Scrum Backlog Templates
November 18, 2008
Here are two useful backlog templates provided by Agile Software Development. Both of them are in Excel format (XLS). Check them out:
Detect Replay Attacks in your Web Services
November 18, 2008
Many threats that are common to distributed systems are common to Web services as well. There are a few specific threats associated with the Web services processing model, such as:
- Message replays: An attacker may re-play an entire message or a part of a SOAP message.
- Man in the middle attack: An attacker may view and modify a SOAP message without the knowledge of either sender or the receiver.
- Identity spoofing: An attempt to construct credentials that seems to be valid but not.
- Denial of Service (DOS) attacks: An attempt to make a system expend its resources so that valid requests cannot access a service.
- Message alteration: An attempt to alter a message compromising its integrity.
- Confidentiality issues: Access to confidential information within a message by unauthorized parties.
Dimuthu wrote an interesting post about how to prevent replay attacks using WSF/PHP. He also shows how to detect them using WS-Addressing and WS-Username token headers.
How to kill an idea, or help it grow
November 6, 2008
It is far easier to kill an idea than to encourage it and turn it into a useful solution. Be on a constant watchout for putting down an idea too early without understanding the positive reasons for it being suggested. Hopefully you will see that there are many ways in which you can be constructive.
To kill an idea, say:
- It’s not part of your job
- That’s not what we do here
- Costs too much
- Against the company policy
- It’s not budgeted, maybe next year
- Let the other department handle that
- It is not our problem
- Why would you do something like that?
- We have been doing it another way for a long time and it works fine
- If it’s so good, why hasn’t someone suggested it already?
- Has anyone else tried it successfully?
- We have tried that before and it didn’t work
- Is anyone crazy enough to try that?
- We’re already doing that
To help an idea, say:
- Yes, and…
- Great, let’s try it
- How can we make time to see if it will work?
- What resources would we need to do it? Tell me more
- How can we make it work?
- What are the advantages?
- How can we remove the dis-advantages?
- What can I do to help this happen?
- I like it
- That sounds interesting, tell me more
- How can we convince everyone else?
Create Clickable Wireframes
November 6, 2008
I found an interesting web-hosted application called ProtoShare that allows you to create clickable and working wireframes very easily. It has all the HTML elements you would need to design a web application, like headers, text areas, form interaction and even drop-down XHTML menus. Once you have a design, you can share it with others. It also creates a basic, linkable template that allows you to preview usage flow and overall experience.
This screencast demonstrates how ProtoShare can be used to create wireframes.
Getting Started With Message Queues
November 3, 2008
When you’re building an infrastructure that is distributed all over the internet, you’ll come to a point where you can’t rely on synchronous remote calls that, for example, synchronize data on 2 servers:
- You don’t have any failover system that resends messages if something went wrong (network outages, software failures).
- Messages are processed over time and you have no control if something goes overloaded by too many requests.
Even if you don’t have to send messages all over the Internet there are enough points of failures where something can go wrong. You want a reliable and durable system that fails gracefully and ensure.
Solutions
Dropr
Dropr is a distributed message queue framework written in PHP. The main goals are:
- Reliable and durable (failsafe)-messaging over networks.
- Decentralized architecture without a single (point of failure) server instance.
- Easy to setup and use.
- Modularity for queue storage and message transports (currently filesystem storage and curl-upload are implemented).
Beanstalkd
Beanstalkd is a fast, distributed, in-memory workqueue service. Its interface is generic, but was originally designed for reducing the latency of page views in high-volume web applications by running most time-consuming tasks asynchronously.
It was developed to improve the response time for the Causes on Facebook application (with over 9.5 million users). Beanstalkd drastically decreased the average response time for the most common pages to a tiny fraction of the original, significantly improving the user experience.
Zend Platform Job Queues
Job Queues is an approach to streamline offline processing of PHP scripts. Job Queue Server provides the ability to reroute and delay the execution of PHP scripts that are not essential during user interaction with the Web Server. Job Queues improve the response time during interactive web sessions and utilizes unused resources.
Memcached as simple message queue
In this post, Olly explains how to use memcached as a simple message queue:
Some months ago at work we were in the need of a message queue, a very simple one, basically just a message buffer. The idea is simple, the webservers send there messages to the queue, the queue always accepts all messages and waits until the ETL processes request messages for further processing. As the webservers are time critical and the ETL processes aren’t you need something in between.
Links
Yahoo! announces its Open Strategy
November 1, 2008
Yahoo! is in the process of releasing its Open Strategy with the goal of connecting more people in more ways than ever before.
Y!OS is a platform at it’s core, accessible via an API layer by applications that can be built by anyone and run on or off of Yahoo!. Y!OS can be used to completely rewire Yahoo!, putting an open architecture at Yahoo!’s core and adding a horizontal social dimension across Yahoo! and beyond.
There are three major goals to Y!OS:
- Creating a social dimension
- Opening Yahoo! (both data and application UI)
- Rewiring Yahoo! properties with a new architecture built on this new Open Platform.
Neal Sample & Cody Simms walk you through the entire Y!OS platform.
Zend Framework: Autoloading for better Performance
November 1, 2008
Many discussions have come up in the recent past about how ZF should increase the libraries base throughput. One of the suggestions that comes up is whether or not requiring the autoloader, and consequently removing calls to require_once, is a good thing.
The following posts explore these possibilities:
PHP Namespaces Controversy
October 28, 2008
Java: Attribute/Method access: foo.bar Static method access: Foo.bar Package access: foo.bar.baz C#: Attribute/Method access: foo.bar Static method access: Foo.bar Namespace access: foo.bar.baz Python: Attribute/Method access: foo.bar Static method access: Foo.bar Module access: foo.bar.baz PHP: Attribute/Method access: $foo->bar Static method access: Foo::bar Namespace access: C:\foo\bar\baz
Developing cross-platform Adobe AIR desktop applications
October 25, 2008
This weekend I decided to spend some time developing my first cross-platform Adobe AIR desktop application. My first impression of Adobe Air was: Wow! It takes only a few minutes to see how easy and powerful this platform is. What’s great about AIR is that you can build Rich Internet Applications that run across operating systems (Win/OSX/Ubuntu) on the WebKit HTML engine and are easily delivered using a single installer file. You can also build desktop applications in JavaScript, a language that nearly everyone is familiar with.
What’s really cool about Adobe AIR is that the extension for Dreamweaver lets you transform a web-based application into a desktop application. Users can then run the application on their desktops and, in some cases, without an Internet connection. I already have a couple of these applications running on my Ubuntu desktop.
Also, Adobe AIR has an embedded database SQLite, which is an SQL92 & ACID compliant database engine with support for storing databases of up to 1TB. You can use this embedded database in your AIR Apps, and send SQL queries to it using JavaScript!
For a quick, hands-on illustration of how Adobe AIR works, read the following tutorials:
Cloning your Ubuntu Installation
October 22, 2008
It’s always handy to have a complete list of packages installed, specially if you want to create a system that is similar to a different system you have already set up. In this post I’ll cover how you can export a list of installed packages on one Ubuntu system, and import them into another to build a duplicate system.
Make a copy of the system’s repositories
Copy the /etc/apt/sources.list text file to the destination system over the network.
Export the list of installed packages
$ dpkg --get-selections | grep '[[:space:]]install$' | \\
awk '{print $1}' > ~/package.list
Copy the package.list text file to the destination system over the network.
Prepare the destination system
Update your package list to make sure you get the latest version of the packages:
$ apt-get update
Import the package list
$ cat ~/package.list | xargs apt-get install
That’s it! All of the files from the package list will have been imported into the new system. This doesn’t mean that all of the settings have transferred over. To do that, you will likely need to copy settings from the /etc directory.
