Tired of spending 15 minutes a day cleaning out spam, I'm trying a "security code"/captcha solution. We'll see how it goes. I know visually disabled users can't post directly, but it's either this or turn comments off and then no one can post. Of course, the spammers will likely get around this shortly too (OCR on this is too easy).
Anyone who wants to post a comment and can't for some reason can email me and I'll post it for you. If this doesn't work, I'll be looking for some comment moderating plugin.
Stupid, slimy, bastard spammers.
Here are the pictures. Details to come, I'm going to bed.
Update: Fixed my broken HTML, and here are some more, cuter pictures from the morning after (much better light).
We started inducing labor naturally last night; got it going pretty well, but things died down as we both got tired and tired of walking around. It should be hours, not days at this point though until little Carson escapes into the world. Wish us luck!
Update: I accidentally despamed a nice comment from Gary Potter, someone's blog that I read. Sorry about that...my eyes were glazing over from tons of spam and lack of sleep after the baby was born. It's all restored now (I still had it in the mt-blacklist email).
Anyway, the next entry has all the details. Carson's our second kid, and we love being parents.
Joel's having trouble with IIS. This is -exactly- why good admins hate windows. Most of the debugging he's done has only been so focused because he's an experienced win32 developer. Most admins wouldn't even have gotten this far.
Windows just has a lot of hidden complexity (black magic). Which is fine when it works, but when it breaks, look out. Where is "truss"? Where are the detailed logs? Where is the detailed documentation? It's just too complicate to troubleshoot effectively. I always think admins of any system get better when they know the programming model and detailed information about their platform's implementation, but they shouldn't -have- to know that in order to troubleshoot the simplest of problems.
This is why windows gets a bad name in reliablity; a ton of admins know nothing about how it works behind the wizards and property sheets, so they can't troubleshoot it effectively.
I guess I'm saying that what you gain in productivity from easy out of the box setup, you almost always lose later in frustrating troubleshooting sessions. In unix, this problem would be solved conclusively with a single truss/strace command (or Dtrace if you're lucky enough to be running Solaris 10).
Sadly, I luckily haven't had to deal with IIS > 5 much (or at all), so I can't help Joel out here.
The Scobleizer posted regarding choice of mobile phones on Russell Beattie's blog about looking for a new phone. I'm with Tim and Jeremy. I've been chasing the "perfect" mobile phone/web/pda combination since I first tried to actually use the calendar and paid seventy stupid bucks for the "Sprint Wireless Internet Connection Kit" for my Motorola Timeport (which was really just a startac but with a slightly different shape so all the accessories were incompatible).
The main reason that nothing about the wireless web can get me excited is because it's completely carrier controlled. The phone network itself existed for 50 years before any real customer innovation came along, thanks to it's closed nature. The phone company definitely owned it, and hacking was not tolerated. They've done the same thing with the wireless internet. They cripple the phones, removing features that people might actually use. They cripplie their internet gateways to retain control. They require you to have a business plan and negotiate with them to get the details of how to use various parts of the network. Hobbyists and hackers are almost completely locked out.
When I picked up my Sanyo 6400, one of the first things I thought would be cool would be to hack together (for fun) a little webpage that used the 911-location service to stick my currently location on a map on my web page. Nope, not possible. Not only were those features not enabled yet, but in order to do it you had to approach sprint with a business plan to get the details and approval. I'm not even 100% sure that I can download java applications to the phone even though it supports it. Certainly the VM and features are crippled enough that it's never made it worth it for me.
Okay, well lets add some multimedia to the phone, certainly I can just download it over the internet. Nope, that feature is disabled (either on the phone or the internet gateway). You have to buy some software to download ringers or images to your phone, or pay $x.99 a month to get their stupid "ringer" service. My ATT blackberry ships with a crippled internet browser that you can only enable using a strange, unsupported hack.
The hardware is dismal as well. One phone has a decent interface, but doesn't have good internet support. Another phone has great SMS, but has a horrible screen, or some horrible user interface deficiency. They all just manage to suck in some profound way.
The internet exploded because anyone could use iit for whatever they wanted, without restrictions, and they could plug anything they wanted into it. If the network was really open there would be almost limitless possibilities. None of these cooler applications have appeared because it's just too much of a hassle to develop them.
I would -love- a useful mobile revolution. But until there is more open hardware and software available, it just ain't gonna happen. Why don't the carriers just charge for the airtime and get the heck out of the way? The airtight control they keep over what devices are allowed on their network chokes the life out of any sort of real innovation that might happen.
Eventually, things will probably get somewhat useful. But as long as the phone companies ironclad control over the ends of their network, the pace is going to be inredibly slow and frustrating.
In the blog Software is too expensive to build cheaply..." (good blog name BTW), the author mentions his favorite weblogic bug, in a posting about Weblogic 8.1 sp3 being out. I thought that would be a fun thread, what's your favorite weblogic bug? I've been using weblogic since 4.5.1, and it's soooo hard to pick a favorite. Is it the one where putting a non-serialized object in the session in a cluster completely brings all session replication to a halt for all sessions? Perhaps our current 6.1 sp5 problem that causes weblogic to throw null pointer exceptions to anyone trying to log in while realm.refresh() is being called after a new user is added. Or the one that causes the application to revert to the initially deployed exploded .WAR, ignoring any updates that have happened since unless you delete all of the staged content between restarts, whch means your JSP's need to get recompiled again...want to precompile your JSP's? Sorry, there's a bug that causes a time roundoff in the precompiler so weblogic always thinks they are out of date and need precompiling... Deadlocks on connection pool obtaining were also fun.
Hopefully weblogic 8 will fare better for us. Weblogic 4.5.1 started to get really stable right around service pack 12-13...6.1 got pretty good after service pack 4...At least I've always liked BEA for putting full release notes, with the issue number for everything fixed, right on their website.
So explain to me the logic in spending 15-20 years running around, tearing out useful, simple, centralized, shared mainframe applications on dumb terminals and replacing them with PC's on the desktop, only to try and lock them down so far that the user has no control over the system itself?
So weblogic 8.1 provides you with a fancy "split directory structure" which allows you to avoid copying your static content and jsps around to develop. Fairly cool really, but it's managed through two ant tasks, wlcompile and then for deployment wlpackage.
Part of the split directory structure and these tasks is that they assume every subdirectory of where you point the source root is part of the application. So if you want the natural arrangement with most of your source and files right off the root of your checkout, it assumes your database directory, your "build" and "dist" location directories, and anything else you store in there is a J2EE module. Annoying, but in wlcompile you can specify includes and excludes to get around ths. One would think it would be only natural to have the same capability for wlpackage when it's time to deploy your app.
But alas, it's totally brain dead. It sucks up everything from your source root and includes it. So you get your test source code, your database scripts, development tools, even your build.xml all in your EAR that's supposedly going to production. And there's no (documented way at least) to exclude anything from it.
So you spend a pile of money on an expensive app server and you -still- get to muck around with ant's jar/ear tasks to pull the files you need. Thrilling. Even if you follow their example to the letter, you get -everything- included in your production .EAR. They have hardcoded exlcudes for build.xml and .beabuild.txt apparently, but that's it. So unless you decide to be slave to thier organization and put the bulk of your code in a clean subdir off your source root, wlpackage is uselss. Would it really have been that hard to add "includes" and "excludes"?
This is pretty damn funny: the CNN.com transcripts of Jon Stweart on Crosstalk. While this may be nothing more than a 2 bit publicity stunt, or someone out of their depth, or not quite as funny as I find it (all of which are doubtful), it doesn't make what Stewart says any less true.
A comment on this article on Michael Howard's web log,
IIS6 vs Apache2 Security Defects, got me thinking a bit about the differences between the windows way and the "unix way" (for lack of better terms).
I'm only sort of a zealot one way or the other-use what works for you. But here's an example of where the "unix-mindset/philosophy" differs from windows. If I want to backup an apache install, I can just copy the apache directory. I get all the binaries, all the configuration, and all the certificates. The only thing you'd be missing is the one OS user and group the server runs as, but those are easy to determine from the configuration and create manually. But IIS? What -exactly- is IIS? What makes up the server? Lots of files in system32 mixed in with operating sytem files, maybe some other locations, and they are all mixed in with windows system files. Where is the configuration? Partially in the system registry, a file I can't even make a copy of, and partially in the metabase.
Another example, how would you version control the IIS configuration, so you can rollback changes that cause problems or determine why someone else made a change? In apache, just use whatever version control system you're familiar with to manage the configuration (rcs or cvs come to mind as easy to work with). I'm sure it can be done with IIS, but it probably requires jumping through some hoops and working out some issues. Many admins (rightly so IMHO) consider version controlling configurations to be critical to good system administration.
These are just a tiny example, but in general, Windows seems to prefer complex implementations that are more hidden from the user via some sort of abstraction, and things like Apache are more transparent. Skilled admins tend to like tools that adapt to their workflows, rather than forcing the workflow of tool on the admin. Until that changes, Windows is going to be a hard sell to a lot of people.
It's also been a while since I've worked heavily with IIS 5, so some of this may be outdated, which really I'd love to hear, since I'll pretty much use whatever works best.
Tirsen at codehaus says jutopia - Data Transfer Objects makes me sick!. I mostly agree. Objects should have behavior; if you can't define something's behavior in once place, what's the point in OO at all? However, the ony thought I have is about passing the information in a domain object into another "layer" of the app, especially for presentation. Is sticking the whole, full-featured business object into the request a good idea? (on a web app). It doesn't seem like it. I have a few ideas, but I wonder what everyone else does.
When are they going to realize that we don't want magic , inflexible, blackbox tools. We want things that it's easy to get diagnostic information out of, and configure to our likings rather than have to bend everything we do to fit the will of the vendor.
Scoble asks, what's your product's philosophy?. Currently I'm working on a monsterous behemoth of a web application built by various team members of a big-5 consulting company over several years. When we inherited it, it took 1 hour and 30 minutes to start weblogic, pushes were totally manual and unreliable and took anywhere from 2 hours to 8 hours. Oh, and it crashed at least once a day. It took about 60 days to fix most of that, but we've been living with the almost intractable cruft for quite a while (we're currently in the middle of finally restructuring -everything- in one big swoop).
Our philosophy? "This thing is a soul sucking beast, maybe I should become a fisherman."
Not very inspiring I guess.
Okay, they're not really the devil, bad architecture is the devil. With the business layer passing stuff to the presentation layer, which then processes it and passes it back to the business layer for more modifications. Our EJB's depend on our servlet classes, which depend on other EJB's, which depend on some shared classes which depend on other EJB's.
The people ("Consultants") who set this up are long gone. We've made due by following their "strategy" of putting everything in the system classpath, and we're trying to fix that, but it's just about an intractable problem.
Hint; if your EJB's import javax.servlet or servlets of your own, then you probably aren't going to win the "architecture of the year" award.
These are autogenerated by eclipse, and I'm always reluctant to check such files in, but it seems like it would be a great aid to setting up all the developer's IDE's the same way. Maybe there's an ant task out there that generates a .classpath or .project file from classpath entries in the ant build file? That would be somewhat cool.
Anyone have a good method of easily supporting both ant and IDE users at the same time, with minimal redundancy in the configuration/build files?
This is Rob Meyer's weblog, a weblog focused on software development and system administration based on 10 years of experience. Want to explore further? You can find out more me or see the rest of my website.
Wondering if I've written on something in particular? Try searching:
You might want to take a look at some of the more requested postings (as judged by incoming traffic):
Want more? Subscribe to this site 
or contact me at rob at big dis dot com.
See my writings on: