SuperHappyDevHouse

After the successful Software Freedom Day hackfest organised by Brenda of SHDHNZ, we're going to be having a mini happy dev house on November 2 at Southern Cross. As always, it'll be a hackfest with a friendly atmosphere, food and beer nearby, and other patrons wondering whether people gathering in public with laptops is illegal.

If you're thinking of coming, head over to the November projects page on shdh.org.nz, and add your name and what you might work on.

Hope to see you there!

June SHDH yesterday. Brenda has a writeup. I must admit, I also noticed the stares, and the people hurriedly looking away when you looked at them. Ah it feels great being misunderstood and feared ;)

In terms of actual work done, I added apache2 proxying support to autovserver - and did that mostly in the last 10 minutes of being there. I keep spending lots of time talking to everyone else there rather than coding, especially Andy, who is as die-hard open-source as they come. We were talking about cil, his little distributed command line bug tracker, and got on to talking about some kind of "Insta-Project"(tm) thing, that would populate a directory with a README, COPYING, basic debian packaging, a gitrepo (if it doesn't have one, which it should!) and a cil tracker so you can turn those little scripts you want to publish into a project with minimal effort. I'd like to see this implemented some day, though I can't see me having the time for a while because work is so hectic :(.

That's one thing I do like about SHDH. It's a chance, once a month, to go somewhere and code on something I want to work on. Not that I don't like working on Mahara - on the contrary, I love it - but it seems I have a million ideas for things I could do and not enough free time to do them. If I quit my job I don't think I'd ever get bored - at least, not until the moneys ran out ;).

Another MHDH in June. Themed "Hello World in strange languages". Should be a blast, and hopefully I'll get a chance to work some more on autovserver.

Meanwhile, my list of stuff to do at work has got amazingly long again. My current project, which is doing some performance benchmarking, is really interesting. A chance to play with some grunty hardware and see what the limits are. It's not often you get a chance to do such work - most of the time you're just causing the performance problems^W^W^W^W coding *ahem*.

Some Mahara work looms on the horizon as well. Yay!

Well the fact that you're reading this means that I've been successful in my SHDH mission - to fix the script that lets me blog! That's why the currymail was so late this week.

I can also upload images via a script too. So adding content to the site is dead easy now, which is the way it should be :)

The SHDH (actually a minihappydevhouse) had quite a few participants, I reckon we had 20 or more, which was a great effort. Good to see so many people hacking, eating or just talking about stuff. Things that happened, in no particular order:

1. Martin Langhoff was late (of course! He's from South America :)
2. Andy showed me cil. Command line bug tracking, git style. He's debian packaging it, so hopefully I can start using it for a few things soon. I think the idea has great promise...
3. I preached to a small crowd about performance of websites, only to be caught out when my site wasn't practising what I was preaching ^_^.
4. Francois and Andy found out about the sneaky requirement for tabs in Getopt::Declare
5. Lots of people found out about the OLPC. I presume some hacking may have been done on it. Ben spent his time playing Sim City on it instead.

There was a lot more, I'm sure.

[UPDATE: There is a workaround]

This morning, following the release of Chrome 6, I decided to upgrade to the latest version.

But as soon as I tried going to Gmail I got the following error:

SSL connection error. Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have.

Error 128 (net::ERR_SSL_UNSAFE_NEGOTIATION): The SSL renegotiation extension was missing from the secure handshake. For some sites, which are known to support the renegotiation extension, Chrome requires a more secure handshake to prevent a class of known attacks. The omission of this extension suggests that your connection was intercepted and manipulated in transit.

This happens because “starting with 6.0.453.1 Chrome began requiring the TLS renegotiation extension from a small number of sites (Gmail included). This extension is required to prevent TLS renegotiation attacks”. This means that if you use Gmail (or any other Google application, like Docs, Reader and so on) over HTTPS and you are behind a proxy that alters in some way the data passed (like MITM proxies), you will not be able to access Gmail any more.

This problem has been reported on Google Chrome forums and also in the issue tracker of Chromium, but has been marked as invalid because they are now trying to increase the security, implementing the renegotiation extension.

While this is a good thing, most companies are not always up to date with the latest technologies, and since this extension is standard since “just” 6 months, Google cannot expect everyone to have it implemented already.

What you should do if you have already installed and you get the SSL Connection Error?

[UPDATE] After having commented on the Chromium bug, Adam Langley answered that if you manually specify a proxy, the check is disabled automatically. And if you have a transparent proxy (so no proxy configured in the options) you can disable the check using the command-line option: --allow-ssl-mitm-proxies.

Thank you Adam for also commenting here with the complete explanation of the problem.

The only thing you can do is revert Google Chrome back to version 5. Unfortunately this requires you to uninstall Chrome, and reinstall the old version using the offline installer that you can download from Google site at the following address: http://dl.google.com/chrome/install/375.55/chrome_installer.exe

Unfortunately uninstalling Chrome means you loose all your stored passwords and some other things because a Chrome 6 profile cannot be read from Chrome 5. So if you are unsure, do a backup of your profile folder before trying to update to Chrome 6.

I hope Chrome either allow users to “ignore” some errors, like they do when the certificate is not valid, and that in meantime all MITM proxies get updated to support the renegotiation extension (and all IT guys install the updated version).

Tags: Chrome,MITM,proxy

Love it. :-)

See also: Getting to the third user

Filed under: Usability

A lot of reactions started on Twitter this morning following the publication of the article titled “The Future of Silverlight” on the Silverlight Team Blog. One that caught my attention was written by Hadi Hariri:

After a few messages I realized that he was talking about Silverlight.

The problems Silverlight addresses

The official announcement says between the lines:

… Silverlight enables applications that deliver the kinds of rich experiences users want. We group these into three broad categories: premium media experiences, consumer apps and games, and business/enterprise apps.

Even in their own statement, they acknowledge that Silverlight is not for building web apps, but is to address very specific features that you don’t have in HTML/CSS/JS.

Most of the features of Silverlight are already included in HTML

But if you take a closer look to the features they list, and you compare them with what HTML (where with HTML I mean the sum of HTML, JavaScript and CSS) can do, you realize that, with the exception the adaptive streaming and other advanced video features, everything can be implemented in HTML: there is HW-accelerated canvas in HTML5 to fulfill the need of “power” of web games, there are already dozens of JavaScript UI control libraries, like jQuery UI to helps you build rich and “desktop-looking” web applications with very little effort, there is local storage and even a local database to store information locally in the browser, there are web workers to keep the application responsive during heavy computations, and much more will come with HTML5.

Some might argue that, even then, Silverlight has a more mature IDE and most developers don’t have a clue about programming in JavaScript and writing HTML+CSS. This only partially true: you reuse your C# skills and your knowledge of the CLR, but you need to learn all the pattern and best practices specific to this new paradigm, like MVVM, you have to deal with the “all is async” problem, and you probably don’t want to just drag and drop SL controls onto the developer surface, so even the IDE helps just a little here. And looking at it the other side of the coin, I’m pretty sure JavaScript oriented IDE and even more commercial control vendors will start making “d&d-able” controls to make JavaScript development as easy as desktop development.

Silverlight is more than the browser

The article finishes with that emphasis: “Silverlight is much more than a browser technology”. Sure it allows you to build “out of the browser” apps, even desktop apps, and now Windows Phone 7 apps. I think this is a great advantage for developers that build desktop apps, but I just don’t see Silverlight as a web application technology.

What is Silverlight really for?

If you asked me where I would use Silverlight I’d answer:

• To build desktop applications
• To build Windows Phone 7 native applications
• And to build islands of interactivity of web applications, where the current “simpler and more standard” technologies are not enough, like in media applications.

And I think this is also how Microsoft should market it: a technology that allows you to create rich “web-looking” applications on the desktop, complex video components for the web , and to reuse the same skills to build native mobile applications for Windows Phone 7. But they should stop comparing Silverlight to HTML5.

What are your opinions on this topic? Please share them on the comments.

Tags: Silverlight,HTML5,Microsoft,commentary,JavaScript

For the last seven years we have been hosting Geekzone with Auckland-based ISP and hosting provider ICONZ, but since our two year contract was coming to an end it would be only good business practice to investigate alternatives in terms of cost, bandwidth, location.

And with that in mind, a few weeks ago we started talking to some colocation providers. We had very few requirements - we are not the largest online publisher in New Zealand, but Geekzone does sit regularly on the top 50 New Zealand-based websites in unique visitors, according to Nielsen.

According to our analytics data, 75% of our New Zealand visitors come from Auckland, with the majority of these using Telecom New Zealand, followed by (in order) Callplus/Slingshot, Orcon, WorldxChange, Vodafone and TelstraClear.

Since site speed is something that I consider one of the most important things for a good user experience, it made sense to us to consider Auckland-based service providers, with good Internet access and peering.

Also, when deciding location we had to consider that while New Zealand readers make up 70% of our page views, in absolute number of users it's only 40% - so we still needed to be located somewhere with good international connectivity, close to the submarine cables leaving the country.

Of course we also considered physical security access, power source, etc.

We managed to get into a great conversation with Datacom, through an introduction from Ben Gracewood. After considering services, infrastructure and prices I think we managed to agree on a deal that will allow us to continue running Geekzone with more "space" to grow, thanks to the savings we will be making.

After we have the server up and runnng, me and Nate (one of our moderators who helped me move the gear) were given a tour of the Datacom Orbit Data Centre. What an impressive building.

You will see this new box at the bottom of all our pages in the main site:

These logos represent the companies or services that help Geekzone run as fast as possible, serving more than 600,000 unique visits every month. Huge thanks to Datacom, RedJungle, Aptimize, HP ProLiant DL servers and Microsoft SQL Server. Also thanks to ICONZ, whose skilled technical people helped us grow to where we are today.

Just a heads up that PriceSpy has officially announced their Android app supporting New Zealand. Here's a screenshot:



With this app you can:

• Check the best prices for a product.
• Check PriceSpy user reviews for a product.
• See stores selling a certain product laid out on Google maps.
• Get directions to stores selling a product.

It should complement the PriceSpy website nicely...

a cat named linux, originally uploaded by Br3nda.

In memory of our old family cat, my sister's old kitty: Linux.
1996 - 31st August 2010.

-->

Last week Wired published a long article stating that the Web (as in the thing you get through the browser) is dead, while the Internet is evolving.

I think they are totally wrong for a few reasons:

1. They prove their statement reading in the stats what they wanted to read: they compare the proportion of traffic instead of the total amount and this leads to the wrong conclusions
2. They say the web is being taken over by peer-to-peer and video, based, again, on the bandwidth used
3. Most our time is spent on web sites

Proportion of traffic instead of total traffic

Let’s start from the first reason I think they are wrong: they want to prove their statement with a chart that compares the proportion of the traffic instead of the total traffic.

As the title of the chart says, this is the proportion of the traffic (measured in bandwidth) of all internet traffic. What this means is just that now 23% of the traffic is used by the Web, while in 2000, it was around 50%. According to Cisco, the source used by Wired for its “proportion” chart, the total traffic in the same period grew from nearly half a exabyte (500.000 terabytes) to 7 exabytes. And 50% of 0,5 is lower than 23% of 7.

BoingBoing had an excellent post commenting the chart (Is the web really dead?) and they came up with the following chart.

And as you can seem, the traffic of the “Web” is still growing. Just it’s being joined by other way of using the pipes, video and file-sharing.

Video and peer-to-peer are taking over the web

This page, including images and layout has a size of probably 200-300Kb, and the mere post is probably less than 100Kb. How much do you think the size of this post would have been if I had delivered it via a video? I think it would have been around 5-10Mb: at least 50 times more. If the chart was on the amount of information provided instead of the bandwidth used to deliver it, the statement of Wired would have been even less true.

We spend most of our time on the web

The “Web is dead” is probably true if we evaluate how we use the mobile: most of the web sites don’t work on the tiny display of smartphones. So we are forced to use Apps: there is Facebook for iPhone, Twitter for iPhone, there are dozens of newsfeed readers. But on our desktop computer, we are using the browser: all the social network are standard web sites, we buy books and electronics using web sites, we collaborate on opensource projects using web sites, we book flight using web sites, we read most of the blog post on a web site (either the original one or via google reader).

Sure thing, the web is evolving: it’s not just Geocities pages about kittens. It’s more structured information, it’s more e-commerce, it’s more about interaction between people, it’s more about web applications. Well, isn’t this what we used to call Web2.0?

I don’t think Web3.0 will be the dead of the web. Still not sure what it will be, but definitely not its dead.

Looking ahead

This post has grown longer than I originally thought. So thank you for reaching the end, and I’d be pleased if you could comment writing your ideas on the matter.

And last thought of the post: this article clearly shows that Wired is not unlike the other “internet” magazines. Just sensationalism and half-told truths.

Tags: wired,commentary,web,internet,trends,web2.0,web3.0

instead of fencing the baby in, it's much easier to put the heater and the cat in the playpen (and the cat loves it)

buying way too many perishable foods, because they look pretty at the market, and then not using them up cos i was too tired to cook.

-->

there's a geek fallacy that your friends are friends with you therefore they'd naturally be friends with each other -- yeah, it's a fallacy.

"Friend" is a changing word - facebook has destroyed it's true meaning. I define friend is someone you'd expect would let you sleep on their couch (and vice versa).

In absence of any photograph of me with a giant group of friends, here are photos of friends. If i've missed you out, it's mostly likely becasue there's no photo!

-->

Incredible how Microsoft is still struggling to get product names right. After buying FolderShare and turning it into Windows Live Mesh the company changed its name to Windows Live Sync, just to rename it again today to Windows Live Mesh.

Ok, you get an increase from 2GB to 5GB storage for synced files, but come on... Enough of "Windows Live..." products. Foldershare worked fine as a name, thanks.

Drop Windows Live and go back to the roots. Hotmail, Foldershare will work just as well, without the "Windows Live..." bits.

While at it why not "BlogWriter" instead of "Windows Live Writer", and just "MovieMaker" instead of "Windows Live MovieMaker". And perhaps get out of "Windows Phone 7" and use something like "myPhone". Microsoft already have the MyPhone service anyway.

(Note I didn't check for any trademarks, so these might be taken anyway).

i like coffee -- alot. I like fairtrade (or similar) and i like rich choclatey beans. No sugar.

New Zealand has a .geek 2nd level domain names. I think is this awesome.

hence i have coffee.geek.nz

-->

Yes, it's a meme.

15 things.. FIFTEEN.... this will be difficult.

1. I'm from Whakamaru, which is a small village in the South Waikato - the locals who cannot pronounce maori call it "wockamarro". (near Mangakino and Tokoroa)
2. I contribute to many open source projects, as and when i have time - usually when i find a bug i'll fix it.
3. I went back to work 5 weeks after having a baby. My husband has taken a year off to look after her.
4. I don't drive.
5. I play flute, cello, piano, and a bunch of wind instruments (in that order)
6. I read many social justice and human rights blogs regularly.
7. I like Fairs and Markets.
8. I take LOTS of photos - see my flickr http://flickr.com/photos/taniwha
9. I spend my Saturday at One Laptop per Child test fest.
10. I also write most of the tweets on the @OLPC twitter account.
11. I was once a finalist for a NZ Open Source Award.
12. I am missing a big chunk out of one of my fingers.
13. I garden - mostly veges. Plants should serve a purpose.
14. I have been married for 12 years.
15. I like malty beers and scotch.

Recent pictures - these are what Apture finds of me:

-->

Back from the holiday an nice surprise was awaiting for me: I’ve to “finalize” (as in make it work) an application that someone that left the company developed more than one year ago. Among the other problems one real surprised me: the project is built with .NET 3.5 and uses Entity Framework v1 and in some the queries failed with the following strange error:

Only parameterless constructors and initializers are supported in LINQ to Entities.

Just to be clear, it was a runtime error, not a build failure.

The queries that were failing were all, more or less, like the following one:

var photo = (from p in context.PhotoSet where p.num == new Guid(id) && p.LangId == langId select p).FirstOrDefault();

The code seemed perfect to me: I’m looking for a Photo whose id (a Guid) is like the one provided.

Looking around the web I found a blog post by Muhammad Mosa, “LINQ to Entities, what is not supported?”, which explains that you cannot instantiate new objects through a constructor with parameters (just as the exception says pretty clearly).  Also Julie “Ms. EF” Lerman treated this problem in a blog post titled “A few things you can't do with EF queries which you won't find out until runtime”. But all the samples were about custom objects or complex objects like collections being instantiated with values coming from the query, but in my case I was creating a simple .NET core object with a string coming from outside of the query. So I was still not understanding why my query was failing. But it turned out that also creating the Guid inside the LINQ query is not allowed. So the solution for my problem is:

Guid guid = new Guid(id); var photo = (from p in context.PhotoSet where p.num == guid && p.LangId == langId select p).FirstOrDefault();

What I did is just instantiating the Guid outside of the LINQ query and use the variable inside LINQ.

I had this problem with EF1, but given the explanation provided by the team, I guess you will encounter this issue (which is not a bug but is “by design”) in EF4 as well. Which might make sense if you use parameters coming from inside the query, but not if you are creating an object with variables that have nothing to do with LINQ query itself. Can anyone comment on this?

This experience gave me another good reason to continue using NHibernate :)

Tags: Entity Framework,bug