dev2dev: Writing Secure Enterprise Applications

Writing Secure Enterprise Applications by Neil Smithline — “Even with security provided by firewalls, application servers, and hardware security modules, a secure Web site still requires careful design and programming,” says Neil Smithline in this article that shows just how difficult it is to create a secure site.

BEA, WebLogic, Security


I want the new Motorola Moto Q

I’ve been reading about the new Moto Q on Gizmodo and Scoble’s blog among others and I really really want one. Motorola announced the Moto Q, a new Windows Mobile Smartphone that’s going to be available in Q1 2006. This beautiful device will feature Windows Mobile 5.0 for Smartphone, full QWERTY keyboard, 5 way navigation and thumbwheel, 320×240 Display, MiniSD, Bluetooth and a 1.3MP Camera.

I love my Audiovox SMT5600 phone but I’m trying out the Motorola MPx200 to see if it’s any better. Since I have to wait till Q1 of 2006, I guess I better make the best of my Audiovox phone. I really love my Audiovox phone as it has pretty much everything I need. The Outlook integration is great and the camera is not bad for being a phone camera. I love the email and MSN IM integration capabalities but I haven’t played with the Java capabilities of this phone. It will be nice to have the bigger screen of the Moto Q for browsing. I just hope AT&T/Cingular offer this phone right away.

Joel on Software: Hitting the High Notes

Joel comes through again: In his latest article entitled Hitting the High Notes, Joel attempts to debunk prove the idea that you must have the best programmers to make the best product and be profitable. It’s a must read, pretty much like everything Joel writes. Great article.

Update: Yeah – what Cedric said 🙂 – See the first comment from Cedric to make sense. Joel’s debunking the idea of the traditional ‘build-a-better-mousetrap’. Lack of caffeine is my story and I’m sticking to it 🙂

iBatis book in Q4 2005

Looks like Clinton and the rest of the iBatis gang are working on a book. I just caught this on the mailing list and I can’t wait to read this book. Clinton – if you see this, we need more details on the book.

From: Clinton Begin 
Date: Jul 22, 2005 10:05 AM
Subject: Re: iBatis book

We're working on getting a book out for iBATIS.  So cross your fingers.  
If all goes well, it should be out in Q4 of 2005.


ibatis, book

Mailblocks continues to suck

This is getting really frustrating and I’m starting to sound like Hani, which is pretty scary 🙂  Mailblocks, the web-based mail service that I pay for is down again for the 2nd time this week for an extended period of time. I’m paying $25.00/year for this mail service and these guys can’t even keep their servers up. $25.00 is peanuts and I don’t care about the money but I need access to my email and that’s worth way more money to me.

Instead of offering details about the root cause, they have the standard lie about being down for a few moments. Take a look at this screenshot:

Ever since AOL has purchased them, they’ve completely gone downhill. I am demanding a full refund and requiring them to permanently forward my email to my Google Gmail account. Let’s see if they can make that happen.

Mailblocks, AOL, GMail

Sad State of Affair in Java & .NET blog server software

It really is a sad state of affair when it comes to blog server software for Java and .NET. For the last few weeks, I’ve been working to introduce blogs and the concept of blogging internally at work and trying to pilot the use of blogs instead of the standard project portal. To that end, I figured I should really get the latest offerings from all of the blogging server software out there and put them through the paces to see which one works better than the other.

I’ve personally only used Blogger, Movable Type and WordPress in the past 5 years. The primary blog ran on Blogger for many years before I finally moved everything to WordPress. To make sure we’re eating our own dog food, I decided to download Roller and Community Server (formerly. Text) and give them a whirl.

Being a Java guy, I was excited to download and install Roller, as it’s one of the most popular Java blogging software out there. Boy, was I disappointed. I know this is free and open-source but installing and getting Roller running was a royal pain in the neck. The installation is documented fairly well for Tomcat but I have tons of servers running WebLogic and so I tried to deploy Roller under WebLogic. So I configure the appropriate datasources and authentication realms and try to deploy the application. I killed the server before I got a seizure from the fast scrolling stack-trace. Without boring you with all the details, it took me almost 8 hours to get Roller to work correctly under WebLogic. Having worked with J2EE containers for over 6 years, I know the reality of deploy-anywhere but this is ridiculous. How easy is it to create a web application that works on a bunch of different containers? I could not believe the effort it took to get this simple web application deployed. Take a look at Confluence – Java web application that configures itself and runs on every container out there. And other major issue I have with Roller is the lack of support for any other database platforms besides MySQL, PostgreSQL and HSQL-DB. I love MySQL but I have Oracle running internally on big boxes that are backed up several times a day and actively monitored. But I can’t use Oracle with Roller as it only supports MySQL, PostgreSQL and HSQL-DB out of the box. With technologies like Hibernate, why do we still have applications written in Java that are so database platform bound? My next mission is to get Roller working with Oracle and then document (and blog) the hacks necessary to get Roller working under WebLogic and Oracle.

Another problem with Roller is the lack of community support and plug-ins. Coming from the WordPress side of the house, there is a plug-in for everything including the kitchen sink. Before you can think it, someone has already written a plug-in for it. (I should really look at Pebble and Blojsom)

Moving to the .NET side of house is not a pretty picture either. The blog engine that used to be named .Text is now rebranded as Community Server. The installation is pretty easy and product looks fairly robust. Telligent Systems is the company that’s taken over development of .Text and the new product includes a discussion system, blogging system, and photo gallery system. The same lack of plugins or add-ons exists here and the 3 listed add-ons require a commercial license. Beyond the base blog functionality, there is nothing available.

Roller and Community Server work well once you get them installed. But anything beyond the basic requires custom development and I just feel that is not a good use of my time. To me, blog server software is a commodity and so I want to find something that’s easy to use and has the most features. I know I am developer and I can sit down and write anything I need but my company pays me to add value in a different capacity.

WordPress on the other hand is unbelievable. It’s written in PHP, which I can hack (if I had to) but all the plugins I’ve downloaded simply work. Download a plugin and just drop it in the plugins directory and you’re off and running. The big deficiency for WordPress in my opinion is that it only supports MySQL as a database platform but the value proposition provided by all the functionality is just incredible. I just hope Roller can catch-up as competition is great and really helps drive innovation.

Mailblocks just sucks!

Mailblocks, the first webmail service to offer challenge and response has really gone down the hill. About 2 years, I was humping their service and even blogged about it as I loved their service and offering. The whole idea of challenge-n-response was not the best solution but it did cut almost all my spam and I was willing to put up with the nuisance of having people that email me for the first time to respond to their web-based CAPTCHA. Then comes AOL and buys them out and everything has gone down the hill since that point. AOL bought out Mailblocks to power their free email service that’s being offered are part of AIM and it seems like all the engineering and support people are working on the AOL side of the house, ignoring all the customers that are on the Mailblocks side of the house.

Let’s take this week for an example — Mailblocks has been down most of the day yesterday and they are still down. Can you imagine a 24+ hr outage on your application and the wrath of your users? I can’t wait to cancel my account that I am paying for and move everything over to GMail.