out there, I'm sure they can come up with something.
For #2 - Logically you need to use VPN between your client and the server on which the files are stored. There's a heap of options out there...
For #3 - and assuming that you run Windows Clients and need 'free' access to the filesystem for your weird applications, I haven't seen any good, open-source method. The alternatives are things like native NT/XP security (no integration with your hardware 'key') and variants on PGPDisk and DriveCrypt (could have the keyfile on a USB key). The only open source thing I've seen is axcrypt which currently doesn't support external keys.
My question is, who is paying your IS department's bills? Normally it's the revenue producing arms of the company (ie: R&D via sales). That means that they are there to Service your needs (Isn't that the 'S' in 'IS'?). While you have been hired for your engineering skills, they have been hired for their sysadmin (etc.) skills. Stop doing their work for them for free!
This is similar to comparing Medication vs Placebo vs Nothing. A chemist sees taking a Placebo and taking Nothing as identical, but a psychologist recognises the difference.
In your example, at least the newbie applied some methodology to the approach! In the opposite case where they never read the book in the first place their newbie 'hole' in the design would be much much harder to trace. Your senior engineer could come in and see the high-level design for something based on pattern and review it (finding the hole) in a week. The same review for a completely home-grown approach would take months.
In the past year? Since NT3.5 (A staple on many corporate desktops for more than a couple of years) the admin/punter divide has been standard.
/usr/local unless you've got the time to dig through a pile of less than crystal-clear documentation on how to install. And then once you've mastered the PREFIX stuff it still doesn't always play as nice as you think it should.
Yes, a lot of software assumes admin rights when it really has no place doing so (even OpenOffice for Windows requires Admin rights to install!) However, for a similar task under unix, try installing Perl and a bunch of CPAN modules on a per-user basis rather than a system-wide basis. (we do this a lot because different 3rd party apps require different perl versions). Don't even get me started on gcc.
The ass-u-mption is still that the package is going to be installed into
Anyhow, the assumptions of 'single user' or 'single system' are not Windows specific, they're made by both commercial and OSS developers all over the world.
Must be a different person methinks - there's a lot of us corporate drones out there...
Hallelulia Reverend - preach it Brother!
This is the most insightful comment I've seen here for a while.
Trolling a bit there - are they biting?
:)
I think their point on patterns is equally valid for UML, or TechnologyX in fact...
UML usage is often seen as an end in itself. Robin (intrepid co-author of this article) was once asked during a job interview: "What's your favourite UML Diagram?" What's the correct response to that? "Oh, Use Case Diagrams every time! Yeah, I use it for everything!"
However I think "Robin" should have read Joel On Software's Guerrilla Guide to Interviewing for the 'correct' response to that. If it was a smart interviewer, it wasn't a question designed to get an answer, but to elicit discussion about patterns and see if Robin really knew what they were and how to apply them. If they weren't a smart interviewer, and were really looking for an answer, then he/she is probably glad that the interview didn't go so well.
ObSimpsons: Smells like crapweeds, or stinkblossoms, right?
As far as I can determine from his article the synopisis is:
Some people say that number of virii per platform will be roughly equivalent to that platform's marketshare. They are wrong. Windows is different to the other platforms because:
1) On Windows, applications share architecture making cross-contamination easier.
2) On other platforms, there are more steps to perform to accomplish simple tasks than on Windows (implying that users really need to work at it to get infected).
3) On Windows platforms, most people run with admin rights because that's the default.
4) On Linux, most people don't because they're smart.
I have to say that I am an OSS advocate and Linux user, but I disagreed with almost everything this person says. To take his points on two basic levels:
1) The fact that 'consumer' applications and operating system are largely lumped together conceptually by users on Windows platforms is something the Linux community aspires to, not their key differentiator.
2) The idea that 'most' linux users don't run as root/admin, and 'most' Windows users do is not related to the operating system at all, but to the level of knowledge of each platform's user base. If Linux were to reach the unwashed masses' desktops then most there would either run as root, or have a very simple one-click method to run things as root (ie: to install stuff).
At the end of the day the social engineering of a trojan/virus on a linux box comes down to nothing more than writing a "hey check out this screensaver" perl script with an ascii encoded payload which prompts for the root password "to install it". Bada-boom, 'one-click' linux infection for the masses.
It's also important to remember that the 'alt' text should be used for all images for this specific case:
If you're displaying an image with the word "fish" in it, why not set the ALT text to "The word in this image is four letters long and describes a sea creature. Starting with 'f', and ending in 'sh', the second letter is 'i'."
Screen readers will read out the text, and unless the spammers get an NLP to understand your text, they'll still not get it!
How do I moderate this as (+1 Huh?)
This is interesting and sounds serious, since if you go out of a coverage area or drop out for a moment (ie: tunnel, poor cell handoff) then the same re-registration will happen.
It sounds like you're after something a little like this beastie.
:) [that's a joke people, not a troll]
Basically you wave it over the page and it prints. Don't know how big it scales to, but it is certainly 'any thickness'...
It does look a little like vapourware - but the idea is patented so nobody else should try doing it this way...
I have sat through hours of DVD extras and have come to the conclusion that sound effects are done from scratch by sound gurus for every single movie. It's almost like professionals ALSO don't have a huge library to draw upon.
Ok, so maybe they don't do it from scratch every time, but they always talk about how they record everyday sounds and modify them, from swooshes for punching to clangs and ching sounds etc. I'm sure for a few dollars you can record your own high-quality sounds. Look at the "inside the matrix" DVD for one guy who describes the sound made by the keanu power-plant sphincter door (the one that keanu is 'flushed' through') as a 'choonk'ing sound comprising a heap of different sounds, everything from a tyre iron hitting an empty tire to a wet fish hitting a bench.
Try a search for 'foley' for a host of groovy techniques to make sounds.
Well, I know of at least one enterprise which has abandoned GCC since they needed 64-bit functionality which GCC didn't support properly. I guess this is the same thing...
Whoops - should have previewed. Link is here...
Nice try Troll, he's working for MICROSOFT! :)
...
No, seriously, thanks for this. For anyone out there also interested, the
I'll give it a read.
But even grammar nazis still have to work within the 120ch sig limt... :(