I have multiple contexts I work in during the day. Each time I change tasks, but don't want to close the windows for the task I was doing before, I move to a new desktop. That, plus one desktop devoted entirely to communications (email, social media, etc), and I can switch between contexts with one or two ctrl-alt-arrow key combos, rather than painstakingly reconstructing the window layout each time I switch.
Until the OS supports saving a group of apps, complete with window position, open documents, etc (which would require a lot of app support), this is the best solution to task switching I've got.
Sigh, Commander Taco, I'm not sure how familiar you are with basic research.
I'm not familiar with basic research in the computer sciences (although I enjoy reading the papers), but I am familiar with basic research in chemistry.
Unless you've had a sudden, brilliant insight, all research is painstakingly build on someone else's work. In fact, as a grad student you're often asked to write a review article in your area of research before you begin actual research. This gets you familiar with the lay of the land (knowledge), the direction of the field, and some of the major players in your chosen area of research. Plus, you and your research adviser might get a publication out of it.
I took a look at some of the topics mentioned on Wyvern's home page. A couple of them caught my eyes:
Safely Composable Type-Specific Languages. Cyrus Omar, Darya Kurilova, Ligia Nistor, Benjamin Chung, Alex Potanin, and Jonathan Aldrich. Proc. European Conference on Object-Oriented Programming, 2014.
Language-Based Architectural Control. Jonathan Aldrich, Cyrus Omar, Alex Potanin, and Du Li. In International Workshop on Aliasing, Capabilities, and Ownership (IWACO '14), 2014.
Type-Directed, Whitespace-Delimited Parsing for Embedded DSLs. Cyrus Omar, Benjamin Chung, Darya Kurilova, Alex Potanin, and Jonathan Aldrich. In Globalization of Domain Specific Languages (GlobalDSL), 2013.
I don't know enough about the research space to know if these topics are derivative, progressive, or ground-breaking. I like the ideas that seem to be embedded in the titles, and the focus on creating safer languages / systems from an architectural point rather than brutally enforced by a compiler (see ADA).
I work in the space of HTML / CSS / Javascript / Java / SQL / Map-Reduce / Linux. It's a mess, with security, performance, reliability issues both at the boundaries and within the various containers. Something that makes life a little better in that space should be a good thing. As it is, I see front end developers not understanding back end constraints, data source developers delivering data in not-usable blobs, system admins without the necessary background to troubleshoot platform performance issues.
As a systems architect, I try to herd everything in one general direction, but to the specialists my statements can sound restrictive, demanding, and somewhat arbitrary (they're usually none of the above). If we had a common architecture / language, we might be able to converge on a better, safer application in less time, with less friction.
Don't talk to me about UML. I like it, but I don't know many who do or use it much past the design phase (if that).
In short, it looks interesting and ambitious. I'll be interested in seeing how far this gets.
Unfortunately I can't recommend cloud based products to my clients. Having a hard dependency on network connectivity to the internet is a non-starter for most people.
I agree with this. While it's nice, and I recommend cloud servers for a lot of use cases, office infrastructure is currently not one of them. My major issue is not that the ISPs are not reliable, cost effective, or secure.
My major issue is one of network connectivity. "Business class" broadband ISP offerings in the US are pretty awful, which is why I put business class in quotes. Either service or speed (and often both) are incompatible with business requirements. Talking to first (and often second) level support is pointless once you explain to them that you're trying to run an office of 4-5 developers utilizing a cloud-based configuration management, issue tracking, and continuous build environment.
Individual connections actually seem much better. If you're going to move to a cloud-based infrastructure for the above use case, it's probably better to have everyone work from home, access protected resources via VPN, and use a distributed configuration management model to minimize connectivity down time.
The push by Microsoft towards SkyDrive and Microsoft Live accounts is also a really bad decision for consumers given the state of broadband in the US. Who's to say that Microsoft won't shut down these services in the future when/if it's no longer profitable.
1, Drive as much business as they can to the subscription model
2. All products will be tightly integrated and dependent on proprietary interactions
The first gives them the constant revenue stream. The second one destroys modular computing in that if you upgrade one area running Microsoft software, you are almost forced to upgrade all areas. That cost (we used to call it the forklift upgrade in mainframe days) will drive more businesses towards the subscription model.
Once they have a critical mass on the subscription model, they can then dictate technology to customers. Obviously, they plan on doing this from top to bottom (mobile, consoles, hardware, software, cloud). There will once again be open standards and Microsoft standards.
It's all about driving the market rather than being market-driven.
Re:And it's still not as good as Ubuntu or Debian.
on
Fedora 19 Released
·
· Score: 1
I haven't looked at this yet, but it seems Redhat has their own spin on things:
Yep, good Java development tools are free (won't start the NetBeans versus Eclipse flamefest here).
Java application servers are free. Pick one, many are good, and you can buy support if you want it.
For those people stuck with.NET, SharpDevelop is free. I'm learning how to integrate.NET, IIS, and a servlet application. The boilerplate configuration is pretty easy. What I'm working on now is learning enough.NET to create a non-trivial application, and integrate that with the existing servlet application. My only real issue with SharpDevelop is that it doesn't appear to have a packaging option so I can create a zip file and import it into my IIS server. If SharpDevelop provided that, I'd be set.
Does SharpDevelop compete well with Visual Studio Professional and above? It doesn't appear to. However, it's not $500+ to obtain, either.
Re:M. Folwer said it best: Don't do scrum w/o XP
on
Why Your Users Hate Agile
·
· Score: 3, Insightful
Yep. Getting stakeholders to face reality is always the challenging part. We managed to do it (OK, mostly do it) by running some extensive JAD sessions. No one left until things were agreed to and signed off by people who could make that commitment.
It doesn't mean that things didn't change down the road, but at least people understood the change, the weight of the change, and what that change would cost. Sometimes the change was documented and pushed out, and at other times the change was important enough to drop other aspects of the project. It still meant some gear grinding, but next time we had a better idea of the problem space, made fewer requirement mistakes, and consequently fewer whiplash changes.
As for daily stand up meetings - no one really liked them, but we made them serve a slightly different purpose. First of all, ours lasted about 15 minutes. Second of all, we focused on upcoming issues, especially those that might need additional resources to run smoothly. Doing so made it possible for those resources to be obtained in a timely fashion. Business types appreciate it when they're not whipsawed.
Day to day communication was handled a lot by IM. Rules were - don't bother someone whose status is "do not disturb", and don't set "do not disturb" as the default status. A couple of people sort of abused the "do not disturb" status, but in general that worked well.
I don't know if the above really classifies as agile (we patterned our process more on a DSDM path), but the result is we generated a lot of good stuff, released regularly, and the business people knew what they were getting ahead of time. Was it smooth sailing all of time time? Nope. Was it exhausting? Yep. In the end, was the process only used for mission - critical projects or ones where corporate - wide sign-off was needed? Absolutely.
1. pam-abl (as noted above)
2. denyhosts
3. VPN (openvpn works for me)
4. Hosting ISP firewall
Also as noted above, do not permit direct remote root access. Doing anything less is just advertising yourself as a platform for malware.
The first three are quite easy to set up. There is really no excuse for not setting up a least a minimum level of security on your system. That plus careful use of mod_security, and you've done quite a bit towards thwarting the casual drive-by cracker.
Yep, Flashblock is the way to go. Back when I had a lowly P4 with only 1.5 GB of ram (still have it as my XP browser test machine / Linux server), a Flash-heavy page would slow the computer to a crawl.
I don't mind non-intrusive ads. I don't even mind (too much) the more "content after the jump" ads. I'l even grudgingly put up with the "press skip to continue" ads. What I won't put up with are ads that cover the page, ads that play music, ads that have intrusive animation that I cannot control, and other interactive ads that I must interact with before viewing content (skip ads above excluded).
When I encounter such ads, the organization behind the web site, the advertising company (if I can figure out who produced the ad), and the company who's product is being advertised all get fairly acerbic letters from me. Repeat offenses mean I will not purchase or recommend those products, and will not visit those web sites. I let the three groups responsible know this as well.
I know, one person writing email to a PR / marketing drone in a large company does virtually nothing. I'm sure it probably does nothing other than generate a chuckle for people at an advertising agency. I think an advertising agency's entire business model is centered around being annoying.
Possibly many people writing would do something — I have seen fewer "take over your screen interactive flash ads" recently.
For the TL;DR crowd . . . I visit sites for the content, not your advertisements. Make the advertisements relevant to the content, my interests, and less the center of attention than the content. Do that, keep out the malware, and you might even get some clicks from me. Fail to do that, and I just won't visit a site, nor use the products you advertise.
Yep, it takes discipline (he says as he posts on Slashdot while working from home).
Actually, I'm more productive at home than I am in the office for the most part. I'm a systems architect, but I still get both programming and system admin queries from colleagues. Pulling my head out of an architectural problem and back into the detail that programming or system admin requires creates lots of lost time (insert pulling my head out of other place jokes here). That level of interruption happens less when I work from home rather than at the office.
I say less, because I'm still connected. At least one of my VPN connections is always active (we use two, incompatible VPNs, a problem I hope to have resolved by June), cell phone is always on and available, mail is automatically checked every 5 minutes, and Skype / Google Talk are on. I'm usually being productive by 7:30 AM (today was 8:02 AM), with a 5 minute break at around 9:30, lunch at 12:30, and an afternoon break around 3 PM.
What I find is that people try to solve some of the less complex problems on their own first before emailing / calling / IM'ing me when I work from home. When I do get contacted with a problem, the person is usually much more focused in solving the problem. Sure, there's usually a bit of chat (mostly around craft beers these days), but much less so than in the office.
Do I miss the camaraderie of the office? Sometimes, yes. I go in occasionally, and we have off-site all-hands meetings as well. It's not quite as connected as the "all office, all the time" environment, but I find it works well for the type of stuff I do.
The only thing I miss is a large, printing whiteboard. Sadly, no room to put one in my home office. The best that I can do (and I'm thinking about it) is to mount a 4'x8' whiteboard sheet on the wall. That or get a Wacom tablet . . .
If you want a free data analysis system, there's always R.
It's a bit of a beast to learn (at least for the non-statistician that I am), but it worked pretty well when teaching someone how to do ecology analysis. There are GUI front ends for KDE (RKward on Linux) and R Commander on a bunch of platforms. I have used RKward and ESS (Emacs speaks statistics) to work with R.
R has an entire repository much like CPAN. It's called CRAN, for the Comprehensive R Archive Network. If you've thought of it (statistical analysis), it's probably already written, tested, documented, and there may be academic papers out that use it.
I am currently a systems architect, and work on making flexible systems. I know this is a bit far afield, but on the Windows 7 I'm working on, I have both JRE 6 and JRE 7 installed. I can convince my system to switch back and forth at will by fiddling with the Java Control Panels (for the browser) and some environment variables (PATH, JRE_HOME, JAVA_HOME) for the actual Java. This seems to satisfy the browsers, my IDEs, Tomcat, Glassfish, and some random desktop applications I have. I don't know how this would impact your system.
In fact, life on this particular machine is more complicated than that. It seems that even though I'm running a 64 bit system, at least 2 of my browsers are 32 bit. Thus, I have four JREs and two JDKs installed. Swapping around to the right one is a bit of a pain, but possible. I just have to find the right Java Control Panel, run it as Administrator, and I can switch things around.
However, at no point in all of these installs did the Java installer prompt me to uninstall a different version. True, I can no longer easily run multiple versions of JRE 6 or JRE 7 (without changing the target directory), but I normally don't do that. I used to do that with JRE 5.
Granted, doing all of this requires administrator privileges, and is much more cumbersome than it is on Linux, but it appears to be possible. Without knowing more about the particulars of your environment, it's hard to say why the Java installer is prompting you to uninstall JRE 6. Again, I've never seen that behavior, with the possible exception of installing on Linux via an RPM. I believe even in that environment you have the option of choosing with Java platform to use via the alternatives command. However, I tend to install Java by hand on Linux (for a small number of systems) and by custom script (for a large number of systems). I've found the alternatives system to be somewhat incomplete in maintaining multiple JDK/JRE combinations for development and testing.
Your mileage may vary of course. This just works for the systems I'm responsible for.
Oh, and as for hard-coding stuff. You have my condolences. I suggest finding the developer, and assigning him or her remedial system administrator / help desk duty for the rest of his / her career. I'm only being just a bit hyperbolic here . ..
Hmm, I use the off-line installer and didn't get asked about the Ask Toolbar. It could be because I install the JDK with its public JRE, and not just the JRE. I'll have to try an off-line installation of the JRE on Windows and see if it's still there.
Right now I have some software that will not build in Java 7. The developers decided to use some Sun - proprietary APIs that no longer exist in 7. There were big warnings about this when the code was built using JRE/JDK 6, as well as warning all over the Javadocs. However, these developers knew better. Now the code won't build in Java 7 until the dependency on these proprietary APIs is replaced. It will run just fine on Java 7, but you cannot do maintenance on the code using Java 7 until the code is fixed.
Seriously, I have 1.6.0_39 and 1.7.0_13 happily running together on all the platforms that I'm responsible for (Linux, Windows, UNIX of various flavors).
This patch was rather important in that there are some server side security issues being patched as well as browser plugin issues.
I'm seeing all of this hate, but you know what, I just don't get it. Software of any complexity has bugs. Microsoft used to be the champion of security exploits. Now it's Java. And lest anyone forget, there are myriads of PHP / Ruby / Python security bugs that allow systems to be exploited. I'm not even sure that there's a secure Ruby on Rails platform at this point, for example. I don't know for certain about Ruby, since the only Ruby platform I have right now is for Redmine.
I guess though everyone likes the Faux News mentality of computer security reporting. It garners page clicks, makes people feel important and is a lot easier than actually doing any work. It's like the hit piece someone at InfoWorld did on a Spring Framework bug that could possibly be exploited (albeit not very easily). The sensationalist piece completely overlooked the fact that the issue had been addressed over a year ago. The "journalist" at InfoWorld was too busy jumping on the "all things Java are evil and insecure" bandwagon to do the tiny bit of research needed to write intelligently about the problem . ..
Just like people are now doing about the current issue . ..
My favorite comment so far has been along the following lines
Sure, they may have fixed these security flaws, but there's no guarantee that this will fix future security flaws. It's better that you just go ahead and uninstall Java now.
Sure, [insert-least-favorite-software-of-the-day] may be patched now, but will it remain patched?
I thought at least professionals were a bit more intelligent than this. I guess not.
I haven't used mono on Linux in a while, so maybe it's been improved. Earlier versions on Fedora were a mess.
One of the biggest issues I had with mono was its clash with SELinux. There was just no way to get Apache HTTPD / Mono / SELinux to play nicely together. After the fifteenth or sixteenth custom SELinux rule I just punted. I lodged all the SELinux bugs with Mono, and there they sat.
Another issue I had was with hard-coded ports. It was very difficult at the time to run both the Mono server and something like Tomcat on the same platform. To me, this was the only reasonable way to test ease of development, software release, and performance. Unfortunately, I didn't have a set of identical boxes at the time.
Due to all of these infrastructure issues (including chasing down obscure libraries - I don't mind building them), I abandoned C# / Mono and happily run everything on Tomcat or Glassfish (or Jonas or JBoss, etc). Tomcat just works on every platform I run it on. I run it on Linux, I run it on XP, I run it on Windows 7 (haven't tried Windows 8 yet), I run it on MacOS. The same web application (if written properly) runs on all of those platforms without change.
I'm not much of a developer - more a systems architect - but I've developed Java - based web applications on Windows, Macintosh, and Linux. I use the same tools (I'm a NetBeans / Maven fan), and they operate in the same way across all platforms. To me, having a platform - agnostic environment is very important. I am then not constrained (nor do I have to constrain team members) to a particular environment. I work on Linux, the servers run on Linux, most people develop on Windows, and there is one person on a Macintosh. And yes, right now I'm posting from a Windows machine.
I can do the same thing with PHP, Ruby, Python, Scala, Lua, Perl, or Scheme. I cannot create a flexible, platform - agnostic environment with C#. I also have issues with the C# language, but this isn't really a language wars thread.
And you are composing mail in HTML, why?
I read all of my mail as plain text. If you've done some fancy formatting in HTML to call attention to a particular point, I won't see it.
Try organizing your text in a clearer fashion. Try using lettered or numbered points. Even dashes for underscores work as long as you are not reading / writing in a proportional font.
If you cannot tell by now, I really dislike HTML mail. Use plain text, you'll know how it looks for everyone, it's lighter in weight, and doesn't distract from the information you're trying to send. Besides, many mailing lists discourage if not expressly prohibit HTML mail.
/ I know, get off my lawn
// Seriously, HTML is for web pages, text is for email
If a service is business critical, it had best be at least the
following:
1. Documented
This means the process is documented well enough so that a reasonably
experienced person coming in off the street should be able to muddle
through it successfully. This also means that there is budget for
documentation.
2. Trained
This means that all people responsible (and their backups) are trained
on how to perform these critical functions. This means that there is
budget for training.
3. Consistent
All people responsible (and their backups) perform the same task in
the same manner. This means that there is budget for performance
verification (auditing).
CMM level 3 does not eliminate fire drills or IT crises. It does make
them less frequent, more manageable, and of shorter duration.
Downtime is lost productivity. Downtime is lost opportunity. Downtime
is lost sales. Downtime means missed deadlines. The cost of these
issues can (or should be able to) be determined.
Risk mitigation and cost avoidance are critical components of any
business plan. If your business organization does not have these
components in place, a disaster will occur.
If your business is a public company, expect institutional investors,
major stockholders, and the stock market to punish the business when
the disaster occurs. If your business is a private company, you may
not recover from a serious infrastructure failure.
IT management needs to be able to articulate the implementation costs
and infrastructure risks. Business management needs to be able to
articulate the business costs and business risks. Senior or "C" level
executives need to match costs and risks so that the appropriate CMM
level can be chosen and reached.
This is not rocket science. CMM has been around for about 20
years. CMMI (the successor to CMM) has been around for 9-10 years.
Yeah, I would like a Perl plugin as well. OK, don't laugh! I still write Perl code on occasion.
There have been rumors floating around like you mentioned, and I think that there is even an alpha plugin that does syntax highlighting. Unfortunately, there isn't much else.
I end up using Perl Padre for my Perl programming, but like you I'm not wild about running multiple IDEs.
I haven't tried this yet, since I rarely program in Python. I won't start a language war, but I really seriously do not like Python (and I've tried several times). I'll try again when I have some free time.
At any rate, the Python plugin has moved to community status (along with Ruby, and UML). The UML plugin has been struggling for quite a while, but hopefully the same fate won't happen with the Ruby and Python plugins.
From the forum, here's how to get the Python plugin into NetBeans 7.
On another note, I've used NetBeans 7 RC 2, and liked it OK. 6.9.1 seemed to be a bit faster, even with the huge amount of plugins I throw at it. I'll probably post a little more about my thoughts once I've installed it and run a few projects through it and Tomcat 7.
As far as Eclipse is concerned, I can never manage to create a stable and upgradeable Eclipse installation. Some plugin compatibility war always ends up making my environment unstable, and I just have to trash the installation and start over again. I like a lot of things about Eclipse, but keeping an Eclipse menagerie stable is not one of them.
First of all, as many people have commented the text is small and the whitespace is huge.
Second of all, even in Chrome it eats CPU and memory. Why is it necessary for an idle page to consume so many resources? I can no longer have anything else running besides Slashdot. While I don't visit as often as I used to, this will make Slashdot much more difficult to visit.
In order to fix the font size, I tried Shift-Ctrl-+. That did increase the font size, but it broke the fixed left sidebar. The left sidebar then scrolled with the rest of the page. Resetting the page back to my default font sizes with Ctrl - fixed the scrolling problem.
I'm curious. What user interface / site requirements were you trying to address with this new design? A quick look at the generated HTML makes me cringe. Hopefully the back end Perl code is much cleaner.
In short, it seems that there has been a lot of effort spent for very little end user enhancement.
Windows 2000 is now completely unsupported. There will be no hot fixes, no security updates, and no paid support. The support expired with the last monthly patch.
Also, Windows 2000 seems to be less than 0.5 percent of all Windows machines connected to the Internet, according to this Ars Technica article.
While supporting IE 6 may have some residual value for those XP users who have not gone to IE 7 or IE 8, even Microsoft is encouraging people to move to the latest Internet Explorer.
In short, it may actually be an opportune time to drop support of IE 6 (and all of its attendant rendering bugs) when developing new web sites.
Note, your stakeholders may have a different take on this. I'm just mentioning that from a technical viewpoint it's becoming harder and harder to justify spending the effort to hack in IE 6 support.
I am trying something completely insane. As I type this, I am trying a direct upgrade from Fedora 11 to Fedora 13 in KDE.
This should be . . . interesting.
Slashdot Mirror
It's more of a task-switching thing for me.
I have multiple contexts I work in during the day. Each time I change tasks, but don't want to close the windows for the task I was doing before, I move to a new desktop. That, plus one desktop devoted entirely to communications (email, social media, etc), and I can switch between contexts with one or two ctrl-alt-arrow key combos, rather than painstakingly reconstructing the window layout each time I switch.
Until the OS supports saving a group of apps, complete with window position, open documents, etc (which would require a lot of app support), this is the best solution to task switching I've got.
KDE Activities?
Sigh, Commander Taco, I'm not sure how familiar you are with basic research.
I'm not familiar with basic research in the computer sciences (although I enjoy reading the papers), but I am familiar with basic research in chemistry.
Unless you've had a sudden, brilliant insight, all research is painstakingly build on someone else's work. In fact, as a grad student you're often asked to write a review article in your area of research before you begin actual research. This gets you familiar with the lay of the land (knowledge), the direction of the field, and some of the major players in your chosen area of research. Plus, you and your research adviser might get a publication out of it.
I took a look at some of the topics mentioned on Wyvern's home page. A couple of them caught my eyes:
I don't know enough about the research space to know if these topics are derivative, progressive, or ground-breaking. I like the ideas that seem to be embedded in the titles, and the focus on creating safer languages / systems from an architectural point rather than brutally enforced by a compiler (see ADA).
I work in the space of HTML / CSS / Javascript / Java / SQL / Map-Reduce / Linux. It's a mess, with security, performance, reliability issues both at the boundaries and within the various containers. Something that makes life a little better in that space should be a good thing. As it is, I see front end developers not understanding back end constraints, data source developers delivering data in not-usable blobs, system admins without the necessary background to troubleshoot platform performance issues.
As a systems architect, I try to herd everything in one general direction, but to the specialists my statements can sound restrictive, demanding, and somewhat arbitrary (they're usually none of the above). If we had a common architecture / language, we might be able to converge on a better, safer application in less time, with less friction.
Don't talk to me about UML. I like it, but I don't know many who do or use it much past the design phase (if that).
In short, it looks interesting and ambitious. I'll be interested in seeing how far this gets.
--- end Sunday night rant
Unfortunately I can't recommend cloud based products to my clients. Having a hard dependency on network connectivity to the internet is a non-starter for most people.
I agree with this. While it's nice, and I recommend cloud servers for a lot of use cases, office infrastructure is currently not one of them. My major issue is not that the ISPs are not reliable, cost effective, or secure.
My major issue is one of network connectivity. "Business class" broadband ISP offerings in the US are pretty awful, which is why I put business class in quotes. Either service or speed (and often both) are incompatible with business requirements. Talking to first (and often second) level support is pointless once you explain to them that you're trying to run an office of 4-5 developers utilizing a cloud-based configuration management, issue tracking, and continuous build environment.
Individual connections actually seem much better. If you're going to move to a cloud-based infrastructure for the above use case, it's probably better to have everyone work from home, access protected resources via VPN, and use a distributed configuration management model to minimize connectivity down time.
The push by Microsoft towards SkyDrive and Microsoft Live accounts is also a really bad decision for consumers given the state of broadband in the US. Who's to say that Microsoft won't shut down these services in the future when/if it's no longer profitable.
What I gathered from the memo is two-fold:
1, Drive as much business as they can to the subscription model
2. All products will be tightly integrated and dependent on proprietary interactions
The first gives them the constant revenue stream. The second one destroys modular computing in that if you upgrade one area running Microsoft software, you are almost forced to upgrade all areas. That cost (we used to call it the forklift upgrade in mainframe days) will drive more businesses towards the subscription model.
Once they have a critical mass on the subscription model, they can then dictate technology to customers. Obviously, they plan on doing this from top to bottom (mobile, consoles, hardware, software, cloud). There will once again be open standards and Microsoft standards.
It's all about driving the market rather than being market-driven.
I haven't looked at this yet, but it seems Redhat has their own spin on things:
http://spacewalk.redhat.com/
It doesn't look as flexible or powerful as puppet, cfengine, etc., but it looks like a start at least.
Yep, good Java development tools are free (won't start the NetBeans versus Eclipse flamefest here).
Java application servers are free. Pick one, many are good, and you can buy support if you want it.
For those people stuck with .NET, SharpDevelop is free. I'm learning how to integrate .NET, IIS, and a servlet application. The boilerplate configuration is pretty easy. What I'm working on now is learning enough .NET to create a non-trivial application, and integrate that with the existing servlet application. My only real issue with SharpDevelop is that it doesn't appear to have a packaging option so I can create a zip file and import it into my IIS server. If SharpDevelop provided that, I'd be set.
Does SharpDevelop compete well with Visual Studio Professional and above? It doesn't appear to. However, it's not $500+ to obtain, either.
Yep. Getting stakeholders to face reality is always the challenging part. We managed to do it (OK, mostly do it) by running some extensive JAD sessions. No one left until things were agreed to and signed off by people who could make that commitment.
It doesn't mean that things didn't change down the road, but at least people understood the change, the weight of the change, and what that change would cost. Sometimes the change was documented and pushed out, and at other times the change was important enough to drop other aspects of the project. It still meant some gear grinding, but next time we had a better idea of the problem space, made fewer requirement mistakes, and consequently fewer whiplash changes.
As for daily stand up meetings - no one really liked them, but we made them serve a slightly different purpose. First of all, ours lasted about 15 minutes. Second of all, we focused on upcoming issues, especially those that might need additional resources to run smoothly. Doing so made it possible for those resources to be obtained in a timely fashion. Business types appreciate it when they're not whipsawed.
Day to day communication was handled a lot by IM. Rules were - don't bother someone whose status is "do not disturb", and don't set "do not disturb" as the default status. A couple of people sort of abused the "do not disturb" status, but in general that worked well.
I don't know if the above really classifies as agile (we patterned our process more on a DSDM path), but the result is we generated a lot of good stuff, released regularly, and the business people knew what they were getting ahead of time. Was it smooth sailing all of time time? Nope. Was it exhausting? Yep. In the end, was the process only used for mission - critical projects or ones where corporate - wide sign-off was needed? Absolutely.
There are quite a number of ways to harden access
1. pam-abl (as noted above)
2. denyhosts
3. VPN (openvpn works for me)
4. Hosting ISP firewall
Also as noted above, do not permit direct remote root access. Doing anything less is just advertising yourself as a platform for malware.
The first three are quite easy to set up. There is really no excuse for not setting up a least a minimum level of security on your system. That plus careful use of mod_security, and you've done quite a bit towards thwarting the casual drive-by cracker.
. . . . just my two cents
Yep, Flashblock is the way to go. Back when I had a lowly P4 with only 1.5 GB of ram (still have it as my XP browser test machine / Linux server), a Flash-heavy page would slow the computer to a crawl.
I don't mind non-intrusive ads. I don't even mind (too much) the more "content after the jump" ads. I'l even grudgingly put up with the "press skip to continue" ads. What I won't put up with are ads that cover the page, ads that play music, ads that have intrusive animation that I cannot control, and other interactive ads that I must interact with before viewing content (skip ads above excluded).
When I encounter such ads, the organization behind the web site, the advertising company (if I can figure out who produced the ad), and the company who's product is being advertised all get fairly acerbic letters from me. Repeat offenses mean I will not purchase or recommend those products, and will not visit those web sites. I let the three groups responsible know this as well.
I know, one person writing email to a PR / marketing drone in a large company does virtually nothing. I'm sure it probably does nothing other than generate a chuckle for people at an advertising agency. I think an advertising agency's entire business model is centered around being annoying.
Possibly many people writing would do something — I have seen fewer "take over your screen interactive flash ads" recently.
For the TL;DR crowd . . . I visit sites for the content, not your advertisements. Make the advertisements relevant to the content, my interests, and less the center of attention than the content. Do that, keep out the malware, and you might even get some clicks from me. Fail to do that, and I just won't visit a site, nor use the products you advertise.
Yep, it takes discipline (he says as he posts on Slashdot while working from home).
Actually, I'm more productive at home than I am in the office for the most part. I'm a systems architect, but I still get both programming and system admin queries from colleagues. Pulling my head out of an architectural problem and back into the detail that programming or system admin requires creates lots of lost time (insert pulling my head out of other place jokes here). That level of interruption happens less when I work from home rather than at the office.
I say less, because I'm still connected. At least one of my VPN connections is always active (we use two, incompatible VPNs, a problem I hope to have resolved by June), cell phone is always on and available, mail is automatically checked every 5 minutes, and Skype / Google Talk are on. I'm usually being productive by 7:30 AM (today was 8:02 AM), with a 5 minute break at around 9:30, lunch at 12:30, and an afternoon break around 3 PM.
What I find is that people try to solve some of the less complex problems on their own first before emailing / calling / IM'ing me when I work from home. When I do get contacted with a problem, the person is usually much more focused in solving the problem. Sure, there's usually a bit of chat (mostly around craft beers these days), but much less so than in the office.
Do I miss the camaraderie of the office? Sometimes, yes. I go in occasionally, and we have off-site all-hands meetings as well. It's not quite as connected as the "all office, all the time" environment, but I find it works well for the type of stuff I do.
The only thing I miss is a large, printing whiteboard. Sadly, no room to put one in my home office. The best that I can do (and I'm thinking about it) is to mount a 4'x8' whiteboard sheet on the wall. That or get a Wacom tablet . . .
If you want a free data analysis system, there's always R.
It's a bit of a beast to learn (at least for the non-statistician that I am), but it worked pretty well when teaching someone how to do ecology analysis. There are GUI front ends for KDE (RKward on Linux) and R Commander on a bunch of platforms. I have used RKward and ESS (Emacs speaks statistics) to work with R.
R has an entire repository much like CPAN. It's called CRAN, for the Comprehensive R Archive Network. If you've thought of it (statistical analysis), it's probably already written, tested, documented, and there may be academic papers out that use it.
I am currently a systems architect, and work on making flexible systems. I know this is a bit far afield, but on the Windows 7 I'm working on, I have both JRE 6 and JRE 7 installed. I can convince my system to switch back and forth at will by fiddling with the Java Control Panels (for the browser) and some environment variables (PATH, JRE_HOME, JAVA_HOME) for the actual Java. This seems to satisfy the browsers, my IDEs, Tomcat, Glassfish, and some random desktop applications I have. I don't know how this would impact your system.
In fact, life on this particular machine is more complicated than that. It seems that even though I'm running a 64 bit system, at least 2 of my browsers are 32 bit. Thus, I have four JREs and two JDKs installed. Swapping around to the right one is a bit of a pain, but possible. I just have to find the right Java Control Panel, run it as Administrator, and I can switch things around.
However, at no point in all of these installs did the Java installer prompt me to uninstall a different version. True, I can no longer easily run multiple versions of JRE 6 or JRE 7 (without changing the target directory), but I normally don't do that. I used to do that with JRE 5.
Granted, doing all of this requires administrator privileges, and is much more cumbersome than it is on Linux, but it appears to be possible. Without knowing more about the particulars of your environment, it's hard to say why the Java installer is prompting you to uninstall JRE 6. Again, I've never seen that behavior, with the possible exception of installing on Linux via an RPM. I believe even in that environment you have the option of choosing with Java platform to use via the alternatives command. However, I tend to install Java by hand on Linux (for a small number of systems) and by custom script (for a large number of systems). I've found the alternatives system to be somewhat incomplete in maintaining multiple JDK/JRE combinations for development and testing.
Your mileage may vary of course. This just works for the systems I'm responsible for.
Oh, and as for hard-coding stuff. You have my condolences. I suggest finding the developer, and assigning him or her remedial system administrator / help desk duty for the rest of his / her career. I'm only being just a bit hyperbolic here . . .
Hmm, I use the off-line installer and didn't get asked about the Ask Toolbar. It could be because I install the JDK with its public JRE, and not just the JRE. I'll have to try an off-line installation of the JRE on Windows and see if it's still there.
Right now I have some software that will not build in Java 7. The developers decided to use some Sun - proprietary APIs that no longer exist in 7. There were big warnings about this when the code was built using JRE/JDK 6, as well as warning all over the Javadocs. However, these developers knew better. Now the code won't build in Java 7 until the dependency on these proprietary APIs is replaced. It will run just fine on Java 7, but you cannot do maintenance on the code using Java 7 until the code is fixed.
On what screwed up platform is this?
Seriously, I have 1.6.0_39 and 1.7.0_13 happily running together on all the platforms that I'm responsible for (Linux, Windows, UNIX of various flavors).
This patch was rather important in that there are some server side security issues being patched as well as browser plugin issues.
I'm seeing all of this hate, but you know what, I just don't get it. Software of any complexity has bugs. Microsoft used to be the champion of security exploits. Now it's Java. And lest anyone forget, there are myriads of PHP / Ruby / Python security bugs that allow systems to be exploited. I'm not even sure that there's a secure Ruby on Rails platform at this point, for example. I don't know for certain about Ruby, since the only Ruby platform I have right now is for Redmine.
I guess though everyone likes the Faux News mentality of computer security reporting. It garners page clicks, makes people feel important and is a lot easier than actually doing any work. It's like the hit piece someone at InfoWorld did on a Spring Framework bug that could possibly be exploited (albeit not very easily). The sensationalist piece completely overlooked the fact that the issue had been addressed over a year ago. The "journalist" at InfoWorld was too busy jumping on the "all things Java are evil and insecure" bandwagon to do the tiny bit of research needed to write intelligently about the problem . . .
Just like people are now doing about the current issue . . .
My favorite comment so far has been along the following lines
Sure, they may have fixed these security flaws, but there's no guarantee that this will fix future security flaws. It's better that you just go ahead and uninstall Java now.
Sure, [insert-least-favorite-software-of-the-day] may be patched now, but will it remain patched?
I thought at least professionals were a bit more intelligent than this. I guess not.
I haven't used mono on Linux in a while, so maybe it's been improved. Earlier versions on Fedora were a mess.
One of the biggest issues I had with mono was its clash with SELinux. There was just no way to get Apache HTTPD / Mono / SELinux to play nicely together. After the fifteenth or sixteenth custom SELinux rule I just punted. I lodged all the SELinux bugs with Mono, and there they sat.
Another issue I had was with hard-coded ports. It was very difficult at the time to run both the Mono server and something like Tomcat on the same platform. To me, this was the only reasonable way to test ease of development, software release, and performance. Unfortunately, I didn't have a set of identical boxes at the time.
Due to all of these infrastructure issues (including chasing down obscure libraries - I don't mind building them), I abandoned C# / Mono and happily run everything on Tomcat or Glassfish (or Jonas or JBoss, etc). Tomcat just works on every platform I run it on. I run it on Linux, I run it on XP, I run it on Windows 7 (haven't tried Windows 8 yet), I run it on MacOS. The same web application (if written properly) runs on all of those platforms without change.
I'm not much of a developer - more a systems architect - but I've developed Java - based web applications on Windows, Macintosh, and Linux. I use the same tools (I'm a NetBeans / Maven fan), and they operate in the same way across all platforms. To me, having a platform - agnostic environment is very important. I am then not constrained (nor do I have to constrain team members) to a particular environment. I work on Linux, the servers run on Linux, most people develop on Windows, and there is one person on a Macintosh. And yes, right now I'm posting from a Windows machine.
I can do the same thing with PHP, Ruby, Python, Scala, Lua, Perl, or Scheme. I cannot create a flexible, platform - agnostic environment with C#. I also have issues with the C# language, but this isn't really a language wars thread.
And you are composing mail in HTML, why? I read all of my mail as plain text. If you've done some fancy formatting in HTML to call attention to a particular point, I won't see it.
// Seriously, HTML is for web pages, text is for email
Try organizing your text in a clearer fashion. Try using lettered or numbered points. Even dashes for underscores work as long as you are not reading / writing in a proportional font.
If you cannot tell by now, I really dislike HTML mail. Use plain text, you'll know how it looks for everyone, it's lighter in weight, and doesn't distract from the information you're trying to send. Besides, many mailing lists discourage if not expressly prohibit HTML mail.
/ I know, get off my lawn
Really? Is this what Slashdot has become? Posting Glenn Beck rants?
It's called CMM Level 3.
If a service is business critical, it had best be at least the following:
1. Documented
This means the process is documented well enough so that a reasonably experienced person coming in off the street should be able to muddle through it successfully. This also means that there is budget for documentation.
2. Trained
This means that all people responsible (and their backups) are trained on how to perform these critical functions. This means that there is budget for training.
3. Consistent
All people responsible (and their backups) perform the same task in the same manner. This means that there is budget for performance verification (auditing).
CMM level 3 does not eliminate fire drills or IT crises. It does make them less frequent, more manageable, and of shorter duration.
Downtime is lost productivity. Downtime is lost opportunity. Downtime is lost sales. Downtime means missed deadlines. The cost of these issues can (or should be able to) be determined.
Risk mitigation and cost avoidance are critical components of any business plan. If your business organization does not have these components in place, a disaster will occur.
If your business is a public company, expect institutional investors, major stockholders, and the stock market to punish the business when the disaster occurs. If your business is a private company, you may not recover from a serious infrastructure failure.
IT management needs to be able to articulate the implementation costs and infrastructure risks. Business management needs to be able to articulate the business costs and business risks. Senior or "C" level executives need to match costs and risks so that the appropriate CMM level can be chosen and reached.
This is not rocket science. CMM has been around for about 20 years. CMMI (the successor to CMM) has been around for 9-10 years.
Cloudy with a Chance of Meatballs
Sin City
Just thinking out loud . . . .
Yeah, I would like a Perl plugin as well. OK, don't laugh! I still write Perl code on occasion.
There have been rumors floating around like you mentioned, and I think that there is even an alpha plugin that does syntax highlighting. Unfortunately, there isn't much else.
I end up using Perl Padre for my Perl programming, but like you I'm not wild about running multiple IDEs.
I haven't tried this yet, since I rarely program in Python. I won't start a language war, but I really seriously do not like Python (and I've tried several times). I'll try again when I have some free time.
At any rate, the Python plugin has moved to community status (along with Ruby, and UML). The UML plugin has been struggling for quite a while, but hopefully the same fate won't happen with the Ruby and Python plugins.
From the forum, here's how to get the Python plugin into NetBeans 7.
Python on NetBeans 7
The last post in that topic shows what to do.
On another note, I've used NetBeans 7 RC 2, and liked it OK. 6.9.1 seemed to be a bit faster, even with the huge amount of plugins I throw at it. I'll probably post a little more about my thoughts once I've installed it and run a few projects through it and Tomcat 7.
As far as Eclipse is concerned, I can never manage to create a stable and upgradeable Eclipse installation. Some plugin compatibility war always ends up making my environment unstable, and I just have to trash the installation and start over again. I like a lot of things about Eclipse, but keeping an Eclipse menagerie stable is not one of them.
First of all, as many people have commented the text is small and the whitespace is huge.
Second of all, even in Chrome it eats CPU and memory. Why is it necessary for an idle page to consume so many resources? I can no longer have anything else running besides Slashdot. While I don't visit as often as I used to, this will make Slashdot much more difficult to visit.
In order to fix the font size, I tried Shift-Ctrl-+. That did increase the font size, but it broke the fixed left sidebar. The left sidebar then scrolled with the rest of the page. Resetting the page back to my default font sizes with Ctrl - fixed the scrolling problem.
I'm curious. What user interface / site requirements were you trying to address with this new design? A quick look at the generated HTML makes me cringe. Hopefully the back end Perl code is much cleaner.
In short, it seems that there has been a lot of effort spent for very little end user enhancement.
Preview also seems to be slower.
Windows 2000 is now completely unsupported. There will be no hot fixes, no security updates, and no paid support. The support expired with the last monthly patch.
Also, Windows 2000 seems to be less than 0.5 percent of all Windows machines connected to the Internet, according to this Ars Technica article.
While supporting IE 6 may have some residual value for those XP users who have not gone to IE 7 or IE 8, even Microsoft is encouraging people to move to the latest Internet Explorer.
In short, it may actually be an opportune time to drop support of IE 6 (and all of its attendant rendering bugs) when developing new web sites.
Note, your stakeholders may have a different take on this. I'm just mentioning that from a technical viewpoint it's becoming harder and harder to justify spending the effort to hack in IE 6 support.
I am trying something completely insane. As I type this, I am trying a direct upgrade from Fedora 11 to Fedora 13 in KDE. This should be . . . interesting.