Tuesday, August 19, 2008

Ray Kurzweil

Today I heard a speech from a local technology entrepreneur, and he emphasized points raised by Ray Kurzweil. Specifically, that technology advances at an exponential rate. For instance, the printing press took 100 years to be adopted, it took 50 years to adapt the telephone, it took 8 years to adapt the cell phone. The same principal applies across many areas of technology from Moore's Law to disk capacity, and even in biological research. Here is a speech from 2005.


Thursday, May 29, 2008

Google App Engine

Google has announced pricing for their online Application Engine. It's basically like blogger except you write code instead of blog entries. The only downside is right now all applications have to be written in Python.

Wednesday, May 07, 2008

The Guerrilla Guide to Interviewing

Here are some highlights from The Guerrilla Guide to Interviewing (version 3.0) - Joel on Software:

"In principle, it’s simple. You’re looking for people who are

  1. Smart, and
  2. Get things done.
How do you detect smart in an interview? The first good sign is that you don’t have to explain things over and over again. The conversation just flows.

Here’s a typical plan for interviewing a programmer:
  1. Introduction
  2. Question about recent project candidate worked on
  3. Easy Programming Question
  4. Pointer/Recursion Question
  5. Are you satisfied?
  6. Do you have any questions?

The introduction phase of the interview is intended to put the candidate at ease. I ask them if they had a nice flight. I spend about 30 seconds telling the person who I am and how the interview will work. I always reassure candidates that we are interested in how they go about solving problems, not the actual answer.

Recent Project
Part two is a question about some recent project that the candidate worked on.... Again, ask open-ended questions and sit back and listen, with only the occasional “tell me more about that” if they seem to stall....

What should you look for during the open ended questions?

One:Look for passion. Smart people are passionate about the projects they work on.

Two: Good candidates are careful to explain things well, at whatever level. I have rejected candidates because when they talked about their previous project, they couldn’t explain it in terms that a normal person could understand.

Three: If the project was a team project, look for signs that they took a leadership role.

Most of the time in the interview, though, should be spent letting the candidate prove that they can write code.

Easy Programming Question
If the basic concepts aren’t so easy that you don’t even have to think about them, you’re not going to get the big concepts.

Pointer/Recursion Question

the best programmers all have an easy aptitude for dealing with multiple levels of abstraction simultaneously. In programming, that means specifically that they have no problem with recursion (which involves holding in your head multiple levels of the call stack at the same time) or complex pointer-based algorithms

Are you satisfied?
Even though the format of the interview is, superficially, just a candidate writing some code on the whiteboard, my real goal here is to have a conversation about it. “Why did you do it that way?” “What are the performance characteristics of your algorithm?” “What did you forget?” “Where’s your bug?”

Do you have any questions?
As the last step in an interview, ask the candidate if they have any questions. Remember, even though you’re interviewing them, the good candidates have lots of choices about where to work and they’re using this day to figure out if they want to work for you.

In the past, I’ve used “impossible questions,” also known as “back of the envelope questions.” Classic examples of this are “How many piano tuners are there in Seattle?” The candidate won’t know the answer, but smart candidates won’t give up and they’ll be happy to try and estimate a reasonable number for you.

Thursday, April 24, 2008

Search Me

searchme.com is a unique search engine. Their tagline is "You'll know it when you see it." After you search you get a list of results that reminds me of Apples new interface for looking at album covers. It lets you page through the snapshots of the results with the keywords marked on the pages. Thanks to Shaun for the link.

Friday, February 15, 2008

Project management

For some time I have been using basecamp for project management, but I think it's too simplistic for my needs and I plan to switch to The Trac Project. Trac has a more sophisticated priorities and categories and it also integrates with my source control subversion. It's also open source and we can host it ourselves. (I also thought about resorting back to bugzilla)

I'm also interested in some of the plug ins for Trac, like the time and estimation plugin.

Thursday, February 14, 2008

Maximizing Data Throughput for Network Applications (IIS 6.0)

Windows 2003 still has the default setting to maximize file and print sharing over network applications... rackspace recommended that i change it for my web server.

Maximizing Data Throughput for Network Applications (IIS 6.0)

Saturday, February 09, 2008

Pushing limits with web services

There are several considerations when you call or provide a web service that can send a lot of data or take a long time.

In .Net you can set the timeout period to be higher.

Also in .Net... "When the amount of data send or received by the Web service exceeds 4 MB, configure the Web server to handle the larger amount of data."
How to: Enable a Web Service to Send and Receive Large Amounts of Data

Thursday, February 07, 2008

Test Automation with FireFox Add On

I have been using iMacros Firefox Add On
to help automate my testing through the web.

The art of software testing

In the introduction to the book "The art of software testing" it poses a simple program and ask how many test cases you can think of...

"The program reads three integer values from an input dialog. The three values represent the lengths of the sides of a triangle. The program displays a message that states whether the triangle is scalene, isosceles, or equilateral."

If you write down all the test cases you can think of, you will most likely be surprised how many things you don't think of. (they provide a list of test cases in the link)

Tuesday, February 05, 2008

Testing a web site before you migrate the DNS

When you set up a web site on a new domain an easy way to test it out before migrating the dns is to add a record to the host file on your local machine, and override dns to get to the new ip address.

here is a command from windows system that will open host file on any windows os
notepad %systemroot%\system32\drivers\etc\hosts

or on unix
vi /etc/hosts

then add the record (be sure to put a tab between your ip and the domain my.domain.com

Be sure to remove the entry when you migrate the DNS. Also before migrating DNS records be sure to lower the TTL to 5 minutes for at least 48 hours before you make the change.

Sunday, February 03, 2008

windows service problem

I have been having a problem for weeks with a windows service that sporadically quit working. Fortunately, it never happened in the production environments. It only happened on my dev box. Tonight I finally figured it out.

The first thing the service does is log a message to indicate it started. It is also in a try/catch that logs exceptions to the event viewer. Turns out the event viewer had reached it's maximum size, so it would quit working and there would be no indication of the problem in the event viewer, because it was the problem.

I ended up changing an option to "Overwrite events as needed" from "Overwrite events older than 7 days." The production server was already set to overwrite as needed, which explains why it worked in production, but sporadically failed in dev.

Tuesday, January 29, 2008

.Net Pop3 library

It's always seemed strange to me that .Net doesn't have pop3 capabilities built into the framework.

Here is an open source pop3 library for .Net. http://sourceforge.net/projects/hpop/

Monday, January 28, 2008

Steve Jobs' Stanford graduation speech

This is one of my favorite inspirational pieces about life and business. I especially like the parts about finding what you love to do and connecting the dots.

SEO Basics

seo (search engine optimization) is the how to get your web pages ranked well on search engines like google. According to google there are 100s of factors that determine your rank on a search. If you are running a site these considerations should be secondary to the basic design and functionality of your web site. However more often than not, these ideas are consistent with a well designed, functional site.


1) Submit your site to google.

2) Read google's webmaster information
including guidelines,
and faq.

3) Validate your html. If your html is bad spiders can't distinguish between
visible text, structural tags, etc.


Some suggest making it html 3.2 compliant

4) Make sure your links work. Links are the primary way google finds pages.

5) Use a reliable web host. Google can't index your site if it is down.

Serp basics (serp - Search Engines Results Page)

6) Raise your PageRank by getting links from on-topic sites. (See tip 16)

Submit your site to the open directory project
under an appropriate section.

Submit to yahoo or Looksmart
directory if you have the cash (or you run a not for profit site)

Swap Links with other related sites.

The page rank of the actual linking page is a key factor, not the pagerank
of the site root.

Make sure sites that link use normal links, not javascript (what about redirects?)

interlink your pages.

make sure all pages have link back to home page.

google looks at individual page independently, not at sites, so links from your own site help you.

make it easy to get to all your pages in minimum number of clicks.

make sure you use normal html links to interlink your pages. google probably won't figure out drop downs with javascript, etc. to spider your site.

use a site map.

7) Choose the keywords you are targeting carefully.

you need to know your market to choose keywords

for instance if you are selling a product, don't make "free" a keyword, or
you are unlikely to convert your traffic.

8) Keyword density is a key factor. Put your keywords in your title, meta tags (keyword and description), visible text (in bold/in H1 tags), in the url, etc.

there are tools like keyworddensity.com
that tell you the percentage for your keywords.

the best percentages are debatable, and the best percentage should depend
on functionality of site and your competition. 2%-10% is ballpark.

9) put keywords in alt and title attributes on images.

10) make simple, small pages.

this will increase keyword density.

pages should probably only target at most three keywords.

Google will index a maximum of 101k of any page

11) Create lots of pages.

For instance, one for each item you are selling.

12) use keywords in links. (internal site links, and encourge people that link to you to do the same)

this raises kwd on page with link and associates linked page with the keywords

use keywords in text links

put keywords in link's title attribute.

14) put links and keywords near the top of the page. also called KW prominence.
google regards stuff further down page as less important.

15) make relative links unless the full url contain keywords.

this advice is debatable.

Checking up on your site

16) Get the google toolbar so you can check page rank of your site, your competitors
and people you might swap links with.

17) Trick to check to see how many of your pages have been indexed. Do negative
search for a word that is not on your site.

-zaazaazing site:andrewontechnology.com

18) check to see what sites are linking to your site (often called backlinks)
by searching goole for link:mysite.com.

this generally only shows pages that link with a page rank of 4 or above.

19) check to see what sites link to your competitors or related pages and
try and get linked on those pages also.

20) don't use a tool like web position gold to check your site for you automatically.
it is a violation and google might punish you.

21) study your web server refer logs. this should show you how many hits you
are getting and what people are searching on.

Stuff to not do

22) don't use a virtual host.

23) dont' use frames. frames suck anyway:-) and google may have a hard time
with them.

24) don't use javascript links for pages that you want google to follow.

some people use javacscript links for pages that they don't want indexed.

25) don't put inline javascript or css... put javascript and css in external

this is debatable if it helps. i guess it keeps the page small, doesn't mess
up kwd. it's just a good idea anyway.

26) don't use flash. google can't read it.

Debatable tactics

27) Tricks that might get your site indexed faster:

- the best way is to get links from other sites.

- put a link to your site in a blog post. google owns blogger and I suspect they use it to keep their links fresher than rivals.

- submitting individual pages.

- adding the google search to your page.

- using google adwords (openly adwords doesn't affect the google index)

28) Keyword proximity: Keyword proximity refers to the closeness between two
or more keywords. In general, the closer the keywords are, the better

29) Don't use black hat methods.

don't link to "link farms" or bad neighborhoods.

30) don't spam.

you can spam blogs, news groups, forums, wikis, and public site statistic pages.

this is very uncool, but it is unlikely that google will punish you because if they did, people could spam for their competitors to get them punished

31) Report competitors that outrank you that are using black hat methods.

Hidden text or links

what it is: text that can't be seen because it is nearly the same color as
the background.

links that are for a small image (1 pixel by 1 pixel)

how to detect it: select as much of the page as you can and text will show up.

Misleading or repeated words (often called stuffing)

Page does not match Google's description

Cloaked page

what it is: where a site has one page for googlebot, and another for users

how to detect it: cache is different from real page? program?

Deceptive redirects (when you go to page a meta refresh tag sends you to another

Doorway pages (page is not to on any site. submitted directly to search engine?)

Duplicate site or pages (people copy other people's page to generate content)

Other (specify)

32) remove session id from url. this makes it hard for google to distinguish pages.

Also many people advise only one or fewer parameters be passed to program.

Some suggest using mod_rewrite to avoid passing parameters.

it is thought that google doesn't want to over burden your machine so it takes
time to build an index of dynamic pages.

33) be patient. it appears google may be using how long your pages have been
indexed as part of it's criteria. this may be because people are throwing
up sites to get pagerank, and when they get banned just opening a new one.
this makes it more difficult.

34) some sites say to have outbound links to on topic, high profile (i.e. high page rank) sites.

however this may leak your pagerank that you could pass to your own site.

it could be that the only benefit is you are just raising kwd.

google.com is ranked 10 with no outbound links, however, google itself, rarely shows up in search results unless you search for google.

some think that google likes sites that link to google.

35) use robots.txt and/or meta tag to remove pages that are not good pages
to index. these pages leak pagrank.

for instance I have a login page, and every page links to it near the top of the page.

36) some people think putting all you pages in the root directory helps them.

not sure about that one.

commonly accepted that having directories more than 4 or 5 deep will cause

37) domain spamming is creating lots of domains with virtually the same content
so you get all the top listings.

the content can't be exactly the same because of duplicate site penalty. some suggest 15% variance.


cool tool for managing the .Net Global Assembly cache.

Think twice before using 64 bit OS

I don't recomend 64 bit Version of Windows Server 2003. The only exception is a box dedicated to an application that has good support. For instance, it would make sense to have a SQL server box that runs 64 bit version of Windows Server 2003, but a web server that may need to use third party libraries should probably run on a 32 bit version. As the links illustrate, often old driver and 3rd party applications, just don't work. Error with ole db driver on 64 bit windows, and Error retrieving COM class

Monday, January 21, 2008

CPorts: Graphic netstat program for windows

CPorts is a slick tool that provides an GUI for the netstat command.

BEA bought by Oracle, Sun buys MySql

Oracle bought BEA, and Sun buying MySql is interesting because now all the major players... Microsft, IBM, Oracle and Sun own the entire stack for web appliation developement. Although technically Oracle doesn't own an operating system, they are famous for porting their app to different platforms. Also Microsoft and Oracle also don't sell hardware. Furthermore, even though Sun owns Java, their Java product suite is weak. They bought out netscape's server stuff, and now mysql. People only use the software that Sun gives away (apache projects and now mysql). I don't see how Sun will ever make money off software.

Rackspace back up systems

I have a machine at rackspace. They used to use Legato (which was bought out by EMC) for backups, and they have switched to CommVault. I also learned SQL Server has to be backed up separately from the normal file system backup because the SQL Server files are in a state of flux and won't be able to restore your database from a file system backup.

Friday, January 04, 2008

How to guess passwords

Often people's passwords are things they are passionate about and can be guessed using inference.


their own name first, last, middle or maiden. their children's, their pets, nicknames, their spouse, or person they are dating, their parents or other family or friends names.

often the names are abstratct, like babygirl, my2girls, ourboys, myboys, my1stborn
often parts are initialized: hsimpsons (for homer simpsons)

hobbies, or sport: marathon, guitar, fishing, nascar, soccer, softball, football, golf
sports team, or sport slogan: rolltide, bamafootball, wareagle, gosteelers
alma maters, the name of their band, league, fraternity or any thing they are a part of: harvard, chiomega
a city, state or community they want to travel to, like, have lived in, we married in or are from: florida, newyork, sanfran, tampafla, africa, hoover

favorite movie, tv show, or book: oceans11, seinfeld, mobydick
favorite fictional characters: luke, vader, yoda, gandolf, mickeymouse, hawkeye, superman
favorite people, sports stars, and celebrities: dalejr, maddona,
favorite band or album: beatles, imagine
favorite brands: mercedes, drpepper, xbox360
favorite color or things: purple, flower, tattoo, apples

random stuff
astrological signs: aries, cancer (especially their own)
dates: historic events, anniversaries, birthdays: august11, november, jfk1963
religious slogans or scriptures: jesus, jesuslives, havefaith, jesussaves, godisgood, john316

adding numbers
people often add numbers to the end of their passwords: auburn31
for numbers they chooose: years they were born, their age at the time they made the password, area code, phone numbers, zip codes, etc.
simple numbers like 1, 123, 1000
adding 1 is very common because some systems require alphanumeric.

common name/numbers:
alma mater and the year of gradation: harvard93, clemson2002
child's name and year of birth: tommy1983
sports team and year of championship: bama92
their own name and year they will graduate: brittany2009
their car and year it was made: honda03
favorite sports figure and their number: jackson34

also some systems that force you to change your password people change it like...thomas1, thomas2, thomas3. so even though the system forces them to change their password, it essentially stays the same for them.

the completely obvious
using the word "password" as the password.
using their login as their password.
no password, (if the system allows it)
default passwords. like linksys routers u:admin, p:admin

guessing pins
if you ever need to get in a secure building, no doubt someone's code is 1111, or 1234, or something equally obvious.

people reuse the same passwords.
If you a person's password for one thing, you probably have the password for their other stuff
if you get access to someone's email, you can search for the word password and find other passwords.

There are oher low tech ways of getting passwords:
social engineering: asking them under a false pretext where they trust you.
Shoulder surfing: watch them type it in over their shoulder or with a camera.
also people write their passwords down all the time. especially on post it notes.

There are also more high tech ways of getting passwords.
key catchers: capture all keystrokes. hardware and software versions are available.
trojan horses, phishing, etc.

Do you know other common passwords or methods? If so leave a comment.

Wednesday, January 02, 2008

Google 411 used to build text to speech engine

speculation that google is using GOOG 411 to help build their own text to speech engine to allow word searches in videos on the web