In debugging, there are "step into", "step over" etc., but what about a "step back" feature? There are chances that when you hit a "step over" twice by mistake, or when you find out it might be just the previous line which is causing trouble, you just want a "roll back" feature.
Debugging is like traversal on a tree or on a graph. Every breakpoint is a state or a node. In theory, if we save these states, we can step back and forth among any of them. Snapshot, versioning or savepoint can be useful in helping save the debugging states.
There are already such support in C/C++ debuggers like gdb. However, it seems that no Java debugger supports "step back" or "roll back". It would be even nicer if such feature could be included in Eclipse IDE.
Thursday, December 24, 2009
Wednesday, December 16, 2009
Apache: Full Long File Names in Index
There are cases that the default index file in Apache server trimmed your long file name. Instead you'd like to show them in full length. To do this, you can edit the configuration file of your Apache server (httpd.conf). Add "NameWidth=*" to IndexOptions, so that it looks like:
IndexOptions FancyIndexing NameWidth=*
Reference
http://httpd.apache.org/docs/1.3/mod/mod_autoindex.html#indexoptions
IndexOptions FancyIndexing NameWidth=*
Reference
http://httpd.apache.org/docs/1.3/mod/mod_autoindex.html#indexoptions
Saturday, December 12, 2009
SQL: a Cross-Tabular Report with Case, Rollup and Grouping Functions
A Cross-Tabular Report is widely used in computer software. If you keep a journal of expenses, for instance, and by the end of year, you would like to review how much you have spent on each type of goods in a month-by-month view. Or a website administrator would like to know, for each page or URL of website, how many visitors visited using different browsers. These are cases when you need a cross-tabular report. (Definitions of Cross Tabulation or Contingency table.)
So how to generate a cross tab report in just one line of SQL? The idea is to split columns with "CASE" and group rows with "GROUP BY ROLLUP(name)" and decorate the result with "DECODE(GROUPING(name), 1, 'Total', name)".
Here's an Example:
We have a log table:
SQL is a powerful language.
So how to generate a cross tab report in just one line of SQL? The idea is to split columns with "CASE" and group rows with "GROUP BY ROLLUP(name)" and decorate the result with "DECODE(GROUPING(name), 1, 'Total', name)".
Here's an Example:
We have a log table:
SQL> select page "Page", brws_type "Browser" from visit_table;
Page Browser
--------------- ----------
index.htm FF
index.htm IE
index.htm IE
page1.htm FF
page2.htm FF
page3.htm FF
about.htm FF
about.htm SF
index.htm SF
index.htm SF
index.htm FF
Page Browser
--------------- ----------
page2.htm IE
page2.htm IE
contact.htm IE
contact.htm SF
page3.htm SF
And now comes the query for cross-tabular report.
SQL> SELECT DECODE(GROUPING(page), 1, 'All pages', page) "Pages",
COUNT(CASE WHEN brws_type='FF' THEN 1 ELSE null END) "Firefox",
COUNT(CASE WHEN brws_type='IE' THEN 1 ELSE null END) "Internet Explorer",
COUNT(CASE WHEN brws_type='SF' THEN 1 ELSE null END) "Safari",
COUNT(*) count
FROM visit_table
WHERE 1=1
GROUP BY ROLLUP(page)
ORDER BY count desc;
Pages Firefox Internet Explorer Safari COUNT
--------------- ---------- ----------------- ---------- ----------
All pages 6 5 5 16
index.htm 2 2 2 6
page2.htm 1 2 0 3
about.htm 1 0 1 2
contact.htm 0 1 1 2
page3.htm 1 0 1 2
page1.htm 1 0 0 1
COUNT(CASE WHEN brws_type='FF' THEN 1 ELSE null END) "Firefox",
COUNT(CASE WHEN brws_type='IE' THEN 1 ELSE null END) "Internet Explorer",
COUNT(CASE WHEN brws_type='SF' THEN 1 ELSE null END) "Safari",
COUNT(*) count
FROM visit_table
WHERE 1=1
GROUP BY ROLLUP(page)
ORDER BY count desc;
Pages Firefox Internet Explorer Safari COUNT
--------------- ---------- ----------------- ---------- ----------
All pages 6 5 5 16
index.htm 2 2 2 6
page2.htm 1 2 0 3
about.htm 1 0 1 2
contact.htm 0 1 1 2
page3.htm 1 0 1 2
page1.htm 1 0 0 1
SQL is a powerful language.
Wednesday, November 25, 2009
Recent Risks on Internet
1. URL shorten service.
Hidden of advertisements or even worse, malicious websites.
Lost of service if the URL shorten service provider is down or hacked.
2. Websites, especially SNS, request user to provide email login and password in order to add friends.
Do they really need your password to just get a list of your friends?
Even the websites requesting your credentials are trustworthy, you are still at risk. For example, some website can add your friends on MSN or Gtak by requesting your logins and passwords, but your credentials are transferred in plain HTML to them. This means sniffers can get your passwords with ease.
There is no reason to request your password while other methods like oauth are available.
Hidden of advertisements or even worse, malicious websites.
Lost of service if the URL shorten service provider is down or hacked.
2. Websites, especially SNS, request user to provide email login and password in order to add friends.
Do they really need your password to just get a list of your friends?
Even the websites requesting your credentials are trustworthy, you are still at risk. For example, some website can add your friends on MSN or Gtak by requesting your logins and passwords, but your credentials are transferred in plain HTML to them. This means sniffers can get your passwords with ease.
There is no reason to request your password while other methods like oauth are available.
Saturday, October 17, 2009
Connection Interrupted (TCP RST) has nothing to do with HTTPS aka HTTP over TLS
A network has layers.
In the TCP/IP model, there are four layers. TCP, UDP belong to the transport layer, while HTTP, SSL/TLS belong to application layer. RST (Reset the connection) is a flag in TCP header as in RFC793. RST vulnerability as well as off-path attacks are disscussed in RFC4953. Basically, if a connection is interrupted, it simply means that there is an accepted TCP package with RST flag set. It could be the server who reset the connection, or it could be an attacker. HTTP over TLS aka HTTPS, RFC 2818, is an application layer protocol. SSL/TLS protocol is used between HTTP and the transport layer. From a transport layer's view, the upper layer applications are served in the same way.
To summarize, TCP RST vulnerability is applicable to HTTP or HTTPS or any other application protocols as long as they rely on TCP connection, but it has nothing to do with application layer protocols.
A link to RFC.
In the TCP/IP model, there are four layers. TCP, UDP belong to the transport layer, while HTTP, SSL/TLS belong to application layer. RST (Reset the connection) is a flag in TCP header as in RFC793. RST vulnerability as well as off-path attacks are disscussed in RFC4953. Basically, if a connection is interrupted, it simply means that there is an accepted TCP package with RST flag set. It could be the server who reset the connection, or it could be an attacker. HTTP over TLS aka HTTPS, RFC 2818, is an application layer protocol. SSL/TLS protocol is used between HTTP and the transport layer. From a transport layer's view, the upper layer applications are served in the same way.
To summarize, TCP RST vulnerability is applicable to HTTP or HTTPS or any other application protocols as long as they rely on TCP connection, but it has nothing to do with application layer protocols.
A link to RFC.
Wednesday, October 14, 2009
Migrate from Goolge Pages to Appengine
Migration without losing any data.
When it comes to Google Pages, will you opt-out or do nothing and wait for your pages to be migrated to sites smoothly? We can wait, but at a cost. Google Sites do not provide equal or more features than Pages do. No custom Javascript; no uploaded HTML; limited layouts, themes. It dose not seem possible to migrate without losing any data. Even the appearance will change. So, where else can we migrate to?
Our choice is Appengine.
Pros:
Cons:
Step by step migration:
The long waited automatical migration from Pages to Sites is still not done! Is Google waiting for everyone to opt-out? The magic is a rumor.
When it comes to Google Pages, will you opt-out or do nothing and wait for your pages to be migrated to sites smoothly? We can wait, but at a cost. Google Sites do not provide equal or more features than Pages do. No custom Javascript; no uploaded HTML; limited layouts, themes. It dose not seem possible to migrate without losing any data. Even the appearance will change. So, where else can we migrate to?
Our choice is Appengine.
Pros:
- Powerful.
- From the same vendor.
Cons:
- Technical skills required
Step by step migration:
- Download your pages as a zip from Google Pages
- Create a new appspot handle
- Download appengine SDK from http://code.google.com/appengine/
- Create a new project
- Configure the project
- Unzip pages into static content directory
- Test on localhost
- Deploy to appspot
- Test with http://<your-handle>.appspot.com/
- (Optional) Bind your domain
The long waited automatical migration from Pages to Sites is still not done! Is Google waiting for everyone to opt-out? The magic is a rumor.
Let's wait and see.Option 1 - Do nothing, and your pages will automatically be moved to Google Sites
- We'll set up the new site and move your pages for you.
- Visits to your googlepages.com URL will redirect to your new site.
- Note that Google Sites does not support custom JavaScript or CSS in its pages.
Option 2 - Opt out of the move, and take your pages to a new location
- Download your site.
- Once you've moved your site to its new location, opt out of migration by setting up a redirect below.
A History of man-made Lunar Impact
Hit the Moon
An incomplete list of lunar impact by human being.
2009.10.9 7:31 EDT
Nasa LCROSS
http://www.nasa.gov/
2009.03.01 16:13 CST
嫦娥一号 ChangE1
http://baike.baidu.com/view/32160.htm
2008.11.14
The Moon Impact Probe
http://en.wikipedia.org/wiki/Moon_Impact_Probe
2006.9.3 05:42 UT
SMART-1
http://sci.esa.int/science-e/www/object/index.cfm?fobjectid=39961
Tuesday, September 29, 2009
Saturday, September 26, 2009
Moebius Gears
Here's a picture of Moebius Gears.
Look cool? If you are on a Linux box, you might already have a lively demo installed. For Ubuntu users, it is located at /usr/lib/xscreensaver/moebiusgears.
Press Alt+F2 and type /usr/lib/xscreensaver/moebiusgears and run!
The xscreensaver source code could be downloaded from here.
Look cool? If you are on a Linux box, you might already have a lively demo installed. For Ubuntu users, it is located at /usr/lib/xscreensaver/moebiusgears.
Press Alt+F2 and type /usr/lib/xscreensaver/moebiusgears and run!
The xscreensaver source code could be downloaded from here.
Wednesday, September 23, 2009
The Risk of OpenID
OpenID seems a promising standard for user authentication. If service providers support OpenID, users can login without creating another pair of account and password. Ideally, a user need only remember one pair of account and password. However, such convenience comes at a cost. The only pair of account and password or the OpenID provider becomes a Single Point Of Failure. If you ever forgot your password or the Identity Provider withdrew your account because you didn't login in the past three months, you will have no way to login to any of the services. Here, we assume that the service providers only accept authentication from OpenID providers. This also applies to other forms of third party authentications.
For users, care should be taken on choosing OpenID providers. Users should keep their OpenID account active and secure the password. For service providers, they should allow other ways of authentication besides OpenID. Users should not lose the service if they lose their OpenID.
OpenID is not that open, not even as open as telephone numbers which could be transfered among telephone service providers.
For users, care should be taken on choosing OpenID providers. Users should keep their OpenID account active and secure the password. For service providers, they should allow other ways of authentication besides OpenID. Users should not lose the service if they lose their OpenID.
OpenID is not that open, not even as open as telephone numbers which could be transfered among telephone service providers.
Saturday, March 21, 2009
Inventions: Fancy Disk Copier and Fancier Copy Dragger
Here are our two new inventions: the Fancy Disk Copier and the Fancier Copy Dragger.
The Fancy Disk Copier is a CD/DVD copy machine. It works like a photo copier. You put in a source CD/DVD, and press "COPY"; the copy CD/DVD will come out instantly. Unlike a photo copier, the Fancy Disk Copier will copy with absolutely no loss of quality. The differences between copies and the original CD/DVD is not distinguishable by anyone except the Fancy Disk Copiers. This will, hopefully, prevent copyright abuse.
Our second invention, the Fancier Copy Dragger, is a dragging controller of copy speed. The Fancier Copy Dragger not only supports dragging forward at any pace, but also enables user to drag back in case a user would enjoy the copy process again. What's more, the Fancier Copy Dragger allows users to undo all copies by dragging to the very beginning. Those undo-ed CD/DVDs can be used as if they are new ones. Unlike photo copiers, hundreds of pieces of paper got wasted once any error occurred. The Fancier Copy Dragger will help protecting our environment.
Thanks for your interest in our new inventions. We will send out our "beta" products to selected users starting from next week. Get involved.
The Fancy Disk Copier is a CD/DVD copy machine. It works like a photo copier. You put in a source CD/DVD, and press "COPY"; the copy CD/DVD will come out instantly. Unlike a photo copier, the Fancy Disk Copier will copy with absolutely no loss of quality. The differences between copies and the original CD/DVD is not distinguishable by anyone except the Fancy Disk Copiers. This will, hopefully, prevent copyright abuse.
Our second invention, the Fancier Copy Dragger, is a dragging controller of copy speed. The Fancier Copy Dragger not only supports dragging forward at any pace, but also enables user to drag back in case a user would enjoy the copy process again. What's more, the Fancier Copy Dragger allows users to undo all copies by dragging to the very beginning. Those undo-ed CD/DVDs can be used as if they are new ones. Unlike photo copiers, hundreds of pieces of paper got wasted once any error occurred. The Fancier Copy Dragger will help protecting our environment.
Thanks for your interest in our new inventions. We will send out our "beta" products to selected users starting from next week. Get involved.
Thursday, January 1, 2009
Happy New Year 2009
Today is January 1st, 2009. The sun raises as usual, but there's a leap second added after GMT 23:59:59 Dec. 31, 2008. At that time spot, you might notice something like XX:59:60. XX depends on your timezone. If you are using Beijing time, it should be 07:59:60, and if you locate in central America, it should be 17:59:60.
Subscribe to:
Posts (Atom)