This blog has moved… Saturday, Sep 28 2013 

I have finally updated my website, and I am now hosting this blog myself at:

http://eruditionambush.shaunmccarthy.com

This is what happens when you let banks mark to model… Thursday, Aug 6 2009 

Expect google to fix this soon, but having been working on a lot of financial graphing applications lately, this made me smile:

KBC - Mark to Model

KBC - Mark to Model

http://www.google.com/finance?chdnp=1&chdd=1&chds=1&chdv=1&chvs=Linear&chdeh=0&chdet=1249590663426&chddm=10420&chls=IntervalBasedLine&q=EBR:KBC&ntsp=0

 

 

 

Symantec virus definitions slow websites with javascript significantly Wednesday, Feb 14 2007 

The Skinny:

Anyone who has ever had to develop on a machine with a virus scanner than has “real time protection” knows the pain that it can cause. Have you ever had issues in Visual Studio where files are locked and don’t become unlocked till you restart your environment / iis / your machine? Well, in the majority of cases, it’s thanks to Symantec getting it’s grubby hands all over it.

Now Symantec are making things awkward from the other side – as a valentines day gift, Symantec have decided that they will now try to scan the content of javascript in an html document, with a badly implemented heuristic. This means that if anyone vists your website with Symantec installed, if you have a large chunk of javsacript it will pause for up to a minute while it tries to work out what the javascript is doing! This means a large portion of your client base could be seeing minute long delays as they are using your site.

Slightly more details:

It seems the key is the new statement. If your code has a lot (thousands) of new statements in a single block (e.g. pre loading rollover images / using your own custom objects to preload an array / drop down – typically done when you query a database in programming to populate some items for use by javascript) then Symantec will get it’s knickers in a twist.

e.g.

<script>
imgArr[0] = new Image(“Aniceimage.jpg”);
imgArr[1] = new Image(“anotherimage.jpg”);

imgArr[2000] = new Image(“TheLastImage.gif”);
</script>

To show how ignorant they are, if you break it up into script blocks it works fine.

 e.g.

<script>imgArr[0] = new Image(“Aniceimage.jpg”);</script>
<script>imgArr[1] = new Image(“anotherimage.jpg”);</script>

<script>imgArr[2000] = new Image(“TheLastImage.gif”);</script>

 I’ve filed a complaint with Symantec – lets hope they take it seriously!

Popularity / Security Flaws Law Monday, Oct 2 2006 

I am sure you’ve all heard the constant “Windows is less secure than Linux / Mac” or “Internet Explorer is less secure than Firefox” flamewars going back and forth. These statements may be true – this post is not about them. It’s about what I like to call the Popularity / Security Flaw Law. Simply stated: The more popular a product is, the more likely security flaws will be found in the product.

Simple Reason: Certain types of hackers (I use this word in the hack into systems sense as opposed to hack together code) hack so that they can become “famous”. Whether that fame is amongst a “l33t” group of people who like to replace letters with numbers, or headlining an episode of 60 minutes, it all comes down to recognition. And what better way to be recognised that to infect as many systems as possible. How do you infect as many systems as possible? You target the most popular pieces of software.

Slightly longer reason: Here’s a gross simplification, but simplifications make things easier to explain sometimes – There are two major cultures of hackers out there, the “fame” hacker culture (where people hack to show off / be known / be destructive), and the “information” hacker culture (where people hack to find out information / for the challenge) . They have different heroes – the “fame” people love / envy people like Onel A. de Guzmán, while the information people look to people like Mitnik. Both people like to think they are very intelligent (and in most cases they are). However, the ones the general public / media seem to be most fearful of are the “fame” hackers who could take down entire internet economies / destroy personal computers.

Security is a complicated issue. It’s not just as simple as installing System X instead of System Y. There are a multitude of other issues, such as passwords, social engineering, physical security, user knowledge etc – Security is a process, not a product – just ask Bruce Schneier. However, the one thing that will always drive the “fame” hackers is popularity – they want to infect as many people as possible. The more uneducated users  that they can get to run their exploit, the better (or even educated users – as I am sure there was a few system admins out there that thought that the cute guy/girl from the sales team loved them). Windows and IE have a large neophyte user base – but they are moving (with people installing Firefox on their friend’s machines / recommending Macs to go with their IPods etc), and with it comes a wave of potential exploits.

My Suggesiton – People who lead the direction for Apple, Linux and Firefox should be taking security seriously now. Don’t rest on the “Oh that only happens to Windows users” – otherwise you’ll be stung like Firefox was today (how bad this really is, is yet to show itself). At the moment, I think Microsoft’s marketing agency is taking security the most seriously out of anyone – we’ll have to wait till Vista picks up before we know if the programmers are up to it 🙂

Yes, I love technology – The key to developer productivity Thursday, Jul 13 2006 

One of the things I have learned in leading an IT department, is that developer productivity is directly proportional to the equipment that you give them. So instead of giving your CEO a new Dual – Dual Core machine with SCSI drives, think about who needs that power the most. Apart from the servers, the most expensive machines in our office are in the hands of developers – Dual 20″ wide screens, SCSI 15k drives, 4 gig ram, Extreme Edition Dual Cores, etc etc. Also, they have full control over those machines (no “you need to be an administrator to install this” here)

Why give them faster machines?

  • They need to run services locally (IIS, CMS, SQL Server etc etc) – these hog memory
  • They run all kinds of weird and wonderful applications
  • They need to compile large amounts of code, and fast
  • The quicker they can test a piece of code, the quicker they can fix it
  • If their machines are still responsive while performing a complex query, they can still do other things, as opposed to twiddling their thumbs. If that happens to be reading www.reddit.com or www.digg.com all the better – keeping up with technology is what makes being a developer fun
  • They won’t get frustrated, leading them to leaving the “zone” / disrupting their “flow”
  • Occasionally, for fun, they play games – let them. It’s great for teamwork and communication. In fact, pretty much everyone here has Nintendo DS lites and we challenge each other during lunch time.

The key, to keeping costs down, is to get them desktop machines instead of laptops. Desktops? That’s so 90’s I hear you cry. But desktops provide a lot of good things:

  • You can leave them on all the time
  • They are much cheaper 
  • They are easy to backup (centralized)
  • They won’t be dropped
  • They won’t be stolen
  • They won’t be lost

What about working from home? Well, most developers have their own machines at home, and for the ones that don’t, we have a few loaner laptops. Instead of getting people to develop on their own machines / laptops, we get them to terminal into their machines at work (GoToMyPC / VPN & Terminal Services). This way they have all the files they need, and the performance on their desktop machines.

I also strongly recommend putting your dev machines on their own GB network, so that interacting with source control / other services is extremely fast.

If your developers are not complaining about going home to their slow machines, then I strongly advise getting them faster machines now!

Blindness Tuesday, Jul 4 2006 

Just finished Blindess, by Jose Saramago. Wow. What a intruiging idea, and brilliant writing style! Some quotes:

  • I have no words to thank you, and the other replied, Now then, don’t give it another through, today it’s your turn, tomorrow it will be mine, we never know what might lie in store for us (page 3)
  • Yes, that was me, the boy’s reply came out with the resentful tone of someone who preferes people not to mention his physical defect, and with good reason, for such defects, these as much as any others, are no sooner mentioned than they pass from being barely perceptible to being all to obvious (page 40)
  • If, before every action, we were to being by weighing up the consequences, thinking about them in earnest, first the immediate consequences, then the probable, then the possible, then the imaginable ones, we should never move beyong the point where our first thought brought us to a halt. The good and the evil resulting from our words and deeds goes on apportioning themselves, one assumes in a reasonably uniform and balanced way, throughout all the days to follow, including those endless days, when we shall not be here to find out, to congratulate ourselves or ask for pardon, indeed there are those who claim that this is the much-talked-of immortality (page 71)
  • We failed to put up resistance as should have done when they first came making demands, Of course, we were afraid and fear isn’t always a wise counsellor (page 174)
  • As human history has shown, it is not unusual for good to come of eveil, less is said about the evil that can come out of good, such are the contradictions of this world of ours (page 191)
  • The young adapt quickly, they have their whole life ahead of them (page 230)
  • She could find no reply, replies do not always come when needed, and if often happens that the only possible reply is to wait for them (page 234)
  • Inside us there is something with no name, that something is what we are (page 248)
  • Words are like that, they deceive, they pile up, it seems they do not know where to go, and, suddenly, because of two or three or four that suddenly come out, simple in themselves, a personal pronoun, an adverb, a verb, an adjective, we have the excitement of seeing them coming irresistibly to the surface through the skin and the eyes and upsetting the composure of our feelings, sometimes the nerves that cannot bear it any longer, they put with a great deal, they put up with everything, it was as if they were wearing armour, we might say (page 252)
  • Despite the freedom of movement enjoyed by dogs in recent months, all of them had genetically programmed into their brains the prohibition which once, long ago, fell on the species, that on entering churches, probably because of that other genetic code which obliges them to mark their territory whereever they go (page 282)

 But none of these quotes do the book justice – it’s the plot that really made it an interesting read for me. Could have done with out some chapters though (very disturbing) :/

 I also gained a few survival tips such as:

  • You can collect rainwater in pots etc
  • Toilet Cistern has water
  • Have a pair of gumboots for travel
  • Out in the country there will always be domestic / wild animals to feed off