Archive for August, 2003

Stylistic issues

Comments on a few stylistic issues I noticed these past days.

Ted talks about "cuddled
" (what a cute name):

} else {

AKA, the "cuddled else". I never heard of a name for this before. I use
this style extensively when I’m programming in Java, but it and all the
close brackets use up a lot of whitespace.

This convention is recommended by Sun, but I usually prefer to
have the closing brace and the next instruction on separate lines.  Nothing
religious or artistic about this preference, the reason is pragmatic: 
easier copy and paste.

For example, suppose you need to move the catch block to a different place in
your source.  Compare the copy/paste operation between the following two

try {
  // ...
} catch {


try {
  // ...
catch {

Cameron posted the
following code snippet, that I would also write slightly

public Object[] toArray()
int cItems = size();
if (cItems == 0)

Object[] aoItem = new Object[cItems];
// ...
return aoItem;

I have two remarks about this code:

  1. I tend to avoid multiple returns in the same method.  They make it
    harder to follow the logic behind the flow and it’s also inconvenient to
    break at the end of the method in order to introspect the returned value.
  2. I always store my returned values in a variable called "result" (one of
    the few things I liked about Eiffel).  This way, I can highlight this
    variable and pinpoint immediately where it is assigned.

Therefore, I would rewrite Cameron’s code this way:

public Object[] toArray()
  Object result = EMPTY_ARRAY;
  int cItems = size();
  if (cItems >= 0)
    result = new Object[cItems];
    // ...

  return result;

(Cameron, note that I respectfully respected your insane indentation scheme).

Components in Java

I guess I need to clarify my previous post.  I am not complaining about
the impossibility to access COM from Java or from Python, but about the fact
that Java doesn’t enable component-based computing like COM does.  More
precisely, Java needs the following:

  • A tool to look up all the Java components available on my desktop, or on
    a distant server.
  • A central place (either physical, file system, or virtual, such as a registry) where all the Java components can be found
    and browsed.
  • An API to declare what classes I make available and where the metadata
    can be found (contracts, documentation, etc…).
  • An API to look up the said components (QueryInterface()).

And if someone wants to point me to JavaBeans, I kindly invite them to reread
the points above and realize that JavaBeans doesn’t even get close to enabling
component-based computing.

It’s actually interesting to see that in some way, Web Services offer these
services on a WAN.  But Java has no mechanism built in the JDK to enable
true component reuse.  And it’s very sad and causes endless rounds of wheel
reinvention in the Java community.

Python replacing Visual Basic? Nah.

In a

recent entry
, Nelson argues that "Python is good enough on Windows to
replace Visual Basic":

Between wxPython, pyGame, and the win32all extensions you have all the
doodads you need to build Windows apps.

Then he illustrates his point by explaining a little application he wrote in
Python for his own use.

Unfortunately, he’s missing the point.  The strength of Visual Basic has
not much to do with the language itself, nor with the tools.  The reason
why Visual Basic is so popular is COM.

Visual Basic is rarely used to write standalone applications, but the fact
that you can reuse all the Office application (and a lot of others) from
"outside" is a Windows feature that Linux and all other Unixes have never been
able to achieve, despite commendable efforts. You have to hand it off to
Microsoft, who truly enabled "component-based computing" as soon as 1995, when
the first usable versions of COM appeared.

Here we are in 2003, with some stellar Java applications that we use every
day and love.  How many of them can be scripted from the outside? 
Where do I turn to if I want to reuse, say, IDEA’s code editor?  How about
Rational Rose’s UML designer?  Or even a simple HTML renderer?

Component reusability cannot be retrofitted.  It has to be built in,
from the ground up.  When I am writing a Java application and I have
identified a component that might be of interest to other users/developers,
there should be a simple way for me to expose a simple API that can be looked up
and invoked from any language.

Before everyone points me to Jython and similar initiatives, yes, they are a
good start, but nowhere near a true reusable component model similar to COM. 
Until we see such a model in the JDK, we will never have true component reuse in

A fabulous prank

Something happened to me that I will remember forever.

Stallman, Gosling and a bit of emacs history

I have recently read some
incorrect interpretations of the story
between James Gosling and Richard Stallman.  It’s easy to get lost in the
various ego-centered wars flying around so I thought I would take this
opportunity to set the record straight by narrating the events as I remember
them.  Of course, my recollection might be a bit biased but the links to
the various posts should allow you to make your own decision.

Now, let’s take a little trip back with father Tiresias…

Chronologically, the first "real" emacs was written by Stallman and
then branched and improved by Gosling under the name "gosmacs".  There was obviously a little bit of friction involved
with this first fork but it was nothing in comparison of what was going to
follow.  But first of all, some background on Stallman.

We all know the individual and his extreme views on open source, but what
most people probably don’t know is that back then, Stallman was extremely
hostile to graphics, bitmap screens and all this fancy new technology that was
going to bring the computers to the masses.  He was even a very vocal enemy
of…  the mouse.  Yup.


These beliefs made him very hostile to the simple idea of making gnuemacs
usable in a graphic environment, which back then was X Window.  Tired with
his position and also upset by the constant delay that emacs 19 was
incurring, a group of people decided to fork off gnuemacs and start a new
project intended to gather all the latest technologies that were picking up
steam fast.

Most of these people were working for a company called Lucid, and therefore,
they named their emacs "Lucid emacs" (which became XEmacs in 1994
after Lucid went out of business).

Implemented by a talented group of developers, one of them being an
individual called Jamie Zawinski (and I’ll get back to him shortly), Lucid Emacs
soon reached a very decent shape within just a few months while gnuemacs 19 had been
stagnating on the FSF hard drives for several years.  It was getting
increasingly clear that Stallman was more than upset at the fork and at the very
fast progress of Lucid Emacs, and he manifested his anger many times throughout this
period, like for example in

this exchange

From: Richard Stallman <[email protected]>
To: jwz
Subject: lemacs 19.10
We decided not to post your announcements because they seem to say
unfair negative things about Emacs 19 and because they advertise
non-free Lucid products.

But it was too late.  Lucid Emacs was a high-quality implementation of
emacs and its very innovative support for the mouse and other graphic features
made it an instant hit in the emacs community.  Soon, gnuemacs users
started asking for the same features in Emacs 19 and Stallman reluctantly
conceded to at least look on the other side of the fence.

For someone who has
made his goal in life to promote free software and code sharing, Stallman is
showing a very puzzling tendency to practice the mantra "do what I say, not what
I do".

First of all, he has been repeatedly

nailed in public

reinventing things from scratch
instead of using existing libraries, but
once again, he showed an extreme reluctance to merging the code lines, even
refusing to reuse the pieces that Lucid Emacs had already implemented. 
This decision was partly due to Stallman’s resolute belief to not trust anyone
but himself but also from

personal problems he had with some of the Lucid developers

Zawinski tried several times to

correct several misconceptions
that Stallman had about the technical aspect
of the work involved, but his advice fell on deaf ears.  The height of the
debate was reached when it was pointed out that despite all his critiques of
Lucid Emacs, Stallman had apparently not

even try to run it
.  I will let you read the rest of this fascinating
thread, which sheds a lot of light about what it’s like to work with Stallman
(notice also the post from an individual named Marc Andreessen…  that was
in 1991).

The merge between Lucid Emacs and emacs 19 was attempted but failed.  We
will never know the exact technical reasons but Stallman’s track record in this
area doesn’t leave much doubt in my mind.  However, we can see a general
pattern in Stallman’s ways:  he has a hard time dealing with success coming
from others.  He showed this clearly with his catastrophic handling of the
Lucid Emacs situation, and more recently with the "Gnu/Linux" fiasco, where he
tried once again to receive credit for something he had nothing to do with.

But before we conclude this little retrospective, I’d like to say a few words
about Jamie Zawinski, for whom I have a particular fondness.

Aside from being a very talented developer who supplied a great deal of high
quality tools for developers during these troubled times (old-timers will
remember Gnus, BBDB, etc…), Jamie is a hilarious person whose postings and
constant pranks have brought more than a daily chuckle on developers faces back
then.  His Web site leaves little doubt about
his extreme devotion to hackdom, but he also regularly regaled many people with
his constant stream of whacky ideas, the best of which is probably the
Tent of Doom.  Be sure to
read some of his random rants, they
are worth it.  After Lucid, Jamie became employee #20 at Netscape and the
rest is history…

Popularity by virus

So far, I have received over a hundred emails from people infected by the
virus, and
receiving more every hour.  I took some time to see if I knew any of the
originators of these emails, so that I could notify them they have been infected
in case I happen to know them.  Nope.  All perfect strangers so far.

In some perverted way, you can measure how popular you are by how many
infected emails you receive.

Corollary:  if you haven’t received any infected email yet, nobody loves

Google’s puzzling algorithms

I was investigating what looked like an Apache bug (I’ll have to blog
separately about that one, quite an interesting story) when I noticed in my logs
a hit on my private Web site.  As the "private" part indicates, I don’t
expect to get many hits on that site except from friends, but this IP was
definitely not familiar to me.  A quick "dig -x" revealed that the IP was a
googlebot.  Somehow, google must have found a link to my private Web site
and I am now being harvested.

Okay, fine, it’s not like there is anything secret there anyway.

My curiosity was piqued, though:  how did Google find out
about the site and this particular URL, which is a report on my heliskiing trip
in Whistler.  Out of curiosity, I ran a

google search on "Whistler heliski".

Yup, that’s me in first place.  Before even the main heliskiing web site. 
How is that possible?

So I went to my

own heliski page
and looked for

backward links
.  As you can see, it’s pretty bare there.  Just my private
web site, again, and…  my weblog.  I had totally forgotten about that.  So
mystery #1 is explained:  Google harvested my weblog and got the URL from

Something is still mysterious, though:  how can these
simple four links explain that I am mentioned even before the main heliskiing

Could it have something to do with the fact that… 

I own my first name in Google
?  (roar)

Yup, even the Entertainer is behind me.

This amusing incident makes me really wonder about Google’s
algorithms.  Not mentioning the fact that I thought Google did not show
weblogs in its results. 

Another interesting thing is that Google has already registered
my new weblog location (which is barely two weeks old), and that they are now
respectively #1 and #2.


My first virus

Like probably thousands of other people, I have been hit by the

MSBlaster virus
.  I hadn’t really noticed anything until an advisory
suggested that I took a closer look.  And lo and behold, I had an
msblast.exe process running and I also had that executable in \WINNT\SYSTEM32.

This is my first virus ever.  I am so excited.

Cleaning it was relatively easy.  For future references, you want to

Although I recognize viruses as a very real threat, I have never really been
proactive at stopping them.  My work machine has an antivirus because it
came with one, but none of my other machines do.  I use Outlook (well, used
to) and other reputedly dangerous software, but I have always relied on my
common sense to keep me out of trouble.

I am not saying this is a good idea.

One day, I expect to click on an unsafe attachment and infect myself. 
We all have lapses in our attention and relying on our human senses to keep us
safe from viruses is not just stupid, it’s suicidal.  But well, habits die

One word about Outlook:  there is this myth that it is the main enabler
for virus propagation out there and that if you are using another client, such
as Eudora or Mozilla Mail, you are safe.  This is incorrect.  Viruses
typically travel through email attachments.  You can launch an attachment
with any mail client and you will get infected just the same, so just be
vigilant regardless of your mail client.  It is true that Outlook used to
have unreasonable security defaults, but this is no longer the case.  Even
Word and Excel now come with a high security default, not allowing you to run
macros and other mechanisms that viruses use to propagate.

What’s interesting is that I have always thought that I would be infected one
day through email, but I ended up receiving a virus through another means (tftp
and RPC).  Fortunately for me, this virus is relatively harmless for the
user:  its main purpose seems to trigger a SYN attack on a Microsoft site
on August 16th.  I am curious to see how this is going to unfold.  I
am confident Microsoft has taken all the necessary precautions to foil the
upcoming onslaught, but we will see.

I remember when I saw my first virus.  It was circa 1988 on the Amiga. 
Viruses were totally unheard of back then.  This virus, called
SCA, was
probably not the first but definitely a very early one.  It propagated by
copying itself on the boot sector of floppies and all it did is wait for the
third invocation and then display a message saying "Something wonderful has
happened, your Amiga is alive, etc…".  I remember finding this cool the
very first time I saw it, probably because I had no idea it was based on a
concept that would cause billions of dollars in losses in the coming years.

I disassembled the SCA virus back then and published an article about it in
the French Amiga magazine I was working for.  As the assembly code was
unfolding in front of my eyes, I remember feeling much more fascination than
anger at the author.  It was such a neat idea (and also a pretty cool
Copper list).

These days are gone. Protect yourself and if you don’t like to use
anti-viruses because they slow down your I/O operations, at least make sure your
machine is reasonably up-to-date with security patches.

Announcing EJBGen 2.15

I just released EJBGen 2.15.  The
main addition is the use of templates (which will be improved further in the
next version).  Here is the change log since 2.14:

– Fixed: pk and value classes were always regenerated
– Fixed: disable-warning moved to @ejbgen:jar-settings
– Added: documentation for templates
– Added: templates, and -templateDir option
– Fixed: variables not defined in are preserved
– Added: package specification in @ejbgen:file-generation
– Fixed: generate-on was not working properly
– Fixed: value objects now test against null in hashCode() and equals()
– Fixed: -localHome.baseClass was not working correctly
– Fixed: -jndiPrefix/-jndiSuffix was not honored in resource-description
– Added: -xmlEncoding
– Added: -noImports
– Added: {create|remove|passivate}-as-principal-name attributes
– Fixed: documentation for options
– Fixed: StackOverFlowError in debugLog()

Poll about my configuration

I recently changed the description configuration of my RSS feed.  It
used to be a forty-word description of the whole entry, but it now displays the
entire entry in rich content (HTML + CSS).  The problem is I am receiving
complaints with either of these configurations:

  • Some people don’t like the abbreviated description because it forces them
    to click to have access to the whole entry.
  • Some people tell me the new configuration doesn’t work because not all RSS
    readers seem to automatically dereference the <link> tag of my RSS feed.

What should I do?  Revert to the forty-word description or keep it as it