Sunday, June 7, 2015

ipv6 is almost here

A few months ago we ran out of new IPv4 block to assign. That basically means we're out of IPv4 addresses. We need more! MOAR!!!! In order to get more (or moar) we need to move to IPv6 which is the next generation internet protocol (IPv5 was skipped because it opened a rift in space time and caused Vint Cerf to lose all his hair so they never deployed it). The trouble with IPv6 is that it's not compatible with IPv4. You can run both IPv6 and IPv6 at the same time but they are fundamentally separate networks. As a result of this incompatibility IPv6 has caught on like a house on fire. That is,  if the the house was made completely out of asbestos and at the bottom of a lake. IPv6 has been around since 1998 and was used by less than 1% of people up until 2013. More people have played Space Smilies.

Adoption is starting to pick up speed now according to google's IPv6 adoption statistics. IPv6 adoption is somewhere between 6% and 7%. It's growing so rapidly I've had to update these numbers since I've been writing this blog post! For comparison, the number of people who use Macintosh computers to access the internet is also somewhere in this range. 6% is also much higher than the number of people who use Linux to access the internet which tends to be in the 2%-3% range.

In Belgium the adoption rate is >30%. In the US it's about 15%. In Canada it's .. Yeah, let's just ignore Canada for now.

The rate of growth is accelerating. IPv6's adoption rate was around 2% at the start of 2014 and ~5% at the end. We're not even half way through 2015 and the IPv6 adoption rate is tickling 7%. Hurray!

But so what?

Well, I don't make enemies lightly, but one of my staunchest foes has been a technology called NAT. I first met this beast of a protocol while working on Myster. Myster is a p2p program I wrote from about 1999 to 2008.

NAT was created because even back in the old days of the 1990s we were running out of IP addressess. People has multiple computers that they wanted to use on one internet connection. Most of the time these tended to be larger organizations that had entire office buildings full of machines that were all networked together and wanted to be on the internet but there was no way to get enough IP addressed for them all.

NAT allows you to to share one internet connection (and one IP address) for a very large number of computers. NAT is all over the place. Odds are very good that you are using NAT right now in your router. Heck, I am using NAT right now and NAT is my mortal enemy. That is to say I hope it's mortal. There's one large problem with NAT: it breaks the internet.

Sure you and I both use the internet with NAT and everything seems ok, but that's a bit of a lie. The portion of the internet you use with a web browser works fine. Things like voice-over-ip and video games have issues. Not to mention the hundreds of programs that never were. You can't miss what you never had.

Each IP address is like a phone number. If you're sharing a single phone number between people then when the phone ring it's not obvious who the call is for. For computers it means that incoming connections tend to get dropped unless you go through the pain of saying which type of connection should be answered by which computer. The same isn't true for outgoing connections which is why surfing the web works fine. (kowabunga dude!)

In practice NAT is so common that most programs work around it. Skype, for example, is one HUGE work around for these kinds of problems. Skype is so crafty in getting around network restrictions that it sometimes acts more like a piece of malware. However, we are still losing out on cool technologies that can't exist because of NAT. Quite a few of these fall under the umbrella of p2p applications.

Peer to peer has gotten a bad reputation for its association with copyright infringement. This is not a completely deserved association. While peer to peer programs like Napster were used to pirate music, peer to peer itself is the fundamental technology that makes the internet so awesome.

Theoretically, every computer on the internet is a peer. Every computer has its own address and can communicate directly to each other without having to go through some intermediary. Given that this is the nature of the internet then why do we have this problem:

NAT is the reason.

IPv6 theoretically solves the NAT problem by making it possible for everyone and their toaster to have their very own IP address. This in turn means that individual devices can directly talk to each other on the internet. This in turn means that for the first time since about 1995 we will have a peer to peer internet. Think of all the new programs we could make!

If anyone is thinking of building a p2p startup company, this is the time to do it. It will still take about 5 years before the internet is close to ready for a new p2p application so best start now. Did I ever tell our about my p2p application Myster? Next time I'll tell you how it works and how I'd like to enhance it to give it new features.

Monday, May 11, 2015

Writing Scalable Code Using Inheritance in Java part 2

In my last post I mentioned a few simple rules on how to write maintainable code using inheritance:
  1. Reduce method and member scope
  2. Use final for methods and members
  3. Make make overridable methods abstract
  4. Don't make deep inheritance hierarchies
Today I want to show you how this affects maintainability.

Let's imagine we see a method like this in a class we know has many subclasses:

public final int getFoo() {...}

Here the presence of the final tells us that that we don't need to worry about anyone over-riding the behavior. Which is nice. 

public abstract int getFoo();

This one tells us sub classes *must* override this method. So we know that every sub class defines what we must do here. If we're in luck we'll be able to refactor this into a composition using the strategy pattern.

public int getFoo() {...}

This is problematic because we don't know whether there is subclass overriding this so we need to check all subclasses before we can modify its implementation. 

If we want to over-ride this method in a subclass we need to check the superclass to make sure that it doesn't have any side effects or being called at an unexpected time. Since it's a getXXX() method, it shouldn't be doing any side effects.

protected final int calculateFoo(...) {...}

This method can be accessed by itself and sub classes but not-over-ridden by sub classes. This method is probably part of an API offered to sub classes for them to call.

protected abstract int calculateFoo(...);

This method can be accessed by itself and sub classes and *must* be overridden by sub-classes. If we're in luck we'll be able to refactor this into a composition using the strategy pattern.

protected int calculateFoo(...) {...}

This is ambiguous. It might be a method that should be used as an API or it might define behavior like in the Strategy pattern. A third alternative is that it is meant to be over-ridden by sub-classes but provides a default implementation. Given the ambiguity I recommend adding a comment like this if it's the third case:

protected int calculateFoo(...) {
    /* Can be overriden by sub classes
     * default implementation: calculates foo using the bar algorythm 

Although, again, using the strategy pattern with a default strategy is often the best way to go.

private something() {..}

It can only be called in this subclass and can't be overriden so we're good.

public int foo;

Don't do that unless it's final, the class is final and your object doesn't have any methods in it. Something like this:

public final class Foo {
  public final int foo;

  public Foo(int foo) { = foo }

This is a standard best practice.

protected final int foo;

Don't do this.

protected int foo;

Don't do this either.. but more so.

Next week: how to brush your teeth!

Sunday, May 10, 2015

Writing Scalable Code Using Inheritance in Java

Everyone should be familiar with the old advice that you should favor composition over inheritance. However, what if you find yourself in a situation where inheritance is the best tool for the job? There are a few things you can do to keep your code maintainable.

Before we get into that I should explain a little about why you should favor composition over inheritance. Imagine you're trying to understand a class called Smilly. This class is detailing the behavior of a computer sprite in the award winning (in my mind) game Space Smilies. You're trying to figure out how this is implemented. The class is many lines long so it's obviously doing something something fancy. You notice that it inherits from a class called EvilThing. EvilThing extends from ComplexComputerSprite. This class extends ComputerSprite which extends AbstractSprite. All member variables are accessible from all subclasses. Where to start?

Making a member variable protected means it's accessible to all sub-classes. Any one of these sub classes can read an write to them. You need to understand how the class and all the parent classes interact to create the desired behavior. Just as making a member as public is bad practice because to understand who is modifying that public variable you need to track down every piece of code that uses it, using protected members in a complex hierarchy is bad for the same reasons.

This also applies to protected, non-final protected and public methods but it worse from the point of view of modifying the parent class. In order to understand if modifying a public or protected method will accomplish the desired behavior you need to understand the entire object hierarchy because there's no telling if one of the sub-classes has over-ridden any one of the public or protected methods and many make assumptions about how the class operate. If you stomp on one of its assumptions you'll cause a bug.

Understanding the entire class hierarchy and how each class works with its parent is labor intensive to say the least.

Because any method can be over-ridden anywhere in the hierarchy and because any state variable can be used by any subclass it means you have to be meticulous about checking every class in the hierarchy for unexpected overrides. With inheritance it's very easy to create a hierarchy that's so interconnected that you need to understand how everything works before you can understand any part of it. You might have an object composed of many classes but the classes over-ride each other's behavior in such a way that it effectively creates one big coupled class out of many.

Composition, on the other hand, makes it easier to create and maintain encapsulation and lower coupling. It's easier to control which members and methods are accessed and there's no invisible over-riding of behavior to trip you up. Methods that are public make up the object's external interface. Simple as that. (Assuming the normal best practice of trying to hide your member variables and implementation inside by making them private).

Composition is not as powerful as inheritance, however, so you might not be able easily do what you want using only composition. Which goes back to our original question, what do you do if inheritance is the right tool for the job? What if you need the power?

Java has a few tools to help you out in the form of the keywords abstract, protected, private and final.

If you find yourself with a sprawling inheritance hierarchy you can help out yourself and any future maintainer by:

  1. Reducing scope: If it can be made private then make it private. If it can't be made private then make it protected.
  2. Adding final: If a method can be made final then make it final. It's one less method that can have sneaky override or one less variable that can be modified.
  3. Make methods that *should* be overridden abstract: In complex objects it's more explicit to have all your overridable methods marked abstract so that's it's clear that subclasses need to implement these.
  4. Don't make deep inheritance hierarchies. The rule I use is a class's true size includes all it's parent classes all the way up to java/lang.Object.

to be continued...

Friday, March 27, 2015

Code Keyboard

The Code Keyboard is blogger Jeff Atwood's idea of the ultimate keyboard for geeks. Since I'm a huge fan of buying a good mouse and keyboard I bought one and I've been using it for 8 month now.

The Code Keyboard is a high end mechanical keyboard. Mechanical keyboard use a spring instead of a rubber mat to make keys springy. Using rubber is cheaper but the feel isn't as good. The downside to mechanical keyboards is that they are expensive. Mechanical keyboards can be hard to find in stores and I hadn't used one in years so I was quite excited to get my hands on the Code Keyboard.

I have the Cherry MX Clear variant of the keyboard and it's quite stiff. "Cherry MX Clear" refers to the type mechanical spring system used. There are a large number of "Cherry MX" switch types named after colors. Most mechanical keyboards use one variant or the other of these switches. For the "Clear" type you have to push surprisingly hard to get the key to go down. The keys are bouncier than rubber dome keyboards so it feels like your fingers are bouncing around on a trampoline. The effect is actually quite pleasant. I suspect I would have preferred the lighter action of the Cherry MX Brown version of this keyboard, though.

Jeff's keyboard comes with a bunch of features designed to appeal to geeky keyboard enthusiasts. For example, on the back of the keyboard there are a row of switches that allow you to do things like swap the position of the caps lock and control keys. Or the alt and command keys if you're on a Mac. You can even set the keyboard to Dvorak or Colemak keyboard layouts.

The keyboard even has a few features for gamers like the ability to disable to Windows key so you don't accidentally kick yourself out of the game. It also allows you to push 6 keys at the same time - the limit allowed by the USB protocol. The best feature, though, is the backlight. The keyboard glows in the dark for those late night gaming or coding sessions.

The code keyboard is also visually minimalist. It doesn't have those silly extra media keys that don't work and just take up extra space on the keyboard making it look like fat Elvis. That doesn't mean there's no media key functionality but you have to sacrifice the menu key to turn it into a "fn" key to access that functionality. From the website:

Lots of keyboards have multimedia keys, but almost none of them do it right. Either they require weird hand contortions to use, or they tack on a bunch of extra unnecessary buttons and knobs all over the keyboard in strange places.
Our solution is more elegant. On the CODE keyboard, the Fn key replaces the Menu key (provided you’ve enabled it via the switches on the back of the keyboard), and moves the media shortcuts to the navigation cluster. This configuration allows you to comfortably and logically access multimedia shortcuts with one hand – pressing Page Up to turn up the volumejust makes sense. If you forget which keys do what, we’ve helpfully printed subtle glyphs on the front of each key, facing you, so you can see which keys have secondary functions.

The Code Keyboard is also well built. I mean old school soviet style well built. It's surprisingly heavy and feels very solid. You can use this thing for self defense purposes.

I like the keyboard. The selling points for me are the mechanical switches and backlighting. I also like the minimalist design aesthetic and the fact they used a the standard keyboard layout with standard key sizes. None of this Microsoft style "Let's move things around for no good reason". Also the function keys are full sized, which is nice. I think I would have preferred the lighter action of the Cherry MX Browns, though.

Thursday, December 18, 2014

Google wants to warn you every time you use HTTP instead of HTTPS

So recently, Chrome developers have been floating the idea that the UI should post a security alert every time the browser visits a page that isn't encrypted. According to the BBC, currently only 33% of  websites use HTTPS (encryption). I suspect in actual practice the number of websites that are still using unencrypted web connections is much higher. This would mean you'd be getting many security alerts in practice.

I am all for more encryption. There are far too many parties out there who have something to gain by snooping your connections. Every time I use an strange WI-FI hotspot I worry about who is listening or how they might modify my data.

Many think this is all theoretical. That no one really cares about your data so unless it's something like banking data then it doesn't matter. Nonsense. Dangerously so. You're not up against humans you're up against software and with software you're never too small to not matter.

Consider that the WI-FI hotspot might be inserting ads into web pages you're looking at. Comcast has been caught doing this. This is annoying and potentially misleading because now you can spam ads and the user will think it's coming from whatever website you're using. Hopefully they didn't make a mistake or the page won't show up at all. What about replacing existing ads with your own? Too bad for the original web site trying to make a living. What about inserting a tracking ID so you can be followed everywhere you go?

What is the ISP doesn't think you should be watching youtube?

And these are the corporations. Nasty people on the internet can  snoop on everything that goes over an unencrypted connection. Much of it can be used to fool support and steal domain names or accounts because why not? .. to say nothing of identity theft. How much of yourself are you giving away each time you log into facebook?

Then there's the government. Whether you're liberal or conservative you can bet there's someone who disagrees with something you're doing.

Many websites have encrypted versions of their site. However it can be painful to figure out which sites have an encrypted version and to manually switch over. This is where HTTPS Everywhere comes in.

HTTPS Everywhere is a Firefox, Chrome, and Opera extension that encrypts your communications with many major websites, making your browsing more secure. Encrypt the web: Install HTTPS Everywhere today.

HTTPS Everywhere is a browser extension that contains a database of web sites that have encrypted versions and automatically redirects you to the encrypted version of the site without you having to worry about it. This gives me some piece of mind when I'm using public WI-FI hotspots. It's not perfect but it's the best we can do until all connections on the internet are encrypted.

.. and they will be.

Wednesday, December 10, 2014

I Found a Good Headset

Those with long memories will remember that I have been looking for a good circumaural headset ever since my Plantronics 655 headset died.

The Plantronics 655 was never the perfect headset. Its ear cushions were too small and rested on your ears so that they would become uncomfortable after wearing them for a long time. Just about every headset has this problem. I was pleasantly surprised to find that the KOSS SB45 doesn't. Its ear cups are large enough to go all the way around the ears so I bought a pair. I am very pleased with them.

My only complaints are that they exert slightly more pressure on the sides of my head then I'd like and that they don't do whatever magic the Plantronics 655 headset does to let you hear yourself when you're on Skype.

Let me explain, you know how when you wear a headset you can't hear your own voice very well? The 655s play your own voice back to you so you can hear yourself. Since you can hear yourself you don't feel the need to shout. I'm actually surprised since I thought it was a feature of Skype but it works with the 655s and not the SB45s. It looks like some sort of device level feature. It's really useful and I miss it.

Apart from that the KOSS SB45 headset is very comfortable, has a good mic, good sound, inexpensive and I would recommend it.

Monday, December 8, 2014

Space Smilies now on Google Play store

Well, I've released Space Smilies to the Google Play Store now. Go download it! Have fun! Give feedback!

My plan for the sabbatical was to release two video games. The first was this one. I figured it would take about a week to get it ready for release. If I hadn't decided to change things that would have been a realistic estimate. Instead I decided to clean up the Space Smilies movement, add levels, add a level editor, redo the graphics and things like that. I figured with all that it would take a month. It took about 4 months. This plus a bunch of other demands on my time mean that I'll probably not get to do the game and game editor I wanted to.

Ah whatever.

I have other projects to work on. In fact, it's quite hard to set priorities. Part of the problem with deciding on what project to undertake is that it's not clean what's worthwhile unless your part of the conversation. That and Myster  set the bar for success really high. We would get 10000 downloads a day when we released a new version. Most days we'd only get 300 downloads. That's still impressive. It would be even more impressive if I hadn't made a bunch of newbie errors early on in my installers that made most users simply not able to use the application on Windows. Painful doh!

Every field has a conversation. If you're a Starcraft player you can think of it as the current state of the meta game. It consists of what is known, what is done, what needs to be done and what is not worth doing. Actually, it's more complex than that includes all the little arguments that are in progress and all the relationships, camps and tribes that are squabbling at the moment. I used to be very connected to these things but some of the conversations have moved in 10 years.

Games and indy gaming especially. The tools available to modern indy game developers are impressive. Part of me is saddened by the fact that application development frameworks are no where near as good.

This means that creating a game is much more about learning the tools than learning exotic programing techniques. I'm not sure I want to bother to learn a tool whose sole purpose it to quickly make top scrolling video games. I would love to WRITE such a tool. In fact, that was kind of the idea, but it looks like I am 5 years too late there.

Doh. That's what happened when you don't pay attention.

Oh well, I'll figure out something. Stay tuned. :-)