Monthly Archives: October 2006

Wifi at the Rat’s Mouth

Dad and I are here in Boca Raton, after an 11 hour drive, camped out at an almost shoddy Quality Inn, visiting family. Things are falling apart at the hotel. Lights are out, cables are loose, switchplate covers popping off at the slightest touch. The smiling Haitian woman at the front desk cheerfully hands my Dad some replacement light bulbs with a heavily accented “here you go”, and I sniff around for wireless networks around the hotel:

dadday.jpg

The last one in the list catches my eye. I look over at Dad, as if to answer the question.

N-Day

A software development war story follows. It will bore you to tears if you are not interested in software development. On second thought, it will probably bore you to tears if you ARE interested in software development. Because it truly IS boring. But it was painful, so I purge here now.

We finally went live with our web-based legal case management system for Kentucky Department of Public Advocacy and, as is typical of any software deployment, we encountered problems. A nasty search performance issue cropped up. Searching for trial cases in the app took over two minutes on average. Which is really terrible when you consider how little time it takes for Google to search the entire fracking internet !

So, while troubleshooting for many hours, we extracted the SQL and ran it by hand. Was there an issue with the database itself, or the indexing, or the query SQL?

Nope. The results returned from the database instantaneously.

Weird. We thought, “OK, is there maybe some weird connection pooling problem?”

Nope. Pools were working fine.

“Funky garbage collection janitor thread in the Tapestry web components?”

Nope. The thread was well-behaved.

“Slight differences in the syntax of the SQL generated by different JDBC query modes?”

Nope. Trying different modes resulted in the same fast queries.

We spent about three long days poking at this really obnoxious problem. Finally, through obsessive Googling, I found some obscure forum post explaining a peculiarity of SQL Server’s Unicode-based parameterization of SQL. Turns out that under certain situations, Microsoft SQL Server 2000 is really inefficient when sending Unicode-encoded parameters to queries. So inefficient that it turned our blistering fast search queries into depressing mush.

So, we’d have a database query like this: select [blah] from [table] where [column] = @P

where @P is a Unicode-compatible parameter (in SQL Server, it is of type nvarchar). Then, I added a setting to turn that Unicode stuff off. The result is that in the SQL, the parameter type of nvarchar is replaced with varchar, and the searches went from taking 2 minutes to taking a second or two.

nvarchar vs varchar.

One character. THREE DAYS of lost time. The needle in the haystack almost kicked our asses.

It’s like comparing apples to apples.

Galen, our technical manager, experienced a daily WTF moment of his own today. Here are the Java errors he quoted to us in our IRC channel:

15:35:28,248 ERROR [BasicPropertyAccessor] IllegalArgumentException in class: com.legaledge.harmony.summary.MinimalPerson, setter method of property: modelObjectType

15:35:28,248 ERROR [BasicPropertyAccessor] expected type: com.legaledge.harmony.model.objects.EntityType, actual value: com.legaledge.harmony.model.objects.EntityType

“classloaders. love ’em.”

“Hey, I was expecting an APPLE. Instead, you brought me an APPLE. Why in the world did you bring me an APPLE?”

Company name of the day

Josh found today’s most awesome company name:

Picture 13.jpg

Unintentionally morbid 3-year-olds

Kathryn flew to San Diego to visit a friend for a few days, and while she was gone, I rented United 93, the movie about the hijacked 9/11 flight that crashed in Pennsylvania. Over the weekend, Iris pointed to the picture of the airplane on the DVD disc and, recognizing an airplane, innocently asked me “Is that the airplane Mommy is on”? The disturbing juxtaposition surprised me. I laughed, and said, “I hope not!!”

After mentioning this to Chris, he told me about a similar incident:

This morning Eris is in the car on the way to school and she’s like “first I was 1 years old, then 2 years old, then 3 years old, and then I’m gonna die”

I think Eris left out a few steps in her description there.

Beauty of math and music

I love this math/music toy that Jeremy told me about: The “Whitney music box”.

“A flash animation showing the relationship between chromatics, harmonics, and even primes and non-primes.”

“A musical realization of the motion graphics of John Whitney as described in his book “digital harmony”

Picture 12.jpg

Be sure you try the other variations. And especially try Variation 17, which lets you crank the spiral yourself. Hmm… “Crank the spiral?” Sounds like some kind of surfing euphemism.

Credit card info was free at McPhee!

First off: I really like Archie Mcphee. They have awesome, fun stuff and you should go there right now and buy a cool gift for someone for the upcoming Christmas season. But I found a Web security expert there who graduated from WTF University.

A few months back, I attempted to purchase a gift certificate from Archee McPhee’s wonderful online store, McPhee.com. In the middle of filling out the form, formerly located at http://mcphee.com/info/gc.html, I noticed that it had fields for credit card information; however, a quick glance at the URL showed me that there was no SSL connection, and thus any info I’d submit would’ve been in the clear for any enterprising person to snatch. So I started a conversation with Mr. Archee McPhee, who served as a very helpful and friendly go-between for me and their IT person. After explaining to their IT person that credit card information submitted via plain old port 80 HTTP is as naked as a newborn, the IT person replied thusly:

“the gc buy page is NOT secure, in that it doesn’t use SSL, but in this case it doesn’t matter. this particular page kicks off a script on the server which then transfers the information to us via an encrypted email. no credit card information is ever passed on via HTTP, therefore the SSL certificate doesn’t come into play. A sniffer would have to be running on our actual server, since no internet traffic is generated by the form post. In fact, the gc.html page does not even touch the cookie.”

Those of you who are familiar with how the web works will see the flaws in this logic right away. Basically, it’s like a waiter at a restaurant putting my credit card information in their protected safe while taping a copy of the information to the front door.

Thankfully, they have taken down their online gift certificate ordering page. Hopefully they will put up a secure form soon so I can resume giving the gift of bacon strip bandages, bobblehead Jesus dolls, and avenging unicorn playsets. Despite my experience, I still highly recommend Archie McPhee – don’t let this post stop you from buying stuff from them!

And here is an interesting related post from spugbrap.

Spartans! Tonight… we dine… ON GYROS!

I am completely overtaken with anticipation for this movie.

The high definition version of the trailer is a thing of beauty.

My friend James gave me the graphic novel a few years back, and it’s very cool to see it turned into a movie.

We toiled in the midst of perfection

Found this funny picture languishing on my computer —

bromhal-mail-cropped.png

A while ago, Jim got some junk mail at BKA with a funny tagline under his name. He entered that as his job title on some web form he filled out to receive product information from some company.

Today’s WTF

A couple of days ago, I ran the systeminfo command on one of our production servers because I wanted to know how much memory was being used by the machine. The result:


Total Physical Memory: 4,091 MB
Available Physical Memory: 3,329 MB
Page File: Max Size: 83 MB
Page File: Available: 3,243 MB
Page File: In Use: 18,446,744,073,709,548,456 MB
Page File Location(s): c:pagefile.sys

I hope I’m not the only one who thinks a 18,446,744,073,709,548 gigabyte swap file is a bit excessive.