Google Go

Like every week there were the usual announcements of new stuff from Google this week. Highlight this week must be the experimental language Go. My initial response, not hindered by any knowledge about what Go is about, was: yet another language, why bother? I watched the rather interesting techtalk about this new language and I have a bit more insight now. My initial response is still prevailing, but I can see how Go could influence things in the right direction since it does do a few cool things.

Things I like about Go:

  • Channels and “go routines” aka. jobs or threads if you insist (not necessarily the OS supported ones) supported in the language, this is the essential superglue needed for parallel computing. The only mainstream language that comes close so far here is erlang, which is not exactly very popular but is being applied successfully for e.g. xmpp implementations. Anybody who has ever done any programming involving threads should be able to see the benefit of these features. I need this, yesterday.
  • Interfaces and typing. Any interface declared is automatically a type of anything that implements its contents. This is a useful formalization of duck typing (if it walks & talks like a duck, it must be a duck) that I haven’t really seen elsewhere other than scripting languages. It’s a bit of a philosophical thing. Should objects describe themselves, or or should an outsider be able to classify the world? Go takes the outsider point of view and basically allows programmers to treat objects as a Duck if they implement a quack() method. Like it or not, concepts like casting, the friendly keyword in C and untyped languages exist because of this. Go doesn’t need those.
  • Orthogonal & KISS design of the language where things can be combined freely. Some pretty cool stuff was demoed with channels, consts and other language features being combined to do pretty complicated stuff in the above linked techtalk. Separation of concern is highly useful, as any good software designer knows, and the right thing to have at the language level.
  • Implicit typing of arbitrary precision numbers, floats, etc. This is a brilliant idea. Prematurely narrowing down the precision of your floats, ints, and what not is a source of bugs. Leave it up to the compiler to figure out the right precision and leave it to static code analysis tools to identify potential performance bottlenecks that might result from this.

What I don’t like:

  • C-like syntax & weird syntax for types. C syntax was never that great (without macros, C would be unusable) and essentially most of the details were bolted on over time. Preserving the error prone & and * notations is in my view a big mistake, as are several other C constructs. They are an open invitation for programmers to make extremely hard to find mistakes.
  • Lack of generics, although they are working on a solution here apparently. Like it or not, meta programming and related subjects are enabled by this key feature. Too important to omit nowadays.
  • Yet another vm/runtime and no support for JVM, .Net, llvm, or similar run-times. In my view native is overrated (relative to dynamic compilation) and I don’t buy the “runs within 10-20% of native C code” claim (what about optimizations & 40 years of compiler tweaking?). But I’m sure that is true for the trivial code that has so far been written in Go. As is the case for trivial Java code, which under controlled circumstances kicks some ass relative to any statically compiled language BTW. But show me some real software doing real stuff.
  • Burn everything and start from scratch approach to libraries. Is that really necessary? Seriously, I spent the past few days sorting out the dependencies to external libraries I have in a ‘simple’ java project (i.e. updating to more recent versions, pruning unused stuff). Contrary to the popular belief, some of those ~50 direct and transitive dependencies do some really useful things and are not just bloat. 5000 lines of Java + a few hundred thousand LOC in dependencies is hard to beat with a new language plus ~100KLOC worth of libraries. Any productivity gains would be wiped out by having to reinvent a lot of wheels. Not necessary in my view.
  • The nineteen seventies architecture for compiler and run-time. As I outlined in my last post, I believe compilation is fundamentally a run-time optimization these days. With Go, the compilation work is allegedly light to begin with due to the wise decision to keep the language simple. So why bother at all with compiling and why not just leave things to the run-time to figure out when you actually run the code? Integrate the compiler into the run-time and remove compilation as a concern for developers.

In short, nice concepts but I don’t see the need for tearing down everything we have and starting from scratch. Basically this language is scala + a couple of tweaks and minus all of the integration work and maturity. There are lots of contenders in this space and Go is just yet another one. They probably should have called it E since it is just repeating the mistakes of C, C++, and D but is not quite the same as F#.

OpenID, the identity landscape, and social networks

I’m still getting used to no longer being in nokia research center. One of my disappointments of being in NRC and being a vocal proponent of openid, social networks, etc. was that despite lots of discussion on this topic not much has happened in terms of me getting room to work on these topics or me convincing a lot of people about my opinions on these topics. I have one publication that is due out whenever the magazine involved gets around to approving and printing the article. But that’s it.

So, I take great pleasure in observing how things are evolving lately and finding that I’ve been pushing the right topics all along. Earlier this week, Facebook became a relying party for OpenID. Outside the OpenID community and regular techcrunch readers, this seems to have not been a major news story. Since, just about anybody I discussed this topic with in the past few years (you know who you are) always insisted that “no way that a major network like Facebook will ever use OpenID”. If you were one of those people: admit right now that you were wrong.

It seems to me that this is a result of fact that the social networking landscape is maturing. As part of this maturation process, several open standards are emerging. Identity and authentication are very important topics here and it seems the consensus is increasingly that no single company is going to own all 6-7 billion identities on this planet. So naturally any company with the ambition to potentially separate 6-7 billion individuals from their money for some product or service, will need to either work with multiple identity providers.

So naturally such companies require a standard for doing so. That standard is OpenID. It has no competition. There is no alternative. There are plenty of proprietary APIs that only work with limited sets of identity providers but none like OpenID that can work with all of them.

Similarly, major identity providers like Google, Facebook are stuck at sharing a few hundred million users between them, they shift their attention to somehow involving all those users that didn’t sign up with them. Pretty much all of them are OpenID providers already. Facebook just took the obvious next step in becoming a relying party as well. The economics are mindbogglingly simple: Facebook doesn’t make money from verifying peoples identity but they do make money from people using their services. OpenID relying party means the group of people who can access their services just grew to the entire internet population. Why wouldn’t they want that? Of course this doesn’t mean that world + dog will now be a Facebook user but it does mean that one important obstacle has just disappeared.

BTW. Facebook’s current implementation is not very intuitive. I’ve been able to hook up myopenid to my facebook account but I haven’t actually found a login page where I can login with my openid yet. It seems that this is a work in progress still.

Anyway, this concludes my morning blogging session. Haven’t blogged this much in months. Strange how the prospect of not having to work today is energizing me 🙂

Upgrade to wordpress 2.7.1

The joys of moving and starting a new job sadly also means less time for things like upgrading wordpress. I’ve never been so far behind the main version (one major and a subsequent minor release). So, this morning I sat down to do the usually quick and efficient switch svn to wordpress 2.7.1 tag, upload files, upgrade DB and done type ritual.

Except it didn’t work. Damn. I spent nearly two hours running into several problems and trying to fix things. The root cause was three fold.

  1. I did not RTFM.
  2. The little upgrade instructions have subtly changed. Bla bla bla, and oh BTW you should add this stuff to your wp-config.php. Naturally that was a problem.
  3. The theme I have been using for quite some time Barthelme is no longer maintained and wp 2.7.1 doesn’t seem to like it.

Basically, it didn’t like the theme and hence could not show the site. Worse, it could not show the admin site either. All it showed was a blank page. Blank as in, 0 bytes. Blank as in, oops some weird php error and lets just return 0 bytes. Not good. Somewhere in between I did actually manage to run the upgrade db script. That too didn’t have any UI but I could at least get to the upgrade link using view source in firefox. Hint, if you ever get this far, don’t do that. That didn’t make things better. I then tried removing plugin directories and theme directories to make it revert to defaults. Didn’t work, still a blank page. Then I did my usual diagnostics and found out about the wp-config settings, which by now made no difference. Still a blank page.

So, I screwed up and for the first time had to resort to actually using the db backup I thankfully made (would have been in more trouble without that). Except that didn’t work either. Yikes.  Loaded the nice little dump I had made earlier with phpadmin and uploaded. After some time it came back with a nice “Got a packet bigger than ‘max_allowed_packet'” error. Yikes. This one took a while to figure out. Apparently this is some setting you can override if you have the right to do so, which I don’t. Most advice out there points this out “hey just fix my.cnf, restart the server and you’re good”. Yeah right, not much help but thanks. So then I figured out that line length probably was the problem here. Indeed it was since phpadmin seems to default to generating one huge INSERT statement with a comma separated list of all the values. So everything I published since 2005 on this blog on one line and , separated. Sounds like a lot but it’s only 1.5MB or so.

Anyway, the solution is buried in a comment from Gareth in the mysql documentation:

So just search and replace ), by ); INSERT INTO `wp_posts` VALUES. Be careful about doing that only on the insert you want to change BTW.

Anyway, I reverted back to wordpress 2.6.5, imported my fixed dump, fixed my configuration to be prepared to 2.7.1 and checked if my blog survived. It did.

Then I switched the theme to the default theme (i.e. what you are looking at), did the svn switch, upload, upgrade db and this time everything worked.

So, you will have to excuse the odd layout problems for now. Default wordpress theme sucks and I suspect I have some overflow issues here and there. I will be fixing those shortly of course.


I’ve been enthusiastic about openid for a while but have so far not managed to openid enable my site. WP-OpenID, which is the main openid plugin for wordpress is under quite active development. Unfortunately, until recently, any version I tried of that had some issues that prevented me from using it.

The author Will Norris got hired by Vidoop the other day to continue working on wp-openid in the context of the diso project. Diso is another thing I’m pretty enthousiastic about. So, things are improving on the openid front.

Tonight, I managed to get version 2.1.9 of wp-openid to install without any issues on my wordpress 2.5.1 blog. I’ve been testing and it seems to at least accept my openid (delegate to myopenid) without issues.

So finally, my blog is openid enabled.

The delegation bit is BTW courtesy of another wordpress plugin: openid delegation. I’ve been using the 0.1 version for more than a year and it just works. Delegation is an openid concept where any website can delegate openid authentication to an external openid provider. This allows you to use a URL you own as your identity and also to switch provider without losing control of your openid url.

simple note encrypt/decrypt with AES in javascript

Inspired by the hype surrounding the iphone and web applications, I hacked together a nice little toy to encrypt and decrypt text using aes. I borrowed the aes implementation from here and basically wrote a somewhat nicer UI for it. I still need to integrate sha1 hashing of passwords as the aes.js script author suggests that is a bit more secure than his current method.

I have no idea if it will work in the iphone browser since I’ve only tested in firefox. It partially works in IE7 and I have no desire to spend time finding out why it fucks up. Suggestions to improve my little javascript hacking are welcome of course.

BTW. password of the default content is: “secret”.

Firefox 2.0 Beta 2

I just installed the new Firefox 2.0 beta 2. There are a few nice improvements over 1.5:

  • The most visible change is the new theme. The changes are pretty subtle but seem to be aimed at improving usability.
  • One of my petpeeves: the lack of a search button in the toolbar has been fixed. The go button, which accompanies the url bar, has been there forever but until now the search box had to do without one.
  • Tabs now have their own close button instead of a global tab close button way on the left. This was a usability nightmare from the moment this ‘feature’ was introduced a few years ago. People have been complaining about it ever since. It’s a good example of how long it can take to convince software engineers of something when they have digged themselves into the sand :-).
  • The themes and extensions window have been merged into an addons window. This is probably a good change but it doesn’t go far enough for me: it should be integrated with the options window. I frequently confuse the two and open one when I intended to do something in the other.
  • There’s a ‘recently closed tabs’ option in the history menu. Nice! Also there’s a ‘undo close tab’ option in the context menu on the tab bar. I used to have an extension that did more or less the same. Nice to see good features being picked up by the developer theme.
  • Spell checking. This is a nice feature except for two things: it has no (permanent) disable function. You can toggle ‘spellcheck this field’ in the context menu but the setting does not persist so it comes back on the next time you edit a textfield. Also there is no configuration userinterface for the spellchecker. For example installing a dutch dictionary requires some configuration that requires a number of steps which are probably documented somewhere but not obvious from the present userinterface. So if I go to a dutch site with the us version of firefox (I prefer the english userinterface), basically every word I type will be highlighted as misspelled. Hidden in the context menu of a spellchecked field is an option add dictionaries which takes you to the addons site. The url ends with /dictionaries but there is nothing on the page related to dictionaries. So this needs some work. Suggestions: add a dictionaries tab to the addons window and a disable spellchecking option to the content options tab. BTW. the spellcheck feature is already annoying me. I guess I’ll be looking for an extension to get rid of it. Amazing how many non dictionary listed words can sneak into a post like this.
  • The subscribe to RSS feeds feature has been improved and you can now subscribe using an external feedreader or using several websites, such as Bloglines, which I have been using since a few weeks.
  • Apparently there’s a new phishing/malware detection tool. This might prevent people like my mother from installing spyware. I’ve depended on common sense for years now to prevent me from getting into trouble with worms, viruses, etc. That strategy seems to work fine but having some kind of advanced warning before clicking somewhere is of course nice.

I don’t see much negative stuff anymore so I think I’m going to use this build until the release candidates start appearing. I’ve blogged previously about the version number. Given that the half finished spellchecker + rss fixes are the biggest changes and the rest is merely minor cosmetic work, I still don’t think this counts as worthy of a major version number bumb. However, this seems to be another ‘heels digged into sand’ kind of thing. Everybody has been pointing this out for months and all the 2.0 reviews I’ve read so far seem to point out that there isn’t that much new in Firefox 2.0 as well (I predicted that this would happen on Ben Goodger’s blog a few months ago, seems I was right). For example, ars technica, which usually does a decent job of reviews, says this about the version number:

Is the new release really deserving of the 2.0 moniker? It’s hard to say, given the fact that it looks and feels very much like 1.x. Is it a better browser than 1.x? Definitely.

I think I agree with this assessment 100% It’s definitely a nice incremental improvement and who cares about version numbers anyway :-).

wireless hell

This wireless shit is absolute crap. This is the second time I’m setting up a wireless network. The first time was for my father. He’d bought a wireless adsl router (smc) and a usb stick. It didn’t work. So he brought back the stick and got one from another brand (my advice). It sort of worked but the connection was very poor. So far he’d been doing stuff by the book (he knows nothing about computers) and then he called in me. First action: remove the crappy software from the previous stick. That didn’t work (the uninstaller is broken) but at least the connection was a bit more consistent now since the old software no longer intervened. Second action replace the driver for the new stick, no improvement but it made me feel better. Third action: replace the firmware of the router. That worked! Suddenly the connection was fine and it has been ever since. Conclusion: the router software was crap and the first usb stick was crap. More importantly, the manufacturer of the router knew it was crap and silently fixed the problem and released an update. Thousands of it’s customers must still be getting a really lousy end user experience. Getting this setup to work required non trivial intervention that no normal consumer would ever figure out. BTW. the troubleshooting material, website and documentation were like the software: poorly written crap.

Now fast forward to 2005. I’m buying a wireless router and a usb stick. I know I am in for trouble. But I’m an optimist so I RTFM, sit back and watch the thing install. First sign of trouble: the widgets of the wlan monitor look like the thing has been written in ancient pascal. These old borland applications had a distinctively looking, shitty look and feel that dates back to 16 bit windows. I’ve seen several such applications in my life and I now associate this look and feel with poor quality software that is extremely likely to crash, hard. Had a screenshot of this software been displayed on the box, I would have left it on the shelf. But the connection sort of worked so I leave it alone. Second sign of trouble, I now have an Odyssey thingy ontop of the tcp thingy in my network properties from an obscure company by the name of Two layers of crappy software is like asking for trouble. It claims to do stuff with security.

Then an hour later my mouse stops moving, the system is frozen. My pc has some stability issues (cpu overheats) so I do not directly suspect the usb stick, yet. I reset. Hey the wireless network icon is missing and the monitor icon is greyed out. Hmmm. What could be wrong here? Power cycle, same thing happens again. No connection. It’s plug and play so I (un) plug and pray. Now the wireless icon reappears but this time with a nice red cross. Improvement! Right click, repair connection. And we’re back in business. That’s some nasty bugs down there. Just to be sure I downloaded the latest driver from siemens. The well hidden changelog mentions some ‘installation issues’ were fixed, yeah right. Confusing website too.

Half an hour later it happens again exact same scenario. And then again. Also I notice that GAIM keeps reconnecting every few minutes. Now I’m getting suspicious and zoom in on the monitor application: it looks like crap so it probably is crap. So uninstall the entire wireless software (monitor, funky odyssey + driver), plug and pray, and this time manually install only the driver when windows ‘detects the new hardware’. Let the windows wireless wizard thingy do it it’s thing (that’s crappy too but at least it looks like it was written this century). I seem to be back in business, for now. At least long enough to write this text. I’ll keep you posted. If it doesn’t stay online until tonight I’m bringing back this heap of smelly crap to the store.

Lesson learned: when installing wireless lan, don’t touch any of the cds that come with it. Download the latest driver, install it through the software that comes with windows and minimize the number of external software components.

UPDATE. It appears I’ve not solved the issue yet. Uptime has improved somewhat (up to 2.5 hours) but it still disconnects at random, has trouble finding my router and hangs very often. I’ve also upgraded the chipset software. The router firmware seems to be the latest version (at least, motorola doesn’t offer any upgrades). I’ve now disabled wep encryption. In other words, I’m running out of options. :-(. If this doesn’t do the trick, nothing will.

UPDATE 2. I enabled the upnp service. Seems to be working, I’ve been online for 4.5 hours now. Could this be it?

UPDATE 3. No computer freezes today. I did lose the connection a couple of times. I understand that wifi cards can operate at different channels and that channel 1 (default), 6 an 11 use different frequency ranges. I’m in an apartmentblock with several wifi routers in range and who knows what other equipment. So I changed the channel to 11. I suspect interference is part of the problem.