Archive for March, 2008

A not-so-generic construct

Tricky software engineering problem. I’ll abstract it and explain the situation.

(fyi, a lot of this is just me thinking out loud, I don’t distinguish between type and instance as I think it’s clear from context and I use the term “flavor” to refer to objects which share a common base)

We have a certain object (ObjectA) that may contain an instance of another object (ObjectB). However, the constructor for ObjectB needs information about its “holder” (ObjectA), so the constructor for ObjectB must accept a reference to ObjectA.

Simple enough to use: create ObjectA; create ObjectB passing in ObjectA reference to constructor; call method to assign ObjectB to member of ObjectA.

However, there are many flavors of ObjectB (a plug-in architecture, with ObjectB as an abstract base class), so we have ObjectB1, ObjectB2, ObjectB3, etc.

Still no problem, we just create the flavor of ObjectB. As they are all derived from the same base class, we can pass them around generically (i.e. no problems with assignment to member of ObjectA).

We also want a single function (FunctionY) for creating our instances of ObjectA, that will automatically create and assign any flavor of ObjectB to ObjectA.

Now we run into a problem. Realize that we can’t pass a flavor of ObjectB as an argument of FunctionY (creating an instance requires ObjectA, which doesn’t exist as yet). So, how do we pass a flavor of ObjectB as an argument of FunctionY?

A simple “solution” is to change the problem and instead of passing ObjectA into the constructors of ObjectB flavors, have some sort of method (Init or whatever) that takes an ObjectA reference and can deal with the necessary ObjectA information after our ObjectB flavor has been constructed (i.e. pass ObjectA to ObjectB flavor after ObjectB flavor has been constructed). This works, but the problem it presents is that the ObjectA information may be important (perhaps even critical to construction), and having a lax policy such as this can lead to cases where ObjectB never receives its instance of ObjectA. So, the code becomes more error-prone. However, despite being more error-prone, this may work in a lot of cases as long as you can wrangle away the ObjectA-specific code from the constructor.

Of course, if we resolve to change the problem, we can also get away with having multiple functions. Or mangle things in any which way we want to get the square peg to fit the circular hole. However, I assumed I had a legitimate problem and decided to look for a solution.

Another simple but, this time, real solution is to create an ObjectB factory (woot! design pattern!) and pass some sort of representation (e.g. enum) for the flavor of ObjectB we want. This representation is passed to FunctionY, which will query the factory and get an instance of the flavor of ObjectB we want. This will work, but I don’t think it’s an elegant solution. We’re creating another construct to facilitate something which should be trivial (in my opinion, at least). We’re also increasing our maintenance burden; every time we create another flavor of ObjectB we need to update the factory and update the list of flavor representations.

I thought about this for a while and realized the central issue here was how to pass type information between functions.

So, I tried a solution involving reflection (this was in C#). Reflection works, as you can dynamically pass the type and dynamically invoke a constructor for the type. However, I don’t particularly like the reflection solution. There’s, of course, the high performance cost, but also the solution was too generic as your making assumptions about what parameters the constructor of a type will take and, as as it’s all dynamic, there’s no compile-time type checking. However, that being said, the bottom line is that a reflection solution works.

Hunting for another solution, I decided to experiment with generics. The idea was to create a builder class that took the flavor of ObjectB we wanted as its generic-type parameter. There would be a public method, BuildIt(…), which would take an instance of ObjectA and would simply instantiate the flavor of ObjectB we wanted using the passed-in parameter as its constructor argument. This would work, expect for the fact that generics don’t allow you to instantiate an object of the generic-type with constructor arguments. I quickly discovered the…

Cannot create an instance of the variable type ‘T’ because it does not have the new() constraint
error message spit out by the compiler. Damn.

If this was C++, templates should free us from this problem, but porting all the code over to another language isn’t exactly a feasible solution, to say the least.

In the end, I’m just kind of bummed out that I could find a solution I was really happy with. I’m sticking with the reflection solution, as this isn’t performance-critical code and I simply have to move on to other stuff.

Finally, looking at things from a wider perspective, just two things that seem weird. First, why can’t types be passed around and used, but resolved statically (by a compiler or a pre-processor). Like how #define is used in C I guess. Also, languages with generics/templates peg themselves as object-oriented, but when dealing with types in a generic fashion they’re completely agnostic to any form of inheritance and, as such, the object’s class hierarchy.

Facebook security issue and the voyeurism of the AP

Report from the AP on Facebook security lapse.

“A security lapse made it possible for unwelcome strangers to peruse personal photos posted on Facebook Inc.’s popular online hangout”

ok, these security issues aren’t exactly uncommon on the internet and this one seems mild in it’s effect as: (a) it’s been fixed and (b) despite the assertion of “unwelcome strangers” perusing one’s photos, there’s only confirmation that 2 people exploited the security hole, Byron Ng the one who found it and an unnamed AP reporter (and perhaps a few others).

The extent to which Ng exploited the security lapse is unknown (although, we do know he look up private photos Paris Hilton at the Emmy awards and of her brother Barron Nicholas Hilton drinking a beer with friends – scandalous!) and in any event he should be credited with exposing the exploit (although it seems to be a simple URL edit, and he just raked it a ton of publicity).

The actions of the AP reporter on the other hand,

Using Ng’s template, an AP reporter was able to look up random people on Facebook and see the most recent pictures posted on their personal profiles even if the photos were supposed to be invisible to strangers.

The AP also was able to click through a personal photo album that Facebook co-founder Mark Zuckerberg posted in November 2005.

… is a bit unethical. There are other ways to verify a security hole. You could easily create dummy accounts or un-friend a few people to have some test accounts to verify the security issue. Sure, looking up random people (and Zuckerberg) and viewing their photos works too, but you’d think a member of the press would have a bit more integrity.

Finally, CNN’s “Story Highlights” seem to be written by someone who doesn’t like conjunctions, leading to fun implications,

Technician could access private photos of Paris Hilton, site co-founder

From child pornography to civil liberties rape

Maybe it’s just me, but I’ve noticed a somewhat increasing number of child pornography possession cases over the past few years. Law enforcement agencies via. the media (and the media itself, many times) seem to be constantly reminding us that child pornography is a rampant problem, decimating our societies with predators lurking at every corner of the internet waiting to exploit the young and innocent.

Yet, logic brings up a few problems.

Take for example the case of child pornography found on the PC of the individual who went to Geek Squad, which is fairly typical of most of these child porn reports.

The results showed 130 child porn images along with “a commercial video clip of child pornography, and two video clips of minor females changing into swim suits that appeared to have been taken by a hidden video camera,” according the US Attorney’s eventual complaint.

Are the images authentic?
Invisible experts say so. Of course, this can’t be verified independently as possession and distribution of child pornography illegal. We just have to believe what we’re told.

Can it be verified that the females were minors?
No, but we’re told they look like minors, that’s apparently good enough for the law.

Can the source of the videos be verified?
Well there’s a “a commercial video clip of child pornography”; whatever that means (underground market?), but that’s about it.

Is this legal pornography with adult actors?
They’ve told us no, as police officers and FBI agents are experts of pornography. Of course, then they’d know that there are segments of the porn industry dedicated to young, “barely legal” women as well as voyeurism.

If this is indeed an act of sexual exploitation, should the possessor of images depicting the act be guilty of a crime?
The one in possession of the image is not the one who committed the act of exploitation. He/she has done no harm (either directly or indirectly) to the victim. As a society, we’re punishing him/her because the majority feels his personal actions are deplorable.

If this is sexual exploitation, where’s justice?
Consider the true crime, the true victim, and the true perpetrator.

In the end, our policies don’t lead to justice, they lead to abuse of the individual and of our civil liberties.

Such is the case with Temple University doctoral student Roderick Vosburgh, who apparently clicked on an FBI-planted hyperlink somewhere on the Internet. The link pointed to a file on an FBI server that contained no porn, but logged the IP addresses of everyone attempting to access it. Vosburgh’s IP was one of those, and the FBI came knockin’ on his door early one morning, arrested him, and searched his home.

The peculiarities of Apple

Interesting article from Wired. Nothing mind-blowing or really unique, but a good overview of Apple and it’s uniqueness compared to other tech companies.

Perhaps, what’s more interesting is some of the comments against the article and author, Leander Kahney. The most scathing of which is probably here, where Kahney is deemed an “irredeemable jackass” by one, John Gruber. Unfortunately, some of the comments seem to be nitpicking and simply don’t hold up to scrutiny.

Is Apple “evil”, according to Google’s “don’t be evil” mantra? Well, Google doesn’t really have a definition for evil, and as such it’s such a flexible term that one could certainly say that closed platforms, authoritarian control, and less than stellar treatment of employees qualify as evil.

On open platforms, true neither Apple or Google are dogmatic, but the point is that Apple is unusually closed for what’s perceived by many as a very modern, forward-thinking, tech company, and closed-platforms are usually the default. Not initially opening the iPhone and iPod touch to developers (because of I believe security concerns?!), and even now with the very managed licensing process demonstrates this attitude. Google, on the other hand, does release APIs for a lot of their products (Google Desktop, Google Maps, etc.).

The whole contrast with Google isn’t that great, but it seems to be stretched out by Gruber more so than Kahey.

On secrecy, every company keeps a certain degree of secrecy, but the point is that Apple is unusually secretive about their products, as the case against Think Secret demonstrates, a site that most other companies would look at as a fan base hub and free advertising (hell, sony, payed to create a fictional fan-boy blogger evangelizing their product as a form of advertising). The mystery isn’t so much why apple took an adversarial position against Think Secret to protect its secrecy, but why Apple’s secrecy is worth so much, when secrecy seems to be worth far less for most other companies.

Overall, I didn’t find the article attempted to demonize Apple or that the author was trying to sell us his version of an ideal corporate entity. After all, Apple is very successful doing what it does and has positioned itself and one of the most innovative companies around. However, it is the perplexing case of an innovative and successful company, existing within a progressive/egalitarian ecosystem, that excels employing very non-progressive/non-egalitarian constructs.

Hexagonal design inspiration

I’ve been looking for design inspiration for my homepage, as I’m not crazy about the current design. The challenge comes from fact that the page has little content and is meant to serve more as a hub linking to other pages/sites rather than an content source in and of itself.

I came across this site, which looks really cool. I love the hexagonal design and the tags which show you what the hexagonal links point to. The solutions “page” (not really a page, as it’s flash) is also really cool, with a nice and simple vertical menu w/ information pane to show informational text.

However, I’m not totally convinced that this is the way to go for my page. Like my current homepage, this design requires clicking on a link to bring up supplementary content. For the given site it’s fine, but for my page, which has much less content, I think something along the lines of a traditional, page-based layout where all content is instantly visible would be more appropriate.

Anyway, the current page is functional, so I’m in no rush. Plus the digital radiation is in much greater need of an overhaul.

Oh, Microsoft…


I’ve never been part of the anti-MS crowd and I primarily work, play, and develop on Windows. However, it becomes really hard to defend bullshit like this.

Microsoft Corp. bowed to pressure from partner Intel Corp. to certify some chips [the Intel 915 chipset with it’s weak on-board graphics processor] as capable of running the Windows Vista operating system to help Intel meet earnings estimates…

Intel’s profits and market share are worth more to you than your own users! (Is this why we have the misleading Vista Capable vs. Premium Ready labels?)

Your alienating your customers, discrediting your name, and killing your own software.

Furthermore, what are developers supposed to think? (Yea, I know I’m not one of your big corporate partners, but I think from small to large we’re all in the same boat here.) Are we going to be locked into Intel or some other company’s subpar product in the future due to some form of misguided corporate “philanthropy”?

oh, and fuckin’ respect the gamers!