Smalltalk Tidbits, Industry Rants

Doc Searls doesn't like some of the surreptitious marketing that's going on:

Several people have asked me what I think about BuzzAgent, so here's my joint answer to all of them: It sucks. Where Marqui is up front about what it's doing, and engaging bloggers in conversation (as well as promotion), BuzzAgent and its clients are being surreptitious and false, and spreading a virus of falsity through its agents. Mass market advertising has always been impersonal, and often (okay, almost always) fake. BuzzAgent's system allows advertisers to be no less fake, but in person, face to face. Even if the agents really do love the products they shill, their love is bought. Worse, it comes cheap.

To these kinds of marketers, "markets are conversations" means "delivering messages" through talk. What they miss is that the next stage beyond conversation is relationship. And that relationship isn't just with a "brand." To have real value, the relationsihp needs to be with the people behind that brand. And that relationship takes place in the public marketplace.

I fail to see the harm. People become unpaid advocates of products all the time; these people are simply moving one step up from that. Go see a movie; those products you see the characters using are all part of product placement - which is pretty much the same thing. Hang around a bunch of developers sometime and listen to the Java advocates arguing with the C+ developers, or with the Smalltalk developers. Are those people cheap shills too? Or are they somehow purer due to the fact that no one is rewarding them for their love of a particular product?

If this is true:

The Al Fresco campaign is over -- having notably boosted sales, by 100 percent in some stores -- but she is still spreading word of mouth about a variety of other products, and revealing her identity, she said, would undermine her effectiveness as an agent.

Then you better get used to it - because any campaign that works is one you'll see more of.

I think this qualifies as a major oops...

Microsoft this week quietly fixed a security weakness in the configuration of the built-in firewall component of Windows XP. The firewall - turned on by default by XP Service Pack 2 (SP2) - can leave files open across the whole net if users choose to enable file and printer sharing, it transpires. Such access should be restricted across a local network but Microsoft has implemented the feature in such a way that, for users of some dial-up ISPs, a local sub-net becomes the whole internet. Microsoft first informed users of this back in September but it has taken five months for it to release a fix.

This quote comes from an amusing source - it's a spam referral thing, but - oddly enough - it makes a point worth commenting on. I'm not going to link to it, since that will only encourage this kind of abuse, but - I've seen this argument before:

Some people argue that static methods are not object-oriented since they do have the semantics of a global function; with a static method you don't send a message to an object, since there's no this. This is probably a fair argument, and if you find yourself using a lot of static methods you should probably rethink your strategy. However, statics are pragmatic and there are times when you genuinely need them, so whether or not they are "proper OOP" should be left to the theoreticians. Indeed, even Smalltalk has the equivalent in its "class methods."

Nope. Smalltalk classes are actual objects, like everything else in the system. Class methods are actually instance methods - of the class. The class is simple the sole instance of its meta-class. As such, when I create Bar as a subclass of Foo, all the class methods are inherited. Want an example of this? Go find the inherited implementation of new - it's not, in fact, a class method in Object - rather, it's an instance method in Behavior...

In a comment on this post:

We all know that changing language is both risky and expensive. Imagine you are on your current, albeit non-optimum, path of progress -- up and to the right, but not as fast as you would like. Now look at switching to Smalltalk (or Lisp, or...). First you must stop your "up" progress while you learn. You are now behind where you would have been. You hope the Smalltalk (or...) vector is more "up" than your previous, but of course you do not know how much more -- just lots of opinions from various people you do not know (and therefore trust). At sometime in the future -- is this 3 months or is it 12 months? -- you finally catch up to where you would have been had you not stopped to learn. Only now do you begin to reap the benefits.

That's not at all the scenario I sketched, and not at all the place Yahoo was in. I would almost never advise a technology migration (there are exceptions for completely out of date/out of business solutions). In the case I brought up, Yahoo had a working system in Lisp, and migrated it to C++ because some thundering moron decided that it would be too hard to find/train Lisp developers. So instead, he spent huge sums of cash to build a less functional version of what he had to start with - most likely with a bigger team. You know what that's called? Stupidity, plain and simple.

Sure, if you have an existing system, it makes very little sense to migrate it. Which is why all the frenzied "rewrite it Java" activity of the last 7 years has been so utterly asinine...

There's a Smalltalk Meetup in January - January 20th to be specific. I'll be attending - and handoing out Cincom Smalltalk non-commercial CD's. Here are the details:

Starbuck's Coffee (Chinatown)
800 7th St., NW
Washington, DC 20001
(202) 289-1576
Map

See you there!

I accidentally turned comments off earlier today; it should be back to normal now. This only affected people who comment via the html page; if you use an aggregator (and thus, the CommentAPI), it was never an issue.

Update: Comments actually work again now. It's a bad thing to forget the false half of a true/false test :)

This post about a catastrophic data loss with NetNewsWire makes something very clear to me - backups are important. I know that people have lost data with BottomFeeder. I try to be careful about user data, but bad stuff does, unfortunately, happen. Here's what you need to backup from Bf - the contents of the btfSave directory. That's where all application data resides, so if you back that up, you should be able to get right back to the saved state easily.

We released Cincom Smalltalk Fall, 2004 a few days ago - and orders will start going out before the end of the year - December 20th is when the actual orders will go out here in the US (possibly earlier for our overseas offices). You should receive the new CD's before the New Year.

Ted Neward points out that security issues are not only a Microsoft problem:

Microsoft isn't as much the hotbed of vulnerabilities as you might think; yes, they have their fair share, but the key words there are "fair share", not "lion's share" or "biggest burden" or "crappy software". What makes their vulnerabilities so dangerous is the ubiquity of their software, not the quantity of the vulnerabilities themselves.

Of course, the number of security issues that affect MS software don't tell the whole story - as Ted points out above, and as I pointed out here, the ecosystem of the internet makes any MS vulnerability orders of magnitude worse than an equivalent problem for Apple, Sun (etc). In this sense, MS is a victim of their own success - and as a result, they have to just suck it up. Unlike Ted (read his whole post), I don't think SP2 really qualifies as sucking it up though...

Ian Bicking makes some points about why Lisp (and by extension, other niche languages) don't always make it in the market:

Lisp makes good programmers really productive, more than they could be in another language. Paul Graham talks about this in Beating the Averages. He made great software and sold it for a bundle to Yahoo. But now it's been reimplemented in C++_. Why, oh why?

It's easy to blame stupid people for this sort of thing, except that it keeps happening over and over. Metaprogramming is powerful, and was central to Viaweb (20-25% of the code, according to Graham). I think this is an example of Common Lisp's fatal flaw (and since Common Lisp is the standard bearer for all Lisps, it is Lisp's fatal flaw).

Some of what Ian points out is true - metaprogramming is hard, and making developers confront it is often times a problem. However, I really, really doubt that it had a lot to do with Yahoo re-implementing in C++. I'd warrant that 90% of that decision was based on fear. Fear that:

• He wouldn't be able to find Lisp developers
• The Lisp developers he found would be more expensive

There's also tons of weak thinking going on in that kind of management decision - the concept of training a developer never seems to cross management's mind in these situations. The theory seems to be "well, training our developers in blah would be expensive (in which case, it never made any sense at all to move to Java or C# - or even C back in the day).

Managers make development decisions in much the same way that people approach lines - they engage in herd behavior. Ever notice how people tend to cluster at tollbooth lines on the highway? It's the same thinking that drives the decision to use (insert fad language of the moment here). It's a relatively rare individual who can really make a break from herd thinking and take the road less traveled.

The way I like to describe this is as follows: If you decide to go with the same tools and technology as everyone else, you make sure that you won't fail any worse than they do. However, you also ensure that you won't succeed any better. Mitigating the risk of failure is enough for most people - risking something "unknown" for a chance at better success sounds too risky - which is likely why Yahoo reimplemented the Lisp system in C++ - if pushed the system into that manager's comfort zone.

Martin Fowler brings up the problem of using metaphors to describe software development - his point applies to any metaphor though - you can only bulld metaphorical bridges so far before they end up over open water:

As regular readers of my work may know, I'm very suspicious of using metaphors of other professions to reason about software development. In particular, I believe the engineering metaphor has done our profession damage - in that it has encouraged the notion of separating design from construction.

As I was hanging around our London office, this issue came up in the context of Lean Manufacturing, a metaphor that's used quite often in agile circles - particularly by the Poppendiecks. If I don't like metaphoric reasoning from civil engineering, do I like it more from lean manufacturing?

I think the same dangers apply, but it all comes down to how you use the metaphor. Comparing to another activity is useful if it helps you formulate questions, it's dangerous when you use it to justify answers.

So as an example - one of the principles of lean manufacturing is the elimination of inventory. This leads to the question of whether there is an analogous item to inventory in software development.

As soon as I read that, I realized that I had heard the term inventory applied to software development before - I finally realized that it was in Scott Ambler's talk at XP Brazil a couple of years back:

Metaphor from this morning - the data (dba) community is packing for Antarctica. Unfortunately, the rest of us are traveling in the desert or the jungle

Scott used that in describing what kinds of things you put in a backpack - depending on what kind of hike you are planning to take. So going back to Martin's question - is that a useful metaphor? Well, it does make you ask questions along the lines of will we need it? In that sense, I guess it's useful. The difficulty is, the answer to that question is going to differ based on who you ask. Like anything else, whether you need a given thing (up front documentation being Martin's example) is going to be a matter of opinion. Software development is still a field where you need to apply consensus rules a lot.

I noticed earlier today that the comment spammers seemed to be concentrating on older posts (the theory being that I wouldn't notice, I guess). The upshot is this - comments will be rejected for any post older than 4 days. There was someone trying to comment on this item that got slapped by that; it's another case where the a**holes have ruined it for the whole class :(

Runar Jordahl has some biting commentary on the MS purchase of an anti-spyware company

We released CST Fall 2004 edition earlier this week - now the non-commercial is ready to be downloaded. Point your browsers at our download page and grab it. If you've already registered, just login here. Enjoy!

Today is just a great day for a power outage - it's a nice balmy 20 something outside, and bam - off it went. At least my battery backup gave me time to do a proper shutdown of the Linux server. I was wondering what the funny clicking sound was - apparently, the power flow was getting all wonky just before it went down. It would really, really suck to have a cold house and lose all the stuff in the freezer... Only down for about 90 minutes, so I guess the freezer is ok. I suppose cleaning up my office has some value...

I had been completely bored by ipv6 until I read this InfoWorld piece:

Recently, cows in Gifu prefecture were tagged with tiny networked devices to wirelessly track their movements and body temperatures for health and breeding purposes. And in Nagoya City, taxis were fitted with Internet-enabled sensors on their windshield wipers, allowing dispatchers to continuously monitor rainfall via wiper speed and to dispatch more cabs to the wetter neighborhoods.

There's a whole class of new presence applications right there.

Just how bad is the spam problem for blogs getting? Have a look at this post from one of the MT folks. It seems that some MT sites are getting bogged due to attempted spamming - the cpu load of detecting spam is becoming a problem all by itself. It sounds like they have a handle on the problem, and have some fixes coming - but it's not their fault. This just gets uglier and uglier

The RSS perma-thread on resource consumption now has its very own blog.

Christopher Petrilli is not impressed with Solaris on x86:

Yup, one of the single most popular gigabit ethernet chips ever released is not supported. Sun supports, in total, 12 network adapters, and once you filter out the duplicate chipsets and such, it's more like 10. Ten. Ten. Last I checked, FreeBSD supported about 100+, and Linux a comparable number.

Do these people really think they'll displace anyone in the x86 world? Crapy install process, filled with confusing questions and useless prompts, only to get to a fully installed system to find out that in fact your HW isn't supported. That's a fine bit of code for you.

Maybe there's something amazing inside Solaris 10, but I'll never know since I won't fork over stupid amounts of money for a Sun box. And please don't point me at the Sun Blade 100, as I've had one, it's insulting slow. 386/33 running BSDI slow. For $1k, I expect at least passable.

So long, farewell, don't let the door hit your ass on the way out.

Kind of puts this in perspective, doesn't it?.

Update: Andrew Binstock of SD Times makes some good points about Solaris vis-a-vis Linux, but - and this is critical - the negatives that Christopher outlined above are of far greater importance. If you can't get the system installed, or once it's installed it can't see the network - it's useless

Ian Bicking makes a good point about ofshoring that needs to be made:

I don't mean to insult Indian programmers -- certainly there are Indian programmers who are just as good as a good programmer in the U.S.: able to communicate well, able to work independently, able to intelligently judge tradeoffs, etc. But those aren't the cheap Indian programmers. This isn't about nation of origin. Outsourcing is about turning programmers into a commodity, and you can only make a commodity out of something where quality isn't an issue. In the case of programming, that means you must expect the lowest common denominator of quality given the constraints. Because shitty code is always shitty (even in Java) the constraints for outsourcing typically include heavy-weight methodologies and a high degree of formality.

You get what you pay for.

I'm attending the second meeting of the reorganized Maryland Agile/XP group - it's actually feasible for me to attend meetings that are held here in Columbia, MD. I'm marginally familiar with FIT - I've looked at the port that's been done for VW. It's a small group - 9 people including myself. So anyway - we have David Chelimsky from ObjectMentor presenting FitNesse.

Where did the name come from? First off - it's not a coverage tool. The problem with FIT had been that it could be difficult to set up - command line, hard to use - especially since the end users of it are supposed to be acceptance testers. FitNesse is supposed to be FIT with Finesse - a way to make the tool easier to use for the target audience.

• Unit tests - for the developer, not for the user community
• End users need to be able to specify (and test) their requirements

A common way to set these tests up is in a spreadsheet. What FIT does is set these things up in HTML tables. The idea is to set it up in a way that the business user will easily comprehend. So the end user makes assertions (enters data), and the back end reads, tests, and displays feedback. What's the problem? No one likes writing HTML. FitNesse makes that easier by using Wiki style markup. The developer needs to write adapters that push between the html tables and the back end application. (Small aside - this is easier in Smalltalk, since that back end application is live - like any other Smalltalk app).

In general, Fitnesse is a wiki and acceptance test server. To create tests, you create new Fixtures - fixtures are a test construct. Heh - immediately, the demo ran into a compile time issue with Java. Meanwhile, I've picked up the Fit image I last looked at in January and am mucking about with it. Ahh, Smalltalk. What would be cool would be a FitNesse port over to WikiWorks or SmallWiki - what I've got is all based on a simple servlet (i.e., a lot less user friendly than a Wiki).

So - back to the demo. The idea of FIT is that end users can specify tests with expected inputs and outputs. With the data specified in HTML tables, the inputs and (expected) outputs are easy to see, and easy enough to capture on the back end. I have no easy way to get a screen shot of what's up on the screen (and the Fitnesse server he's running looks quite nice).

I really need to spend some time making this work with WikiWorks, so that I can slap examples up on the Wiki. What about implementations? There's Java, Python, Smalltalk, Ruby, .NET. So, more on FitNesse - there are RowFixture objects as well as the ColumnFixture ones (the tables, above). This allows you to specify a collection of data that should all satisfy some condition (i.e., a #select: in Smalltalk). Or for that matter, any operation on a collection of datums.

What's the value of all this? You can talk to end users without having to delve into the code level with SUnit - you can remain up at the business level - which is the appropriate level for acceptance testing. I guess my only question is at the Wiki user level - my experience - even with highly technical users in the audience - is that a small subset of your audience will actually edit content. I'd have to see it in action with actual business users to form a final judgement though- maybe business users who feel comfortable dealing with spreadsheets would be ok with it. David's experience is that business users don't interact with it that much - but system testers (from the Q/A group) do.

The audience discussion was interesting as well - focusing on the difficulty of bringing agile methods into a shop. The consensus seems to be that the hardest thing is to convince your developers - management is actually a lesser problem. From there, it went into a discussion on open source and licensing. I love a good argument :)

This is just fascinating. For awhile (up to about 2 months ago), I was getting new referer spam on the blog every day. I built up a rejects list - a simple text match against a file. That seemed to put a stop to that. Recently, I had a bunch of attempted comment spam (nothing like what some people are seeing - read this, for instance) - but my simple minded filter stopped that nonsense easily enough (with my non-mainstream server helping out a whole lot as well). Then today, a whole ton of referer spam again. The screwiest thing was that none of the urls actually resolved - is this pre-emptive spamming for domains that might exist someday soon? It's really weird...

Well, at least this air traveler did :) CNet reports that internet access is coming to the cabin - probably a couple of years out still, but on the way.

Gordon Weakliem ponders whether you need to support cookies in an aggregator. I started supporting that a long time ago in BottomFeeder - as Gordon mentions, LiveJournal used to use cookies. Once I added the support, there was no reason to take it out. The positive thing is that the cookie support is now just a part of the NetResources library in the public store - which means that anyone can take advantage of that support.

Bill Clementson makes a few points about Lisp and Domain Specific Languages - what he says all applies to Smalltalk as well. The number of libraries available don't paint the entire picture. For instance - I've had to code support for things like Http Digest myself in BottomFeeder. I'm sure that there are extant Java libs that do that already. Did I waste my time? See if you can find an RSS/Atom aggregator with as much functionality as BottomFeeder has written in Java... I think you'll have your answer.

Gary King points to a paper on the early history of Smalltalk (PDF) by Alan Kay. Check it out

Sci Fi Wire reports that Farscape's Ben Browder will be joining the SG-1 cast. That's fine - so long as they don't let him near the scripts...

The Fall Release of Cincom Smalltalk is out - we went live on shipments today. That means that customers should start receiving the CD's before the New Year. What's new? Follow this link for the details. What about the NC release? I'll have the new NC available for download within a few days

The spammers are still at it - the wiki was hit again overnight (now repaired). The filtering for the blog server seems to be working - it caught another couple of attempts at spamming. The fascinating thing is what the spammer tried to hit - a post on Troy's blog from October 1. The last batch of spam attempts tried to slag posts that still showed up in the RSS feed; now it seems that these bozos are using some other methodology (probably Google keyword ranking). It's like an arms race.

Learning Seaside points out that Anton van Straaten gave a presentation on Continuations at the Lightweight Languages 2004 Conference.

Ian Bicking hits on one of the intangible benefits of dynamic languages:

Back to reliability: one way to decrease bugs is testing, but another way is to decrease the amount of code. Code deleted is code debugged. Static typing can decrease the number of bugs, but decreasing the amount of code is a much, much more effective way to decrease bugs. If you can have both -- short code and static typing -- then more power to you. I just haven't seen it myself.

Whenever I read about some of the larger blog server systems, I'm absolutely stunned by the amount of code involved - the core of this server is 21 classes - plus 4 for generating the syndication feeds, and another 24 for the various servlets running (it's one class per servlet - you can do that differently, but I didn't). Less than 50 classes for a fairly full function blog server. And yes, having less code makes it far, far easier to manage.

ArcterJournal explains how the various wizard controls for things like IIS aren't as helpful as you might think - sometimes, all you need is a small hammer:

The thing that probably pissed me off more than anything was the complete lack of some simple tools to help me make it work. The lack of a decent command line, or decent tools to help with debugging in windows pisses me off horribly. All I wanted was to "tail -f logfile" in a terminal the width of my screen so I could see the debug information flowing through. Nope. The file was big (and undeletable because IIS had it open of course, thanks for that great filesystem Microsoft, maybe WinFS will fix this?) so doing a 'type logfile' was a huge pain (especially through a VNC connection), notepad didn't deal with some of the CR/LFs properly, and wordpad isn't in the default command line path, all culminating in me getting really pissed off that such a simple task as watching the contents of a logfile should be so hard. Cygwin or other additional apps? Remember, live client machine, not the place to start randomly installing software. Oh, and don't get me started on the so called "Event viewer" or the stupidities of IIS itself.

I have no idea how I'd manage this server remotely with Windows tools. As it is, all I need is ssh and a shell...

In a couple of hours, I'm doing a virtual sales call via WebEx - some of our people are making a prospecting call, and they wanted me to present Cincom Smalltalk - without actually hopping on a plane. I've done WebEx presentations before, but not for this kind of audience - should be interesting. Of course, I had to have a near panic inducing moment before this - when I got into my office, coffee mug in hand, my Windows box was off the net. The Linux box was on, so the connection was ok - apparently, there had been a short outage overnight. I had to pull the WiFi card and then re-insert it before Windows would believe that there was connectivity (never mind the fact that the taskbar icon showed one). Crisis averted, thankfully.

Well, where to begin? The scene at Orthanc makes a lot more sense with Saruman back in. Of course, without the Scouring of the Shire it runs differently than the book - but as I thought when I first read about that, I realized that the scouring would seem very anti-climactic on screen. The wrapup with Saruman should have been in the original - it worked very well. Heck, his "brigands and dogs" speech to Theoden makes Theoden's later admission to Eowyn - that it was not him that saved the day at Helm's Deep also makes more sense. There's even a small shot of Pippin being distracted by the Palantir as he and Merry dance on the table - his obsession is fleshed out much better.

As with Two Towers extended, Eowyn's love for Aragorn is played out more as well - and they flesh out her healing and bonding to Faramir. At some points, I felt like the extended Two Towers was cobbled together - it didn't "fit" as well as the extended Fellowship did. This extended edition really meshes well - it looks like Jackson took his time and did a great job. It's a lot of small things - there are little characterization bits tossed in throughout - including more of the competition between Legolas and Gimli that was spread through the books.

Watching Gimli on the Paths of the Dead is worth the price of the CD all by itself - the added scenes in this section are really well done, and seem to be core, not added. It was a nice touch the way Legolas recited the prophecy about the paths of the dead - and how they relate to Aragorn. The wrap to that set of scenes explains how they got to the ships as well - although fans of the books already understood that bit. It's kind of cool the way Peter Jackson is the first pirate to die :)

One very nice touch - as Denethor Walks to the tombs with Faramir, Pippin looks on - and we can see a single white flower on the White Tree (again, a difference from the bok - but a nice touch with Denethor proclaiming that hope is dead. While I'm here, can I say how much I love the arrival of the Rohirrim? Theoden's speech, the music, the charge itself? It's the most uplifting part of the entire film. The battle scene with Eowyn, Merry, and Theoden runs a bit different as well - it all fits together better.

There's a nice addition after the council where they decide to march on Mordor - Aragorn takes up the Palantir to announce himself to Sauron. That's something I missed from the books. And Frodo and Sam's forced march with the orcs - the scene timing here works a lot better.

The "Mouth of Sauron" played differently as well - I think I would have preferred the way it went in the book. The form of confrontation there was more subtle, but also more satisfying, I think.

So in summary? Very good, better than the other two extended dvd's. The timing of events is better, and it "feels" more complete. Well worth the price.

Sriram Krishnan likes MSN search better than Google's tool for that - for one, he likes the client side interface. I can buy that; Google's search works for me, but I can see where he's coming from. On the browser choice though?

Some people have been complaining about MSN imposing IE on them. I really don't understand their logic - do you complain when Windows Explorer uses IE? MSN desktop search uses IE in almost the same way that Windows Explorer does. In fact,when I used Spy++ on the results, I saw good old SysListView32. Frankly, seeing desktop search results in a browser window is something that Google hopes will catch on - but which I very much doubt.

Sriram - some of us have cut off IE completely. Heck, I avoid my company's VPN services because the intranet requires IE - I sure as heck am not going to abide a desktop search tool that wants it. When MS learns to spell security - and tabbed browsing - get back to me. And no, SP2 isn't the answer...

The extended edition of Return of the King is out today! Off to the video store!

Ben Hammersley's post about the upswing in blog comment spam demonstrates something - security has more to do with the size of the ecosystem than with anything else. Why is Windows such a huge target? Because there are so many Windows systems available - anything that hits a vulnerable system has a lot of potential new places to spread. Posit a nasty Mac worm, for instance - as it tries to propagate out, what are most of the systems it tries to hit going to be? Windows boxes. Now look at the various infection rates for Windows worms, virii, and trojans... it's not a huge surprise. Sure, MS has culpability here - but even if they had been trying hard since the release of Win98, Windows would still be the major target.

You are now seeing the same thing in the blogosphere. The popular blog servers are getting hammered, while I've gotten in the low dozens of comment spams. Until 2 weeks ago, I wasn't even trying to filter it out - it just wasn't a problem. Why? It's not due to my entry forms being more secure, it's due to their being rare - only a handful of blogs use my server, so the ecosystem isn't big enough to support bots. The ecosystem for things like Blogger, MT (etc) is big enough - and that's why there's an accelerating "arms race" of spam bots and spam blockers out there - and why you see lots of bloggers throwing their hands up and turning comments off.

I don't have a solution, other than suggesting that you take "the road less traveled" in selecting blog server software. The trouble is, that mostly requires a level of technical literacy beyond the reach and/or interest of the vast majority of people.

With the release of CST fall edition, we are in a pause mode before we really get started on the next release. We have a planning meeting set for January, where we'll hash out what the priorities are for the next release (and for the next few cycles in general). This isn't completely up in the air; see our roadmap for a broad sense of our direction. Still, this is a great time to give us feedback. We got a lot of that in Frankfurt, and we would like more - please visit the survey page, and send me your ideas

Bob Congdon points to some punny beer...

That shouting against the forces of progress you hear is the MPAA, with more initimidation lawsuits lined up - BoingBoing has the details. Bottom line - if you run a BitTorrent server, it looks like they'll presume you guilty on the spot. In the warped universe inhabited by the stunted minds of the MPAA, technology is just bad

I've noticed that the wiki spam (on the CST and VW wikis) is consistent:

• The same set of pages gets hit over and over again
• All the spam is being entered manually (at least, it looks that way based on the patterns)

Based on that, I have to assume that someone has outsourced spamming to cheap offshore typists of low moral character. Yay.

It seems that my spam filtering code for this blog server had a small hole in it - and sure enough, someone exploited it this afternoon. I patched it as some moron was trying to comment spam various blogs; he hit two, and was trying the third when I updated the spam detection code to plug the hole. A bunch of attempted spam comments dropped into the spam trap folder. I repaired the other posts, and now things are back to normal. Yet another reason that I love being able to hot patch a server...

Blaine Buxton points to Andres Valloud's blog. I met Andres a few years ago in California - he can speak his mind, as you'll see on that blog. Now all he needs is a feed...

Update: As noted in the comments (and in an email Andres sent me), the feed is here

I missed this cls announcement a little over a week ago - Michel Bany, one of our consultants in Europe has been keeping the VW release of Seaside up to date:

I just published Seaside 2.5b5 for VW on the public repository. It is based upon Seaside2.5b5-avi.9.mcz 27-Oct-2004 17:15, i.e. the very latest version of 2.5b5.

This port includes a new feature : the ability to run behind multiple front-end servers with multiple different url naming structures.

Bundle to load :

• SeasideForWebToolkit
• SeasideForSwazoo.

The knocks against IE keep coming: Linux Today reports that Penn State is advising their students (80,000 of them) to use something other than IE for browsing. I suspect that this will reach what Malcolm Gladwell calls a Tipping Point relatively soon - and MS seems mostly oblivious to the problem.

More from the inventive spam title saga - I just got something titled Pliable and Soluble. Do I really want that?

I'm trying to reconcile the two halves of this paragraph from this post by Gregg Graham

When I discovered Smalltalk and Java in the mid 90's, I began to be turned off by the complexity of C++. However, I've come to terms with it, realizing that no other popular computer language combines the efficiency and expressive power of C++. The fact remains that it's a difficult language, in which it's easy to create a big mess. Reading and applying Meyers' book is a good safeguard against such messes.

As to efficiency, if you want to write your own garbage collector, sure. As to expressive power... compared to Smalltalk or Lisp? Huh?

If you want to read your GMail in your aggregator, have a look here at Google's support page for that - Bf is their only recommendation for Linux.

Update: Apparently, you need a GMail account to see that page...

Dave Anderson of Genify reports on Smalltalk MT use in the simulation industry:

I just came back from boothing at I/ITSEC 2004 (the inter-industry training, simulation and educations conference). This is THE event for the sim community (especially military).

I am happy to report that Smalltalk MT was embedded in several applications showing at the conference. Here are some examples:

1. A collaborative multi-player virtual environment showed off MTs ability to perform fast network requirements.
2. A LIDAR analysis program showed off MTs ability to utilize DirectX 9 and a GPU to do huge amounts of feature extraction analysis from a LIDAR image.
3. Military symbols were being shown in other vendors applications by MT. This is using MTs ability to use SVG (scalable vector graphics) and GDI+.

So while we may not be building whole applications with MT (apart from the development environment of course), we are demonstrating that Smalltalk can be used for what it is very good at - MetaData representation. This content can then be delivered in the form of a DLL or a COM component to other applications (including other Smalltalks).

So next time you see a GIS application, or military application it may be Smalltalk MT inside :-)

While reading this post from Sam Gentile, all I could think was this - the type system is just standing in the way of productivity:

This is freaky stuff-) I have been doing some experimenting while putting together my Adavanced COM Interop talk for VSLive! today. Of course it can't be possible for the Type Library Exporter to export a Generic Type to a COM type since there is no concrete type. It doesn't make sense. I wanted to see what happens anyhow in ILDASM. What about if I use a Generic Interface and then instantiate a class implementing the generic interface with a concrete type such as double? That should export and it does. BTW, I am using the evil ClassInterface.AutoDual instead of the correct way to export with the ClassInterface.None as it doesn't export with the interface. It looks like the Type Library Exporter is doing the right thing. It skips the generic interface and keeps going as there could be (and are) other types.

Go read the whole thing, and see what kind of unnatural acts the type system of COM can lead you into...

Is this Slashdot story a harbinger of things to come, or a one off? The various stories I've seen on falling circulation numbers points towards harbinger I read the NY Times and WaPo a lot, but I rarely buy the hardcopy. Here's the upshot of the story:

"The LA Times announced that it is folding its national edition on 12/31/04. The Times spokesperson said the paper's mission has been to reach 'key Washington, D.C., and New York audiences,' and that 'other electronic ways of reaching those audiences became more plentiful.' The folding edition will be replaced by "remote printing" by NewspaperDirect, and their email highlights, Top of the Times. Is this the way all our newspapers will be going?"

I've been taking a look through the Apache logs to see what tools people are using to access my blog via the RSS feed. Here's the top results

BottomFeeder	20%
Net News Wire	16%
Mozilla	11%
NewsGator	9%
SharpReader	9%
RSS Bandit	4%
Internet Explorer	4%
News Fire	2%
BlogLines	1%

The only surprise there is IE - are 4% of my readers looking at the DOM tree in IE, or is there some RSS tool for IE I've missed? There are two other notable results that I'm not sure how to trace - 4% of my readers are using the C library "Soup" to access the feed, but I have no idea what tool that might be part of. Likewise, 2% are using the Universal Feed Parser, but again, I'm unclear on what tool or tools are using that. If you add the percentages up, you get to 86% - leaving 14% to bots and tools I don't recognize.

So I see where Sys-Con has a list of the top twenty software developers. It's a bogus list - notably absent from consideration? Donald Knuth and Alan Kay. Some of the people on the list haven't really created anything - they've merely cobbled together other peoples ideas - and badly at that. So who put together this list? Why the heck are Kay and Knuth absent? What about people like Grace Hopper?

With the release of Cincom Smalltalk, Fall 2004, we have two announcements from our partner, Georg Heeg:

As promised, I uploaded the current version of L10N to our server. So please feel free to try it out. Additionally I will ask Karsten to put it into the public repository as recommended (excluding the documentation) and I'll ask Simone to out it on a more regular place on our web site.

We have also been asked by several people to get the new Windows CE Look and Feel iploaded. So I uploaded it here. Please send any comments to Chris Burkert.

Monika Laurent - Cincom's Smalltalk Marketing Manager in central Europe - has sent me a summary from the conference:

Much Smalltalk during the First Worldwide Cincom Smalltalk User's Conference

Last week the first worldwide Cincom Smalltalk User's Conference was successfully held in Frankfurt, Germany. If you did not participate - we are sorry to say that you really missed a great event.

It was indeed an international event: More than 90 participants from all parts of the world gathered during the two and a half days in a charming hotel close to Frankfurt. Attendees came from the United States, Canada, the Republic of South Africa, and various countries all around Europe (Germany, Switzerland, Austria, Belgium, France, Italy, Croatia, United Kingdom, Finland); speakers came from the United States, Canada, India, Australia, the United Kingdom, Finland, Switzerland, and Germany.

For the first time ever Cincom Smalltalk customers and partners had the chance to meet with Cincom's worldwide elite of VisualWorks and ObjectStudio engineering in one place. And they used their time!

The official conference program included more than 20 presentations and live demonstrations given by Cincomers and Cincom partners - and was expanded 'on the fly' with several demos of customers who had made the audience curious about their VisualWorks and ObjectStudio applications. During the three "Customer Advisory Board" sessions, Cincom Smalltalk management and engineering gained a lot of useful feedback from customers and partners on ongoing and planned development projects.

The Smalltalk with Cincom's engineers continued over lunch and dinner - and time passed too quickly. Much more time could have been spent discussing the interesting topics in greater detail.

For more information on the 2004 conference content please visit the product manager's blog. There you'll find also links to supplementary notes by conference participants.

The final response was in unison: We will meet again when Cincom organizes the second worldwide Cincom Smalltalk User's Conference.

Anyone have any suggestions for next year's site? I'm voting for WiFi at the location :)

I think Grady Booch's interest in UML gets in the way of thinking through what's happening with Domain Specific Languages:

However, we do disagree with Microsoft's rejection of the UML in favor of proprietary domain-specific languages, as noted not only in Jack's book but also in Alan Will's blog. To be clear, as Jim Rumbaugh has commented back to me, our observation - and that of our customers - is that the UML has proven itself useful much of the time, yet there are a few purposes for which it may be less appropriate. In many cases, the semantics of the UML are pretty close to what you need, although they are deeper than necessary; in such cases, a suitable UML profile is sufficient to focus the language, which allows you to leverage standard UML tools and training and yet eliminate the bloat. In those cases where the business concepts are more naturally expressed in a specialized syntax, then inventing a suitable DSL is reasonable. At the extreme, this is essentially the path that Charles Simonyi has been trodding for some years, a path that requires a very very deep and integrated underlying semantic model. Indeed, as I've pointed out in one of my earlier blogs, the root problem is not simply making one set of stakeholders more expressive, but rather weaving their work into that of all the other stakeholders. This requires common semantics for common tooling and training, so even if you start with a set of pure DSLs, you'll most often end up covering the same semantic ground as the UML.

Interestingly enough, I was speaking to Steve Kelly of MetaCase at the recently concluded User's Conference about this. Have a look here - and review also the SPR numbers on this stuff. The issue with UML is that it's a solution oriented at software development in general - it doesn't really say anything about your domain at all. While the MS "factory approach" is likely flawed, they are on the right track with DSLs. Steve showed me what kind of results you can gain in a specific, well understood domain with tools like MetaEdit+ - it's absolutely amazing - and no, UML isn't going to get you there. I'd suggest grabbing the MetaEdit+ demo and seeing what's possible.

I see that Information Week is quoting Gartner on what's coming up in software development:

Automation and visualization are a necessity for mainstream companies that aren't necessarily sophisticated users of IT, says Michael Blechar, research director in the app-development group at market researcher Gartner. "Although they're able to do simple kinds of Java and .Net things well, when it comes to the most complex stuff, they're failing miserably," he says. "Those companies are finding that the only way they can use less-sophisticated developers to build more-sophisticated Java and .Net applications is through the use of visualization and code automation."

I wonder if they recall this table from Capers Jones - scroll down a bit, and note that Java is at level 6. Now scroll up - see where C++ is? All that forward motion to get nowhere. Since C# is Java in MS clothing, we can slot that at 6 as well. Now scroll down to Smalltalk, and ponder the number you see there. Now go back to the Gartner quote, and recall their brilliant advice about "putting Smalltalk into maintenance mode".

After you digest all of that, have a look at Frank Hayes' article - the top part where he lists project failure results:

Department of Corrections: Last month in this space, I reported on The Standish Group's most recent Chaos survey. I said that only 28% of IT projects succeed, 18% are canceled, and 51% are "challenged" -- seriously late, over budget and lacking expected features. Some readers wrote in to point out that the numbers don't add up: 28% plus 18% plus 51% makes only 97%.

They're right. I botched the numbers. That 51% comes from 2003. This year, 54% of U.S. IT projects fell into the challenged category.

Yeah, the numbers were wrong. But at least they weren't ridiculous -- or worse.

Yes, a lot of that is management failure - of which a not insignificant part is "let's rewrite all of our (working) software in (insert current fad language here)". A ton of that was aided and abetted by those bright folks over here.

It was a great conference - we had a great turnout, and it was especially pleasing to see so many ObjectStudio developers. We don't tend to get as many of them at the StS conferences - I hope that changes next summer. In any case, there's a lot of good information on what went on at the show online already. I blogged a little more than half of it - although on day two, there were parallel tracks - I haven't solved the whole "two places at once" problem yet. Here's a list of pointers to notes:

• My commentary
• Sudhakar Krishnamachari:
• December 7
• December 8(1)
• December 8(2)
• December 9

There's a Wiki Page up with presentations available - more should be posted as time goes by (the dialup connection at the hotel was less than ideal - browse back there over the next few days/weeks). Finally, I expect that Niall Ross will have copious notes to share in the near term future - I'll post them (or a link) when I get word of them.

Does Gartner do anything valuable? I suppose there's the chuckle we get from reading their "analysis" - on the other hand, corporate management listens to them (which raises interesting questions all by itself, but never mind...). So what set me off this morning? Have a look at their latest predictions in ComputerWorld:

LAS VEGAS -- In an eyebrow-raising forecast, Gartner Inc. researchers said they believe that as many as 50% of the IT operational jobs in the U.S. could disappear over the next two decades because of improvements in data center technologies.

Donna Scott, a Gartner analyst, said IT workers face a situation similar to that in the manufacturing field, which has lost jobs over the past several decades as automation has improved. Similarly, standardization of IT infrastructure, applications and processes will lead to productivity improvements and a major shift in skill needs, she said.

"There will be more room to automate, and that means there will be reduced labor cost," said Scott. "This is a long-term change."

Hey Donna - care to pull up some analyst predictions from 1984 and see how prescient they really were? Do you realize that you're trying to make predictions about 2024 here? I have another question as well - Who the heck cares? Are there really any corporate IT managers who are planning 20 years out? Heck, take a look at Frank Hayes dissecting this

According to analyst Donna Scott, speaking at Gartner's annual data center conference in Las Vegas, up to half of all IT operational jobs could disappear over the next 20 years because of improved data center automation.

Got that? Gartner's telling us what we can expect for data center staffing circa 2024. That'll come in very handy for the next quarterly IT budget adjustment, won't it?

It's easy to make fun of a prediction like this. We know the numbers aren't meaningful, because no one can gin up useful numbers two decades in advance. Just looking a few years out, predictions get shaky.

For example, only three years ago, Gartner Chairman Michael Fleisher predicted that half of the household-name IT vendors wouldn't exist in three years. That pronouncement made for some big headlines in 2001, just as Hewlett-Packard was swallowing Compaq. But it's not a prediction you'll see Gartner bragging about these days.

You want more money for critical projects? Take whatever you pay Gartner, and apply it to something useful. Heck, just take those bills out to the parking lot and burn them. You'll still lose the money, but at least you won't be making stupid decisions based on the loss...

This ComputerWorld short, - in a handful of paragraphs - demonstrates just about everything that's wrong with too many IT shops:

Employees spend an average of 30 minutes per week either trying to fix their own PC problems or working on a co-worker's PC problems, according to research by Compass America Inc., a Chicago-based IT benchmarking firm.

This self-sufficiency and helpfulness may seem like a good thing, but from the company's point of view, it's not very cost-effective, says Scott Feuless, a senior consultant in Compass' Houston office. For starters, it may be a sign that end users have little confidence that the IT help desk can really help or that users don't know that the help desk could solve their problem. Plus, that 30 minutes of lost work productivity is hurting the company and could be reduced to an average of 10 minutes with a top-notch help desk, Feuless says.

Companies take a 3% productivity hit from users futzing with their PCs, and that could be cut to 1% with a first-class help desk, Feuless says, citing Compass' database of more than 7,000 benchmark studies.

The very first question that companies should ask themselves is why users tend to avoid the help desk whenever they can. Could it be that Dogbert's No Help at All Desk is painfully close to the truth at too many shops? Well, what do the experts that ComputerWorld asked recommend?

• Make the help desk a one-stop shop for PC fixes, so calling it isn't viewed as a waste of time.
• Negotiate service-level agreements to monitor the performance of the help desk.
• Standardize PC hardware and software so the help desk can effectively come up with standard fixes.

The first one isn't a bad idea, although I have serious doubts about the second. Why? Because the end result of that is usually a sea of paper reporting that drowns both help desk staff and end users. Yeah, that's what everyone needs when there's a problem - more paper. The last suggestion is perhaps the most inocuous but stupid one there. It sounds great - standardize the systems, and then everything will be fine. But... is everyone doing the same kind of work? Do the admin assistants need the same systems as the marketing guys? What about the software developers - do they get the same commodity desktop or laptop that the middle manager does? It's an idea that appeals greatly to IT management, but ends up dis-empowering the entire company. There need to be standards, but they need to be flexible standards.

On second thought, maybe it would be easier to just keep routing around the damage...

I just received notice about a Smalltalk Meetup Event here in the greater DC area. The date on that page is off - it's going to happen on the 20th of January, not the 13th. I'll be there, looking to see what's up in the local Smalltalk community.

Has Iron Python entered some unnamed ring of Borg heck in Redmond? Patrick Logan spots Ed Dumbill pondering that. And people wonder why my initial enthusiasm for using the CLR for Smalltalk has been waning...

This sort of thing - See Ed Foster's blog - is so widespread through ISPs and Airlines (not to mention tech support in general) that it is most certainly a management directive - deny, deny, deny - even in the face of overwhelming evidence:

Three phone calls were routed to tech support staff who said they couldn't help and were not sure who at Adelphia could. Finally on his fourth attempt he managed to get through to an Adelphia tech who would at least discuss the issue. "I explained the hacking attempts and provided her with the Adelphia incident number from their e-mail," the reader wrote. "I re-stated the IP address of the system used in the hacking attempt. After a minute or so she repeated what the e-mail had said -- the IP address of the system was NOT an Adelphia address. After explaining what the WHOIS tool was telling me and how a reverse DNS lookup was supplying the adelphia.net system, she conceded that it was in fact an Adelphia system. She put me on hold for a few minutes, then returned to say that the matter is under investigation."

This is how airlines deal with bad weather and maintenance issues. Just try to get a straight answer about your flight time in most delay situations - it's positvely amazing to watch. Exactly what is the supposed benefit here? The customer facing employees end up looking like bufoons, and customers end up with a lower level of respect for the brand. Explain to me how that's a good thing?