Monday Mar 02, 2009

Being a Software Curator

I received this video from a friend, and thought it was really good. Its Jason Fried, founder of 37Signals, talking about being a software curator. Check it out.

Saturday Jan 31, 2009

Show Me the Money

I've spoke before about Sun's Statup Essentials program, an offering to help startups get their business off the ground with enterprise-class hardware and software at discounted prices. They act as a strategic partner, providing training and advice, discounted hosting and storage solutions, and connections to a huge network of investors.

Now they've taken it a step further and added a program called VC Connect, which actually matches your business profile up with select investors for the purpose of acquiring funding. This is a golden opportunity for startups, as many do not even know where to begin and are unprepared when it comes to raising capital. Whether you're looking for seed funding or a big time 3rd-round investment, access to Sun's network of venture capitalists and angel investors is sure to be valuable. It's about who you know, not what you know.

Also check out Y Combinator, which does the same sort of thing on a smaller scale.

Wednesday Jan 28, 2009

Pity the Poor Designer

What makes a "software engineer" different from a regular "engineer"? Why were mechanical engineers in the Engineering College while I was at the College of Arts and Sciences? So there's the obvious differences: I do not have to obey the laws of physics in my work, and people usually will not die if I make a mistake (eluding to bridge builders and airplanes here). However, I would argue there is a distinct element of creative ability and clever design that goes into building good software -- so much so that I would dare call it an art. Not completely an art, but more of an art than a science. Yeah, I said it. Software engineering cannot be completely mastered by reading, listening, or even learning. The difference between the good and the great has its roots in your genetic makeup.  

Whether we're designing folding chairs or eBay itself, good design is an integrated, cognitive process. Ok I admit it, I've been reading books by Don Norman. There's a bunch of principles, you've heard of them: affordances, conceptual models, mappings, visibility, feedback, and others. These are some of the characteristic of a good design, but how can you truly create something that embodies these principles and is natural for a human being to use? In "The Design of Everyday Things", Norman says that it's about physics, and psychology. There is a natural way that people expect the world to behave. If you drop an egg, it will crack; if you drink too much.. well that's a little less deterministic, but you get the idea.

A good conceptual model is key to a good design. The classic example of a poor conceptual model is the temperature control in a refrigerator. There's only two things to do: adjust the temperature of the freezer compartment and adjust the temperature of the fresh food compartment. And there are two controls, one labeled "freezer" and one labeled "fresh food". Should be easy, right? Well, suppose your fresh food is just right, but you need to make your freezer colder. Give it a try.

The problem of course is that there are two conceptual models: yours and the designers, and that is a big problem. A deeper look into the mechanics of the fridge would show that instead of independent cooling units, there is in fact one thermostat and one supply of cold air, which merely gets split between the two compartments with a valve. That would've been nice to know, don't you think?

It goes deeper, too. All the way into the structure of your memory.

"Say aloud the numbers 1, 7, 4, 2, 8. Next, without looking back, repeat them. Try again if you must, perhaps closing your eyes. Have someone read a random sentence to you. What were the words? The memory of the just present is available immediately, clear and complete, without mental effort. What did you eat for dinner three days ago? Now the feeling is different. It takes time to recover the answer, which is neither as clear nor as complete a remembrance as that of the just present, and the recovery is likely to require considerable mental effort. Retrieval of the past differs from retrieval of the just present. More effort is required, less clarity results. Indeed, the 'past' need not be so long ago. Without looking back, what were those digits? For some people, this retrieval now takes time and effort."

Check this out:


Now, what makes this an art for software designers is that we don't have the luxury of physical elements with which to create a design; it's all visual. What's more, the view of the inertial "world", that is, what people expect to happen naturally, is always changing and in fact evolving at an increasing rate with computers. So while the traditional rules of good design still apply, they are just one shade of the ever-changing chameleon that is software design.

Sunday Jun 29, 2008


After my post on OpenSocial, I had no choice but to do some research and sign up with an OpenID provider. Ok, you don't actually need to do any research to get a good OpenID, but I can't make even the simple decisions without due diligence. So my choice was MyVidoop, and here's why: browser integration, multi-tier security, and ease of use.

I'm an early adopter; I don't currently use any sites that support OpenID  (although most of them are working on it), but what's drawing about MyVidoop is that it handles existing passwords as well. Here's something to think about: I've never trusted the browser to manage passwords for me. Call me old-fashioned, but I've seen way too many spyware horror stories and hacked browsers (and it doesn't help that I'm a Windows user). But at the same time, I've got this exploding array of passwords to keep track of. So how does MyVidoop solve the problem?

Try an integrated browser plugin (supports FF3) that allows me to store credentials remotely. Actually, it gives you the option to go either way, per password: store it locally in an encrypted file, OR store it with your profile on their secure servers. Why am I okay with this? Because MyVidoop protects my information with several layers of security. Step 1 is browser authentication. The very first thing they check is the IP address and browser signature that is making the request to their system. If it's not one that I have verified using one of several alternative methods (email, text message, voicemail), forget about it, you're not getting in. Step 2 is what they call an "image shield." It's a random assortment of images with corresponding letters, three of which make up my unique password token for that session. It's category-based, so you might set it up to be something like Trees, Cars, and Animals. It's a clever and rather powerful authentication mechanism that relies on the classic usability principle of recognition rather than recall

If you have the plugin, it's a seamless experience. Just log in when you start your browser, and from then on it will auto-populate both username and password fields for any site it knows about. And if it doesn't know about it, it'll ask you if you'd like it to.

The final selling point for me was reading their development blog, which shows how their implementation is secure enough to counter a man-in-the-middle phishing attack that is engineered to exploit OpenID providers. It's a pretty cool walkthrough and you can even mount your own attack to see how it works.

Wednesday Jun 11, 2008

Ride the Cloud with Joyent

Continuing from my Web 2.0 rave on OpenSocial, I'd like to introduce Sun partner Joyent, which provides a host of on-demand computing and storage services to small businesses and startups. They have put together a highly-optimized and scalable cloud, built on OpenSolaris and the Rails framework.  Space on the cluster is sold to web developers via Joyent Accelerators:

"Accelerators are built on OpenSolaris, multi-core (8+), RAM-rich servers (32GB+ each) and vast amounts of NAS storage. Accelerators are deployed in the best routing and switching fabric (Force 10) and the best load-balancers (F5 Networks) available (and always will be)."

They've also leveraged hundreds of DTrace probes to further optimize their environment.  Amazingly, they're offering free Accelerators for OpenSocial and Facebook applications. This is a great way for social/media applications to get started; they can enjoy the powerful Joyent stack from the beginning, and if they happen to grow to thousands of hits per second, they can simply sign on for a contract and crank up the capacity as needed.

And these guys know Rails; in fact, several Joyent employees are or were members of the Rails Core Team. Not suprisingly, their other core product, Connector, is one of the most extensive uses of the Rails framework yet. Connector is an open-source, web-based collaboration suite providing things like email, contacts, calendars, bookmarks, scheduling, tagging, RSS, and search functionality.  The software itself is free, but you'll need a web host and some storage to make it useful.  Ah, what a perfect example of complimenting products.. run it on the Joyent cloud!  Technologies like this are what makes the next generation workplace (one where I can do my work from anywhere) possible.

Joyent also runs OpenID servers to provide its applications and developers a common authentication service.  I'll keep it short (if you don't already know what OpenID is, you need to get with the times), but basically it provides a true single sign-on ability for web applications.  This is huge, since we already have way too many credentials floating around, and the number of web apps is multiplying every day.  A good description of how it works can be found here.

Monday Jun 09, 2008


"Many sites, one API", says Google.  For those that don't know, OpenSocial is an exciting new set of APIs for social software applications. It aims to provide a unified mechanism for accessing core data and functions on any networking site that implements the OpenSocial SPI, which will hopefully soon be the universal standard.  This is revolutionary because now instead of having to write five different versions of the same app, social network developers can just focus on making one high-quality, cross-platform app.  The project is an open-source, Google-born collaboration that is based on XML, Javascript, and the powerful Google Data APIs.  OpenSocial apps can also leverage much of the Google Gadgets infrastructure. 

This is a gift from heaven for vendors such as iLike, giving access to much broader network of potential users.  Many social network giants such as hi5, MySpace, and LinkedIn have already implemented the OpenSocial standards, and many others are in the process.  You will not see Facebook on the list however.  They have taken the Microsoft approach with their Facebook Platform, defining and supporting only their own proprietary API. 

As the browser and desktop grow closer together, people begin to speculate about the race to a "web operating system", a common virtual desktop that would be the crown of distributed network computing.  While there are products out there that literally emulate a desktop, Google is the undeniable leader and innovator in this space (that is, redefining the relationship between the desktop and the browser); they've closed the gap considerably with tools like Google Gears, Google Apps, GWT, and now, OpenSocial

Sun is well aware of the world's social media trends, and as Jonathan notes in his blog, nearly half the world's population resides in the developing countries of Brazil, Russia, India, China, and Africa (BRICA).  These are the economies most embracing of open source software and standards, and represent a fast-growing sector for technology firms.  From the business model perspective, these are the next several million people that social networks and content developers will try to reach.  Look for OpenSocial to be the foundation for much of that movement.

Thursday May 01, 2008

The Flight Planner

I've posted before about the Flight Planner application that my team has been developing the past few months.  I thought I'd share a few screen shots.  We gave Silverlight a try, and this is what we got.  It actually doesn't look too bad.  The first shot is of our custom airport locator dialogue, which lets you run custom queries for specific airports.  The second shot is of the results screen, showing a (simplified) flight plan.  It indicates distances, times, waypoints, and most importantly, current weather at each of the airports.  Still a work in progress, but take a look and see what you think.



Sunday Apr 13, 2008

JavaFX: Better and Faster

It's been a year already since Sun first announced JavaFX, the new rich interface scripting language that would be built into the Java runtime.  Now, finally, we are on the brink of a first release; the latest speculation is that a stable developer preview will be out in May and then v1.0 shortly thereafter.  It's good timing, considering Silverlight and Flex are trying to compete in this ripe market as well.  But I'd argue that Sun is wise to take its time and do it right. 

Remember my previous post about building a flight planner application with GWT?  Well, unfortunately back in the design phase we changed our minds and decided to go with Silverlight.  What a painful mistake!  We should have known that in Microsoft's hasty attempt to ride the coattails of Flash, time to market would win over completeness of implementation.  Even in what they call the 2.0 release, basic functionality is missing... how the heck is there no combobox control in an RIA framework???

Anyway, Flex is promising, but not yet up to par in terms of speed.  One of the JavaFX architects comments on this in his blog, about how it's complicated to benchmark performance between rich web user interfaces.  He notes that they use this site called Bubblemark, which contains implementations of a simple animation program in several different technologies, including basic DHTML, Silverlight (Javascript and CLR versions), Flex, Java (Swing and JavaFX versions), as well as others.  The findings are amazing: both the JavaFX and Swing versions run 3 to 4 times faster (in fps) than Flex.  He also points out that the graphics layer in JavaFX is built on what is still an un-optimized library. "...we are focusing on bug fixes and correctness right now, not optimization, so it's not as fast as it could be."  Awesome.  They haven't even tried to optimize yet, and still it's faster.  We'll see who wins this battle in the end.

Wednesday Mar 05, 2008

The latest with GWT

For our User Interface Design class we've been working on a flight planner application to allow recreational pilots and aviators to quickly and easily create a flight plan.  The web technology of choice? Right now it's the Google Web Toolkit.  The rich web interface tools GWT has available are powerful and easy to use.  After all, it's just programming in Java... with some added CSS of course.  We've discovered an extensive add-on library to GWT called GWT-EXT.  This toolkit has the power to turn your browser into a truly rich, desktop-like environment.  There is a full demo showcase, with sample source code and all.   

Window managers, dynamic history support, custom tabbed panels, layout managers... this is really sweet stuff.  Our project is still in the prototyping stages, but within a few weeks a concrete interface should be available for your viewing pleasure.




FTP over SSL

A couple months ago I wrote a little tool that converts an Excel file to HTML and then uploads it to a remote host via FTPS (that's right, FTP over SSL).  There are a few good Java libraries out there for FTP, but I spent hours and hours finding one that supported TSL/SSL and was free.  And worked.  There are several out there that claim to have this ability, but I've tried most of them, and most of them don't work right out of the box, or at all. 

Finally, I found a library called ftp4che.  It's free, well-documented, and just works.  I'll give you a glimpse of my uploadFile() method:

   private boolean uploadFile() {
        txtStatus.append("Setting connection properties..." + newLine);

        String host = properties.getProperty("host");
        String port = properties.getProperty("port");
        String user = txtUserName.getText();
        String pass = new String(txtPassword.getPassword());
        String path = properties.getProperty("path");

        Properties pt = new Properties();
        pt.setProperty("", host);
        pt.setProperty("connection.port", port);
        pt.setProperty("user.login", user);
        pt.setProperty("user.password", pass);
        pt.setProperty("connection.type", "AUTH_SSL_FTP_CONNECTION");
        pt.setProperty("connection.timeout", "10000");
        pt.setProperty("connection.passive", "true");
        FTPConnection connection = null;
        try {

            FTPFile fromFile = new FTPFile(htmlFile);
            FTPFile toFile = new FTPFile(path, htmlFile.getName());

            txtStatus.append("Connecting to " + host + " on port " + port + "..." + newLine);

            connection = FTPConnectionFactory.getInstance(pt);

            txtStatus.append("Connected..." + newLine);

            try {
                txtStatus.append("Deleting old file..." + newLine);
            } catch (FtpWorkflowException ex) {

            txtStatus.append("Uploading new file..." + newLine);
            connection.uploadFile(fromFile, toFile);

            return true;

        } catch (Exception ex) {
            if (connection != null) {
            txtStatus.append(ex.getMessage() + newLine);
            txtStatus.append("Cannot continue..." + newLine);
            return false;

Pretty straightforward, as you can see.  You just set up a Properties object with a set of key/value pairs defining the parameters for your connection, including the authentication type, and then just use an FTPConnectionFactory to create a connection.  After that, I try deleting the remote file if it already exists, and then upload the new one, with appropriate exception handling of course.  Simple and easy, the way it should be.

Tuesday Mar 04, 2008

We've got it good

Another interesting article about how web developers have "never had it so good", thanks to Sun and MySQL joining forces.  Check it out.


Sun and Python

..."Sun Microsystems has hired high-profile Python programmers Ted Leung and Frank Wierzbicki, stepping up its bet on open source and scripting languages."  Full story here.

Another strategic move from Sun, right on the heels of the exciting MySQL acquisition; they have really taken this open source movement to the next level.  Netbeans is already "the only IDE you need", but soon there will be support for Python, among other dynamic languages.  And this support will no doubt make its way into the JVM as well.  Someday it will be the only VM you need.

Thursday Feb 28, 2008

Got API?

If you haven't already, you need to check out GotAPI.comIt's a one-stop API source for all of the common web technologies, toolkits, programming languages, and frameworks.  This is a huge time saver, no matter what you develop.  If you work on any kind of integrated systems that use multiple API's or even databases, this is a dream come true.  You load up several different API's in a tab-panel, and then within each one you can custom search for functions and constructs.  It actually crawls the official API's and loads them into its interface.  Check it out.

Wednesday Feb 27, 2008


We got word today that the Texas Advanced Computing Center has officially unveiled "Ranger", the world's largest general-purpose supercomputer.

"Ranger is funded by the U.S. Government's National Science Foundation (NSF) as part of a multi-track effort to improve the computing capability available to scientists. Developed by Sun in conjunction with TACC, it is the most powerful computing cluster used for open science research in the world -- capable of an astonishing 504 trillion floating point operations per second."  Sweeeet.

As I was reading about this, one thing that I noticed is that Ranger is based on the Lustre File System.  All I really have to say is, who comes up with this stuff?  Well okay, Lustre came up with it, but really...  a node/object-based cluster system with capacity for billions of files with such astonishing reliability... HPC has come so far.  The scalability potential here is crazy; I just need a personal server so I can play with stuff like this.

Note that there are already 500+ projects at work on Ranger already, and more are being added all the time.  It's "optimized for science", so scientists: have at it.

Saturday Feb 09, 2008

On JavaFX...

Back in January I did a demo on JavaFX, Sun's declarative scripting language for creating rich media and content for user interfaces.  I want to take a few minutes and tell you what I like and what I don't like from what I've seen so far.  First of all, integration with existing Java libraries and the Java language itself is seamless.  Everything works just like a normal Java object, and you can make any API call you need to just as you would in a standard Java project.  In fact, you can have all your business logic be normal Java classes and just write you UI in JavaFX.  Awesome!  Secondly, static typing.  I think it's cool to have a script-like language with static typing, because it better enforces the principles of design by contract.  And again, this obviously resembles the Java language itself.  Thirdly, the language constructs are designed to make building a UI much faster and easier.  For example, anything you put inside a Do loop automatically gets executed in a background worker thread.  You mean I don't have to create a custom override of SwingWorker? Yep, that's right.  There are dozens of these nifty little language constructs and conventions that make life easier as a developer.  Take the declarative syntax, much like the XAML model for the Windows Presentation Foundation:  Instead of defining user interface properties and binding back-end data objects to components via a sequence of method calls, JavaFX script allows the programmer to declare the existence of a user interface component (and any subcomponents) via an easy syntax and then declare that component's value be bound to some back-end object property just using the keyword bindFrom that point on, the UI component property and the back-end object property are fully two-way bound; when one changes, the other changes right along with it.

Ok, so what do I not like?  Well, since in the declarative world program execution is not sequential, debugging support is more or less out of the question.  This means we're left with trial-and-error to find out if our code works (or looks, I should say) as intended.   However, your UI itself should not have a lot of complex code to it, so this is not a big deal.  Another thing you will see is that a lot of the example and demo programs are partial recreations of flash websites, and the look really good, but they have to be run on the desktop.  As of now, there's no way to compile this cool stuff into something the browser will understand.  The best alternative at this point is to compile your FX app into a Java Web Start application.  Unfortunately, we're still limited to HTML, javascript, and css to make things run in the browser.  My understanding, though, is that JavaFX will become like applets.  You'll write your UI in JavaFX, and embed it into HTML, much like the way flash applications work.  It will run in the browser but hook into the consumer JRE for its true power.  The proliferation of the standard JRE is quite impressive, and although this is all just speculation, I bet we'll see more examples like this in the near future. 


Trevor Thompson
Identity Management
Sun Microsystems

Interests: Software Architecture, Disruptive Technology, IT & Business Strategy, Investing


« June 2016