Today I went to the first edition of BarCamp FCT, not actually the first BarCamp to ever take place in Portuguese soil since there were already two promoted by WeBreakStuff in Coimbra.

Having participated in the last year's BarCamp and realized that the organization of this one was not quite the same, nor the previous seemed to be able to attend I was a bit skeptical about what would this turn out to be.

Truth is, some of my predictions turned out to be true, some don't.

First, I have to say, Monte Da Caparica doesn't loose to Coimbra, both places are equally calm and beautiful, so there's plenty of "BarCamp tranquility and informal feeling" in the air, which is crucial but doesn't make the thing by itself. So what could be better was not the place nor the people attending, it was the plan, somehow with equally fault being shared by the organization and the "pseudo-participants".

Fact is, there were 78 people registered in the wiki, and I hardly doubt the 50-people mark was ever broke. So, at the beginning, we can excuse the organization for supposing that people would eventually come. So the presentations started with the people attending (perhaps 30), which in my opinion was a mistake. A simple informal talk outside for knowing each other could have been really beneficial to break the ice, which somehow was only achieved after-lunch with HalfBaked.

The presentations in the morning went well with FireHOL, which could have been done latter, swapped by the informal talk I just referred above, and Techniques for giving presentations, which I, as Vítor Domingos did, thought went a bit longer than it should be.

So, lunch, excellent, fast, good food are the best words to describe it. The method used for lunch (like a big coffee break) made possible discussions that otherwise wouldn't happen due to the division of people for tables (something I noticed in Coimbra).

Then we did HalfBaked which is allways so much fun anywhere it is done, with some really cool (and unexpected) ideas coming out of two apparent non-sensical words. Ok, most of them were also non-sense ideas, but in the middle of it there is always the feasible one that makes you think.

After, Ignite was fine too, it's a great way to have more diversity in the presentations which otherwise wouldn't be possible - there aren't much persons with 45 minutes presentations to give. Also, 7 minutes talks are really focusing ones, there is no time to loose attention. What I criticize a bit is our portuguese sense of having to copy at the smallest detail the rules to this kind of activities from other countries. In there it might work, but in Portugal I think it's a bit stupid having the 15 seconds per slide thing. If the objective is fast presentations make it like that, the slide time is irrelevant, it would still be fast by having just a global time limit, like 7 minutes or so.

Well, Ignite took it till the end, in part thanks to Wiizi (I think there was too much time spent in the conversation that surged after the Entrepreneurship talk, but some might have learnt with it, I don't know).

In a nutshell, this blog post may seem a little too critic but it was intentional because I had a great day and will be certainly there next year, the organization just needs to ear the feedback and improve it, which I'm sure they certainly will. Also, I have to say that I based all the post in my experience in BarCamp 07, which is not really fair, since it's a two-day event.

My thanks to all involved.

P.S.: it was great to discover the guy behind MenuIST twitter bot. 

So, lately I haven't been posting much, but hey, that's not an exception, it's the rule of this blog: better be quiet than saying crap. This may be understood by a lot of people has an exception, an odd behavior, since the most of blogs around tries too hard seem active by posting a lot to keep a steady readers base. The problem begins when those bloggers start posting stuff that is just either a copy of other major sites, news, or simply, in the most fairest of the words, crap. And this is something that really bothers me.

 

So, what does this have to do with Twitter? Simple, did you discover some great thing that will do for the post of the day in your blog but is unimportant enough for being there? Go register on twitter, and free your blog of chewing gum. Do the mental work of thinking in something else if you actually want to do a post, meanwhile twitter will filter for you all the minor things that otherwise you would be tempted to post about (I agree with Pedro Cavaco on this).

 

This may eventually put you post's-per-day rate at risk, but isn't content above regularity in a quality scale? Or do you post about everything that happens in your life, which you know it's irrelevant to the readers out there, but still do it because you enjoy to?

That's related to a question that was brought to me a few days ago, wether a blog aggregator for a programming/technology community should filter content by technology or just allow everything that comes from the user. And I though about that for a while and decided that without very well defined blogs, in the way that the author will self-restrict the kind of contents that he talks about or the way in which he talks about them, a blog aggregator like that would turn out to be a salad in which the technology would appear just as the temper, and not the lettuce. And the more a blog aggregator makes the reader filter information the less will be its quality.

 

 

Being a Google apps user by default, I doubted that any new online maps service would grab my attention. This was till Microsoft Live Maps came and I heard news about the deal they made with the Portuguese Geographic Institute, which gave them (and to Google) high-defenition images of the whole country.

The difference is just astonishing. It really made me wish Google was a bit more fast in updating the now old-fashioned images of Portugal that it has. But what really made me play around with Live Maps was their new feature "Bird's Eye", which displays images with a slightly inclination and with the possibility of rotation for seeing from another angle. Sure Google has street view, eye alt, 3D view and all that stuff, but hardly any of those is really helpful. The first will take a crazy amount of time for being available worldwide, and even by that time, it still will display a pretty useless view of the streets. The second, eye alt, I don't even know what is supposed to be, since is just a option for seeing worse what you already have. It might make more sense in 3D view, but even that, in my opinion, had a bad approach by rendering computer-made images of the buildings as a supposed real view of the planet. If I wanted a maps system which was like a CoD4 map I would ask.

With Bird's Eye Microsoft made it simple and stupid, but it's far better than any of the existent alternatives.

Finally I hearkened to the call of the revolution and decided to join OpenID, thus creating my online identity, which I actually delegated to this website.

Now, I'll be able to register and sign in web services and platforms with just a link that "is" my online identity, not having to type all over again usernames and passwords for an infinite number of sites. Great.

Note: If even with my little introduction this openid stuff is just "chinese" to you, you'll find plenty of information on the official website and also if, for you, portuguese is not "chinese", this guide done by Alcides Fonseca will be pretty useful.

But now what? Where are the sites which I can join by such method?

Truth is, there aren't many... but the technology is promising, so we as developers can only help it, not really by using the system, but by creating websites that support it.

So one of the features this blog might have in the future is OpenID enabled for the comments, which I'll study to implement. If you have a wordpress blog, you can do the same easier and even more by installing the wp-openid plugin.

 

Actually, with all the late buzz about this technology, it was quite difficult not to give attention to it, mainly given the news about Yahoo, which turned out to be an OpenID provider and advertised its new feature.
But actually, what's so good in this news? Of course it's great to have a giant of the web being an openid provider but, the other feature of openid, the one which actually matters to those who already were on the bandwagon before Yahoo jumped in, which is the ability to sign in the services of Yahoo with OpenID, is not there just because they made it only possible with Yahoo as a provider. For me this is not OpenID, this is the same closed system that has always been around and I simply can't find any good in it for the ones that chose not Yahoo as their openid provider.

If all the webservices were like Yahoo, we would better be as we were when there was no OpenID.

Are you seeing that fancy live search system in the blog area? Did you ever realize it was not SQL Injection proof? I'm glad you don't, for it wasn't.

During a late night surfing on the web yesterday I came to read this post by Nuno Job, where the little introduction that he gave about SQL Injection caught my attention and made me go check the wikipedia page about it. Although I already knew what it was, I was looking for the usual inputs that could cause it.

So, I read it and went check my live search system with the char '. For my surprise a Rails error was output and I noticed I had a pretty bad security issue.

Let's see the insides of my Rails application so that you can see what went wrong and learn with it, as I did.

The problem was in the method of the live search in the controller. That system was supposed to search in the post's body and titles and for that I had code something like this:

@results = Post.find(:all, :conditions => "title LIKE '#{@searchphrase}' or body LIKE '#{@searchphrase}'")

Notice that little #{@searchphrase} thing? That's a huge mistake. Initially I had something like:

@results = Post.find(:all, :conditions => ["body LIKE ?", @searchphrase])

Which is fine and secure, but I ended up wanting to search in the post's titles too, and modified to the first version, which worked. I didn't even think about SQL Injection by that time. The ? makes the whole difference, for it escapes all the chars with meaning for SQL, preventing Injection.  So, the correct solution would be:

 

@results = Post.find(:all, :conditions => ["title LIKE ? OR body LIKE ?",@searchphrase,@searchphrase])

 

With the system like it was for five months, the SQL request that was done when you searched for something was this:

SELECT * FROM posts WHERE (title LIKE '%<what_you_typed>%' or body LIKE '%<what_you_typed>%')

So, this way, if you'd want to hack my site you'd only have to search this:

lol%'); DROP table posts; SELECT * FROM posts WHERE (title LIKE '%lol

The resulting request would be:

SELECT * FROM posts WHERE (title LIKE '%lol%');
DROP table posts;
SELECT * FROM posts WHERE (title LIKE '%lol%' or body LIKE '%lol%');
DROP table posts;
SELECT * FROM posts WHERE (title LIKE '%lol%')

Since this is a valid SQL command the result would be the successful deletion of the table posts of the database, which would instantly erase forever all my posts. Don't do mistakes like these when you're developing and just want everything to work, because the solution that just works could be a pretty serious security issue.

On September I did my switch to Mac OS X, since I bought a MacBook. When I finally put my hands on the system, I almost didn't think and accessed Mozilla to grab the latest version of Firefox, my browser of election on both Linux and Windows. I was too used to it, the browsing, the extensions... but was it really a good choice or just some unreflective act?

Actually, I didn't think about it, and kept using Firefox. No problems.

When I finally got Leopard and used Safari to open some pages while I didn't have Firefox installed I felt the integration on the system and the speed that only Safari could give, and I thought going back to Firefox would be a problem. And it was, since I installed it, tweaked it for looking like Safari and felt as like I was using some counterfeit piece of clothing when I had the original right next to me. But why then, would I love to use Safari but seem unable to?

I do see GNU, Linux, and all those great projects that share the same vision (read license, although there may be some differences) has a great gift given to the world. The ability of having an operating system full of applications that are indeed ours, in which we can modify, distribute and learn with them, are one of the most precious things a human being can have, as precious as the whole knowledge brought to our days by all those books written before our times.

Wouldn't the world be perfect if all the software produced were GNU GPL (or under a similar license)? Wouldn't it be great for the development of men kind, since we would have all the great enterprises focusing all their attention in a free (as 0 cost) and free (as a seagull) operating system that the whole world could afford? The companies would be making money out of services related to software, so the software itself would be 0 cost, and everyone could have in their home everything, regardless of the amount on the bank account. It would be great.

But I spoke above in the knowledge brought by books to these days. Wouldn't it be also great if all those books were also available to all? If someone needed a book to improve his knowledge in some subject and could have it straight away? Some call it communism, but it would be more like a perfect society, for everyone could have direct access to knowledge, the poor wouldn't have to be dumb, they would have the choice, like the rich, to choose between being dumb and being smart. And the world would develop twice, third times, or who knows, faster.

But do the books are free? Do we have the permission to learn all we want without committing crimes? No, we haven't.

Society is build under the logic of money. Those who don't have it can't equal those who have in opportunities. So, the analogy here is that the world of software today is like our own society. If you want to learn, you pay, but you have libraries, where indeed you can learn a lot, depending of the quality of the one nearby. Software also has to be paid for (if you don't want to commit crimes), but you have GNU, Linux and many other Free Software, which can be great and may fit all your needs, but may also don't.

The world would be great if everything we needed to develop it were free of charge, or at lest gave us the freedom to use it and know anybody else could use, and no one was left behind.

But the world won't change, and this is nothing but a great Utopia.

So what is the midterm? What should we be seeking for our society? In my opinion, the best is where lies the liberty, liberty for everyone to use what it likes, but having always in mind that some technologies, although great inside our four walls, may be incompatible with others, and none should support them, because solidarity is also needed.

But how can you ask people to boycott great technologies that work in their environment just because some guys can't use them? Does the world cares if the technologies it uses are also enslaving it? Men kind can nearly extinguish itself by using technologies that seem to be positive in the way we analyze them but are also destroying us, and we're asking them to don't use something which is completely positive just because some say it's not? Who will care?

Who cares?

• ability to solve sudokus;
• present solved puzzles;
• return puzzles to be solved by the user;
  

However, we didn't focus too much on returning puzzles to be solved, so there may be some bugs in that particular function. The real deal was solving the sudokus and it works perfectly there. We've used a DFS aproach which may not be the faster way to do it, but it works and it's ellegant enough.

If you ever wondered about the extinction of the dinosaurs this post won't have an answer to you. But at least, we now know how some of them extinguished, they simply were unable to fit on Noah's Ark!

All this time racking my brain and the answer was so, so simple!

 

Of course this is some pretty ironic post, but can you believe in that image? It's very real, from the Creation Museum, one of those museums that gives you the whole absolute truth.

No contradictions...

...i didn't know that one of those underlying facts of Bible was that once dinos coexisted with Humans...

...no lies...

 

...the poor Amphicoelias was not overly large! I wonder whether Queen Mary II would be able to host a family of those...probably Noah left them to die, but wait, they were already fossils by that time....wait, but did Noah really exist?...

...just brain washing for a happy life in the Almighty's protection from those whose logic is right but so vicious.
If they just assume Bible has a metaphor the whole world would be some much better, but America mainly.

 

It still amazes me how every candidate to the White House has to publicly declare is faith in God just to get American's blessing. This pseudo-moral mask will actually bring them votes from those who blindly believe that one from the same religion (or religious) have integrity guarantee.

 

Well, I think I'm just tired of so much massive killing and lies under "God Bless Us"... I'm sure He will.

 

P.S.: If you want to read more about the subject this article will be a good reading: 

What Religion's Blind Stranglehold on America Is Doing to Our Democracy