Saturday, 30 July 2011

NetBeans IDE 7 Cookbook

There's another NetBeans IDE book out from Packt Publishing. This one is called  the NetBeans IDE 7 Cookbook and they will be giving me a review copy, so I'll post my impressions of the complete book some time in the next couple of weeks.

Meantime, I have been sent one chapter in advance,  Chapter 7 -EJB Application, which I am permitted to share via the link. You can read and download this chapter for free, too.

First impressions are not good, if this chapter is representative of the quality of the whole book. First, the numerous typos are distracting: average proof-reading would have found most of these so I wonder whether there is enough quality assurance applied, pre-publication. I haven't the patience to list them all. The quality of the writing is also not particularly high, though I'm always prepared to make allowance for non-native English writers/speakers and I believe the author is Brazilian. Not all the clickable links in the PDF have been checked either: the first one I decided to click, at the top of page 160, leads to the 404 page on Oracle's site.

However, my main criticism of this chapter is to do with its content. This is supposed to be a 'cookbook' and in the context of computing books 'cookbook' usually means a compilation of 'recipes' (concise instructions) for solving real-world problems using a specific programming language or tool. Well... I suppose the sample chapter does tell you how to use the EJB functionality in NetBeans 7, so in a very shallow sense I suppose this could be regarded as a 'recipe', but the chapter text does little more than walk you through the IDE wizards. Cookbook recipes are usually focussed on something more substantial. The pasting-in of the source code generated by the NetBeans wizards isn't all that helpful either - if you're running the IDE, you'll have the code in front of you anyway. Lastly, as this is Chapter 7 of a book dedicated to NetBeans and Java EE, why does the text redundantly repeat instructions on downloading NetBeans and ensuring GlassFish is installed?

If you don't know anything about Java EE, this book won't help you much. If you do know EJB / Java EE then you probably won't have much trouble working out how to drive NetBeans to create (e.g.) a stateless bean, so I'm not sure who the target audience is.

But this is just one chapter: I will review the rest of the book when I receive it.

Saturday, 2 July 2011

Cloud Storage and Security

Very disappointed to read about the latest DropBox security issue.  Disappointed in two quite distinct ways: first because their account of this issue suggests a somewhat careless attitude to both security and regression testing, and second, the fact that the first I heard of this was when I read this Register piece. Not good enough. The world is scrutinizing cloud applications quite closely and I fear DB hasn't been paying attention.

Leaving aside the insecure nature of the DropBox service itself and it's apparently relaxed attitude to regression testing, there is the issue of service management and customer relations. As many others have pointed out, directly informing all users, as soon as reasonably possible, is a pre-requisite for establishing trust. Just compare DB's behaviour with that of LastPass. As soon as LastPass detected a possible breach, they immediately informed their users and took sensible action. Impressive, and reassuring.

I've been a SpiderOak user for a while, but until now I hadn't considered using their Sync feature, as I've been using DB instead. This incident has been just the trigger necessary to make me move my stuff out of DB and into SpiderOak, and I will be trying their Sync service now. By the way, I have no affiliation with SpiderOak whatsoever. I use their service principally for these reasons:

  1. Zero-knowledge privacy 
  2. Their attitude to engineering
  3. Their prices. (Better than DB)

Another comparison article can be found here.

Superficially, DropBox is a lovely product but as you start to rely more on cloud storage you begin to think of all the ways your content might be compromised or misused and SpiderOak's robust, credible approach completely trumps any pretty UI.