Bad news today for the disabled: Oracle has dropped Sun’s commitment to an accessible GNOME desktop. This is the first concrete piece of evil since Oracle’s acquisition of Sun was made official (other potential evils have received ample speculation, even here).

A couple of you may recall a presentation at UNH back in 2008 on this exact subject (synopsis of presentation) by one of Sun’s GNOME developers. That was clearly some good work those people were up to.

One of the criticisms of Sun, as a for-profit company, was that it had become more focused on values than the bottom line. Maybe so. Perhaps this is why they became Oracle’s dinner.

But as an Oracle customer, UNH should be concerned that the company’s actions are out of step with our core values of diversity and inclusion. We *know* that making allowances for each and every member of our community consumes extra resources.

We should tell Oracle that we see that as a challenge, not a waste.

“…how much sense does it make to lock an investment into a technology, the first and last thought of whose practitioners is how much can they can squeeze you for? How much sense does it make to lock an investment into a technology that is avoided by those who do quality work, not for money, but for its own sake?”

That’s from a neat little post by Jeffrey Kegler called “Ringo Starr and Willy Sutton On Programming Languages“. Sums up my thoughts on why so much commercial software sucks despite the price tag.

Goes Straight to Hell. (Illustrated.) Arguably safe for work, if your work involves web design. At least you can claim it’s work-related, if anyone asks. But try not to laugh too hard.

I seem to recall that, despite the hoopla, the transition from 1999  to 2000 was pretty uneventful, software-wise. (To be fair, the hoopla also involved a lot of actual bug-fixing, which helped make things anticlimactic.) But Slashdot reported on a couple bugs caused by going from 2009 to 2010.

• This one actually affected us at UNH mildly: One of the heuristic rules used by SpamAssassin is to watch for messages dated “grossly in the future”, presumably caused by spammers who are careless with such things. But it turned out that the developers’ idea of “grossly in the future” was hard-coded back, well, grossly in the past.  The actual code snippet:
  

  ##{ FH_DATE_PAST_20XX
  header   FH_DATE_PAST_20XX      Date =~ /20[1-9][0-9]/ [if-unset: 2006]
  describe FH_DATE_PAST_20XX      The date is grossly in the future.
  ##} FH_DATE_PAST_20XX
  

  Darn, they really should have caught that before 2010 rolled around. As it was, the normal update of SpamAssassin rules early on January 2 changed the regex to /20/[2-9][0-9]/. Still a number of messages delivered in the meantime got an extra unwarranted bump in their spam scores. Hopefully, SpamAssassin will come up with a better fix sometime before 2020.

  But SpamAssassin is free software; we know we’d never see that kind of blunder in commercial software, right?

• Well, this one is pretty good too: both SMS-reading software in Windows Mobile and some point-of-sale terminals in Australia jumped ahead to the year 2016 on January 1. The bug is apparently caused by timestamps where the one-byte year field is supposed to be interpreted as binary-coded decimal (so 0x10 means “ten”); instead the software did the binary conversion (where 0x10 means “sixteen”). Voila, you’re in the future!

Thank goodness we’d never make such mistakes ourselves.

The world’s most popular open source database, MySQL… which also happens to support this blog… is in the middle of an interesting struggle right now. UNH has a ton of dependency on both Oracle and MySQL, so we should be interested.

For me, MySQL was the free database I could learn on my own time. That means a lot when you’re broke. My own bias towards developing with non-commercial software stems from nothing more than preferring the hammer that is always within reach, regardless of financial standing. I think there’s something worth preserving in that.

Last year, I joined a great question-and-answer site for programmers: StackOverflow. This website is an excellent resource for when you’re “stuck”. It’s also an excellent place to help your fellow geeks get unstuck, for which you can earn reputation points, badges, etc… increasing the fun-factor a bit. I can attest to having been helped mightily on a number of occasions by members of this community.

Anyone else a StackOverflow member?

Last month, O’Reilly Books launched its own question-and-answer site, O’Reilly Answers, that appears to share some of the values and strengths of StackOverflow. I haven’t tried O’Reilly’s site yet, but if someone does, let us know how you like it in the comments.

Riiiight here.

New numbers to serve as a reminder that more than 1 in 3 users are NOT using Internet Explorer at this point. And climbing.

Soapbox time! Caught this article this morning.

http://www.usatoday.com/money/smallbusiness/startup/week5-your-office.htm

People working remotely for their businesses. This particular American works remote … from Kenya. No insult to Kenya, I think that is fantastic! Now …. Hello NH! You know half the state (geographically speaking) has no broadband! I moved here from TX back in ‘97. I had to pay fierce fees for an ISDN BRI service, which for you younger folks may not know, was the cat’s meow back then. Since that time, my town and its surrounding area is the technological equivalent of a time machine in reverse. I can’t even get ISDN anymore. Perhaps we need some engineers in the government to shake the “granite” out of the nest? What is wrong? Not having such utility is a nail in the coffin for competitiveness. Not to mention “Distant Learning”, which only works if one has broadband. Doing homework at night … rural (and not-so-rural) kids are at a digital disadvantage. USA is number 15 or 16 in the world for broadband service (and this is averaged). In broadband availability and speed, we fall behind some countries that quite frankly have little or no sewage infrastructures! How can that be? If the current free market policies existed during the roll outs of electrical, and telephone services …. guess what … we would probably have no electricity and phones. The governments (federal, state) should have mandates that any ISP provider needs to provide equal and sufficient broadband access to all residents.

As a coda to Cyber Security Month in October, UNH IT (like the ring of that?) will be hosting a Web Security Jam on November 18th at 2pm (at an undisclosed location)… a bring-your-own-jelly gathering of developers, sys admins and anyone else interested in modern web security topics. As always, we learn fastest and best from each other.

UNH faculty and staff are welcome and are asked to email me for an invitation. That’s right, please use that link and invite yourself by mailing me. We’d like to know how many people plan to show up and I also want the chance to personally harass you into also presenting. We would love you to share any tiny nugget of wisdom you have on keeping websites and applications secure. We also want to make sure you are a UNH employee to attend this sensitive event, at which you’ll be frisked. Kidding on the frisking.

We will however announce the location of this event by mail to those of you who invite yourselves. Please let me know if you have any questions. Last year we heard about SQL injection, cross-site scripting, security-focused code reviews and other topics. Let’s see where it goes this year.