After a couple of days with Chrome, I’ve decided to abandon it. Why? Every time I used it, I always experienced some kind of slowness, delay, or complete freezing. And not just with Chrome. It would lock up my entire machine for several seconds at a time. Now, I’m not working on the latest and greatest hardware, and it’s been several years since this particular machine had a fresh install of XP so it could be something else causing the conflict with Chrome. Nonetheless, it was painful to use on a regular basis.

Does this mean it’s a bad browser. Absolutely not. It’s certainly better than Internet Exploder and when it was working, it seemed to render a little faster than Firefox (perceptual, no hard evidence of this). Chrome’s UI is far better than IE and even a leg up on Firefox (at least the default theme for the Windows version). It will definitely take some wind out of Firefox’s usage numbers.

Until I get a new machine and/or fresh install of the OS, I’m going to stick with Firefox for everyday use. Waiting for my machine to wake up from a Chrome coma while shopping at the Gap is seriously hindering my productivity at work!

Update 1: I just got around to installing Chrome at home and there must be something on my work machine conflicting with Chrome. It’s considerably faster on this machine (AMD Athlon 64×2 4200+ / 2GB Ram / XP SP3) and doesn’t experience the hangs like my work machine does. Very queer. I wish my work machine wasn’t such a turd.

Update 2: I don’t know what exactly Chrome does behind the scenes, but I hear an awful lot hard drive activity when it’s the only application running. Interesting.

I must be really busy these days. I wouldn’t call my self a complete nerd, but I try to stay up on recent web trends and technologies related to such things. I just found out about Google Chrome, the new web browser for Windows. It appears to be using WebKit, the same rendering engine as Apple’s Safari web browser. I had heard recently that Google’s Android was rumored to be using WebKit for its browser so this sounds logical to me.

I use a Mac at home, so I’m used to Safari. In fact, until I recently started a side job, I used Safari exclusively for about a year. It’s fast to start up and fast to render. It has some developer tools built in so figuring out which styles apply to which elements is easy to decipher. Safari on Windows isn’t quite as quick as Safari on Mac. At least, it’s not on my work machine; an aging Pentium 4 with a measly 2GB of memory. This is the one thing kills Safari for Windows for me. I tried using it as a daily browser, but it was painfully slow on this machine. I think what kills it is Apple’s desire to make the application look like OS X and not Windows. Yes, it looks one million times better than windows, but at what cost? I’d rather it run fast on this machine than look pretty. It’s funny how Apple is somewhat hypocritical in this respect as they have strict guidelines for applications built for their own OS.

I digress…

So far (and this is a very short testing period) it’s a very fast and responsive application. It starts right up and renders quickly too. Its interface is minimal and clean yet functional (like most Google apps). It looks like it’s kind of modeled after IE7’s interface in that it does’t have a menu bar like most Windows applications. There are two icons to the right of the “OmniBox” (Chrome’s URL/search box all rolled into a single field); one to handle things like cut/copy/paste, new tab/window, etc and one for global features like options, history, and downloads. Of course there’s the obligatory back, forward and reload buttons and a place for your bookmarks, standard with any browser.

Tabs can be moved around easily for ordering and can be dragged completely out of the current container to create it’s own new Chrome window (a handy feature Firefox doesn’t support out of the box).

For developers, it has the same developer tools found in Safari. You can view source, debug JavaScript, monitor the JavaScript console, inspect elements on a page (which brings up a similar window to Safari’s). You can also view a Task Manager related to Chrome and it’s tabs that shows you how much memory and CPU are being used for each tab/window you have open. It even tells you how much memory is being used for any installed plugins. The Task Manager allows you to kill specific tabs if they are misbehaving as well.

I’m going to use it as my default for a while to see how it stacks up on a daily basis. I am optimistic at the moment, but I did notice some system hangs though those could be related to this massive pile of Java code running under Weblogic 8… which is an entirely different story.

Remember a while back the whole backdating thing at Apple? You know, where the CFO and former general counsel, Nancy Heinen, backdated stocks in 2001? Yeah, that one. I didn’t really pay much attention to it when it came out. I figure, someone making that kind of dough can handle whatever it is they dish out for themselves. Well, Heinen and SEC “settled” on an agreement that she pay some $2.2 million which includes more than $400K in interest and a $200K civil penalty. She released a statement today (through her lawyers of course).

I cherish the great people I worked with at Apple, and am proud of my contributions to its historic turnaround and current success. With this lawsuit behind me, I look forward to addressing the greater challenges of social justice and economic disparity.

From Former Apple general counsel Heinen agrees to $2.2M backdating settlement - East Bay Business Times

Hmmm, interesting. I don’t really think she feels that amicable about the whole ordeal. I actually have a copy of the real statement she wanted to release before her lawyers got a hold of it.

I loath those pretentious freaks I worked with at Apple, and am pissed that those assholes didn’t have my back after all of my contributions to its historic turnaround and current success. With this bullshit behind me, I look forward to harassing Steve in the name of social justice and wish nothing but economic disparity on his whole family. Thanks for nothing asshat!

You heard it here first…

Today saw the announcement of the new 3G iPhone from Apple. It looks very promissing and the price cut to $199 USD sounds like a really good price point to get more people to jump on the iPhone bandwagon. Afterall, this thing is twice as fast, but half the cost.

What was not mentioned in Job’s keynote was AT&T’s iPhone 3G plan pricing. And, why should they; AT&T and Apple have severed their revenue sharing deal they had with the initial iPhone release one year ago. However, don’t let the $200 discount on a new iPhone fool you. Let’s do some math…

The old iPhone plans started at $59.99/mo. If you signed a two year contract you would pay roughly $1,440 over the life of the contract. The new plans, according to the press release, start at $39.99 voice plan PLUS $30 per month for unlimited data. Now you’re looking at $1,680 over the live of the contract. That’s $240 more (per contract) than the previous iPhone plans. Still feel like you’re getting a good deal? You just spent $240 to save $200. No word on family plan pricing or if they have family plans for the iPhone.

Will I get one? Probably. :\

Update: Looks like there’s no special treatment for new iPhone users and the standard plans and rates apply. It makes it a little easier to swallow a family plan at $59.99/mo for two lines of service but I have yet to find out if the family plan is available for the iPhone 3G. Interesting thing I found looking for answers to the question What plans are available for the iPhone? I Suppose they should update this if it’s not true.

Update #2: I just spoke with a Karen George in AT&T customer service and from what she told me the iPhone plan is the same, just going up in price $10/mo (this kind of contradicts the press release though). She also confirmed that the family plans are available for the new iPhone. I asked if the new iPhone plans will still include the 200 text messages and she said yes. I also asked if the MEdia(TM) Max Unlimited data plan (which, at $35/mo includes unlimited data and texts, seems to be a better deal) would be available for the iPhone and she said yes. I’m a little skeptical about what some random customer service rep says at this point, so take it with a grain of salt. Especially when she tells me they (customer service?) are not being told ANYthing about the details of the new iPhone and/or plans.

NB: If you’re wondering about the ‘AT&T Gets the Skins’ bit of the title, I’m referring to the San Bromista Cat Ranch.

Disclaimer: I am not a database architect nor a certified database programmer. I might not be database guru, but I have been working with SQL Server long enough to know what works and what doesn’t.

I’m not a database programmer per say, but I’m expected to be one at work (even though I’m a code jockey). I don’t mind it most of the time, but there are times when it becomes really frustrating. Especially when you come across some schema that is poorly implemented. Normalization is a double edged sword. On one side, normalization is good for data integrity. On the other, it becomes a pain in the arse to get at your data. There are ways around the later (Views, de-normalized tables), but, a pain in the arse it still is. The one thing that really bugs me is normalization done wrong. We use Microsoft SQL server at work, but this should apply to any relational database.

Recently, at my day job, I’ve been working on a particular project which involved consuming data from a third party for use in a .NET web service. We were already consuming data from this vendor but they recently changed the schema (and data) and are deprecating the old format. The new feed is basically a complete dump of their data and schema. Not all of their data, just data we subscribe to (about 1M records total). Instead of modifying our import process to accommodate the current (old) schema (which would have been a huge effort on our part), we just created a new import process and modified the web service.

After working with this new schema for a couple weeks, I have come to the conclusion that, well, it’s crap. First and foremost, it’s not normalized properly. If you have an column in a table that looks like it should be a foreign key, then by all means, make it so. For example, say I have a table called Widgets with several columns. One of those columns is called WidgetTypeId and another called WidgetTypeDisplayName. There’s a prime candidate for another table. I don’t care if you only have two WidgetTypes, it belongs in its own table. Here’s why: When selecting records out of the table and filtering on WidgetTypeDisplayName, it gets really expensive. Sure, you could add an index on that column, but it still would be slower compared to joining on a WidgetType table. If I had ten million widgets and only 100 widget types, I’m only filtering 100 records vs. ten million.

What about filtering on the WidgetTypeId column? BZZZZZ. Where did you get that ID? Did you select it from the same table? Guess what, same difference. Maybe you hard-coded it in the query. That’s not smart either, especially if you have multiple environments that could possibly be out of sync (i.e. WidgetTypeId 4 in development might not be associated to the same thing in production). Put it in it’s own table.

I ran into this several times with this new schema at work and it was a complete pain. For one thing, in development, the queries were always relatively quick to return. In production, however, not the same. This database sat on the same server as another production database so there was more load on it. Enough to make the queries perform poorly. On the order of 10 to 40 seconds to return data in some cases. That’s not good. My solution: create a single de-normalized table (for some reason, we don’t use views) of commonly used data points. The result was millisecond returns and simple queries. Furthermore, instead of filtering/joining on tables with half a million records, it now filters on less than 20 thousand, properly indexed records.

And you wonder why people have a fear of flying.

The failure was ultimately down to a combination of human error and a design glitch in the Windows servers brought in over the past three years to replace the radio system’s original Unix servers, according to the FAA.

Full article

Really good article on Internet software patents and how “the old timers” already thought of most of the things we do today.

They couldn’t build our modern world for us back in the 1960s because the hardware hadn’t caught up. If you’d given them 50 million quad-core 2 GHz Pentium with 4 GB of RAM and 30 Mbps Verizon FiOS connections to every home, they would have built you all of the services of the modern Internet and probably many that would have been better.

What would happen if you gave present-day computer programmers those same powerful hardware gifts? We did that experiment. Our modern day best-and-brightest built Microsoft Windows Vista (TM).

Unfortunately, the complexity of a feature is usually inversely proportional to its simplicity from a user’s perspective.

Dealing with this on a project at work. So true.

I’ve been using Amazon’s S3 service for a couple months now. It was working OK using s3sync and a cron job, but it seemed like it wasn’t actually making incremental backups and I wasn’t 100% sure that it was backing up everything (i.e. it appeared to be crapping out once in a while). I searched around for various S3 backup solutions and found a handy utility called duplicity. Even more handy that it is available for most distributions (Archlinux, the debs, and Fedora anyway).

From the duplicity home page:

Duplicity backs directories by producing encrypted tar-format volumes and uploading them to a remote or local file server. Because duplicity uses librsync, the incremental archives are space efficient and only record the parts of files that have changed since the last backup. Because duplicity uses GnuPG to encrypt and/or sign these archives, they will be safe from spying and/or modification by the server.

What you’ll need

You’ll need to make sure you have a few things installed before you install duplicity. Namely librsync and GnuPG. Luckily, if the duplicity package is available for your distribution, you probably needn’t worry.

Here’s a rundown of the steps involved:

1. Generate a new GnuPG key
2. Create a simple shell script wrapper
3. Create a cron job

Generating a new Key

Start by generating a new gpg key for duplicity. Or if you have an existing one, you can use that.

N.B. I set this up on a Slice running Arch64 and had problems generating a new key (gpg --gen-key). Apparently, it could not generate enough entropy. Not a problem though: Just generate the keys else where and import them later if this happens to you.

#~ gpg --gen-key
gpg (GnuPG) 1.4.7; Copyright (C) 2006 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection?

Default (DSA and Elgamal) is fine here.

DSA keypair will have 1024 bits.
ELG-E keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)

The default (2048) is more than enough for this. Change it to whatever you want.

Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0)

Unless you want the key to expire (I don’t see why one would want that), the default is what we want.

Key does not expire at all
Is this correct? (y/N)

Um, yes, this is correct.

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: DuplicityBackup
Email address: duplicity@mydomain.com
Comment: Key for Duplicity
You selected this USER-ID:
    "DuplicityBackup (Key for Duplicity) <duplicity@mydomain.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?

Enter whatever information you want here and type ‘O’ for ‘Okay’

You need a Passphrase to protect your secret key.

Enter Passphrase:

Enter something. Anything. The more complex the better. This is your private data. Remember that it’s being transfered over http to a server you don’t own. I don’t care if it is Amazon. Remember what you type because you’ll need it later while creating the wrapper script.

gpg: key **9929DAB1** marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
pub   1024D/9929DAB1 2007-11-15
      Key fingerprint = 3378 8E93 4349 0E7F 44F3  7C81 2460 5A11 9929 DAB1
uid                  DuplicityBackup (Key for Duplicity) <duplicity@mydomain.com>
sub   2048g/5385A6BB 2007-11-15

And you’re done. Make note of the key (in this case, 9929DAB1) as we’ll need that later too.

But I already have a key I want to use

OK, fine, but chances are, if you have a key already, you know how to get it. However, if you don’t know how to get your key, gpg --list-keys. You want the key in the ‘pub’ line… after the forward slash ‘/’

The Wrapper

This can be written in any language really. I chose shell because it’s easy and basic. You could run the duplicity now on the command line, but writing a wrapper is much more convenient and makes adding a cron job later a lot easier. Here’s what you’ll need:

• Your Amazon S3 Access Key ID and Secret Access Key. If you don’t have one, you’ll have to sign up for one.
• Your GPG key
• Your GPG key’s passphrase
• A list of directories you want to back up

Here’s a basic script that works for me:

#!/bin/bash
# Export some ENV variables so you don't have to type anything
export AWS_ACCESS_KEY_ID=<your-access-key-id>
export AWS_SECRET_ACCESS_KEY=<your-secret-access-key>
export PASSPHRASE=<your-gpg-passphrase>

GPG_KEY=<your-gpg-key>

# The source of your backup
SOURCE=/

# The destination
# Note that the bucket need not exist
# but does need to be unique amongst all
# Amazon S3 users. So, choose wisely.
DEST=s3+http://<your-bucket-name>

duplicity
    --encrypt-key=${GPG_KEY} \
    --sign-key=${GPG_KEY} \
    --include=/boot \
    --include=/etc \
    --include=/home \
    --include=/root \
    --include=/var/lib/mysql \
    --exclude=/** \
    ${SOURCE} ${DEST}

# Reset the ENV variables. Don't need them sitting around
export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
export PASSPHRASE=

And, that’s pretty much it. Save the file as something creative, like, backup and make it executable (chmod 700 backup). If you want to test it first (and you have the disk space), change the destination to some /tmp directory or external HDD. Once you’ve got it working the way you want, set it up as a cron job. Daily, weekly, monthly… doesn’t matter.

Duplicity is a nice backup solution for any situation, not just Amazon’s S3. It can handle HTTP, SCP and local backups as well. I highly recommend reading the duplicity man page and checking out the various command line arguments and availble options.

A couple of Thanks goes out to Tim McCormack’s and Ben and Ron’s articles which got me started.

---

Tim points out that, adding your GPG PASSPHRASE to the shell script might not be the most secure method, especially in a shared environment. I agree, however, it kind of defeats the purpose of automated backups if you have to actually enter your passphrase (twice) on the command line when calling the wrapper script. One way I managed to go around this is to create a simple C++ application that prints the passphrase.

Here’s the C++ code:

#include <stdio.h>
int main()
{
    printf("your-gpg-passphrase");
    return 0;
}

Compile

#~ gcc gpg-passphrase.c -o gpg-passphrase

Make it executable by your user and set the sticky bit so no one else can execute it

#~ chmod 700 gpg-passphrase
#~ chmod +s gpg-passphrase

Modify the wrapper script to use the binary for the passphrase

export PASSPHRASE=$(gpg-passphrase)

You might go as far as to do the same thing for your AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY as well. There are probably other ways around this, but this was a quick a dirty way to not have readable strings in shell scripts. I figure, if someone has rooted my server, I’ve got bigger problems to worry about than my data sitting on Amazon’s S3.

See here, Bullet point number one:

Logging in with an account originally created in Mac OS X 10.1 or earlier that has a password of 8 or more characters.

Mac OS X 10.1 came out just over six years ago in 2001. If you’ve been using the “upgrade” option every time you update your OS X version, I think it’s time you performed a fresh install. Especially on such an old system (what do you have, an original Quicksilver? No? Older?). If you’ve made it this long without having to do a clean install, congratulations. You’re one of very small number of people. Hell, I haven’t kept a computer for longer than two or three years.

I bought my first Apple in 1997 — PowerPC G3 300Mhz (of the Beige kind). I bought my second Apple in 2000 — Quicksilver 733Mhz (non-shiny doors). Sold the G3 in 2002 (or so). I bought my first Powerbook in 2003 (G4 1Ghz Titanium) slightly used from a nice girl (with buyer’s remorse) in San Francisco. It took a dump about two years ago and I succumbed to way of cheap x86 hardware and Linux. But I redeemed myself about a year and a half ago when I bought my second Apple laptop (Macbook Pro 2.16Ghz).

I digress. What I’m saying is that, even if you’re lucky enough to have the same computer for the last six years (or more), I doubt you’d be as lucky going through four separate system upgrades (assuming you upgraded every version). Even if you didn’t and you went from 10.1 directly to 10.5, I highly doubt Apple spent much time testing that upgrade path (if at all).