Feb

10

I spent the last two years working for a Very Large Insurance Company, and before that I’ve worked with a number of different sized companies, with various sized development organizations. It’s got me thinking: just how easy is it for a big development shop to be agile? Read more

Nov

4

I’ve gotten into several discussions in the last few months with various people who work at my current client, and a surprising number of them think that continuous integration is a tool. The conversation usually starts when someone says something like “We’d like to be doing continuous integration, but we can’t get the server set up correctly.” It’s a this point that I have to chime in and let them know they don’t understand continuous integration. Read more

Sep

14

Some time ago, I posted an article on how to enable dependency injection with a Spring and Struts application.  In the meantime, I’ve come across an inefficiency in that article, and wanted to update my loyal readers (both of you ;-)

In the previous article, I mentioned that you create Spring beans for each of your actions in the Struts-Config.xml file. Two such beans could look like this:

<bean name=”/login” class=”com.adeptechllc.myapp.view.action.LoginAction”/>

<bean name=”/logout” class=”com.adeptechllc.myapp.view.action.LoginAction”/>

and beans such as this would work fine, except for a subtle point: because we’ve listed two different beans, but the same class, we’d actually get two instances of the LoginAction created.  Since typically we want only a single instance of our actions, this could cause unexpected and difficult to diagnose problems later.

In order to only create a single instance of the LoginAction class, you can use an alias in Spring.  I’ve started creating a single bean for each action, the aliasing the Struts actions to that single instance,  like this:

<bean id=”LoginAction” class=”com.adeptechllc.myapp.view.action.LoginAction”/>

<alias alias=”/login” name=”LoginAction”/>

<alias alias=”/logout” name=”LoginAction”/>

You can also simply provide more than one name or ID directly in the first bean definition, but if you have a lot of URLs directed at a single action handler, I find this easier to manage.

Jul

28

One of my project teams was having a sprint planning meeting earlier this week. They were having a consulting expert working with them this sprint to develop a web service for their use.

“Have you worked with user stories before?” the project manager asked. “We’ll need you to give us a story point estimate for the work you’re going to do for us.”

I chimed in at this point. “Remember, story points are relative estimates of complexity. If our colleagues here are only doing one story for the project, then their story point estimate can’t really be relative to anything else they’re doing for us: they’re not doing anything else.”

This points out one of the things that I think is so tricky about agile projects. If you forget why you’re doing something, or worse yet if you don’t understand why you’re doing something, then you’re likely to do it at the wrong time.  In this case, the project manager did know why we estimated story points for stories, but he’d forgotten the why, and was operating a bit on auto-pilot: the team needed to provide story point estimates for their work, and he’d momentarily lost track of why.

Agile’s lots of common sense things like this, but if you forget what your goal is, and fall back on patterns of behavior, you can do the wrong thing.

Jun

11

In a recent post I talked about ATM skimming devices. It seems from a recent article in Wired that theives have taken ATM fraud to a new high. In Europe machines have been found that have been compromised with modified software, which eliminates the need for card skimmers or cameras.  It requires someone with insider access to install the software on the machine, but it definitely ups the ante quite a bit.

The malware captures account numbers and PINs from the machine’s transaction application and then delivers it to the thief on a receipt printed from the machine in an encrypted format or to a storage device inserted in the card reader. A thief can also instruct the machine to eject whatever cash is inside the machine. A fully loaded ATM can hold up to $600,000.

Where before you stood a chance of spotting a card skimming device on your neighborhood ATM, with this scheme you really have no idea whether the machine has been compromised, since it’s all in software.

The good news is it seems like more recent ATM machines have newer security measures that make the attack ineffective.  On the other hand, how long has your bank had their current ATMs?

[ Original story at Wired ]

Jun

2

RIP, Bookpool

June 2, 2009 | 1 Comment

I picked up a project at work that’s working on an iPhone application, which I’d asked to coach since it sounded fun. I was going to Bookpool.com tonight to look for books on iPhone programming, and the domain is parked!

This came as quite a blow. Bookpool always had good service, and their prices couldn’t be beat. A quick Google came up with a number of threads where others are also grieving the loss of Bookpool.

Here’s hoping they come back, I’d certainly buy from them again! If not, rest in peace friend.

May

10

The New Logo

May 10, 2009 | 1 Comment

Over the weekend, Kelly and I finished up the new logo. It’s her inspiration, with my fine tuning that got us to it, and without further ado, here it is:

berlin-as-logo-ii

There’s another version which I’m also planning on using, but doesn’t work so well when printed out:

glowing-hot

So, what do you think? I like them, personally…

Apr

13

Well, it was nice while it lasted. After McColo was taken off line last year, we saw an amazing 75% decrease in spam, that wonderful unsolicited commercial email.  It was only a matter of time however, before the spammers adapted.

Word out today from Microsoft says that now, 39 out of every 40 email messages is spam.  It’s absolutely dumbfounding.

[via Geeks are Sexy]

Mar

17

The Register has an article on the Payment Card Industry decertifying Heartland Payment Systems and RBS World Pay from their Data Security Standard.  As of now, those two entites that suffered the most recent, and dare one say huge, security breaches, are no longer able to do business with PCI merchants.

I wrote before (The New Computer Hacking Game) that it was a amazing to me that a company could be PCI-DSS certified and have an ongoing breaches as Heartland, and apparently RBS, did.  It seems I’m not alone in being incredulous, as the Reg observes:

The ability of attackers to penetrate both companies while they were in good standing with the PCI guidelines has prompted some to criticize them as little more than a rubber stamp designed to make the public feel more comfortable using credit cards.

It would be nice to have something positive come out of this, other than getting new credit cards where the shinyness hasn’t worn off the numbers yet…

via [The Register]

Feb

26

I found this link to a data center that the Swedes have built in an old nuclear fallout shelter.  Really, it looks like something out of Jurassic park.

Replete with waterfalls, greenhouses, German submarine backup engines, and simulated daylight this facility has the added benefit of being able to withstand an almost direct hit by a hydrogen bomb.

The NOC

The NOC

I want to work here…

[ via HotHardware.com ]

keep looking »

Blogroll

WP Themes