The integration offered by Django and RoR really makes one feel that not using these frameworks is just the thing why software developers are in demand today. Hire fifteen to do a job in php which two could do using Django.

Some may say these facilities are just keystroke-savers. Agreed. The important question is why do you not want to save those keystrokes . A common application development (without the right kind of framework) spends a significant amount of time (I’d hazard a guess of more than 25%) doing plumbing work. Lets take a Java example for an “edit” screen, which shows the user already stored data, and allows him to make changes:

• Take data from repository, probably as a generic List
  • Oh yeah, connect to the DB first, and run a DB Statement in a try-catch block, right within your business logic
• Populate a data bean with all the data. All manually. If the DB cursor contains 25 columns, have a object with 25 attributes, 25 getters, 25 setters and populate all attributes one by one.
• Send the data bean to the view
• In the view, have hard-coded UI components for each attribute of the data bean to be displayed. For any related queries to be executed, hard code page links which will fetch those.
• On event of user clicking OK, program a set of validations to ensure user has not entered bad values. Most of these are not business validations, but checks to ensure no bad characters are present in the input.
• Populate user entered values obtained through form into a data bean
• Code a SQL Update script which will take each value from the data bean and update the backend
• commit (don’t forget that!)
• Rinse-and-repeat for all related queries

Any framework support (struts, spring, hibernate) is a keystroke saver in addition to being responsible for formalizing (a subset of) the programming for the application. Django and RoR simply take the integration between MVC to the next level. I had mailed a friend a few months ago about what Rails has:

1. Integration with AJAX: You see whether the type of request from the client (browser) is ajax or plain HTTP. You use those conditions to provide a specific response. In case it is an ajax request, you can play directly with elements rendered in the browser (e.g. Put text “Saved Successfully” in the information bar and blink it once). This integration, and resulting 5 lines of code is far faster than anything we would do by ourselves. (client side use ajax-specific library functions to send request, then check XML returned and perform activities in browser using javascript again). This integration is thanks to use of inbuilt prototype and scriptaculous libraries

2. Test Integration: I know that if a nice high-level test framework didn’t exist already, we would never get serious about writing real automated tests. It would always be like “lets develop this cool feature now that we have time… we’ll check out tests later”. Fortunately, tests are easy to write, and we can start small. (full page tests and all can be written later). We can also write Model level tests for ensuring relationships etc. N e a t.

3. MVC Integration: Neat MVC code, easy to write. Controllers and views nicely integrated. All variables declared in controller are directly available to views. Which should have always been the case, but in other barebones J2EE/php, you need to pass a data object explicitly, because MVC is not mandated.

4. Fixtures: Stuff to fill your “Test” database with data. Easy to write YAML (byebye XML). This will auto-run when you run tests, so your test database is ready with required data. If you don’t know yet, Rails will auto-create dev, test, prod databases for easy demarcation. Rails will also auto-clone the dev database schema to test database prior to loading fixtures.

The learning curve is a bit high, and I am spending a lot more time understanding the components in comparison to J2EE. Yet, given the benefits, I think it is well worth the effort.

For those who couldn’t manage time to watch the Wave preview, here are just some of the things it does :

• Acts like email when the recipient is offline
• Acts like a realtime chat when the recipient is online
• Maintains a common structure in one place (visible to, and editable by all concerned parties) instead of having copies in every person’s account
• Allows you to add other recipients to a subset of a Wave or the whole Wave.The new folks can “Playback” how messages were exchanged
• Allows visual plugins which can take the form of games, polls, etc. For example, instead of sending messages to each other, you can send Chess Moves which the plugin happily records and the game proceeds
• Allows realtime collaboration on documents with changes tracked. Again, a common copy of document is maintained.

While some skeptical glances are surely cast as to whether people will “embrace” this new concept of communication (as they are still stuck to SNDMSG program and have not been able to comprehend any other way to communicate all these years), the overall mood is that of joy, on having seen something truly profound, and having been promised that this will be available to everyone, for FREE, later this year.

The most obvious thing that hit me while seeing the preview was the way Google relentlessly pursues its mission. Remember Google’s Mission statement?

Google’s mission is to organize the world’s information and make it universally accessible and useful.

This is the way Google earns money: By targeting advertisements suited to your interests. How does it understand your interests? By organizing information about you.

So while the mission is technically about helping the world, it is also a lot about making profit. Of course, there is nothing wrong whatsoever in making profit by developing something which provides value to the user. Microsoft earns by asking users to buy the product, Google earns by providing relevant advertisements.

Thus started the long journey of organizing the world’s information. First they gathered some trends of what we search based on cookie information. GMail was the next big boost as a lot of personal emails meant a lot of personal information. Orkut, Blogger, Google Talk, Docs, Sites, Reader, Youtube; each product added to its suite targets nothing but collection of information from users in exchange for some great services, for free.

Yet, Google would still require to organize bits of information from different applications to understand the “complete picture”. Google Wave, in a lot of ways, has removed that additional effort.

Wave is a communication structure that can be used anywhere. (Potentially) integrated throughout Google Applications and beyond, it provides a single point of communication. Email, chat, organization of albums, blogging, collaborating on documents, everything is either available in the Wave structure or can be derived out of it (by creating a new Wave and importing some specific elements). So now, Google does not need to  organize information about you. You yourself will organize it all using Wave. It is safe to assume that information which might have been dispersed around on a dozen different websites online (Google or others) will now be collected in a common Wave. With little or no effort, your whole life (henceforth) is likely to be captured in a handful of waves. I shudder just thinking of the advertising avenues that follow.

Google, you evil genius, you!

1. Proprietary ATI drivers

The first thing we come across is the video drivers which never were. The moment you try to install proprietary ATI drivers for “old” cards (my ATI RadeonExpress 1250 happens to be one of those), you will get a system freeze. No graphics, no inputs, just some random colors on screen, which aren’t very pretty either.

Solution here:

sudo /usr/share/ati/fglrx-uninstall.sh  # (if it exists)
  sudo apt-get remove --purge fglrx*
  sudo apt-get remove --purge xserver-xorg-video-ati xserver-xorg-video-radeon
  sudo apt-get install xserver-xorg-video-ati
  sudo apt-get install --reinstall libgl1-mesa-glx libgl1-mesa-dri xserver-xorg-core
  dpkg-reconfigure xserver-xorg

You could probably create a script of this sort and save it in your home directory, so that when the system does fail, you can easily get into recovery mode (use the “Recovery mode” listed in Grub) and just run this script rather than attempt googling through Lynx, which I almost always end up doing. In case you plan to run this script in recovery mode, you don’t need the “sudo” command for any line since you will be “root” already.

2. Screen Freeze with Compiz

The open source drivers you install for ATI are known to create hassles for 3D graphics. Jaunty does allow you to enable Compiz (System Appearance -> Effects -> Normal / Best). However, I had a complete system freeze lot of times while I gave Compiz a try. I could easily reproduce the strace gedit bug while 3D effects were enabled.

Solution: Disable Compiz (or downgrade )

3. VirtualBox fails to start

The Virtualbox kernel module needs to be recompiled for the newer kernel in Jaunty. This problem is not specific to Jaunty (or even Ubuntu), but no harm in listing it here.

sudo apt-get install linux-headers-$(uname -r)
sudo /etc/init.d/vboxdrv setup

The first line downloads appropriate Kernel Headers for the latest Kernel, which will be used by the “vboxdrv setup” command.

The problem with Ubuntu, however, is that with the frenzied pace of development and the releases being churned almost twice yearly, I am quite certain that most of the bugs reported for this release will be ignored or will be prioritized “Low”, meaning they are kept for “later” (read: never). While this is an issue with even slow-moving projects, I am (or at least, was) quite impressed with the way Ubuntu maintained quality till Hardy Heron. Most of the packages “Just worked” post installation, with a few hiccups here and there. Hardware, drivers and graphics did remain a concern, but that is something we have to live with for a while, given the low interest of manufacturers for providing Linux drivers.

Anyway, back to the point: The current pace of development for Ubuntu guarantees a lot of loose ends in newer releases. In contrast the Debian community goes for “release when ready” philosophy. However, they suffer from delays and more delays in releases, leading people to believe that Ubuntu is the right way.

Which brings the question, what, really, is “the right way”? Most will consider a “middle way out” but that is easier said than done. Granting developers’ request for more time on the basis of an incomplete feature or a yet-to-fix bug list will eventually lead to a heavily-delayed release. On the other hand, having a strict deadline means that you are ready to compromise on the quality of the release. While this matches the “release early, release often” philosophy^*, there’s a slight disconnect when it comes to having a product eager to replace Microsoft Windows, as is described in… Bug #1 for Ubuntu.

Microsoft has a majority market share in the new desktop PC marketplace. This is a bug, which Ubuntu is designed to fix.

Back to the point (again), Paul Graham also corrects the general perspective for “release early”:

By “release early” I don’t mean you should release something full of bugs, but that you should release something minimal. Users hate bugs, but they don’t seem to mind a minimal version 1, if there’s more coming soon.

So far, I don’t see any awesome release philosophy with a strong way to maintain the pace, while maintaining the quality. All we can do, maybe, is to have an in-between release to just “fix more and add less”. This is where developers may find themselves in bug-fixing mode, instead of their favourite “building that cool app”, but its all for the greater good, no?

The major problem was with my ATI drivers. Never a good thing to mix ATI with Linux, I have learnt. But maybe the lesson came a bit too late as my Motherboard I bought a year ago has got the RadeonExpress 1250 onboard graphic card which is already in “Legacy” mode!

The downside is that the newest generation of the driver doesn’t support any of the “older” ATI chipsets, which at this point include the R300 through R500 chipsets.

The proprietary ATI fglrx driver won’t support the new kernel. Need to make do with the open source drivers. Fortunately, they are a good fit for 2D graphics with a good resolution. Bye bye, Compiz, for the time being.

Having settled with the “basic” look and feel, I also find some problems cropping up in the package repositories. A guide for installing the good old Tomcat server makes a pretty frank statement before proceeding with the installation procedure:

If you are running Ubuntu and want to use the Tomcat servlet container, you should not use the version from the repositories as it just doesn’t work correctly. Instead you’ll need to use the manual installation process that I’m outlining here.

This is probably not unique to Jaunty, but nonetheless, the general trend now is that I do read a bit online before installing anything from the repository. Be it Amarok, the version 2 of which isn’t very well received, or Tomcat, or Eclipse.

Wine, which was working wonderfully in Hardy, seems to be broken for some reason in Jaunty. All I get is 2 seconds of screen flicker, whenever I try to load any program. Need to google on this a bit more in detail. But a quick search points in the direction of my graphics card (again!).

I am left wondering why I upgraded at all. Maybe it was the faith that with Ubuntu, newer version numbers always mean more happiness.

It’s not that Ubuntu has let us down. Although a lot of posts are floating about regarding Ubuntu pre-release testing being inadequate, there is actually too much on the plate to test with. A multitude of hardware chips, file systems, desktop environments, applications, each with their different versions, is a pretty daunting task. I just hope that every once in a while there is a release in which the dev folks take a step back and look at how usable the OS is, and whether it “Just Works”

Your blog, like your email or your Facebook profile, is your online identity. Yes, that’s why we have an authentication system, but sending plaintext passwords to the server isn’t a great default setting. Well, going for a security certificate for something as basic as a blog will be too farfetched, but the nice CHAP protocol is good enough for all our secure login needs. And it is available as a WordPress plugin thanks to redsend.org. Yay!

So there you go. Not a single line of code written, and your wordpress login is secure, even when you go wireless. That wasn’t so hard!

The other security feature that we need is protection from comment spam. This is a more commonly known problem, as you can “see” your blog being misused, unlike in the situation explained above. There are a hell lot of spam protection plugins available. You can either go for a strong Captcha system like MyCaptcha, or prefer to go easy on people kind enough to comment on your post and filter out spam automatically, using Akismet or Defensio. I prefer the latter method and it has been pretty accurate till now.

That’s it. Your wordpress installation is secure from all the bad guys. Well, most of ‘em, anyway. There’s nothing like investing five more minutes after the five-minute install for a bit of security. Blog safe!

I just found by chance that Google Chrome indeed handles this elegantly: On the second popup for any page, it displays this neat checkbox right below the message:

This is something that Mozilla folks decided “could wait” for the past eight years?

Yet, it’s never too late to thank anyone. (Adapted from V for Vendetta: It’s never too late to apologize)

Akismet has shown how we do not always require captchas to curb bot-generated random spam. But it is not ideal for big websites, mainly because

• Its a program after all. There’s every chance that it can make mistakes.
• Genuine comments suppressed by Akismet are not that bad for a website. But spam comments for enlarging body parts to impress her, which pass through Akismet and shine with a glow right below an article don’t look good at all.
• There’s that tiny increase on server load everytime a comment has to be analyzed by Akismet. And if this hardly-visited and never-linked blog (as of today) has fought with 1000 spam comments, we all can imagine what the battle will be for a website which gets “slashdotted” or “dugg” every few seconds.

• Captchas are irritating.
• Captchas are irritating.
• Captchas are irritating.

That’s three good reasons right there, the last one being most important . While I have enough server power, I will try to minimise the hassle of looking through bleak bent text with a mashed grid or circles or airspray.

Long story short, after having spent a few minutes on his PC, I found out that IE was hanging the moment it started. His PC maintenance guy had come and tried to reconfigure the Internet connection (heh), which didn’t help much. (The fact that a browser ought to hang on the OS from the same company should have seemed absurd, but somehow we are all used to it, mostly due to virus attacks and corruption.)

But why would a perfectly working IE hang all of a sudden? I got another bit of info from the user: “It asked me to upgrade to version 7. It is not working ever since I upgraded”. Sad. MS doesn’t test its upgrades enough! Useless! Thankfulle, before I could post my rant online, I googled and found a quick solution: Uninstall Yahoo! Companion and all shall be fine. And indeed it worked! Perfect answer… and boy did I get showered with praises for starting up good old IE with fewer toolbars!

For no fault of its own, IE was screwed and broken due to the upgrade. Oh, but there is a fault in it… the upgrade itself!

The sad thing here is that IE either doesn’t have any idea about what applications are plugged-in (or coaxed in) to it, or that it doesn’t care about them during the upgrade. Either ways, it is the user who suffers.

FF covers addons a lot more by checking their versions and the compatibility after each upgrade. That said, a foolproof “Go back to the previous version” ought to be present for all major upgrades which are not critical, simply because there may be a functionality dear to the user (and a don’t care for the dev) which might stop working in the new version. Edit: Even if the update is critical or security related, why not let the user choose whether he needs a secure app or a working one?

The other way out is to have a package manager like Debian’s ‘apt’ tool to handle all upgrades and report clashes to the user. But that’s a distant dream on Windows with everyone having their own installers.

I hate automatic updates & installs. (I have also written earlier about Acrobat Reader’s need to download and install “Critical Security” updates every few weeks from the Internet. There ought not to be those many security vulnerabilities in a document reader.) But all kinds of applications today are coming up with internet updates. While this does allow you to provide your latest and greatest piece of code to the user, you might just end up breaking something because of incompatibilities with other software.

Adhering to the policy of oldversion.com: “Because Newer Is Not Always Better”, I try to keep my software tuned for manual updates. Reduces the trouble, as well as the bandwidth consumption (required specially for limited-download connections). Yet, it does no harm to remember that software one develops will not be the only process running on any machine. Let’s have some consideration for others.

Its safe to assume that not all developers will be using these features for mainstream websites unless our very dear IE supports them. So we still have time to see these beauties in action. But we have a lot of gray area for what happens when these are used together. The implementations are still juggling with these questions.

For example, what happens when opacity of a box is 50% and a drop-shadow attribute is used for the box? Or, what happens when a shadow drops on a box which is having less opacity? Should the shadow have rounded corners for a box with rounded corners? How should a shadow with bigger fade (black to transparent area) render on a shadow with smaller fade?

These are just some tricky “beginner” questions with no straight answers. Fortunately the community is pretty enthusiastic about rendering these effects with markup. Lot of such issues and fundamentals have been discussed.

In an image editor you can manipulate the effect rendered depending on which operation you perform first. This is not really clear for CSS, and with browser implementations which can vary, it might be a bit of a hassle for us to have consistent cross-browser CSS3 markup ready to use.