jm + software   81

An empirical study on the correctness of formally verified distributed systems
We must recognise that even formal verification can leave gaps and hidden assumptions that need to be teased out and tested, using the full battery of testing techniques at our disposal. Building distributed systems is hard. But knowing that shouldn’t make us shy away from trying to do the right thing, instead it should make us redouble our efforts in our quest for correctness.
formal-verification  software  coding  testing  tla+  chapar  fuzzing  verdi  bugs  papers 
11 weeks ago by jm
Moom removed from sale due to patent violation claim | Hacker News
Well this sucks. Some scumbag applied for a patent on tiling window management in 2008, and it's been granted. I use Moom every day :(
moom  patents  bullshit  swpat  software  window-management  osx 
may 2017 by jm
The World Is Getting Hacked. Why Don’t We Do More to Stop It? - The New York Times
Zeynep Tufekci is (as usual!) on the money with this op-ed. I strongly agree with the following:
First, companies like Microsoft should discard the idea that they can abandon people using older software. The money they made from these customers hasn’t expired; neither has their responsibility to fix defects. Besides, Microsoft is sitting on a cash hoard estimated at more than $100 billion (the result of how little tax modern corporations pay and how profitable it is to sell a dominant operating system under monopolistic dynamics with no liability for defects).

At a minimum, Microsoft clearly should have provided the critical update in March to all its users, not just those paying extra. Indeed, “pay extra money to us or we will withhold critical security updates” can be seen as its own form of ransomware. In its defense, Microsoft probably could point out that its operating systems have come a long way in security since Windows XP, and it has spent a lot of money updating old software, even above industry norms. However, industry norms are lousy to horrible, and it is reasonable to expect a company with a dominant market position, that made so much money selling software that runs critical infrastructure, to do more.

Microsoft should spend more of that $100 billion to help institutions and users upgrade to newer software, especially those who run essential services on it. This has to be through a system that incentivizes institutions and people to upgrade to more secure systems and does not force choosing between privacy and security. Security updates should only update security, and everything else should be optional and unbundled.

More on this twitter thread: https://twitter.com/zeynep/status/863734133188681732
security  microsoft  upgrades  windows  windows-xp  zeynep-tufekci  worms  viruses  malware  updates  software 
may 2017 by jm
The power of role models
At dinner I asked some of the women to speak to me about this, how astronomy became so (relatively) egalitarian. And one topic became clear: role models. Astronomy has a long history of women active in the field, going all the way back to Caroline Herschel in the early 19th century. Women have made huge contributions to the field. Dava Sobel just wrote a book about the women who laid the foundations for the discovery of the expansion of the universe. Just a couple of weeks ago, papers ran obituaries of Vera Rubin, the remarkable observational astronomer who discovered the evidence for dark matter. I could mention Jocelyn Bell, whose discovery of pulsars got her advisor a Nobel (sic). The most famous astronomer I met growing up was Helen Hogg, the (adopted) Canadian astronomer at David Dunlap Observatory outside Toronto, who also did a fair bit of what we now call outreach.

The women at the meeting spoke of this, a history of women contributing, of role models to look up to, of proof that women can make major contributions to the field.

What can computing learn from this? It seems we're doing it wrong. The best way to improve the representation of women in the field is not to recruit them, important though that is, but to promote them. To create role models. To push them into positions of influence.
software  women  feminism  role-models  gender-balance  egalitarianism  astronomy  computing  rob-pike 
february 2017 by jm
'Software Engineering at Google'
20 pages of Google's software dev practices, with emphasis on the build system (since it was written by the guy behind Blaze). Naturally, some don't make a whole lot of sense outside of Google, but still some good stuff here
development  engineering  google  papers  software  coding  best-practices 
february 2017 by jm
Remarks at the SASE Panel On The Moral Economy of Tech
Excellent talk. I love this analogy for ML applied to real-world data which affects people:
Treating the world as software promotes fantasies of control. And the best kind of control is control without responsibility. Our unique position as authors of software used by millions gives us power, but we don't accept that this should make us accountable. We're programmers—who else is going to write the software that runs the world? To put it plainly, we are surprised that people seem to get mad at us for trying to help. Fortunately we are smart people and have found a way out of this predicament. Instead of relying on algorithms, which we can be accused of manipulating for our benefit, we have turned to machine learning, an ingenious way of disclaiming responsibility for anything. Machine learning is like money laundering for bias. It's a clean, mathematical apparatus that gives the status quo the aura of logical inevitability. The numbers don't lie.


Particularly apposite today given Y Combinator's revelation that they use an AI bot to help 'sift admission applications', and don't know what criteria it's using: https://twitter.com/aprjoy/status/783032128653107200
culture  ethics  privacy  technology  surveillance  ml  machine-learning  bias  algorithms  software  control 
october 2016 by jm
“Racist algorithms” and learned helplessness
Whenever I’ve had to talk about bias in algorithms, I’ve tried be  careful to emphasize that it’s not that we shouldn’t use algorithms in search, recommendation and decision making. It’s that we often just don’t know how they’re making their decisions to present answers, make recommendations or arrive at conclusions, and it’s this lack of transparency that’s worrisome. Remember, algorithms aren’t just code.

What’s also worrisome is the amplifier effect. Even if “all an algorithm is doing” is reflecting and transmitting biases inherent in society, it’s also amplifying and perpetuating them on a much larger scale than your friendly neighborhood racist. And that’s the bigger issue. [...] even if the algorithm isn’t creating bias, it’s creating a feedback loop that has powerful perception effects.
feedback  bias  racism  algorithms  software  systems  society 
april 2016 by jm
CharybdeFS: a new fault-injecting filesystem for software testing
a FUSE-based filesystem from ScyllaDB to test filesystem-related failure scenarios. great idea
fuse  software  testing  scylladb  filesystems  disk  charybdefs  fault-injection  tests 
february 2016 by jm
How open-source software developers helped end the Ebola epidemic in Sierra Leone
Little known to the rest of the world, a team of open source software developers played a small but integral part in helping to stop the spread of Ebola in Sierra Leone, solving a payroll crisis that was hindering the fight against the disease.

Emerson Tan from NetHope, a consortium of NGOs working in IT and development, told the tale at the Chaos Communications Congress in Hamburg, Germany. “These guys basically saved their country from complete collapse. I can’t overestimate how many lives they saved,” he said about his co-presenters, Salton Arthur Massally, Harold Valentine Mac-Saidu and Francis Banguara, who appeared over video link.
open-source  software  coding  payroll  sierra-leone  ebola  ccc 
january 2016 by jm
"Hidden Technical Debt in Machine-Learning Systems" [pdf]
Another great paper about from Google, talking about the tradeoffs that must be considered in practice over the long term with running a complex ML system in production.
technical-debt  ml  machine-learning  ops  software  production  papers  pdf  google 
december 2015 by jm
Structural and semantic deficiencies in the systemd architecture for real-world service management, a technical treatise
Despite its overarching abstractions, it is semantically non-uniform and its complicated transaction and job scheduling heuristics ordered around a dependently networked object system create pathological failure cases with little debugging context that would otherwise not necessarily occur on systems with less layers of indirection. The use of bus APIs complicate communication with the service manager and lead to duplication of the object model for little gain. Further, the unit file options often carry implicit state or are not sufficiently expressive. There is an imbalance with regards to features of an eager service manager and that of a lazy loading service manager, having rusty edge cases of both with non-generic, manager-specific facilities. The approach to logging and the circularly dependent architecture seem to imply that lots of prior art has been ignored or understudied.
analysis  systemd  linux  unix  ops  init  critiques  software  logging 
november 2015 by jm
Twins denied driver’s permit because DMV can’t tell them apart
"The computer can recognize faces, a feature that comes in handy if somebody’s is trying to get an illegal ID. It apparently is not programmed to detect twins."

As Hilary Mason put it: "You do not want to be an edge case in this future we are building."
future  grim  bugs  twins  edge-cases  coding  fail  dmv  software  via:hmason 
october 2015 by jm
Taming Complexity with Reversibility
This is a great post from Kent Beck, putting a lot of recent deployment/rollout patterns in a clear context -- that of supporting "reversibility":
Development servers. Each engineer has their own copy of the entire site. Engineers can make a change, see the consequences, and reverse the change in seconds without affecting anyone else.
Code review. Engineers can propose a change, get feedback, and improve or abandon it in minutes or hours, all before affecting any people using Facebook.
Internal usage. Engineers can make a change, get feedback from thousands of employees using the change, and roll it back in an hour.
Staged rollout. We can begin deploying a change to a billion people and, if the metrics tank, take it back before problems affect most people using Facebook.
Dynamic configuration. If an engineer has planned for it in the code, we can turn off an offending feature in production in seconds. Alternatively, we can dial features up and down in tiny increments (i.e. only 0.1% of people see the feature) to discover and avoid non-linear effects.
Correlation. Our correlation tools let us easily see the unexpected consequences of features so we know to turn them off even when those consequences aren't obvious.
IRC. We can roll out features potentially affecting our ability to communicate internally via Facebook because we have uncorrelated communication channels like IRC and phones.
Right hand side units. We can add a little bit of functionality to the website and turn it on and off in seconds, all without interfering with people's primary interaction with NewsFeed.
Shadow production. We can experiment with new services under real load, from a tiny trickle to the whole flood, without affecting production.
Frequent pushes. Reversing some changes require a code change. On the website we never more than eight hours from the next schedule code push (minutes if a fix is urgent and you are willing to compensate Release Engineering). The time frame for code reversibility on the mobile applications is longer, but the downward trend is clear from six weeks to four to (currently) two.
Data-informed decisions. (Thanks to Dave Cleal) Data-informed decisions are inherently reversible (with the exceptions noted below). "We expect this feature to affect this metric. If it doesn't, it's gone."
Advance countries. We can roll a feature out to a whole country, generate accurate feedback, and roll it back without affecting most of the people using Facebook.
Soft launches. When we roll out a feature or application with a minimum of fanfare it can be pulled back with a minimum of public attention.
Double write/bulk migrate/double read. Even as fundamental a decision as storage format is reversible if we follow this format: start writing all new data to the new data store, migrate all the old data, then start reading from the new data store in parallel with the old.


We do a bunch of these in work, and the rest are on the to-do list. +1 to these!
software  deployment  complexity  systems  facebook  reversibility  dark-releases  releases  ops  cd  migration 
july 2015 by jm
Evidence-Based Software Engineering

Objective: Our objective is to describe how software engineering might benefit from an evidence-based approach and to identify the potential difficulties associated with the approach.
Method: We compared the organisation and technical infrastructure supporting evidence-based medicine (EBM) with the situation in software engineering. We considered the impact that factors peculiar to software engineering (i.e. the skill factor and the lifecycle factor) would have on our ability to practice evidence-based software engineering (EBSE).
Results: EBSE promises a number of benefits by encouraging integration of research results with a view to supporting the needs of many different stakeholder groups. However, we do not currently have the infrastructure needed for widespread adoption of EBSE. The skill factor means software engineering experiments are vulnerable to subject and experimenter bias. The lifecycle factor means it is difficult to determine how technologies will behave once deployed.
Conclusions: Software engineering would benefit from adopting what it can of the evidence approach provided that it deals with the specific problems that arise from the nature of software engineering.


(via Mark Dennehy)
papers  toread  via:markdennehy  software  coding  ebse  evidence-based-medicine  medicine  research 
june 2015 by jm
'Microservice AntiPatterns'
presentation from last week's Craft Conference in Budapest; Tammer Saleh of Pivotal with a few antipatterns observed in dealing with microservices.
microservices  soa  architecture  design  coding  software  presentations  slides  tammer-saleh  pivotal  craft 
april 2015 by jm
StackShare
'Discover and discuss the best dev tools and cloud infrastructure services' -- fun!
stackshare  architecture  stack  ops  software  ranking  open-source 
april 2015 by jm
Stack Overflow Developer Survey 2015
wow, 52.5% of developers prefer a dark IDE theme?!
coding  jobs  work  careers  software  stack-overflow  surveys 
april 2015 by jm
The Pizza Party Where Everyone Got Fired
The testers at [MAJOR PUBLISHER] had just finished wrapping up testing on a project we'll call "Biolands." And to congratulate them, the man in charge arranged a huge bowling/pizza party for the end of the week. Of course everyone is hyped for the event. So the day finally arrives and all the testers show up. They all start bowling and eating pizza. After a few hours of everyone enjoying themselves, the VP asks for everyone's attention. When he does manage to get the team to listen, he begins to thank them for their hard work and has the leads hand them their termination papers.


And many other horror stories from the worst software industry of all -- games.
games  software  jobs  bowling  pizza  fired  horror-stories  hr  employment 
february 2015 by jm
A Quiet Defense of Patterns
Marc Brooker: 'When it comes to building working software in the long term, the emotional pursuit of craft is not as important as the human pursuit of teamwork, or the intellectual pursuit of correctness. Patterns is one of the most powerful ideas we have. The critics may be right that it devalues the craft, but we would all do well to remember that the craft of software is a means, not an end.'
marc-brooker  design-patterns  coding  software  teamwork 
february 2015 by jm
Tech’s Meritocracy Problem — Medium
Meritocracy is a myth. And our belief in it is holding back the tech industry from getting better.
culture  hiring  diversity  meritocracy  tech  software  jobs  work  misogyny 
october 2014 by jm
To "patch" software comes from a physical patch applied to paper tape
hmason: TIL that the phrase software "patch" is from a physical patch applied to Mark 1 paper tape to modify the program.


It's amazing how a term like that can become so divorced from its original meaning so effectively. History!
history  computing  software  patch  paper-tape  patching  bugs 
october 2014 by jm
on using JSON as a config file format
Ben Hughes on twitter:

"JSON is fine for config files, if you don't want to comment your config file. Which is a way of saying, it isn't fine for config files."
ben-hughes  funny  json  file-formats  config-files  configuration  software  coding 
september 2014 by jm
Software patents are crumbling, thanks to the Supreme Court
Now a series of decisions from lower courts is starting to bring the ruling's practical consequences into focus. And the results have been ugly for fans of software patents. By my count there have been 11 court rulings on the patentability of software since the Supreme Court's decision — including six that were decided this month.  Every single one of them has led to the patent being invalidated. This doesn't necessarily mean that all software patents are in danger — these are mostly patents that are particularly vulnerable to challenge under the new Alice precedent. But it does mean that the pendulum of patent law is now clearly swinging in an anti-patent direction. Every time a patent gets invalidated, it strengthens the bargaining position of every defendant facing a lawsuit from a patent troll.
patents  law  alice  swpats  software  supreme-court  patent-trolls 
september 2014 by jm
Open Invention Network Symposium on Open Source Software and Patents in Context
Dublin, 24th September 2014, hosted by Enterprise Ireland. Hosted by former Ubuntu
counsel (via gcarr)
via:gcarr  ubuntu  law  legal  open-source  floss  oss  oin  inventions  patents  swpat  software  ireland  ei  events 
september 2014 by jm
The Ramifications of Alice: A Conversation with Mark Lemley - IPWatchdog.com
I think you need to review what is actually happening at the USPTO in terms of rejections and how the Federal Circuit is applying Alice to find software patent claims patent ineligible. We are not crying wolf. It is really, factually, truthfully happening.


On the face of it, this sounds like great news ;)
swpat  patents  alice  uspto  ip  reform  software 
september 2014 by jm
Systemd: Harbinger of the Linux apocalypse
While there are many defensible aspects of Systemd, other aspects boggle the mind. Not the least of these was that, as of a few months ago, trying to debug the kernel from the boot line would cause the system to crash. This was because of Systemd's voracious logging and the fact that Systemd responds to the "debug" flag on the kernel boot line -- a flag meant for the kernel, not anything else. That, straight up, is a bug.

However, the Systemd developers didn't see it that way and actively fought with those experiencing the problem. Add the fact that one of the Systemd developers was banned by Linus Torvalds for poor attitude and bad design and another was responsible for causing significant issues with Linux audio support, but blamed the problem on everything else but his software, and you have a bad situation on your hands.

There's no shortage of egos in the open source development world. There's no shortage of new ideas and veteran developers and administrators pooh-poohing something new simply because it's new. But there are also 45 years of history behind Unix and extremely good reasons it's still flourishing. Tools designed like Systemd do not fit the Linux mold, to their own detriment. Systemd's design has more in common with Windows than with Unix -- down to the binary logging.


The link re systemd consuming the "debug" kernel boot arg is a canonical example of inflexible coders refusing to fix their own bugs. (via Jason Dixon)
systemd  linux  red-hat  egos  linus-torvalds  unix  init  booting  debugging  logging  design  software  via:obfuscurity 
august 2014 by jm
Syria's 2012 internet disconnection wasn't on purpose
According to Edward Snowden, it was a side-effect of the NSA attempting to install an exploit in one of the core routers at a major Syrian ISP, and accidentally bricking the router
routers  exploits  hacking  software  tao  nsa  edward-snowden  syria  internet  privacy 
august 2014 by jm
homebrew-cask
Install Mac apps using "brew". Nicely done (via Marc)
via:marc  mac  terminal  brew  packaging  apps  software  osx 
march 2014 by jm
Accidentally Turing-Complete
slightly ruined by the inclusion of some "deliberately Turing-complete" systems
turing  computation  software  via:jwz  turing-complete  accidents  automatons 
march 2014 by jm
GPLv2 being tested in US court
The case is still ongoing, so one to watch.
Plaintiff wrote an XML parser and made it available as open source software under the GPLv2. Defendant acquired from another vendor software that included the code, and allegedly distributed that software to parties outside the organization. According to plaintiff, defendant did not comply with the conditions of the GPL, so plaintiff sued for copyright infringement. Defendants moved to dismiss for failure to state a claim. The court denied the motion.
gpl  open-source  licensing  software  law  legal  via:fplogue 
february 2014 by jm
Girls and Software
a pretty thought-provoking article from Linux Journal on women in computing, and how we're doing it all wrong
feminism  community  programming  coding  women  computing  software  society  work  linux-journal  children  teaching 
february 2014 by jm
How to lose $172,222 a second for 45 minutes
Major outage and $465m of trading loss, caused by staggeringly inept software management: 8 years of incremental bitrot, technical debt, and failure to have correct processes to engage an ops team in incident response. Hopefully this will serve as a lesson that software is more than just coding, at least to one industry
trading  programming  coding  software  inept  fail  bitrot  tech-debt  ops  incident-response 
october 2013 by jm
To my daughter's high school programming teacher
During the first semester of my daughter's junior/senior year, she took her first programming class. She knew I'd be thrilled, but she did it anyway.

When my daughter got home from the first day of the semester, I asked her about the class. "Well, I'm the only girl in class," she said. Fortunately, that didn't bother her, and she even liked joking around with the guys in class. My daughter said that you noticed and apologized to her because she was the only girl in class. And when the lessons started (Visual Basic? Seriously??), my daughter flew through the assigments. After she finished, she'd help classmates who were behind or struggling in class.

Over the next few weeks, things went downhill. While I was attending SC '12 in Salt Lake City last November, my daughter emailed to tell me that the boys in her class were harassing her. "They told me to get in the kitchen and make them sandwiches," she said. I was painfully reminded of the anonymous men boys who left comments on a Linux Pro Magazine blog post I wrote a few years ago, saying the exact same thing.


I am sick to death of this 'brogrammer' bullshit.
brogrammers  sexism  culture  tech  teaching  coding  software  education 
september 2013 by jm
Older Is Wiser: Study Shows Software Developers’ Skills Improve Over Time
At least in terms of StackOverflow rep:
For the first part of the study, the researchers compared the age of users with their reputation scores. They found that an individual’s reputation increases with age, at least into a user’s 40s. There wasn’t enough data to draw meaningful conclusions for older programmers. The researchers then looked at the number of different subjects that users asked and answered questions about, which reflects the breadth of their programming interests. The researchers found that there is a sharp decline in the number of subjects users weighed in on between the ages of 15 and 30 – but that the range of subjects increased steadily through the programmers’ 30s and into their early 50s.

Finally, the researchers evaluated the knowledge of older programmers (ages 37 and older) compared to younger programmers (younger than 37) in regard to relatively recent technologies – meaning technologies that have been around for less than 10 years. For two smartphone operating systems, iOS and Windows Phone 7, the veteran programmers had a significant edge in knowledge over their younger counterparts. For every other technology, from Django to Silverlight, there was no statistically significant difference between older and younger programmers. “The data doesn’t support the bias against older programmers – if anything, just the opposite,” Murphy-Hill says.


Damn right ;)
coding  age  studies  software  work  stack-overflow  ncsu  knowledge  skills  life 
april 2013 by jm
The Excel Depression - NYTimes.com
Krugman on the Reinhart-Rogoff Excel-bug fiasco.
What the Reinhart-Rogoff affair shows is the extent to which austerity has been sold on false pretenses. For three years, the turn to austerity has been presented not as a choice but as a necessity. Economic research, austerity advocates insisted, showed that terrible things happen once debt exceeds 90 percent of G.D.P. But “economic research” showed no such thing; a couple of economists made that assertion, while many others disagreed. Policy makers abandoned the unemployed and turned to austerity because they wanted to, not because they had to. So will toppling Reinhart-Rogoff from its pedestal change anything? I’d like to think so. But I predict that the usual suspects will just find another dubious piece of economic analysis to canonize, and the depression will go on and on.
paul-krugman  economics  excel  coding  bugs  software  austerity  debt 
april 2013 by jm
Excel, untestability, and the reliability of quants
Wow, this is a great software-quality story -- I knew Excel was the most widely used programming environment out there, but this is a factor I'd overlooked:

In his remarks on the final panel, Frank Partnoy mentioned something I missed when it came out a few weeks ago: the role of Microsoft Excel in the “London Whale” trading debacle. [..] To summarize: JPMorgan’s Chief Investment Office needed a new value-at-risk (VaR) model for the synthetic credit portfolio (the one that blew up) and assigned a quantitative whiz [...] to create it. The new model “operated through a series of Excel spreadsheets, which had to be completed manually, by a process of copying and pasting data from one spreadsheet to another.” The internal Model Review Group identified this problem as well as a few others, but approved the model, while saying that it should be automated and another significant flaw should be fixed. After the London Whale trade blew up, the Model Review Group discovered that the model had not been automated and found several other errors. Most spectacularly, “After subtracting the old rate from the new rate, the spreadsheet divided by their sum instead of their average, as the modeler had intended. This error likely had the effect of muting volatility by a factor of two and of lowering the VaR ...”

I write periodically about the perils of bad software in the business world in general and the financial industry in particular, by which I usually mean back-end enterprise software that is poorly designed, insufficiently tested, and dangerously error-prone. But this is something different. [...] While Excel the program is reasonably robust, the spreadsheets that people create with Excel are incredibly fragile. There is no way to trace where your data come from, there’s no audit trail (so you can overtype numbers and not know it), and there’s no easy way to test spreadsheets, for starters. The biggest problem is that anyone can create Excel spreadsheets -- badly. Because it’s so easy to use, the creation of even important spreadsheets is not restricted to people who understand programming and do it in a methodical, well-documented way.

This is why the JPMorgan VaR model is the rule, not the exception: manual data entry, manual copy-and-paste, and formula errors. This is another important reason why you should pause whenever you hear that banks’ quantitative experts are smarter than Einstein, or that sophisticated risk management technology can protect banks from blowing up. At the end of the day, it’s all software. While all software breaks occasionally, Excel spreadsheets break all the time. But they don’t tell you when they break: they just give you the wrong number.
excel  reliability  software  coding  ides  jpmorgan  value-at-risk  finance  london-whale  quants  spreadsheets  unit-tests  testability  testing 
april 2013 by jm
google-http-java-client
Written by Google, this library is a flexible, efficient, and powerful Java client library for accessing any resource on the web via HTTP. It features a pluggable HTTP transport abstraction that allows any low-level library to be used, such as java.net.HttpURLConnection, Apache HTTP Client, or URL Fetch on Google App Engine. It also features efficient JSON and XML data models for parsing and serialization of HTTP response and request content. The JSON and XML libraries are also fully pluggable, including support for Jackson and Android's GSON libraries for JSON.


Not quite as simple an API as Python's requests, sadly, but still an improvement on the verbose Apache HttpComponent API. Good support for unit testing via a built-in mock-response class. Still in beta
google  beta  software  http  libraries  json  xml  transports  protocols 
april 2013 by jm
Snabb Switch
an open source virtualized Ethernet networking stack.

I am developing Snabb Switch in response to several exciting trends:
x86 has risen to be a powerful networking platform.
Virtualization and SDN are pulling more networking into servers.
Optimized user-space software is out-performing kernel-space software.

Snabb Switch's simple and fast software-only data plane makes developing networking software easier than ever before.


Written in LuaJIT but aiming to be very fast. cool stuff, worth watching
sdn  software  networking  emulation  snabb-switch  luajit  lua  virtualization 
april 2013 by jm
JPL Institutional Coding Standard for the Java Programming Language
From JPL's Laboratory for Reliable Software (LaRS). Great reference; there's some really useful recommendations here, and good explanations of familiar ones like "prefer composition over inheritance". Many are supported by FindBugs, too.

Here's the full list:

compile with checks turned on;
apply static analysis;
document public elements;
write unit tests;
use the standard naming conventions;
do not override field or class names;
make imports explicit;
do not have cyclic package and class dependencies;
obey the contract for equals();
define both equals() and hashCode();
define equals when adding fields;
define equals with parameter type Object;
do not use finalizers;
do not implement the Cloneable interface;
do not call nonfinal methods in constructors;
select composition over inheritance;
make fields private;
do not use static mutable fields;
declare immutable fields final;
initialize fields before use;
use assertions;
use annotations;
restrict method overloading;
do not assign to parameters;
do not return null arrays or collections;
do not call System.exit;
have one concept per line;
use braces in control structures;
do not have empty blocks;
use breaks in switch statements;
end switch statements with default;
terminate if-else-if with else;
restrict side effects in expressions;
use named constants for non-trivial literals;
make operator precedence explicit;
do not use reference equality;
use only short-circuit logic operators;
do not use octal values;
do not use floating point equality;
use one result type in conditional expressions;
do not use string concatenation operator in loops;
do not drop exceptions;
do not abruptly exit a finally block;
use generics;
use interfaces as types when available;
use primitive types;
do not remove literals from collections;
restrict numeric conversions;
program against data races;
program against deadlocks;
do not rely on the scheduler for synchronization;
wait and notify safely;
reduce code complexity
nasa  java  reference  guidelines  coding-standards  jpl  reliability  software  coding  oo  concurrency  findbugs  bugs 
march 2013 by jm
TOSEC: Commodore C64 (2012-04-23) : Free Download & Streaming : Internet Archive
A massive, 6.5GB collection of C64 history.
There are an astounding 134,000+ disk, cassette and documentation items in this Commodore 64 collection, including games, demos, cractros, and compilations.
commodore  c64  history  computing  software  demos  archive 
march 2013 by jm
Crash-only software
I couldn't remember the name for this design principle, so it's worth a bookmark to remind me in future...

'This refers to computer programs that handle failures by simply restarting, without attempting any sophisticated recovery. Correctly written components of crash-only software can microreboot to a known-good state without the help of a user. Since failure-handling and normal startup use the same methods, this can increase the chance that bugs in failure-handling code will be noticed.'
crashing  crash-only-software  design  architecture  coding  software  fault-tolerance  erlang  let-it-fail  microreboot  recovery  autosave 
february 2013 by jm
Literate Jenks Natural Breaks and How The Idea Of Code is Lost
A crazy amount of code archaeology to discover exactly an algorithm -- specifically 'Jenks natural breaks", works, after decades of cargo-cult copying (via Nelson):

'I spent a day reading the original text and decoding as much as possible of the code’s intention, so that I could write a ‘literate’ implementation. My definition of literate is highly descriptive variable names, detailed and narrative comments, and straightforward code with no hijinks.

So: yes, this isn’t the first implementation of Jenks in Javascript. And it took me several times longer to do things this way than to just get the code working.

But the sad and foreboding state of this algorithm’s existing implementations said that to think critically about this code, its result, and possibilities for improvement, we need at least one version that’s clear about what it’s doing.'
jenks-natural-breaks  algorithms  chloropleth  javascript  reverse-engineering  history  software  copyright  via:nelson 
february 2013 by jm
"Security Engineering" now online in full
Ross Anderson says: 'I’m delighted to announce that my book Security Engineering – A Guide to Building Dependable Distributed Systems is now available free online in its entirety. You may download any or all of the chapters from the book’s web page.'
security  books  reference  coding  software  encryption  ross-anderson 
february 2013 by jm
CES: Worse Products Through Software
'The companies out there that know how to make decent software have been steadily eating their way into and through markets previously dominated by the hardware guys. Apple with music players, TiVo with video recording, even Microsoft with its decade-old Xbox Live service, which continues to embarrass the far weaker offerings from Sony and Nintendo. (And, yes, iOS is embarrassing all three console makers.)'

See also Mat Honan's article at http://www.wired.com/gadgetlab/2012/12/internet-tv-sucks/ : 'Smart TVs are just too complicated. They have terrible user interfaces that differ wildly from device to device. It’s not always clear what content is even available — for example, after more than two years on the market, you still can’t watch Hulu Plus on your Google TV. [...] They give us too many options for apps most people will never use, and they do so at the expense of making it simple to find the shows and movies we want to watch, no matter where they are, be it online or on the air. As NPD puts it in the conclusion to its report, “OEMs and retailers need to focus less on new innovation in this space and more on simplification of the user experience and messaging if they want to drive additional, and new, behaviors on the TV.” Which is a more polite way of saying, clean up your horrible interface, Samsung.'

(via Craig)
via:craig  design  ui  tv  hardware  television  sony  ces  software 
january 2013 by jm
John Carmack's .plan update from 10/14/98
John Carmack presciently defines the benefits of an event sourcing architecture in 1998, as a key part of Quake 3's design:

"The key point: Journaling of time along with other inputs turns a
realtime application into a batch process, with all the attendant
benefits for quality control and debugging. These problems, and
many more, just go away. With a full input trace, you can accurately
restart the session and play back to any point (conditional
breakpoint on a frame number), or let a session play back at an
arbitrarily degraded speed, but cover exactly the same code paths."

(This was the first time I'd heard of the concept, at least.)
john-carmack  design  software  coding  event-sourcing  events  quake-3 
november 2012 by jm
High-frequency trading: The fast and the furious | The Economist

"The NYMEX panel found that Infinium had finished writing the algorithm only the day before it introduced it to the market, and had tested it for only a couple of hours in a simulated trading environment to see how it would perform. The firm's normal testing processes take six to eight weeks. When the algorithm started its frenetic buying spree, the measures designed to shut it down automatically did not work. One was supposed to turn the system off if a maximum order size was breached, but because the machine was placing lots of small orders rather than a single big one the shutdown was not triggered. The other measure was meant to prevent Infinium from selling or buying more than a certain number of contracts, but because of an error in the way the rogue algorithm had been written, this, too, failed to spot a problem."
hft  automation  trading  markets  stocks  nymex  bugs  software 
august 2012 by jm
"Machine Learning That Matters" [paper, PDF]
Great paper. This point particularly resonates: "It is easy to sit in your office and run a Weka algorithm on a data set you downloaded from the web. It is very hard to identify a problem for which machine learning may offer a solution, determine what data should be collected, select or extract relevant features, choose an appropriate learning method, select an evaluation method, interpret the results, involve domain experts, publicize the results to the relevant scientific community, persuade users to adopt the technique, and (only then) to truly have made a difference (see Figure 1). An ML researcher might well feel fatigued or daunted just contemplating this list of activities. However, each one is a necessary component of any research program that seeks to have a real impact on the world outside of machine learning."
machine-learning  ml  software  data  real-world  algorithms 
june 2012 by jm
RBS collapse details revealed - The Register
as noted in the gossip last week. 'The main batch scheduling software used by RBS is CA-7, said one source, a former RBS employee who left the company recently.' 'RBS do use CA-7 and do update all accounts overnight on a mainframe via thousands of batch jobs scheduled by CA-7 ... Backing out of a failed update to CA-7 really ought to have been a trivial matter for experienced operations and systems programming staff, especially if they knew that an update had been made. That this was not the case tends to imply that the criticisms of the policy to "offshore" also hold some water.'
outsourcing  failure  software  rbs  natwest  ulster-bank  ulster-blank  offshoring  downsizing  ca-7  upgrades 
june 2012 by jm
Girls and coding: female peer pressure scares them off | Education | The Observer
'Coding and digital prowess is still niche at a young age, self-taught by the studious. It is often considered a bit nerdy in senior school, where it is not currently taught as a part of the curriculum, although this is changing in senior schools from September 2012. Therefore, generally speaking, those who code have taught themselves. Teaching yourself something that should really be covered as a part of lessons is a bit like doing extra homework – why, ask many teens, would anyone do that? There is no way the majority of hormonally challenged, desperate-to-find-their-place-in-the-world teenage girls would risk ridicule or isolation by doing such a thing – let alone be open and proud about it. (Boys of the same age have different social challenges and do not measure their societal worth so much by peer review.)'
girls  coding  education  peer-pressure  software  teaching  kids 
march 2012 by jm
The best "why estimation is hard" parable I've read this week
'A tense silence falls between us. The phone call goes unmade. I'll call tomorrow once my comrade regains his senses and is willing to commit to something reasonable.'
agile  development  management  programming  teams  estimation  tasks  software 
february 2012 by jm
eclim (eclipse + vim)
'Eclim is less of an application and more of an integration of two great projects. The first, Vim, is arguably one of the best text editors in existence. The second, Eclipse, provides many great tools for development in various languages. Each provides many features that can increase developer productivity, but both still leave something to be desired. Vim lacks native Java support and many of the advanced features available in Eclipse. Eclipse, on the other hand, still requires the use of the mouse for many things, and when compared to Vim, provides a less than ideal interface for editing text. That is where eclim comes into play. Instead of trying to write an IDE in Vim or a Vim editor in Eclipse, eclim provides an Eclipse plug-in that exposes Eclipse features through a server interface, and a set of Vim plug-ins that communicate with Eclipse over that interface. This functionality can be leveraged in three primary ways, as illustrated below.'
eclipse  java  programming  software  vim  editors  refactoring 
november 2011 by jm
Lovelace's Leap
a great observation from jgc. 'Lovelace realized that even though a computer was, at its heart, a mathematical machine, it wasn't restricted to doing mathematics. She realized that a computer could be used to process other types of 'information' by having numbers represent anything else. She realized that a computer could handle text, or music, or practically anything. That's Lovelace's Leap.'
jgc  history  ada-lovelace  computing  software  information  code  babbage 
september 2011 by jm
The Monkeysphere Project
OpenPGP's web of trust extending further. 'Everyone who has used a web browser has been interrupted by the "Are you sure you want to connect?" warning message, which occurs when the browser finds the site's certificate unacceptable. But web browser vendors (e.g. Microsoft or Mozilla) should not be responsible for determining whom (or what) the user trusts to certify the authenticity of a website, or the identity of another user online. The user herself should have the final say, and designation of trust should be done on the basis of human interaction. The Monkeysphere project aims to make that possibility a reality.'
via:filippo  gpg  pki  security  software  ssh  ssl  web 
september 2011 by jm
corkscrew
'a tool for tunneling SSH through HTTP proxies'. handy
ssh  http  proxies  software  linux  tunneling  isps 
august 2011 by jm
Hacker News | Ooops.
brilliant thread of epic "OMG WHAT HAVE I DONE" stories
fail  ouch  oops  via:hn  via:waxy  computers  software  rm-rf 
june 2011 by jm
France To Launch a National Patent Troll
'The operation, called "France Brevets" will buy up patents from small operation and put the French government in charge of [...] shaking down companies for money.' I think the word is: incroyable
france  fail  omgwtfbbq  patent-trolls  swpats  patents  government  innovation  software  europe 
june 2011 by jm
Dublin - Europe’s Next Startup Petri Dish? - NYTimes.com
'Ireland’s tech scene continues to expand in spite of the woeful state of the rest of the economy with a plethora of accelerator programs, seed funds and events like Founders and the IBM smartcamp global finals happening there in the last year or two. '
ireland  tech  software  startups  from delicious
april 2011 by jm
Gamasutra - News - Opinion: Minecraft And The Question Of Luck
'Notch’s luck was that he came across the idea of doing a first-person fortress building game. His alignment was that the game that he wanted to make was culturally connected to [he PC gamer] tribe. While the game may appear ugly, and its purchase process etc seem naive to many a gaming professional, all of those decisions that Notch made along the road to releasing his game were from the point of view of a particular perspective of what games are, what matters and what were the things that he could trust the tribe to figure out for themselves.'
tribes  viral  minecraft  gaming  analysis  games  culture  gamasutra  via:nelson  future  software  marketing  from delicious
february 2011 by jm
Rules of SCRAM
'GOATS just stand around during this phase and stare at each other, rolling their eyes frequently at howlers (such as using serialization to SOAP for storage, or databases as RPC mechanisms). It is often useful for GOATS — or anybody, really — to take notes for the monthly BACKSTABBING drill.'
funny  scrum  software  project-management  coding  work  from delicious
january 2011 by jm
Etsy's metrics infrastructure
I never really understood how useful a good metrics infrastructure could be for operational visibility until I joined Amazon.  Here's a good demo of Etsy's metrics system (via Netlson)
via:nelson  metrics  deployment  change-monitoring  etsy  software  monitoring  ops  from delicious
december 2010 by jm
deeptoad - Project Hosting on Google Code
'a (python) library and a tool to clusterize similar files using fuzzy hashing techniques. This project is inspired by the well known tool ssdeep.' Via Nelson
via:nelson  deeptoad  software  open-source  fuzzy  hashing  from delicious
november 2010 by jm
Skills shortage a major worry - Sunday Business Post
true -- very difficult to hire good staff in Ireland right now
hiring  ireland  software  jobs  work  from delicious
november 2010 by jm
Blosc
A high-performance compressor optimized for binary data -- 'designed to transmit data to the processor cache faster than a traditional, non-compressed, direct memory fetch via memcpy()' (via Bill de hOra)
via:dehora  compression  memcpy  caching  l1  software  memory  optimization  performance  python  pytables  from delicious
october 2010 by jm
Ubuntu's cron package silently ignores files
Ubuntu have hack-patched Vixie Cron to silently ignore cron files which contain a ".". omgwtf
omgwtfbbq  broken  ubuntu  patching  quality  bugs  software  stupid  packaging  from delicious
september 2010 by jm
Why We Need To Abolish Software Patents
'Pam Samuelson, one of the co-authors of the report, says that her conclusion from the research is that the world may be better off without software patents; that the biggest beneficiaries of software patents are patent lawyers and patent trolls, not entrepreneurs.' no shit, Sherlock
ip  patents  techcrunch  startups  swpats  via:brian-caulfield  software  from delicious
august 2010 by jm
XOR patent killed Commodore-Amiga
'Apparently Commodore-Amiga owed $10M for patent infringement. Because of that, the US government wouldn't allow any CD-32's into the USA. And because of that, the Phillippines factory seized all of the CD-32's that had been manufactured to cover unpaid expenses. And that was the end'
cd32  commodore  computers  history  ip  patents  software  swpats  xor  amiga  from delicious
july 2010 by jm
Mea Culpa
'Programming is an embarrassment compared to other fields of engineering and design. Our mainstream culture is one of adolescent self-indulgence. It is like something from Gulliver’s Travels, with the curly-bracketeers vs. the indentationites vs. the parenthesesophiles. The only thing that everyone seems to agree upon is how stupid all the other programmers are. Try googling “stupid programmers”. We have met the enemy, and he is us.' Fantastic post via Jan Lenhardt
via:janl  coding  programming  software  philosophy  languages  lisp  elitism  from delicious
may 2010 by jm
iPhone 3GS GPS suddenly stops working? here's the fix
via a forum on MacRumors -- blow away the locationd cache. Worked perfectly for me after my GPS crapped out halfway through my holidays :( Requires that the phone be jailbroken first
iphone  gps  software  3gs  reliability  bugs  macrumors  jailbreaking  locationd  from delicious
may 2010 by jm
Refuctoring
'the process of taking a well-designed piece of code and, through a series of small, reversible changes, making it completely unmaintainable by anyone except yourself' (via Mozai)
funny  refuctoring  via:Mozai  coding  tests  tdd  programming  software  from delicious
may 2010 by jm
Op-Ed Contributor - Microsoft’s Creative Destruction - NYTimes.com
MS internal politics routinely torpedoed cool new projects. surprise, surprise. 'Engineers in the Windows group falsely claimed [ClearType] made the display go haywire when certain colors were used. The head of Office products said it was fuzzy and gave him headaches. The VP for pocket devices was blunter: he’d support ClearType and use it, but only if I transferred the program and the programmers to his control.'
cleartype  microsoft  software  bureaucracy  politics  culture  management  corporate  nytimes  from delicious
february 2010 by jm
Turing-incomplete Lua?
discussion thread on the cons of using Turing-complete general-purpose programming languages in places where it's not necessary, such as configuration files
configuration  turing-complete  safety  coding  software  lua  from delicious
december 2009 by jm
SBSettings
good overview of this jailbreak app
iphone  jailbreak  hack  software  apple  sbsettings  unlock  from delicious
november 2009 by jm
pigz
'A parallel implementation of gzip for modern multi-processor, multi-core machines', by Mark Adler, no less
adler  pigz  gzip  compression  performance  concurrency  shell  parallel  multicore  zip  software  from delicious
october 2009 by jm
Programmer Competency Matrix
actually quite a good breakdown of software eng skill progression
software  coding  programming  management  hiring  engineering  matrix  skills 
july 2009 by jm
« earlier      
per page:    204080120160

related tags

3gs  accidents  ada-lovelace  adler  advice  age  agile  algorithms  alice  allan-klumpp  amiga  analysis  anti-spam  apollo-program  apple  apps  architecture  archive  astronomy  austerity  automation  automatons  autosave  babbage  ben-hughes  best-practices  beta  bias  bitrot  books  booting  bowling  brew  brogrammers  broken  bugs  bullshit  bureaucracy  c64  ca-7  caching  career  careers  ccc  cd  cd32  ces  change-monitoring  chapar  charybdefs  children  chloropleth  cleartype  code  coding  coding-standards  commodore  community  complexity  compression  computation  computers  computing  concurrency  config-files  configuration  control  copyright  corporate  craft  crash-only-software  crashing  critiques  culture  dark-releases  data  debt  debugging  deeptoad  demos  deployment  design  design-patterns  dessid  development  disk  distribution  diversity  dmv  don-eyles  downsizing  dual-use  ebola  ebse  eclipse  economics  edge-cases  editors  education  edward-snowden  egalitarianism  egos  ei  eircom  elitism  employment  emulation  encryption  engineering  engines  erlang  estimation  ethics  etsy  europe  event-sourcing  events  evidence-based-medicine  excel  exploits  facebook  fail  failure  fault-injection  fault-tolerance  feedback  feminism  file-formats  filesystems  finance  findbugs  fired  floss  formal-verification  france  free  free-software  funny  fuse  future  fuzzing  fuzzy  gamasutra  games  gaming  gender-balance  girls  gnu  google  governance  government  gpg  gpl  gps  grim  guidelines  gzip  hack  hacking  hardware  hashing  hft  hiring  history  horror-stories  hr  http  ides  incident-response  inept  information  init  innovation  interfaces  internet  inventions  ip  iphone  ireland  isps  jailbreak  jailbreaking  jam-software  james-hamilton  java  javascript  jenks-natural-breaks  jgc  jobs  john-carmack  jpl  jpmorgan  json  kids  knowledge  l1  languages  law  legal  let-it-fail  libraries  licensing  life  linus-torvalds  linux  linux-journal  lisp  locationd  logging  london-whale  lua  luajit  mac  machine-learning  macrumors  malware  management  marc-brooker  marketing  markets  matrix  medicine  memcpy  memory  meritocracy  metrics  microreboot  microservices  microsoft  migration  minecraft  misogyny  ml  monitoring  moom  multicore  nasa  natwest  ncsu  networking  nsa  nymex  nytimes  offshoring  oin  omgwtfbbq  oo  oops  open-source  ops  optimization  oss  osx  ouch  outsourcing  packaging  paper-tape  papers  parallel  patch  patching  patent-trolls  patents  paul-krugman  payroll  pdf  peer-pressure  performance  philosophy  pigz  pivotal  pizza  pki  politics  premature-flexibilization  presentations  privacy  production  programming  project-management  protocols  proxies  pytables  python  quake-3  quality  quants  racism  ranking  rbs  real-world  recovery  red-hat  refactoring  reference  reform  refuctoring  releases  reliability  reputation  research  reverse-engineering  reversibility  richard-stallman  rm-rf  rob-pike  role-models  ross-anderson  routers  safety  sbsettings  scaling  scrum  scylladb  sdn  security  services  sexism  shell  sierra-leone  skills  slides  snabb-switch  soa  society  software  sony  spamassassin  specifications  spreadsheets  ssh  ssl  stack  stack-overflow  stackshare  staffing  startups  stocks  studies  stupid  supreme-court  surveillance  surveys  swpat  swpats  syria  systemd  systems  tammer-saleh  tao  tasks  tdd  teaching  teams  teamwork  tech  tech-debt  techcrunch  technical-debt  technology  television  terminal  testability  testing  tests  tla+  tools  toread  trading  transports  tribes  tunneling  turing  turing-complete  tv  twins  ubuntu  ui  ulster-bank  ulster-blank  unit-tests  unix  unlock  updates  upgrades  uspto  value-at-risk  verdi  via:brian-caulfield  via:craig  via:dehora  via:filippo  via:fplogue  via:gcarr  via:hmason  via:hn  via:janl  via:jwz  via:marc  via:markdennehy  via:Mozai  via:nelson  via:obfuscurity  via:waxy  vim  viral  virtualization  viruses  web  win32  window-management  windows  windows-xp  women  work  worms  xml  xor  yagni  zeynep-tufekci  zip 

Copy this bookmark:



description:


tags: