I truly believe that in most instances, less is more - Minimalistic design in architecture, car design and computer code (Assuming that shortcuts aren't taken and things are done properly). With code, less code = fewer potential bugs. Following the simple mantra reuse, reuse and reuse, we try... but often come up short. This all sounds pretty simple and is preached everywhere but can actually be very difficult to attain. In developing my web application framework for my applications, I've decided to strip away all the unnessesary stuff and simplify the number of classes. In doing so, I've still tried to keep everything scalable, flexible, consistant and easy to maintain - alot easier said than done.

I turn my attention to JSP tag libraries. In my previous job, I did everything - analysis, design, development and implementation. This is not the idea situation because the responsibility lines get blurred. In the ideal situation, a Web developer who has knowledge of HTML, scripting languages, tag libraries, style sheets etc. but no knowledge of Java, maintains the front end and a back end Java developer develops the business objects. Honestly, I don't know how often this actually happens but the benefits are often preached. Coming back to my former position, I had no problem with reading JSP pages interspersed with Java code but a HTML web developer may have great difficulties in understanding the relevance of much of it. A lot of the complexity can be hidden by using JSP tag libraries which use simple HTML like tags to map to Java classes which output simple tags or more complex structures like tables of data.

Tag Libraries aren't a new thing but like many things, in depth studying of library development has been put off for a long time. But now that I've started delving to into it, I've realised the importance of them. Firstly as mentioned, they remove most (if not all) of the need for Java code to be placed in a JSP page allowing expert web developers to develop the look and feel. Secondly, with no java code in a JSP, it reduces the amount of code and as mentioned before, bugs. I had relativly recently started using ASP.net and was suprrised at the ease of being able to double click on a HTML design component e.g. a button and it suddenly produced a .aspx file with the button handler. I have no idea how the application server handles the flow between the HTML page and the server side handler but that's the point - I don't have to. All I need to know is that it happens. This is essentially what I'm trying to achieve.

Keep things simple, hide complexities and confusion is reduced and productivity incresed.

It was all going well... I had the SMS gateway installed and running on my laptop and it could send and retrieve SMS's. So the next step was to transfer the .war file to the remote server, install all the other components and test. Easier said than done...

Firstly, I tried deploying straight to Tomcat, but that left me with the problem of not being able to see certain error messages. I know, I should be logging error messages properly but hey, this is still a test. So I then started up Eclipse and tried to run it there only to find out that I was having problems writing to the COM ports. With all the messing about I think I may have screwed up the firmware on my phone. Whenever I plug in my phone via the USB cable now, it just gives a "Unrecognised usb device" message. This suddenly happened on both my computers. I tried to use my other Samsung instead, but couldn't get it to show up as a COM port in the device manager. So it's off to my service provider to see what they can do. The joys of being a programmer...

Continuing from the previous research and work, I've decided to build a complete gateway using the smsLib as a base. So far, I've already built part of it and completed the basic design. The system has a web interface which enables user management, gateway creation etc. The gateway management allows adding either a "local" GSM device or a third party gateway such as bulksms or clickatel. Within the smsLib API, load balancing and cost routing can be set. This allows multiple phones to be connected to the system to increase throughput - very handy. The API also enables specifying sms "handlers" which process incoming SMS's. This may allow some interesting options in managing a server via SMS? Once I'm finished, I'm considering releasing it as open source - It may be useful to someone.

SMS'ing is a easy, (fairly) reliable way to get messages to people quickly. Now having a computer program send an SMS could be very handy. Based on the number of "How can I send an SMS from program XYZ..." questions asked in forums, lots of people think so. So I've been thinking of building a set of reusable classes for use in future projects of mine to enable me to inform an admin user when a problem has arisen or send a user information. In spite of lots of people asking these questions, it took me a while to find my answer, especially seeing that I had no idea of how to go about doing it.

There seem to be a few ways of achieving this; some involve using a third party service, like an SMS gateway, others a GSM device connected to a computer. As I don't want to use a subscription service which no doubt would be much easier, I was restricted to using one of my phones connected to my computer. After my initial quick search, I found some code which apparently allowed a program to communicate via a COM port with the phone. That was all good except the phone is connected via a USB port. Hmmmm... It took a while to realize that once the drivers for the phone are installed on the computer, a "virtual COM port" is created which is visible in the device manager in Windows.

So once I got this figured out, I downloaded the smslib code and examples and tried to run it. All I got was an unknown port exception (or something like that). After some more head-scratching, I found that I hadn't installed everything properly. The smslib relies on the commapi which is used to send data to a serial port. This api requires that a dll file and a properties file be placed in the correct folders. With this resolved, the code worked perfectly and I managed to send my first "Hello World" SMS to myself via my connected phone.

In all the searching for that elusive eureka moment I read a lot of information and learnt a few things. An interesting thing relates to the use of AT commands. At first I was totally confused, even though I had seen this relating to modems years ago. Basically, a special set of AT commands, which sent to a modem or phone via the serial port causes certain desired behavior or returns some information. The commands allow a program communicating with a phone to make a call, end a call, send data via GPRS/ 3G/ SMS, get information regarding battery life and many other functions. The exact implementation depends on the phone but it is generally standard. These commands can be easily tested using a utility program like HyperTerminal. So coupled with the AT command specification downloaded from Sony Ericsson for my phone, the commapi library and some imagination I could write a program to control virtually anything on my phone.

So now my final problem is that it seems as though the number of SMS’s sent from a GSM device is restricted to about 6/minute. I will probably have to write a server which allows multiply phones to be connected at the same time that read SMS’s to be sent off a queue. Maybe in the future I’ll expose this as a web service which leads on to the question of authentication and authorization relating to who can send or read SMS’s. Rather than just a side thing, this is turning out to be an interesting project in itself.

I've been hearing a bit about mashups and seen a few products out there. For those who don't know, mashups are built by combining various sources of data and producing a new product from them. They are often web service driven. E.g. Combining Google map data, listed shops combined with pricing and a delivery service to provide a totally new shopping product. OK maybe not the best example but you get the idea. The big thing is that there are products available to enable end users with no programming experience build these applications using a GUI. The thinking is that it is better to get the end user to develop their own products than getting some developer's interpretations.(Think developing simple spreadsheets in Excel - everybody has one somewhere.) At the moment I think that it is still largely developers that produce, but this is where its going. There are some interesting products out there E.g. Yahoo Pipes. Now if companies like Yahoo and Google are putting big money to develop products, this is probably where it's going. I just wonder where this leaves the developer? I know there will always be a need for programmers but as this idea takes hold and ease of development improves for an end user, it may redefine a few things - I just wonder what and how much.

I previously mentioned advertising on websites. I checked out Google AdSense since I use many of Google's products including Gmail, iGoogle, Google Calendar, Google Talk, Google Docs etc. Safe to say that they've got my life in their hands. (Scary to think...)

Anyway I digress - I registered and set up ads. The process was honestly more complex than I realised but then again I had a simplistic understanding to start with. It wasn't difficult but it was a bit time consuming because I wanted to understand everything and yes, I did read the entire "Terms & Conditions". Most people (including myself) normally skip over these but in this case I felt it rather important. Once registered and set up, there are tools provided to track the number of page impressions, ad clicks, Page CTR, earnings etc. Payments are made by check posted to your physical address once your earnings reach $100 (US). I think that electronic fund transfers are also available. Once set up, a crawler analyses the content of the website and places a relevant ad. On blogger.com, it is done with a few clicks but if you place an ad on a "manually" developed web page, you would copy and paste a section of HTML code. I'm still waiting for the crawler to analyse the content of this page because until that stage (as I understand) it will continue to display public service adds.

All in all, it wasn't a difficult process, but set aside more than 5 minutes to complete it.

I'm finally finished exams and have got two months of "free" time to complete all the things I've been playing with. I was checking out some security/ hacking stuff a few days ago (I suppose your terminology depends on which side you sit) I've been trying to learn a few things on security seeing that I don't want to compromise my system. I came upon a few articles of "Google hacking" which made me realize a few things.

From what I can see, there are two approaches to hacking. The first is what I'd call a shotgun approach - basically you shoot everywhere and hope to hit something. Continuing with the gun analogy, the other approach follows that of a sniper - As a sniper identifies a single target and aims for only that. I suppose both approaches serves a hacker's needs depending on what they are looking for. Often, hacking involves identifying a vulnerability and exploiting it. Google comes to the party in the shotgun approach by searching millions of servers for certain strings which could indicate a specific vulnerability or weakness. E.g. Exception messages (stack traces) that are displayed to the end user could be cached by Google and can be looked up at a later stage by someone. These can provide a hacker with lots of information which could be used break into the system. E.g. If an SQL type exception is thrown and displayed which contains table names and/or columns, it may be used in an SQL injection attack. If a web application passes usernames and passwords directly from the page without some validation, inserting a few characters including comment characters in the password field could result in bypassing authentication totally. So by using only Google, a hacker could easily hack into many web applications. The lesson learned in this? I never realized the dangers in search engines caching exception messages by allowing uncaught exception messages to be displayed to the end user (apart from the poor impression made). The second is an old one - make sure that forms fields are checked for invalid characters.

These methods are not new but are highly effective. I managed to access a few servers by searching for admin login pages and trying a few different default usernames and passwords. How stupid can administrators be? Again, a lesson to be learned - make sure that the default user account is off!

Hmmmm. looking back now, there's been quite a gap between the last post. Not that there were that many though... I just haven't had time to work on this. I haven't been able to decide the nature of my blog and without some sort of guidelines, I suppose this is just a random collection of stuff. Probably not too interesting then. And at the end of the day it would be pretty pointless if there was no interest in it. I've decided to focus on technologies and tech-related news, probably including some of the stuff I'm working on.

To start with I came across a blog called WebKEW by Marshall Brain. His blog mainly concerns making money through advertising. I could definitely do with some extra cash - as could everybody, I'm sure. I doubt that a single simple blog is going to turn me into a millionaire over night - And to honest, that's not the reason I'm doing this. But I've been trying to collect some of the projects I've been working on, finish up a few things and publish them. His blog makes for interesting reading for anyone interested in doing a “web businesses” or anybody with a well read blog for that matter. Over the next few weeks I plan on setting up a Linux/Tomcat web server and hosting it at home. This will serve as a platform for testing some of my projects and any other server related work. I want to attempt setting up a distributed web server with failover and load balancing. At the moment I'm just trying to bring everything together in one place. I've got a Google pages web site - if that's what you call it? It functions mainly as a hosting place for some of my stuff until I decide what to do with everything.

My Web Site

As always this "playing around" is subject to time availability so we'll see how that goes.

The other day something happened and it suddenly dawned on me that I wanted to leave South Africa and start up a life somewhere else. Seeing that I've gone back to studying, I've still got a little while before I can up and leave. Trying to list English speaking countries, only 5 options came to mind - USA, Australia, UK, New Zealand and Canada. Hmmmm I little surprising seeing that it's the most widely spoken language in the world. (I'm sure that I'm missing a few?) Most of Europe can speak English but it's not their first language. The first place that came to mind was the New York city. Call it Hollywood brainwashing, but for some reason, it appeals to me. I enjoy the fast-paced city living. The other option was Los Angeles - A little closer to home weather. Never having been to America, I'm not quite sure what it's like. Watching CNN, there seems to be a constant hype about the "War in Iraq" which I wish they would just get over. In South Africa there is very little restrictions on civil liberties. Maybe this has to be seen relative to other countries? Maybe an expat South African would like to comment? The other option, Australia? Well, they're a bunch of yobs and they drink beer! It think that we'll get along well!

My very first blog... Hmmm, no preasure. Well, why do we do this? I supppose it differes from person to person. Some exhibitionists, others to share experiences with friends and loved ones, to share ideas or to meet new people. Mine - Mostly sharing experiences or pictures with friends. We'll see how it goes...


Twitter Delicious Facebook Digg Stumbleupon Favorites More