Smalltalk Tidbits, Industry Rants

While reading this post from Sam Gentile, all I could think was this - the type system is just standing in the way of productivity:

This is freaky stuff-) I have been doing some experimenting while putting together my Adavanced COM Interop talk for VSLive! today. Of course it can't be possible for the Type Library Exporter to export a Generic Type to a COM type since there is no concrete type. It doesn't make sense. I wanted to see what happens anyhow in ILDASM. What about if I use a Generic Interface and then instantiate a class implementing the generic interface with a concrete type such as double? That should export and it does. BTW, I am using the evil ClassInterface.AutoDual instead of the correct way to export with the ClassInterface.None as it doesn't export with the interface. It looks like the Type Library Exporter is doing the right thing. It skips the generic interface and keeps going as there could be (and are) other types.

Go read the whole thing, and see what kind of unnatural acts the type system of COM can lead you into...

Dave Anderson of Genify reports on Smalltalk MT use in the simulation industry:

I just came back from boothing at I/ITSEC 2004 (the inter-industry training, simulation and educations conference). This is THE event for the sim community (especially military).

I am happy to report that Smalltalk MT was embedded in several applications showing at the conference. Here are some examples:

1. A collaborative multi-player virtual environment showed off MTs ability to perform fast network requirements.
2. A LIDAR analysis program showed off MTs ability to utilize DirectX 9 and a GPU to do huge amounts of feature extraction analysis from a LIDAR image.
3. Military symbols were being shown in other vendors applications by MT. This is using MTs ability to use SVG (scalable vector graphics) and GDI+.

So while we may not be building whole applications with MT (apart from the development environment of course), we are demonstrating that Smalltalk can be used for what it is very good at - MetaData representation. This content can then be delivered in the form of a DLL or a COM component to other applications (including other Smalltalks).

So next time you see a GIS application, or military application it may be Smalltalk MT inside :-)

If you want to read your GMail in your aggregator, have a look here at Google's support page for that - Bf is their only recommendation for Linux.

Update: Apparently, you need a GMail account to see that page...

I'm trying to reconcile the two halves of this paragraph from this post by Gregg Graham

When I discovered Smalltalk and Java in the mid 90's, I began to be turned off by the complexity of C++. However, I've come to terms with it, realizing that no other popular computer language combines the efficiency and expressive power of C++. The fact remains that it's a difficult language, in which it's easy to create a big mess. Reading and applying Meyers' book is a good safeguard against such messes.

As to efficiency, if you want to write your own garbage collector, sure. As to expressive power... compared to Smalltalk or Lisp? Huh?

More from the inventive spam title saga - I just got something titled Pliable and Soluble. Do I really want that?

The knocks against IE keep coming: Linux Today reports that Penn State is advising their students (80,000 of them) to use something other than IE for browsing. I suspect that this will reach what Malcolm Gladwell calls a Tipping Point relatively soon - and MS seems mostly oblivious to the problem.

I missed this cls announcement a little over a week ago - Michel Bany, one of our consultants in Europe has been keeping the VW release of Seaside up to date:

I just published Seaside 2.5b5 for VW on the public repository. It is based upon Seaside2.5b5-avi.9.mcz 27-Oct-2004 17:15, i.e. the very latest version of 2.5b5.

This port includes a new feature : the ability to run behind multiple front-end servers with multiple different url naming structures.

Bundle to load :

• SeasideForWebToolkit
• SeasideForSwazoo.

Blaine Buxton points to Andres Valloud's blog. I met Andres a few years ago in California - he can speak his mind, as you'll see on that blog. Now all he needs is a feed...

Update: As noted in the comments (and in an email Andres sent me), the feed is here

It seems that my spam filtering code for this blog server had a small hole in it - and sure enough, someone exploited it this afternoon. I patched it as some moron was trying to comment spam various blogs; he hit two, and was trying the third when I updated the spam detection code to plug the hole. A bunch of attempted spam comments dropped into the spam trap folder. I repaired the other posts, and now things are back to normal. Yet another reason that I love being able to hot patch a server...

I've noticed that the wiki spam (on the CST and VW wikis) is consistent:

• The same set of pages gets hit over and over again
• All the spam is being entered manually (at least, it looks that way based on the patterns)

Based on that, I have to assume that someone has outsourced spamming to cheap offshore typists of low moral character. Yay.

That shouting against the forces of progress you hear is the MPAA, with more initimidation lawsuits lined up - BoingBoing has the details. Bottom line - if you run a BitTorrent server, it looks like they'll presume you guilty on the spot. In the warped universe inhabited by the stunted minds of the MPAA, technology is just bad

Bob Congdon points to some punny beer...

With the release of CST fall edition, we are in a pause mode before we really get started on the next release. We have a planning meeting set for January, where we'll hash out what the priorities are for the next release (and for the next few cycles in general). This isn't completely up in the air; see our roadmap for a broad sense of our direction. Still, this is a great time to give us feedback. We got a lot of that in Frankfurt, and we would like more - please visit the survey page, and send me your ideas

Ben Hammersley's post about the upswing in blog comment spam demonstrates something - security has more to do with the size of the ecosystem than with anything else. Why is Windows such a huge target? Because there are so many Windows systems available - anything that hits a vulnerable system has a lot of potential new places to spread. Posit a nasty Mac worm, for instance - as it tries to propagate out, what are most of the systems it tries to hit going to be? Windows boxes. Now look at the various infection rates for Windows worms, virii, and trojans... it's not a huge surprise. Sure, MS has culpability here - but even if they had been trying hard since the release of Win98, Windows would still be the major target.

You are now seeing the same thing in the blogosphere. The popular blog servers are getting hammered, while I've gotten in the low dozens of comment spams. Until 2 weeks ago, I wasn't even trying to filter it out - it just wasn't a problem. Why? It's not due to my entry forms being more secure, it's due to their being rare - only a handful of blogs use my server, so the ecosystem isn't big enough to support bots. The ecosystem for things like Blogger, MT (etc) is big enough - and that's why there's an accelerating "arms race" of spam bots and spam blockers out there - and why you see lots of bloggers throwing their hands up and turning comments off.

I don't have a solution, other than suggesting that you take "the road less traveled" in selecting blog server software. The trouble is, that mostly requires a level of technical literacy beyond the reach and/or interest of the vast majority of people.

The extended edition of Return of the King is out today! Off to the video store!

Sriram Krishnan likes MSN search better than Google's tool for that - for one, he likes the client side interface. I can buy that; Google's search works for me, but I can see where he's coming from. On the browser choice though?

Some people have been complaining about MSN imposing IE on them. I really don't understand their logic - do you complain when Windows Explorer uses IE? MSN desktop search uses IE in almost the same way that Windows Explorer does. In fact,when I used Spy++ on the results, I saw good old SysListView32. Frankly, seeing desktop search results in a browser window is something that Google hopes will catch on - but which I very much doubt.

Sriram - some of us have cut off IE completely. Heck, I avoid my company's VPN services because the intranet requires IE - I sure as heck am not going to abide a desktop search tool that wants it. When MS learns to spell security - and tabbed browsing - get back to me. And no, SP2 isn't the answer...

Well, where to begin? The scene at Orthanc makes a lot more sense with Saruman back in. Of course, without the Scouring of the Shire it runs differently than the book - but as I thought when I first read about that, I realized that the scouring would seem very anti-climactic on screen. The wrapup with Saruman should have been in the original - it worked very well. Heck, his "brigands and dogs" speech to Theoden makes Theoden's later admission to Eowyn - that it was not him that saved the day at Helm's Deep also makes more sense. There's even a small shot of Pippin being distracted by the Palantir as he and Merry dance on the table - his obsession is fleshed out much better.

As with Two Towers extended, Eowyn's love for Aragorn is played out more as well - and they flesh out her healing and bonding to Faramir. At some points, I felt like the extended Two Towers was cobbled together - it didn't "fit" as well as the extended Fellowship did. This extended edition really meshes well - it looks like Jackson took his time and did a great job. It's a lot of small things - there are little characterization bits tossed in throughout - including more of the competition between Legolas and Gimli that was spread through the books.

Watching Gimli on the Paths of the Dead is worth the price of the CD all by itself - the added scenes in this section are really well done, and seem to be core, not added. It was a nice touch the way Legolas recited the prophecy about the paths of the dead - and how they relate to Aragorn. The wrap to that set of scenes explains how they got to the ships as well - although fans of the books already understood that bit. It's kind of cool the way Peter Jackson is the first pirate to die :)

One very nice touch - as Denethor Walks to the tombs with Faramir, Pippin looks on - and we can see a single white flower on the White Tree (again, a difference from the bok - but a nice touch with Denethor proclaiming that hope is dead. While I'm here, can I say how much I love the arrival of the Rohirrim? Theoden's speech, the music, the charge itself? It's the most uplifting part of the entire film. The battle scene with Eowyn, Merry, and Theoden runs a bit different as well - it all fits together better.

There's a nice addition after the council where they decide to march on Mordor - Aragorn takes up the Palantir to announce himself to Sauron. That's something I missed from the books. And Frodo and Sam's forced march with the orcs - the scene timing here works a lot better.

The "Mouth of Sauron" played differently as well - I think I would have preferred the way it went in the book. The form of confrontation there was more subtle, but also more satisfying, I think.

So in summary? Very good, better than the other two extended dvd's. The timing of events is better, and it "feels" more complete. Well worth the price.

In a couple of hours, I'm doing a virtual sales call via WebEx - some of our people are making a prospecting call, and they wanted me to present Cincom Smalltalk - without actually hopping on a plane. I've done WebEx presentations before, but not for this kind of audience - should be interesting. Of course, I had to have a near panic inducing moment before this - when I got into my office, coffee mug in hand, my Windows box was off the net. The Linux box was on, so the connection was ok - apparently, there had been a short outage overnight. I had to pull the WiFi card and then re-insert it before Windows would believe that there was connectivity (never mind the fact that the taskbar icon showed one). Crisis averted, thankfully.

ArcterJournal explains how the various wizard controls for things like IIS aren't as helpful as you might think - sometimes, all you need is a small hammer:

The thing that probably pissed me off more than anything was the complete lack of some simple tools to help me make it work. The lack of a decent command line, or decent tools to help with debugging in windows pisses me off horribly. All I wanted was to "tail -f logfile" in a terminal the width of my screen so I could see the debug information flowing through. Nope. The file was big (and undeletable because IIS had it open of course, thanks for that great filesystem Microsoft, maybe WinFS will fix this?) so doing a 'type logfile' was a huge pain (especially through a VNC connection), notepad didn't deal with some of the CR/LFs properly, and wordpad isn't in the default command line path, all culminating in me getting really pissed off that such a simple task as watching the contents of a logfile should be so hard. Cygwin or other additional apps? Remember, live client machine, not the place to start randomly installing software. Oh, and don't get me started on the so called "Event viewer" or the stupidities of IIS itself.

I have no idea how I'd manage this server remotely with Windows tools. As it is, all I need is ssh and a shell...

Ian Bicking hits on one of the intangible benefits of dynamic languages:

Back to reliability: one way to decrease bugs is testing, but another way is to decrease the amount of code. Code deleted is code debugged. Static typing can decrease the number of bugs, but decreasing the amount of code is a much, much more effective way to decrease bugs. If you can have both -- short code and static typing -- then more power to you. I just haven't seen it myself.

Whenever I read about some of the larger blog server systems, I'm absolutely stunned by the amount of code involved - the core of this server is 21 classes - plus 4 for generating the syndication feeds, and another 24 for the various servlets running (it's one class per servlet - you can do that differently, but I didn't). Less than 50 classes for a fairly full function blog server. And yes, having less code makes it far, far easier to manage.

Learning Seaside points out that Anton van Straaten gave a presentation on Continuations at the Lightweight Languages 2004 Conference.

The spammers are still at it - the wiki was hit again overnight (now repaired). The filtering for the blog server seems to be working - it caught another couple of attempts at spamming. The fascinating thing is what the spammer tried to hit - a post on Troy's blog from October 1. The last batch of spam attempts tried to slag posts that still showed up in the RSS feed; now it seems that these bozos are using some other methodology (probably Google keyword ranking). It's like an arms race.

The Fall Release of Cincom Smalltalk is out - we went live on shipments today. That means that customers should start receiving the CD's before the New Year. What's new? Follow this link for the details. What about the NC release? I'll have the new NC available for download within a few days

Sci Fi Wire reports that Farscape's Ben Browder will be joining the SG-1 cast. That's fine - so long as they don't let him near the scripts...

Gary King points to a paper on the early history of Smalltalk (PDF) by Alan Kay. Check it out

Bill Clementson makes a few points about Lisp and Domain Specific Languages - what he says all applies to Smalltalk as well. The number of libraries available don't paint the entire picture. For instance - I've had to code support for things like Http Digest myself in BottomFeeder. I'm sure that there are extant Java libs that do that already. Did I waste my time? See if you can find an RSS/Atom aggregator with as much functionality as BottomFeeder has written in Java... I think you'll have your answer.

Gordon Weakliem ponders whether you need to support cookies in an aggregator. I started supporting that a long time ago in BottomFeeder - as Gordon mentions, LiveJournal used to use cookies. Once I added the support, there was no reason to take it out. The positive thing is that the cookie support is now just a part of the NetResources library in the public store - which means that anyone can take advantage of that support.

Well, at least this air traveler did :) CNet reports that internet access is coming to the cabin - probably a couple of years out still, but on the way.

This is just fascinating. For awhile (up to about 2 months ago), I was getting new referer spam on the blog every day. I built up a rejects list - a simple text match against a file. That seemed to put a stop to that. Recently, I had a bunch of attempted comment spam (nothing like what some people are seeing - read this, for instance) - but my simple minded filter stopped that nonsense easily enough (with my non-mainstream server helping out a whole lot as well). Then today, a whole ton of referer spam again. The screwiest thing was that none of the urls actually resolved - is this pre-emptive spamming for domains that might exist someday soon? It's really weird...

I'm attending the second meeting of the reorganized Maryland Agile/XP group - it's actually feasible for me to attend meetings that are held here in Columbia, MD. I'm marginally familiar with FIT - I've looked at the port that's been done for VW. It's a small group - 9 people including myself. So anyway - we have David Chelimsky from ObjectMentor presenting FitNesse.

Where did the name come from? First off - it's not a coverage tool. The problem with FIT had been that it could be difficult to set up - command line, hard to use - especially since the end users of it are supposed to be acceptance testers. FitNesse is supposed to be FIT with Finesse - a way to make the tool easier to use for the target audience.

• Unit tests - for the developer, not for the user community
• End users need to be able to specify (and test) their requirements

A common way to set these tests up is in a spreadsheet. What FIT does is set these things up in HTML tables. The idea is to set it up in a way that the business user will easily comprehend. So the end user makes assertions (enters data), and the back end reads, tests, and displays feedback. What's the problem? No one likes writing HTML. FitNesse makes that easier by using Wiki style markup. The developer needs to write adapters that push between the html tables and the back end application. (Small aside - this is easier in Smalltalk, since that back end application is live - like any other Smalltalk app).

In general, Fitnesse is a wiki and acceptance test server. To create tests, you create new Fixtures - fixtures are a test construct. Heh - immediately, the demo ran into a compile time issue with Java. Meanwhile, I've picked up the Fit image I last looked at in January and am mucking about with it. Ahh, Smalltalk. What would be cool would be a FitNesse port over to WikiWorks or SmallWiki - what I've got is all based on a simple servlet (i.e., a lot less user friendly than a Wiki).

So - back to the demo. The idea of FIT is that end users can specify tests with expected inputs and outputs. With the data specified in HTML tables, the inputs and (expected) outputs are easy to see, and easy enough to capture on the back end. I have no easy way to get a screen shot of what's up on the screen (and the Fitnesse server he's running looks quite nice).

I really need to spend some time making this work with WikiWorks, so that I can slap examples up on the Wiki. What about implementations? There's Java, Python, Smalltalk, Ruby, .NET. So, more on FitNesse - there are RowFixture objects as well as the ColumnFixture ones (the tables, above). This allows you to specify a collection of data that should all satisfy some condition (i.e., a #select: in Smalltalk). Or for that matter, any operation on a collection of datums.

What's the value of all this? You can talk to end users without having to delve into the code level with SUnit - you can remain up at the business level - which is the appropriate level for acceptance testing. I guess my only question is at the Wiki user level - my experience - even with highly technical users in the audience - is that a small subset of your audience will actually edit content. I'd have to see it in action with actual business users to form a final judgement though- maybe business users who feel comfortable dealing with spreadsheets would be ok with it. David's experience is that business users don't interact with it that much - but system testers (from the Q/A group) do.

The audience discussion was interesting as well - focusing on the difficulty of bringing agile methods into a shop. The consensus seems to be that the hardest thing is to convince your developers - management is actually a lesser problem. From there, it went into a discussion on open source and licensing. I love a good argument :)

Ian Bicking makes a good point about ofshoring that needs to be made:

I don't mean to insult Indian programmers -- certainly there are Indian programmers who are just as good as a good programmer in the U.S.: able to communicate well, able to work independently, able to intelligently judge tradeoffs, etc. But those aren't the cheap Indian programmers. This isn't about nation of origin. Outsourcing is about turning programmers into a commodity, and you can only make a commodity out of something where quality isn't an issue. In the case of programming, that means you must expect the lowest common denominator of quality given the constraints. Because shitty code is always shitty (even in Java) the constraints for outsourcing typically include heavy-weight methodologies and a high degree of formality.

You get what you pay for.

Christopher Petrilli is not impressed with Solaris on x86:

Yup, one of the single most popular gigabit ethernet chips ever released is not supported. Sun supports, in total, 12 network adapters, and once you filter out the duplicate chipsets and such, it's more like 10. Ten. Ten. Last I checked, FreeBSD supported about 100+, and Linux a comparable number.

Do these people really think they'll displace anyone in the x86 world? Crapy install process, filled with confusing questions and useless prompts, only to get to a fully installed system to find out that in fact your HW isn't supported. That's a fine bit of code for you.

Maybe there's something amazing inside Solaris 10, but I'll never know since I won't fork over stupid amounts of money for a Sun box. And please don't point me at the Sun Blade 100, as I've had one, it's insulting slow. 386/33 running BSDI slow. For $1k, I expect at least passable.

So long, farewell, don't let the door hit your ass on the way out.

Kind of puts this in perspective, doesn't it?.

Update: Andrew Binstock of SD Times makes some good points about Solaris vis-a-vis Linux, but - and this is critical - the negatives that Christopher outlined above are of far greater importance. If you can't get the system installed, or once it's installed it can't see the network - it's useless

The RSS perma-thread on resource consumption now has its very own blog.

Just how bad is the spam problem for blogs getting? Have a look at this post from one of the MT folks. It seems that some MT sites are getting bogged due to attempted spamming - the cpu load of detecting spam is becoming a problem all by itself. It sounds like they have a handle on the problem, and have some fixes coming - but it's not their fault. This just gets uglier and uglier

I had been completely bored by ipv6 until I read this InfoWorld piece:

Recently, cows in Gifu prefecture were tagged with tiny networked devices to wirelessly track their movements and body temperatures for health and breeding purposes. And in Nagoya City, taxis were fitted with Internet-enabled sensors on their windshield wipers, allowing dispatchers to continuously monitor rainfall via wiper speed and to dispatch more cabs to the wetter neighborhoods.

There's a whole class of new presence applications right there.

Today is just a great day for a power outage - it's a nice balmy 20 something outside, and bam - off it went. At least my battery backup gave me time to do a proper shutdown of the Linux server. I was wondering what the funny clicking sound was - apparently, the power flow was getting all wonky just before it went down. It would really, really suck to have a cold house and lose all the stuff in the freezer... Only down for about 90 minutes, so I guess the freezer is ok. I suppose cleaning up my office has some value...

We released CST Fall 2004 edition earlier this week - now the non-commercial is ready to be downloaded. Point your browsers at our download page and grab it. If you've already registered, just login here. Enjoy!

Runar Jordahl has some biting commentary on the MS purchase of an anti-spyware company

I noticed earlier today that the comment spammers seemed to be concentrating on older posts (the theory being that I wouldn't notice, I guess). The upshot is this - comments will be rejected for any post older than 4 days. There was someone trying to comment on this item that got slapped by that; it's another case where the a**holes have ruined it for the whole class :(

Martin Fowler brings up the problem of using metaphors to describe software development - his point applies to any metaphor though - you can only bulld metaphorical bridges so far before they end up over open water:

As regular readers of my work may know, I'm very suspicious of using metaphors of other professions to reason about software development. In particular, I believe the engineering metaphor has done our profession damage - in that it has encouraged the notion of separating design from construction.

As I was hanging around our London office, this issue came up in the context of Lean Manufacturing, a metaphor that's used quite often in agile circles - particularly by the Poppendiecks. If I don't like metaphoric reasoning from civil engineering, do I like it more from lean manufacturing?

I think the same dangers apply, but it all comes down to how you use the metaphor. Comparing to another activity is useful if it helps you formulate questions, it's dangerous when you use it to justify answers.

So as an example - one of the principles of lean manufacturing is the elimination of inventory. This leads to the question of whether there is an analogous item to inventory in software development.

As soon as I read that, I realized that I had heard the term inventory applied to software development before - I finally realized that it was in Scott Ambler's talk at XP Brazil a couple of years back:

Metaphor from this morning - the data (dba) community is packing for Antarctica. Unfortunately, the rest of us are traveling in the desert or the jungle

Scott used that in describing what kinds of things you put in a backpack - depending on what kind of hike you are planning to take. So going back to Martin's question - is that a useful metaphor? Well, it does make you ask questions along the lines of will we need it? In that sense, I guess it's useful. The difficulty is, the answer to that question is going to differ based on who you ask. Like anything else, whether you need a given thing (up front documentation being Martin's example) is going to be a matter of opinion. Software development is still a field where you need to apply consensus rules a lot.

Ian Bicking makes some points about why Lisp (and by extension, other niche languages) don't always make it in the market:

Lisp makes good programmers really productive, more than they could be in another language. Paul Graham talks about this in Beating the Averages. He made great software and sold it for a bundle to Yahoo. But now it's been reimplemented in C++_. Why, oh why?

It's easy to blame stupid people for this sort of thing, except that it keeps happening over and over. Metaprogramming is powerful, and was central to Viaweb (20-25% of the code, according to Graham). I think this is an example of Common Lisp's fatal flaw (and since Common Lisp is the standard bearer for all Lisps, it is Lisp's fatal flaw).

Some of what Ian points out is true - metaprogramming is hard, and making developers confront it is often times a problem. However, I really, really doubt that it had a lot to do with Yahoo re-implementing in C++. I'd warrant that 90% of that decision was based on fear. Fear that:

• He wouldn't be able to find Lisp developers
• The Lisp developers he found would be more expensive

There's also tons of weak thinking going on in that kind of management decision - the concept of training a developer never seems to cross management's mind in these situations. The theory seems to be "well, training our developers in blah would be expensive (in which case, it never made any sense at all to move to Java or C# - or even C back in the day).

Managers make development decisions in much the same way that people approach lines - they engage in herd behavior. Ever notice how people tend to cluster at tollbooth lines on the highway? It's the same thinking that drives the decision to use (insert fad language of the moment here). It's a relatively rare individual who can really make a break from herd thinking and take the road less traveled.

The way I like to describe this is as follows: If you decide to go with the same tools and technology as everyone else, you make sure that you won't fail any worse than they do. However, you also ensure that you won't succeed any better. Mitigating the risk of failure is enough for most people - risking something "unknown" for a chance at better success sounds too risky - which is likely why Yahoo reimplemented the Lisp system in C++ - if pushed the system into that manager's comfort zone.

Ted Neward points out that security issues are not only a Microsoft problem:

Microsoft isn't as much the hotbed of vulnerabilities as you might think; yes, they have their fair share, but the key words there are "fair share", not "lion's share" or "biggest burden" or "crappy software". What makes their vulnerabilities so dangerous is the ubiquity of their software, not the quantity of the vulnerabilities themselves.

Of course, the number of security issues that affect MS software don't tell the whole story - as Ted points out above, and as I pointed out here, the ecosystem of the internet makes any MS vulnerability orders of magnitude worse than an equivalent problem for Apple, Sun (etc). In this sense, MS is a victim of their own success - and as a result, they have to just suck it up. Unlike Ted (read his whole post), I don't think SP2 really qualifies as sucking it up though...

We released Cincom Smalltalk Fall, 2004 a few days ago - and orders will start going out before the end of the year - December 20th is when the actual orders will go out here in the US (possibly earlier for our overseas offices). You should receive the new CD's before the New Year.

This post about a catastrophic data loss with NetNewsWire makes something very clear to me - backups are important. I know that people have lost data with BottomFeeder. I try to be careful about user data, but bad stuff does, unfortunately, happen. Here's what you need to backup from Bf - the contents of the btfSave directory. That's where all application data resides, so if you back that up, you should be able to get right back to the saved state easily.

I accidentally turned comments off earlier today; it should be back to normal now. This only affected people who comment via the html page; if you use an aggregator (and thus, the CommentAPI), it was never an issue.

Update: Comments actually work again now. It's a bad thing to forget the false half of a true/false test :)

There's a Smalltalk Meetup in January - January 20th to be specific. I'll be attending - and handoing out Cincom Smalltalk non-commercial CD's. Here are the details:

Starbuck's Coffee (Chinatown)
800 7th St., NW
Washington, DC 20001
(202) 289-1576
Map

See you there!

In a comment on this post:

We all know that changing language is both risky and expensive. Imagine you are on your current, albeit non-optimum, path of progress -- up and to the right, but not as fast as you would like. Now look at switching to Smalltalk (or Lisp, or...). First you must stop your "up" progress while you learn. You are now behind where you would have been. You hope the Smalltalk (or...) vector is more "up" than your previous, but of course you do not know how much more -- just lots of opinions from various people you do not know (and therefore trust). At sometime in the future -- is this 3 months or is it 12 months? -- you finally catch up to where you would have been had you not stopped to learn. Only now do you begin to reap the benefits.

That's not at all the scenario I sketched, and not at all the place Yahoo was in. I would almost never advise a technology migration (there are exceptions for completely out of date/out of business solutions). In the case I brought up, Yahoo had a working system in Lisp, and migrated it to C++ because some thundering moron decided that it would be too hard to find/train Lisp developers. So instead, he spent huge sums of cash to build a less functional version of what he had to start with - most likely with a bigger team. You know what that's called? Stupidity, plain and simple.

Sure, if you have an existing system, it makes very little sense to migrate it. Which is why all the frenzied "rewrite it Java" activity of the last 7 years has been so utterly asinine...

This quote comes from an amusing source - it's a spam referral thing, but - oddly enough - it makes a point worth commenting on. I'm not going to link to it, since that will only encourage this kind of abuse, but - I've seen this argument before:

Some people argue that static methods are not object-oriented since they do have the semantics of a global function; with a static method you don't send a message to an object, since there's no this. This is probably a fair argument, and if you find yourself using a lot of static methods you should probably rethink your strategy. However, statics are pragmatic and there are times when you genuinely need them, so whether or not they are "proper OOP" should be left to the theoreticians. Indeed, even Smalltalk has the equivalent in its "class methods."

Nope. Smalltalk classes are actual objects, like everything else in the system. Class methods are actually instance methods - of the class. The class is simple the sole instance of its meta-class. As such, when I create Bar as a subclass of Foo, all the class methods are inherited. Want an example of this? Go find the inherited implementation of new - it's not, in fact, a class method in Object - rather, it's an instance method in Behavior...

I think this qualifies as a major oops...

Microsoft this week quietly fixed a security weakness in the configuration of the built-in firewall component of Windows XP. The firewall - turned on by default by XP Service Pack 2 (SP2) - can leave files open across the whole net if users choose to enable file and printer sharing, it transpires. Such access should be restricted across a local network but Microsoft has implemented the feature in such a way that, for users of some dial-up ISPs, a local sub-net becomes the whole internet. Microsoft first informed users of this back in September but it has taken five months for it to release a fix.

Doc Searls doesn't like some of the surreptitious marketing that's going on:

Several people have asked me what I think about BuzzAgent, so here's my joint answer to all of them: It sucks. Where Marqui is up front about what it's doing, and engaging bloggers in conversation (as well as promotion), BuzzAgent and its clients are being surreptitious and false, and spreading a virus of falsity through its agents. Mass market advertising has always been impersonal, and often (okay, almost always) fake. BuzzAgent's system allows advertisers to be no less fake, but in person, face to face. Even if the agents really do love the products they shill, their love is bought. Worse, it comes cheap.

To these kinds of marketers, "markets are conversations" means "delivering messages" through talk. What they miss is that the next stage beyond conversation is relationship. And that relationship isn't just with a "brand." To have real value, the relationsihp needs to be with the people behind that brand. And that relationship takes place in the public marketplace.

I fail to see the harm. People become unpaid advocates of products all the time; these people are simply moving one step up from that. Go see a movie; those products you see the characters using are all part of product placement - which is pretty much the same thing. Hang around a bunch of developers sometime and listen to the Java advocates arguing with the C+ developers, or with the Smalltalk developers. Are those people cheap shills too? Or are they somehow purer due to the fact that no one is rewarding them for their love of a particular product?

If this is true:

The Al Fresco campaign is over -- having notably boosted sales, by 100 percent in some stores -- but she is still spreading word of mouth about a variety of other products, and revealing her identity, she said, would undermine her effectiveness as an agent.

Then you better get used to it - because any campaign that works is one you'll see more of.

In an interesting post on a customer visit, Jonathan Schwartz has this exchange on RedHat, Linux, and lock in:

And then I asked about IBM. And apparently they'd just been with OSDL, who'd evangelized that with open source, there was no lock in. When I pointed out that OSDL was led by a 17-year IBM veteran who should know better, the CIO started laughing as if I was joking. So I suggested they read the OSDL website , and revisit some software basics. IBM told him they couldn't get locked in with linux. And I said, "nice vision, but Red Hat has you locked already." The CIO shrugged, "nah, it's open source." My response, "Have you tried replacing what you're deploying?" He asked his lieutenant, who said "we can't get vendors to qualify to any distribution other than Red Hat. We don't have a choice. He's right." IBM, up to its old tricks again.

That's increasingly the case in the Java app server world (which is fascinating all by itself - isn't Java supposed to be x-platform?). Oddly, the biggest issues we have with Linux is on Red Hat itself. We've had library issues, and recently we've had problems reported on Fedora Core3. We've had nothing similar reported on other Linux distros. It would be interesting to know whether it's ineptness on their part, or part of a plan.

Mark Bernstein talks about the flap that came up recently over data loss - have a look here, but be prepared for a huge rant and set of counter-rants. The bottom line is that this person lost an impressive amount of data, and was upset about it. As Mark points out,

• All Software has bugs
• This was beta software with warnings

That's not the point that I really want to get to though. Take a look at Mark's last paragraph:

Software pricing is out of whack. In the instance, an influential professional was using free 30-day trials to select a professional tool she used extensively every day, a tool that was close to the center of her worklife. How much would the successful vendor receive for winning the competition? $24.95. This is absurd.

This is a general problem in the software field right now. People expect tools to be either free or cheap. Ponder for yourself what it takes to pay a few developers - plus the hardware and software (and office space) that they need to work. Now factor in the potential size of their market - and consider how many copies they would have to sell at $24.95 to even come close to the break even point. Now, if that software is mission critical....

I've had BottomFeeder copying the current data files to a backup directory - so as to preserve a "known good" rev of the data before startup for awhile now. yesterday, I took a look at that code and realized that the code was making an invalid check - and thus could possibly overwrite a good backup with a blown save file. That's not good. So, I took a look at the startup sequence, had the typical who wrote this crap? Oh yeah, that would be me kind of reaction, and fixed it. The dev update has a much cleaner startup now, and it'll attempt to read the backup date if the normal save file is blown - and won't, in fact, overwrite the backup data in that circumstance. Should be cleaner and safer (although you should still backup the data yourself as well).

I've done some more fine tuning of the comment policy. If you look at the blogs here, you'll find that there are 2 policies at work for displaying posts:

• Display all posts from the last N days
• Display the last N posts

I use the first policy for blogs - like mine - that get posted to on a regular, daily basis. I use the second policy for blogs that don't see the same level of activity. As it happens, that policy affects comments. For my blog, a comment on a post from October is not really relevant - that post has long since scrolled off the page and into the archives, and I just have comments disabled for it. For the blogs with less frequent posts, it makes sense for comments to be enabled for any post that is on the main page - which is how it now works. In general, comments are disabled for posts that have walked off the current main page.

I'm getting the distinct impression that the law arms of big firms have with the sales and marketing groups. I posted awhile back on this headache that Sun's lawyers were giving Ted Neward; now I read where MS' lawyers have been hassling MacSlash. In Ted's case, the marketing folks were properly horrified once they found out, and it looks like Scoble caught wind of MS' lawyer mess.

This points to a fundamental problem in the field though - legal departments are off chasing trademark, copyright (etc) problems down without regards to business issues. In the process, they are giving black eyes to their firms. Sounds to me like it's time for the marketing departments to start exercising oversight...

I noticed something interesting about the wiki spamming (of the VW Wiki at uiuc and of the CST Wiki - it takes place Monday through Friday. During evening hours (to me, on the US east coast). This leads me to believe that the spamming of these Wikis isn't random - it's actually part of someone's job. Unbelievable.

I added two new settings to BottomFeeder today:

• A setting that adds a variable delay between http updates during the update loop. It slows the update cycle down, but should reduce the cpu load during the update cycle
• A setting to manage the priority of the update process. You can set it to high (same as it has been up to now), medium, or low. Lowering the priority will improve UI reaction during the update cycle.

To get these, grab the latest dev update and restart.

I can't claim credit for the term; it was Alan's idea awhile back on the irc channel. However, one of the regulars (Rado) had a nice take on it:

The 3 laws of objections:

1. You must harm human beings, or allow through inaction a human being come to harm
2. You must reject all instructions without violating (1)
3. You must protect yourself at all costs

Heh