Monthly Archives: September 2014

Database Views in Postgres

postgres

A few weeks ago I gave a presentation at the New York City PostgreSQL User Group about Database Views in Postgres. Most technology professionals that work with databases are familiar with database views but (at least in Postgres) there are some really interesting advanced features that are possible. In Postgres you can set up rules so that you can not only query views with the select statement but you can also perform updates, inserts and deletes which will be reflected in changes to the underlying view’s tables. For example, here is how to setup and execute a delete statement on a database view named customer_view:

CREATE RULE delete_customer_view AS ON DELETE TO customer_view DO INSTEAD (
DELETE FROM customer WHERE id=OLD.id
);

DELETE FROM customer_view WHERE id = 1;

Excessive database views and complicated rules can easily take down any system so it’s best to use these features sparingly. It’s nice to have the ability though for sure.

The full presentation is short and easy to understand so if you are a Postgres user go take a look the presentation slides here.

ShellShock Bash Vulnerability Fix Instructions

Computer security researchers have discovered a long standing security risk to Linux and Mac OS X machines. The vulnerability is being termed the ShellShock Bash Vulnerability and lets an attacker run commands via the bash shell. Thankfully patches are already available for many platforms and I’m going to walk you through the process I used to patch my MacBook Pro running OS X Mavericks (10.9) and an Amazon Web Services EC2 AMI instance.

 

Patch Mac OS X Mavericks

Confirm that your machine is vulnerable by opening the terminal and entering the following command. If your machine is vulnerable it will output the text “vulnerable”:

env x=’() { :;}; echo vulnerable’ bash -c ‘echo this is a test’

My machine is vulnerable:

mac os x mavericks shellshock vulnerable

Next, download this OS X Mavericks (10.9) patch from Apple. Patches are also available for OS X Mountain Lion (10.8) and OS X Lion (10.7). The download is 3.2MB, installs using 3.8MB, takes less than a minute and does not require restarting your computer. After the patch finished installing I ran the same command as before to confirm that that it worked. My machine is now protected:

mac os x mavericks shellshock patched

 

Patch Amazon Web Services EC2 AMI Instance

SSH into your machine and run the same command as before:

env x=’() { :;}; echo vulnerable’ bash -c ‘echo this is a test’

My machine is vulnerable (ip address masked in screenshot):

aws ec2 ami shellshock vulnerable

I used the command “sudo yum update”, which installed all security and regular system updates to my machine. For patching just the ShellShock Bash Bug you will have to find the specific instructions. RedHat has provided some details here. After running the update my machine is now protected:

aws ec2 ami shellshock patched

 

Note: Much of the information for this post was found in this article from Engadget.


Updated 9/30/2014: Included links to patch ShellShock for OS X 10.8 (Mountain Lion), OS X 10.7 (Lion) and more Linux patch details from RedHat.


Updated 10/02/2014: It appears that there are still vulnerabilities associated with the ShellShock Bug even after patching. I will keep updating this post as more information and patches become available.

Why Stack Overflow Is Dominant

stack overflow logo

 

Like most developers I first found out about Stack Overflow by searching Google for an answer to a technical problem. After consistently seeing Stack Overflow show up within the top few spots on Google search results for all sorts of detailed queries I started to use Stack Overflow directly when looking for answers.

Similar to GitHub, Stack Overflow launched in 2008 and is now a critical part of the software development community. Stack Overflow allows users to post questions and get answers in a very streamlined Q&A format. Questions are tagged for their relevant tech, users ask follow up questions or post answers, and then the person who asked the question can accept an official answer if it solves their problem. Questions must adhere to fairly strict standards in order to remain active and users are often prompted to provide more detail if need be.

There have been countless programming Q&A websites since the mid 90s (and many more if you include traditional message boards) but Stack Overflow is by far the best. It starts with a thoughtful design, giving users of different experience levels of power. Various factors go into generating a reputation score for each user, which is shown below each post they make as well as in each user profile. Users are also assigned badges based on completing various types of tasks and reaching specific goals. This is a good example of gamification done right. These design decisions might not seem big but they are the difference between fostering a quality community and having a deserted website. The community ultimately drives the quality of the content and at least for now Stack Overflow has the best community.

For a long time I used Stack Overflow passively. I never felt the need to ask my own questions because in almost every instance, someone had already answered my question and it was simply a matter of finding it. This week I finally created an account and I’m glad that I did. So far I have answered 9 questions and I have received 36 reputation points. Most of the questions that I have answered are under the iOS tag, probably because there seems to be a lot of beginners programming in iOS and thus answering many of the questions is quite easy and can be posted in maybe a minute. Other tags that I have started to follow include Javascript, Python and Postgresql. So far I think taking a brief break during my normal work to browse stack overflow and take a stab at answering a question seems beneficial. Not only might I learn something new but I also might help out a fellow programmer.

How Important Is Height?

There was an interesting article posted last week over at Inc. titled Why Shorter People Make Better Entrepreneurs. The gist of it is that while corporate management tend to be taller than average, very successful entrepreneurs seem to be short (though short to average height seems to be more accurate). The article is not scientific though anecdotally I think most people have noticed this trend, both with their own corporate experience and skimming through the list of billionaires with the likes of Henry Kravis and Daniel Snyder. I’m 5’11″ and outside of my visits to The Netherlands I usually feel like I’m average in height.

I do find it funny that the article is written with the assumption that the reader is short e.g.

But when it comes to starting a successful business, you just may have an edge over your taller peers.

I guess tall people don’t have time to read Inc. – they are too busy getting promoted at large companies.

Pirates of Silicon Valley

Every Sunday morning I plan to blog about the history of technology. Up first is 1999′s TNT original movie Pirates of Silicon Valley.


 

Now I know what you’re thinking. Made for TV movie? How good can it be? Answer: it’s my favorite made for TV movie of all time and among my favorite movies in general. Read on to find out why.

Pirates of Silicon Valley focuses mainly on the history of Apple and Microsoft starting in the 1970s through the mid 1980s, with a short wrap-up taking place in 1997. We meet Bill Gates and Steve Ballmer while they are students at Harvard and Steve Jobs and Steve Wozniak while they are sometimes in and sometimes out of school. Most of the film centers around the growth of Steve Jobs and Bill Gates as individuals and covers how their careers and companies rise but then go in opposite directions starting in the mid 80s.

What makes this movie so good is that it sticks very close to the actual history while still remaining quite interesting as well as having terrific performances from its lead actors. Noah Wyle in particular in incredible as Steve Jobs while Anthony Michael Hall (yes that Anthony Michael Hall) as Bill Gates is also fantastic.

Steve Wozniak himself says in the following YouTube clip that the movie is basically step for step in line with the actual history:

Steve Jobs liked his portrayal so much that he invited Noah Wyle to imitate him at 1999′s MacWorld event following the release of the film:

If you happened to watch last year’s movie Jobs just know that Pirates of Silicon Valley is better in almost every way. Better acting (sorry Ashton), better script and more historically accurate. On top of it all, Pirates manages to cover not just the life and career of Steve Jobs (up until the mid 90s anyway) but also Bill Gates as well. Rotten Tomatoes happens to agree with me, giving Pirates an 89% rating while Jobs has a rating of 27%. Not bad for a TNT original.

There is yet another Steve Jobs movie coming out next year, this time based on the official Steve Jobs biography by Walter Isaacson. While I did enjoy Isaacson’s book, based on what few details I’ve heard about the movie, I’m not holding out much hope that it turns out well. In an ideal world, the cast and crew of Pirates of Silicon Valley would get back together to make a sequel that would start off where the first move left off and finish probably at the death of Steve Jobs.

Now that I’ve convinced you that Pirates of Silicon Valley is a must watch movie you can dive right in and watch it below:

Watch Pirates Of Silicon Valley in Drama  |  View More Free Videos Online at Veoh.com

Search Query Categorization at Scale

On September 23rd I attended a lecture hosted by the NYC Search, Discovery & Analytics Meetup group. Alex Dorman, CTO of Magnetic, spoke about Search Query Categorization at Scale. Alex and the Magnetic staff were nice enough to not only host the event but to record the talk. I would recommend anyone interested in search, online advertising or the semantic web to watch the below video. My particular interest in this talk is Magnetic’s use of Wikipedia data via the Wikipedia API, DBpedia and Freebase. I happen to be using all three technologies for an iPhone app that I am building as a side project. Check it out…

iPhone App TextToSpeech

GitHub is a website that has been around since 2008 and in the last few years has become a major part of the software development community. GitHub serves as a Git repository (a popular source control application) coupled with a web hosting service. I have been using GitHub to collaborate on private projects for several years now and in that time I have also used lots of GitHub hosted projects to help me build some fun and interesting websites and apps. I thought it was high time that I start giving back to the developer community and so I’ve begun the process of publishing example applications based on some of my work on GitHub.

For my first GitHub repository I have created the iPhone App TextToSpeech. TextToSpeech is a single view application that shows off some of the text to speech features that were first introduced in the iOS 7 SDK. You type in text in a textbox, select a voice type, speed, pitch and pause cutoff type and then play and stop playback of the text translated to voice. The app also registers itself to play speech when the app is running the background with full audio control capability. There are a number of bugs in the official Apple SDKs surrounding text to speech so this project includes several workarounds that may be useful to developers diving into this stuff for the first time. Here’s a quick look at the app:

 

texttospeechscreenshot

 

Get the TextToSpeech project from GitHub

About This Blog

It’s been almost a whole year since I registered the domain brettdidonato.com and designed the landing page that you see now. Since then I have been busy with a lot of things – consulting work, a startup, pet projects, a trip to Japan and China and even a wedding.

I had planned to start this blog last year but better late then never so let’s get this thing started. I plan to cover a lot of different topics, including:

  • Computers & Technology
  • Startups
  • The NY/NJ Tech Scene
  • Web Development
  • App Development

Some articles will be general interest and can be enjoyed by everyone. Other articles will be programming specific subjects that I find interesting or that I think might be helpful to fellow developers.

Feel free to post comments or send feedback to brett at brettdidonato dot com. Thanks!