The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,651 other followers

Archive for the ‘Design Patterns’ Category

Ralph Johnson: 22 years of design patterns – YouTube video of lecture

Posted by jpluimers on 2018/10/25

via [WayBack] Ralph Johnson: 22 years of design patterns. I thought you might find this interestinghttps://youtu.be/jhPLFLcxslM – Agustin Ortu – Google+ the below video.

Ralph Johnson is one of the Gang of Four: the authors of the famous Design Patterns: Elements of Reusable Object-Oriented Software book published October 21, 1994 and copyrighted 1995.

Google translated lecture announcement, slightly edited:

Ralph Johnson is world renowned for his high impact contributions to Software Engineering, particularly Object Orientation. His book “Design Patterns” has been best-selling in the history of computing (more than 500,000 copies sold in English and in translations into 13 languages). From his research group also emerged the first works on frameworks, patterns and refactoring. His students also created the first refactoring tool, the Smalltalk Refactoring Browser, on whose architecture all the refactoring tools of today are based.

His talk, “Twenty Years of Design Patterns,” will talk about the evolution of software patterns since its inception in 1994. Some have become common, and others have not. Some patterns have changed. Ralph Johnson will talk about several of the patterns that are more widely known, with a renewed understanding of what the book “Design Patterns” should have said.

Ralph moved from the Department of Computer Science at the University of Illinois to COO of Metaficient and many of his history is only at the WayBack machine, so here are some links to it:

  • Ralph Johnson: The Refactory is dedicated to helping organizations succeed with objects and design patterns. Principals include Ralph Johnson, an original member of the Gang of Four patterns.
  • Former Ralph E. Johnson homepage at the University of Illinois
  • Metaficient Management Team
  • 2016: 25 years of OOP Konferenz 2016 – Ralph Johnson
  • Ralph Johnson on Parallel Programming Patterns: Ralph Johnson, one of the four GoF authors, talks about the upcoming book “The Patterns for Parallel Programming”. He highlights the difficulties in dealing with discovering and writing down parallel programming patterns, how to choose and use such a pattern, and similarities with the initial Design Patterns book.
  • A Pattern Language for Parallel Programming: Ralph Johnson presents a pattern language that he and his colleagues are working on in an attempt to solve the hard issues of parallel programming through a set of design patterns: Structural Patterns, Computational Patterns, Parallel Algorithm Strategy Patterns, Implementation Strategy Patterns, and Concurrent Execution Patterns.

–jeroen

Read the rest of this entry »

Posted in Design Patterns, Development, Software Development | Leave a Comment »

How not to structure your database-backed web applications: a study of performance bugs in the wild | the morning paper

Posted by jpluimers on 2018/09/25

This is about Ruby anti-patterns, which is a good step to start investigating the own anti-patterns you use in your own development environment:

[WayBack] How not to structure your database-backed web applications: a study of performance bugs in the wild | the morning paper

How not to structure your database-backed web applications: a study of performance bugs in the wild Yang et al., ICSE’18 This is a fascinating study of the problems people get into when using…

Via: [WayBack] How not to structure your database-backed web applications: a study of performance bugs in the wild… – Adrian Marius Popa – Google+

–jeroen

Posted in Design Patterns, Development, Ruby, Software Development | Leave a Comment »

Cape Cod Gunny Does Delphi: Gunny Meets Uncle Bob – Part 1

Posted by jpluimers on 2018/08/16

I like how Michael Riley compares his learning quest of software development to things he learned in real life:

  • Gang of Four Patterns = Chess
  • POSA Patterns = Golf
  • SOLID = JJDIDTIEBUCKLE

Note that JJDIDTIEBUCKE is actually 14 parts of Marine Corps leadership.

Software development is all about learning and making connections. Like life: learn new things and relate them to existing ones each and every day.

Given Michaels military background, I understand the comparison and the reference that Eric Grange makes. I think good software development is finding the balance between guerrilla and traditional thinking. Don’t loose yourself into patterns and processes, pick the ones that fit you best at the time you use them. This requires reflection which is often neglected.

I also like the comment thread in the post, so I’ve extracted some really useful information below.

Source: [WayBackCape Cod Gunny Does Delphi: Gunny Meets Uncle Bob – Part 1

From the comments

Note I don’t agree with everything, but I they make me think about my profession.

Joseph Mitzen:

Don’t give in to the conventional thinking about “design patterns”. Design patterns are language smell. They’re a sign of places where a language is broken. They’re not some sort of gospel truth. Most of the patterns don’t even exist in languages like Lisp.

Google’s Joe Gregorio emphasized this point in a talk in 2009:

You don’t need to understand 24 patterns for a language you don’t program in to be a good programmer.

Embrace Joe Gregorio, Dr. Peter Norvig, and Paul Graham… become the anti-Hodges!

Michael Riley:

+Joseph Mitzen I agree when Martin says, “Your system architecture should be as ignorant as possible about how it is to be delivered. You should be able to deliver it as a console app, or a web app, or a thick client app, or even a web service app, without undue complication or change to the fundamental architecture.”

I agree when Martin says at a minimum software professionals should be able to describe the GoF patterns and have a working knowledge of the patterns describe in the POSA books.

My pursuit to learn Dependency Injection is taking me in directions I didn’t know about and didn’t expect I be going.Hodges is my fallback position because the only mainstream language I know is Pascal. When I see the code examples he uses I understand them… it’s the concepts I’m having a hard time with.

I just now today am learning Java. This time around it is very exciting and fun. I’m totally amazed at the NetBeans IDE. I’m very impressed with JavaDocs. At this point I’m finding myself question why I should continue to pursue Delphi.

The bottom line is this: I want to make the next release of my software able to support mobile customers, web customers, windows customers and mac customers.

I feel like I’ve been given a chance to go back to high school and start over again.

Michael Thuma:

It’s not Java that confused you. It’s the combination of the Class Library and Framework. Object Orientation simply starts with using Objects. No one needs to go further beyond, which is the original idea.

There is no such a ‘dumb’ Delphi developer for example who just uses components or the classes provided. The programming world is not divided into programmers or not. Those who define classes and provide them share a common space with those who simply use (Framework). You need to play first and play it loud.

Different example from the relational world. A DB design has nothing to do with Entity Relationship which is maybe the dominating approach. The relational model is capable of a lot more than this tiny but widely used subset.

Thinking in terms of E/R limits the scope of taking opportunities. The same way you limit yourself to one specific paradigm when it comes to programming languages. All the others make up the difference.

The Java framework is heavy. It was redesigned about 15 years ago with design patterns in mind. Design patterns were introduce to extend or put the focus on reusability which does come for anything but free even in the object oriented world. That’s why these patterns became integral part of software architecture.

Eric Grange:

All good points, but one key difference with military is that in development, Rambos routinely trounces whole armies, and not just in movies. And guerilla tactics usually win over more formal armies and approaches.

IOW shops with established methodologies are regularly overtaken by startup proof of concepts, and experienced teams are all too often outsourced by management that think they’ve found a (cheaper) guerilla team.

Don’t let that stop you from learning, but it’s a wholly different battlefield…

The comment thread also reminded me that  the GoF patterns in Delphi has moved since I wrote GoF Patterns in Delphi | Implementations of the famous Gang of Four Design Patterns in Delphi language – via Nick Hodges, so I learned this:

–jeroen

via: [WayBackLars Fosdal – Google+

Read the rest of this entry »

Posted in Dependency Injection, Design Patterns, Development, Inversion of Control / IoC, Software Development | Leave a Comment »

GDPR for database professionals and DBAs. Poster.

Posted by jpluimers on 2018/05/17

A poster showing how to prepare your Oracle database for GDPR. Wait for the email download link by visiting GDPR for database professionals and DBAs. Poster (they mention to be GDPR compliant in [WayBack] their policy), or look at the WayBack machine to download it now.

One takeaway for me: you also need to scrub backups when removing someone your records.

Via: [WayBack] sqldev.tech/gdpr_poster – Michael Thuma – Google+

–jeroen

Posted in Communications Development, Database Development, Design Patterns, Development, Software Development | Leave a Comment »

Client-Side Password Hashing – DelphiTools

Posted by jpluimers on 2018/05/03

Interesting thought on client-side password hashing: [Archive.isClient-Side Password Hashing – DelphiTools.

I’ve ambivalent feelings on it, especially since it will expose salt and other settings to the client.

On the other hand it tremendously helps when there are transparent proxies in between. Read the article for full details; here is just one quote below.

Maybe dual hashing would be in place: once at the client to prevent plain-text to go over MITM channels, and a second hash server side with different settings like salt to prevent brute force attacks.

I need to give this more thought.

The quote:

If you are using a regular Windows and a regular browser, access to HTTPS will go through the regular certificate chain, using regular certificate authority. You also benefit from extra security layers like Public Key Pinning.

But when a custom Root CA is installed, all that goes through the window: the custom Root CA allows the corporate proxies to issue “valid” certificates for any website (even google.com and the rest), and the public key pinning features are disabled:

How does key pinning interact with local proxies and filters?

Chrome does not perform pin validation when the certificate chain chains up to a private trust anchor. 

A key result of this policy is that private trust anchors can be used to proxy (or MITM) connections, even to pinned sites. “Data loss prevention” appliances, firewalls, content filters, and malware can use this feature to defeat the protections of key pinning.

All the major browsers have a similar behavior… because it is required to allow transparent proxies. And transparent proxies are the means through which the legal logging requirements are fulfilled.

So besides introducing a major MITM opportunity, this also means that there are legally-required corporate logs somewhere of all that went through HTTPS… including plain text passwords, if you did not hash them on the client-side.

These logs will have varying degrees of security when in the corporate domain… and next to none if they are ever requested by the legal system for an investigation.

–jeroen

 

Posted in Algorithms, Design Patterns, Development, Hashing, Power User, Security, Software Development | Leave a Comment »

 
%d bloggers like this: