Just released the latest version of the NeuClear Ledger API. Main new features include:
- Test Implementation done using Java Collections
- First go at implementing Versioning of Transactions
- Improved design of Transaction object. Split into abstract Transaction Class, a modifiable UnPostedTransaction and an immutable PostedTransaction object. This is done to increase the security and cleanlyness of the API.
- Several new TestCases
- Improved Documentation with new Busy Developer's Guide to the NeuClear Ledger API
Please feel free to download it. Note my previous message. I've been having problems uploading to SourceForge and still havent managed to upload the .zip binary version. But the .tar.gz version is there. Use that instead.
Just your typical weekend.
My server went down for at least a day. This is becoming a weekly event at johncompanies.
That was bad enough. Then I'm working on a release of the NeuClear Ledger API and I'm having to retry countless times to upload the files onto SourceForge using ftp.
The largest file, the zipped up binary distribution which is only 219k proves impossible to upload. I've been trying repeatedly since Saturday and still to no avail.
I will keep trying valiantly to battle this internet infected with SQLServer worms and more. Until then any one who wants to play with the ledger under windows, please just download the .tar.gz version and use WinZip or whatever.
4 Indian chiefs were killed by Colombian FARC guerillas in Panama and a TV crew from National Geographic TV were held by AUC the Colombian Para Millitaries.
For anyone who's interested I'll try to keep the information coming on EconoFist my other weblog.
Been deep in maven over the last through days and discovered a bug in a recent version of the CVS repository.
The custom UI properties weren't being used by the xdoc plugin to generate the site.
So in an example of cool opensource real time debugging Pete from #maven managed to isolate it and come up with a fix quickly.
So this is what you do:
- Create a new file called ui.properties containing all your ui properties
- add the following line to your project.properties or build.properties file:
maven.ui.property.file = ui.properties
- Check out the latest version of maven or the xdoc plugin and build it.
Thanks to Pete for the help.
Update Ignore all of the above, there was an even better fix posted already which is now in CVS. Just do an update and it should work. Thanks again to Pete.
I've split out the XMLSig stuff from NeuDist and released it as a seperate package: NeuDist XMLSig 0.6.
This makes a lot more sense, because other people might need an XMLSig implementation for Dom4J and several people might be interested in contributing to this exact package.
The package is very simple and includes support for RSA keys, embedded signatures and has a very simple SOAP implementation built in as well.
The following is a tiny usage example:
KeyPair kp = ..... // Get RSA Key Pair
Element someElement = ..... // Get Dom4j Element somehow
XMLSecTools.signElement("uri:helloworld",someElement,kp);if (XMLSecTools.verifySignature(someElement,kp.getPublicKey())) // Do something
The biggest TODO is to verify it against common test suites for the Canonicalization standard and the XMLSignature standard.
After that we need support for DSA keys (Easy) and transforms (On the way). I'm a big believer that X509 certificates are the devil's making, so I wont be supporting them my self, but if someone wants to thats no problem for me.
Another thing, if there is interest from the Dom4J guys, I'd be happy to clean up the code a bit more and donate it to them.
I just read via Scot Loftesness' blog that some one callied IFX have released a new public review of their XML based standards for interoperability between financial institutions.
I'm downloading them now to have a look at them.
There goal is pretty much similar as far as I can see to what I'm proposing in NeuClear. However with one big difference their's is designed for integration with existing financial institutions. Mine is an attempt to create a new paradigm or while new architecture for financial institutions.
It definitely makes sense to have a look and see what they're doing. NeuDist and NeuClear can theoretically be integrated with most xml based standards.
I'll comment on it once I've skimmed it a bit more.
Many applications in business need access to a double entry ledger. This could be a General Ledger for a company or an account system in a bank. NeuClear as a framework for creating financial clearing system needed a standardized api for integrating with existing ledgers or creating new ledgers.
The API is very simple and it should be very easy to implement it. Everything has been written with security in mind. This is not to say that it is secure, as it hasn't been properly reviewed. Reviews should also take the underlying implementations into account.
The following is what the main proposed feature list is:
- Backend plugins to support legacy and new Ledgers
- Account Scheme plugins to support different account naming schemes, such as bank accounts, neudist, charts of accounts etc.
- Small and secure
The first release is available for download. There is not yet a fully working implementation of the api, but it should be there in the next release later this week. There is also no support for the Account Scheme's yet. This is fairly simple and should also be added quickly.
The main purpose of this first release is to get some suggestions about what a generalised ledger API should be like. So it is likely to change.
As always CVS is where the main work will be done.
I've been busy over the weekend. I'm splitting up NeuDist into a bunch of smaller projects. NeuDist was the software framework for my financial clearing framework.
From now on NeuDist will essentially be an XML based PKI and identity system. Essentially this will be core of the architecture. Any areas within this will have their own little sub projects the first of which is NeuDist-XMLSig my implementation of W3C's XML-Signature standard.
NeuDist will be the focus for anything to do with identity and PKI.
NeuClear will take the focus of financial applications. This is where the clearing part of it comes in.
The first subproject here is NeuClear-Ledger, which is a generalised API for dealing with ledgers. This api is not dependent on anything else within the framework and could hopefully be used for accounting apps and other financial apps in the future.
Many of these changes aren't fully reflected yet at the various sites and in CVS, but I'm slowly getting everything up.
I hope this will make it easier for people to understand the slightly overly heavy architecture before and make it easier to program with.
In case anyone was wondering, my Server which is hosted on John Companies was down for a couple of days over the weekend.
They had a big hardware failure. I'm sure John worked valiantly throughout to get it working.
CNET: Decrypting the Secret to Strong Security
Whitfield Diffie reiterates in this article what everyone in the security field should now by now, but unfortunately to few people obide buy.
It's simply unrealistic to depend on secrecy for security in computer software. You may be able to keep the exact workings of the program out of general circulation, but can you prevent the code from being reverse-engineered by serious opponents? Probably not.
Diffe, Schneier and just about everyone else who knows anything about this field are constantly forced to reiterate this, because it goes against common human gut reactions. I cant remember the name of the first person to realise this, but if memory serves me right a French cryptographer stated these rules over 100 years ago.
Even NSA are releasing software for public review and use for god sake.
I think the real problem is that people are scared of truely identifying the security problems they have in their software.
Just remember though that the default installations of many linux distributions are often as or even more flawed than windows installations. Java offers support for advanced security in your applications, but it's not automatic security for your applications.
Got this via ServerWatch - Rendezvous-Enabling Apache Module Beckons to Safari
Eric Seidel has released a mod_rendezvous for apache.
Unfortunately it's only available for OS/X as of yet, but he has linux etc in the pipeline.
But it makes sense. With the Java Rendezvous library it should be pretty straightforward to publish J2EE apps via a similar mechanism.
Having heard all these cry stories from friends of mine about cold weather, snow and everything. I thought I'd share what I did this lunch time.
I put on my bathing suit and took the elevator to the top floor of my building to relax with a nice read of Bourdain's A Cook's Tour followed by a dip in the pool.
Temperature 91F or 33C taken from Weather Underground
One of many improvements is konqueror's new improved tool tip style previews. I have a few screen shots to demonstrate. First of JPG image. Note the file details including aperture and shutter speed:
Youd expect this with pictures maybe, but how about PDF's:
or even text files such as this xml file:
Note: in the above 2 screenshots that the folders have different icons indicating their general contents.
My main pet peave with Linux guis is fonts. Some people might say that nice fonts are just window dressing, but for me bad font rendering gives me fuzzy eyes, headaches and encourages me to excess drinking. I've finally figured out how to get excellent fonts in nearly all my programs. (See above screenshot)
The guys at Freetype have done an excellent job at bringing font excellence to the open source world. The main problem is that fonts and the languages of fonts are still a bit of a mystery to many, so many of the default builds of freetype have been terrible. Most notably which ever version they've linked into the Linux binaries for OpenOffice.
KDE3.1 and Gnome 2.2 have made big strides in improving the default installations and builds of Freetype and have excellent configuration tools shipped with them. This makes it easy to have sub pixel rendering on lcd's for example.
The latest build of freetype 2.1.3 has taken font rendering to a whole new level and I think its safe to say that its better now than most commercial renderers including Windows XP and Mac OS/X.
As with any great Open Source package there are people out there who have played around and tuned the source code. For freetype the ultimate patch that everyone should get is ft-smooth from David Chester. David has really done great work in finetuning the rendering of freetype. The file contains a binary version that you can copy ontop of you existing freetype-2.1.3. This works great, but I'd recommend grabbing the source and patching it with his patches instead. In particular if you're going to be building anything that uses freetype (such as KDE3.1).
He has different versions of the patch, depending on your preferences. View the example screenshots on his site to make up your mind. I used ft-all-together.diff.
If you're unfamiliar with patching source its really quite simple. First you cd into the freetype source directory. (Make sure its freetype-2.1.3)
patch -p0 <../ft-smooth-20021210/ft-all-together.diff
After this you can just build it like normal.
David also figured out how to get OpenOffice to use his patched version. Simply set the LD_PRELOAD environment variable with the full path to your freetype shared library prior to running open office.
For me the easiest way to do this was to edit the soffice script file and adding the following line up towards the top:
# Freetype font hack
export LD_PRELOAD=/usr/lib/libfreetype.so.6
Enjoy.
I got impatient last week and installed KDE3.1 on my main box. Which is a 700MHz PIII Dell Notebook running Linux Mandrake 9.0. It is of course hopelessly out of spec by modern standards but runs quite well and has a nice juicy resolution of 1400x1050 on its 14" LCD.
My main reasons was that I wanted the new PGP features of KMail. But also more silently that I really desperately want a Mac but cant afford it. This gives me some of the nice new usability and display features found in Max OS/X but for free.
So I installed KDE 3.1rc6, I'm afraid I just wasnt patient for the final release.
I have to say that while I hate rpm's with a passion, KDE's rpms tend to be allright. When I upgraded my KDE to 3.0x a while back I had downloaded all the rpms I felt I needed in the Mandrake release folder and did a rpm -Uvh *.rpm. Everything installed without a hitch and when I logged in and out it came up beautiful as ever before.
However for the rc6 release all they had was source files. This doesnt scare me at all normally, except for the long build time. Luckily the ever resourceful kde guys have released an automated build/download/configuration system a'la the BSD Ports system called Konstruct.
This makes it so easy. If you had a slightly speedier machine and a faster internet connection it would take no time at all.
I recommend this to anyone with the slightest inkling of what they are doing.
Simply download the latest archive from their site and unpack it.
Read the Readme file and start building.
To build an install a complete KDE system type:
cd meta/kde; make install
It downloads most dependencies, builds it and installs it.
About the dependencies, I'll write another entry in a bit about getting better Anti Aliased Text under Linux than on Mac OS/X. Follow those instructions before you build kde for the best results.
Sweet.
So since January 3rd Cable & Wireless's voice telecoms monopoly has been broken in Panama. This counts for local calls, National Long Distance and International Long Distance.
We now have several competitors and the papers have been filled with the first battles of the Telecoms wars here.
The largest battle has been for long distance calls on your mobile. The two main cellular phone companies Cable and Wireless and Bell South Cellular. Bell South started on the 2nd of January with fullpage ads offering $0.05 a minute calls to the US from their mobiles. The next day C&W came back with a $0.04 a minute rate.
Most Panamanians couldnt believe their eyes when they saw these rates. Of course they are pretty much standard world wide.
One thing though that isn't quite so obvious is that the price doesnt include the $1 per call government tax on international calls and worse the cellular air time.
I'm on pre paid like most people here this means there is an additional $0.20-$.40 per minute on top of this. So all of a sudden it isn't that good. I have to say though that it's still better than many prepaid international calls from the UK.
This and cdma is definitely incentive for me to open a real post pay account.
If you've installed Apache 2.0 and are having strange problems with html files, whete it sends the full correct http header including file size, but then doesnt actually send the file, read on.
John Companies runs their servers using an amazing piece of software called Virtuozzo from Russian Software Companie SW Soft. They've come up with an amazing way of virtualizing apparently independent linux or freebsd servers on a single machine.
Many companies offer Virtual Dedicated Servers using this technology today. (of course Johns Companies is the best).
One feature of Virtuozzo is the dynamically reconfigurable filesystem vzfs, which allows the admins to increase and decrease and move clients file systems in real time.
One side effect of this file system is that it doesnt have support for Unixes send_file support as I discovered the other night when I was trying to get Apache 2.0 to install.
After lots of messing about I discovered that it was Apache 2.0's default use of send_file in unix. So this is how to switch it off if you're having similar problems.
With any current version of Apache 2.0 <= Apache 2.0.43
You do a
./configure --without-sendfile
and then build as normal.
With the next version (>= Apache 2.0.44) nThere is a runtime configuration directive for the httpd.conf file:
EnableSendfile Off
That should get it working for you.
Unlike the rest of the Northern Hemisphere Panama has Summer (Verano) now. It's a bit confusing to foreigners and when foreigners talk about Summers it's very confusing to Panamanians.
Summer here is the "Non Rain" season. With beautiful sun shine, nice breezes and generally excellent weather. It lasts from December to April and is the traditional time here for going to the beach, country fares and carnevals.
All I can say is I love it. The last month I've hardly seen any rain fall, its still green as ever. After more than 6 months of rainy weather it's great.
I'm finally back. I'm installed on a John Companies server.
I've also upgraded to Movable Type 2.51. Its my first ever upgrade of MT, so I'm excited to see how it works.
I'm not convinced it hasn't overwriten my templates, we'll see after I post this message.