So this year there will be a leap second added just before midnight, the first since 2005. As we all go to celebrate New Year’s, I wonder how this will be treated by the TV networks (I don’t recall how it was handled in 2005). Will we start our countdown one second later than usual, so that the 10 second countdown starts at 11:59:51? Or will we all actually celebrate the New Year one second too early? Perhaps the network will add their leap second early to avoid confusion. Will municipalities running fireworks shows start them on time? Do they launch fireworks at that second, or do they try to time it to explode at that second? Will the general public have any clue that a leap second occurred?

http://edition.cnn.com/2008/TECH/12/31/leap.second.new.year/?iref=mpstoryview

So we bought a 1000 piece puzzle from WalMart before Christmas for the family to put together, and last night we did so. However, there were a few problems with the puzzle. During the putting together of it, there were these pieces which we just became convinced they couldn’t fit anywhere in the puzzle. Though most of the time, we thought we were just kidding, that it would become clear eventually where they fit.

When we had put in “all” the pieces, there were three extras. There really were pieces which didn’t go in the puzzle. On further inspection, these pieces turned out to be duplicates of 3 other pieces in the puzzle. They really didn’t fit! And moreover, we had paired one of them with another and therefore couldn’t figure out where in the puzzle the two pieces went.

While it’s annoying to have been frustrated about these extra pieces, the more frustrating thing is that we were one piece short. While I cannot be 100% certain that we didn’t just lose the piece, I have to believe that since we have extra pieces, those are missing from someone else’s copy of the puzzle.

So how does this happen? Perhaps they lay them flat, and cut many together, then whisk them off. Then in this case, two pieces may be stuck together, and the whisking process just screwed up?

So if you bought an I Spy puzzle from WalMart, check and make sure it has all the right pieces. And if you have extra ones, let me know. Maybe we’ll start a puzzle-piece exchange to fix it up.

On the other end — the question becomes, how can you do quality assurance on jigsaw puzzles? How do you avoid this kind of production problem? Maybe I’ll do some research into the mass production of jigsaw puzzles to figure out how this happens and how to prevent it.

Just as a quick update, this afternoon I had another problem which isn’t “supposed to happen” in MacOS. When I arrived home from school, my laptop was burning hot in my bag. When I opened the screen, there was an error message telling me I needed to hard-power cycle my macbook by holding in the power button, because of an error. It was a kernel panic, but the laptop was left in some continuous processing loop, with the fan spinning, but doing no good in my bag, while an unhelpful message was telling me to power cycle it. So much for Mac’s “Just working”. At least with other OSes, I expect such errors, and am very careful about making sure they aren’t happening.

So I’ve been using the MBP for a while now, and it’s still taking some getting used to. It’s also still just “okay.” I wouldn’t say I’m overwhelmed with how much better it is than Windows.

Moreover, I installed updates today, and upon reboot, found that a new icon was present in the menu bar. And not just that, it gave me a nag message, asking me to sign up for MobileMe.

I have to agree with the vast number of users writing complaints that this new “feature” was unrequested, unauthorized, and undesired. (I won’t link to them here, but just a quick internet search will find them). Tactics like this will probably renew my desire to be using an opensource OS on my laptop, and there is a reasonable chance I won’t stick with Mac when it comes time to get another new laptop.

Granted, I’ve ruled out Windows too, so I’m not sure what will be next. Back to linux, and the headaches of not having powerpoint plus dealing with projectors? Perhaps opensolaris?

As an aside – also after installing the updates, my trackpad stopped working until I powered the machine off and back on — another fix which is supposedly only supposed to happen on Windows.

So after 28 years of never using a Mac, I now have one. I got it for work, in my continuing endeavor to try new things on work computers. My desktop will still be a linux PC, but my laptop is now a Macbook Pro. I’ve only had it a few days, so I don’t have a lot of thoughts about it—though I still have an open mind.

Pros:
- It looks shiny
- With a massive amount of RAM, it runs quite smoothly
- Better integration with X and native X open-source applications than achieved through Windows (and e.g. CygWin)

Cons:
- Whole new keyboard with different buttons which do different things (will take time to get used to)
- It hides what it’s doing even more than Windows, leaving the user to have no clue what’s happening behind the scenes
- New multi-touch pad is different and doesn’t have a second mouse button
- Did not come pre-installed with any games
- I really miss the home and end keys. What does exist for home and end are, first two-key combos, and second, they are more like a top-and-bottom. I don’t yet know how to go to the beginning and ending of a dialog box I’m typing in.

So anyway, there are things I like and don’t like, but there’s a lot which I won’t know until I get used to it more.

I have defended my dissertation, and filed it with the University. It’s formatting has been approved by the appropriate people, and the Dean of Graduate Studies has approved my final paperwork. I believe that officially, I have now completed my Ph.D. Graduation is June 22nd, and my parents, in-laws, and brother-in-law (and of course Kristina) will all be in attendance as my advisor hoods me.

Now it is time for a few brief moments of relaxation and a vacation, then it’s time to move on and get started on my career.

Well, to those of you following the job saga, it is now over (pending approval by the Provost). After 2.5 months of interviewing all over the country, we have decided to accept a position in the Computer Science department at Purdue University. None of the details are set yet, so don’t start asking questions about when we’re moving or anything. But sometime prior to August 18th (my start date at Purdue), we’ll be moving to the West Lafayette, Indiana area. So when you find yourselves visiting Purdue, Indiana, Indianapolis, or Chicago, let us know!

As an early user of gmail, I was able to select precisely the username I wanted, ckillian, which is a very common username for people whose first name starts with ‘C’ and whose last name is Killian. Unfortunately, as often goes for popular shared services, there are many gmail users who fit those parameters. By itself, that wouldn’t be a problem, except that on occasion, these other gmail users seem to forget that ckillian is not their email address. They will use it to buy tickets on ticketmaster, place beach house reservations, setup ipod accounts, request proprietary recipes from companies, purchase items from websites, and, most recently, even to use it to purchase online postage from the USPS.

The “best” part is when users are so convinced it is their address that they go through Google’s password recovery system to try to get my password. This has happened 3 times so far. (I know, because Google sends me a link to my email addresses to follow if I want to proceed in resetting my password.) One truly intelligent user, after going through the password change system and failing, actually sent me an email asking if I would forward the information to her, which I was happy to do (on a temporary basis).

I recognize that for the users, this is generally an honest mistake (I get these receipts for a CXXXX Killian, and what’s obvious to me is that ckillian is there username for some other things, and they just got mixed up while entering the email address). When I get such receipts, responses, etc., if there is a phone number listed for the user, I often make the attempt to phone them to let them know of their mistake. But more often than not, there is no method shown to contact them with. In these cases, I have two options: (1) ignore it, and hope I don’t get stuck on some mailing list, or (2) contact the seller/sender and let them know they are sending information to the wrong party. Some vendors handle this well — the Apple store took care of it without hassle. Others, like the USPS, take some convincing (at first they thought I was trying to commit fraud). And then there are those like Ticketmaster, who I have simply given up on, because I can’t seem to get them to stop sending me junk even when I did setup the account (and diligently unchecked the boxes so I would not receive the junk).

This represents a fairly significant issue though, because for many of these services and sites, by going through a forgotten password dialog, I could have the password reset and emailed to my account, giving me access to their information and account, and possibly other information such as credit cards, or perhaps just the ability to purchase things using their credit cards.

And what frustrates me the most is that most of these sites have set up a kind of account based on this email address, without validating that the new user actually has access to the email address. It’s one thing if you simply mistype an email and as a result a single receipt goes to the wrong email address. It’s yet another if you are saving state for the user under this email address without validating it. Most websites form of validation is just to have the user type it twice. But we should know by now that user data cannot be trusted, and if we are going to store that kind of information, we really should validate the email address.

And it’s not even that hard to do so—mailing lists do this all the time. When you subscribe, they send you an email for you to prove you have received before allowing your subscription to proceed. All sites creating accounts should do the same. I would much rather have gotten an email from the USPS telling me to validate someone else’s account (which I would not have) than gotten a receipt for a delivery confirmation postage for a particular person.

So to those of you developing websites which create accounts for email addresses — please, please, please validate these email addresses before storing them!

I’m starting a new category for programming tips. I jokingly referred to something as the C++ feature of the week (for Mace development) with one of our developers, and he responded that he needed to subscribe. And it seemed like a good idea, so now I think I’ll start trying to blog about these new features I learn about.

So to start it off, there are two C++ features of the week for this past week:

1. STL collection swap. The C++ STL Collections contain a swap() method, which takes another collection (of the same type) as a parameter. The method does what’s expected — to swap the one collection’s elements with the other. What makes this an interesting function is that it does it in constant time. It doesn’t require constructing, copying, or otherwise wasting time with the two collections. It just does pointer copies of internal collection state. To see how this is useful, consider these two cases I’ve applied this to:
   • Maps within maps. In one case, a Mace programmer had a map from an int to a vector. In this case, the int represented the number of things in the vector (admittedly, this is a bit of a simplification). So, when removing something from the vector, you would remove the vector from the map, then re-add it with the new key. (This is because for other good reasons, the key of a map entry cannot be changed). Because of the cost of this removal and re-addition, the programmer had originally implemented this using pointers, which, while correct and efficient, gave some of our other tools problems, and so we wanted to re-write it without using pointers. swap() made this possible. To do the update, use this code:
     
void removeElement(IntVectorMap& ivmap, int size) {
IntVectorMap::iterator i = ivmap.find(size);
assert(i != ivmap.end());
i->second.pop_front();
ivmap[size-1].swap(i->second);
ivmap.erase(i);
}

     This does involve a construction of a new collection, but moves the elements of the collection quite efficiently. Since we will erase the original map entry, causing the old vector to cease to exist, the fact that it now holds no elements does not matter.
   • The second case was one where we wanted to iterate through a set, but other code might be adding things to the set at the same time. To maintain code safety, we must not lose newly added things, so we can process them later. The original design involved making a copy of the set, then clearing the original set, and iterating over the copy. Once again, swap() is the right tool here too.
     
void processSet(IntSet& s) {
IntSet t;
t.swap(s);
for(IntSet::iterator i = t.begin(); ...) {
...
}
if (!s.empty()) { processSet(s); }
}

     As an added bonus, if you need to hold a lock to touch S, you can simply acquire the lock and do the switch, a very fast operation, the release the lock.
2. boost::concept_check. We were updating our serialization code, but found that the compiler error messages on template errors are hard-to-decipher (to be generous). These errors were caused by one of two problems in one of our cases. First, we had added a new template parameter, and inserted it before some existing ones. In code which hadn’t been updated though, if they provided the older optional template parameters, the compiler would get very confused, and report error messages which could not be deciphered, and pointed to lines of code which didn’t make any sense. In the other error case, the default template parameter might not work with other types passed. (Specifically, it was a parameter telling how to serialize a collection, and the collection elements might not have been serializable.) This message was a little easier to decipher, complaining about types which could not be serialized, but still didn’t point to the right lines of code.

   Using boost’s concept check, we were able to help both of these problems. In the first case, we wrote a base class for all valid parameters of the template, then used a concept check to make sure the template parameter was convertible to the base class. Passing in the older parameter now would generate a shorter, easier to understand message, and the concept check library makes sure that the line of code makes sense. In the second case, we had to write our own concept checker, which would essentially just write code that needed to be able to compile (in this case, instantiating the type, serializing it, and deserializing it). Again, the concept_check library would make sure the error message was pointed to in the right place.

That’s all for this edition. Watch the programming category if you want to see other programming tips.

I should start by explaining I regularly run my web browser with cookies disabled. The reason is that I decided websites are tracking you too closely, and especially websites which you didn’t even know you were visiting. For example, open up your cookie list. (In firefox, this is: Tools->Options (under Windows, Edit->Preferences under Linux), then Privacy->”Show Cookies”. The questions to ask yourself are:

1. How many of the sites listed do I even recognize?
2. Of the sites I do recognize, what do I want that site to remember about me the next time I visit?

Cookies, you see, are files that a server gives to a web browser, and asks it to present them whenever they visit a set of pages on a set of sites. Cookies have a number of legitimate uses, most notably to give the browser a “session” id. The “session” id is used so the browser user can, e.g., log in, and have the server remember keep track of information related to the login. (The other option, not using cookies, is to make the sessionid part of the URLs, which is both ugly, and more likely to be logged by third parties such as proxies and caches run by ISPs)

Then there are some arguably useful features of cookies. For example, many online retailers will set a cookie identifying you at your browser, and recognize you immediately when you visit again (not for purchasing, but for welcoming, tracking the products you look at, so to remind you of past products you’ve visited and to suggest new products based on your viewing history. I personally find that a little creepy, though I admit in some cases it can be valuable. A few years ago, there were even reports of sites using cookies to do Dynamic Pricing (story by CNN), a practice where sites change the prices based on information they keep about the customer. There were reports of users visiting Amazon from a new computer, finding an item they like, then logging in, and seeing it for a new price. In my opinion, these types of things outweigh the possible positive benefits from having a site remember me just for cause.

Next there are in my book some outright despicable practices. Advertisements placed on sites will add cookies which get reported back to these tracking sites anytime you visit any site with an advertisement from the same company. As a result, there are sites which simply compile vast amounts of information about where you go and what you do online, to use in any way they seem fit. These are commonly called “Tracking Cookies” by products such as Ad-aware and Spybot, which will remove the ones they recognize for you.

I have simply taken the approach (mostly as an experiment) that sites shall not store cookies without my express consent. To that end, I have installed CookieSafe, which makes it easier to manage cookie settings. I either give or reject cookies from specific sites. This occurs as a site preference, meaning if a site uses both kinds of cookies, and I want to use the site, I accept them both. Importantly, the third-party cookies are still rejected — I have to authorize them separately.

So my browsing works like this: I browse normally, then if a site isn’t working (and particularly if submitting a login doesn’t work), I realize it needed cookies to work. I then decide if I really want to use the site, and if I do, I enable cookies for that site only.

Now, when I view my list of cookies, I can identify most of the sites. (Some I must have authorized, but don’t quite recognize by site name, like the third party my bank uses to process online billpay.). I find this to be much more acceptable, and my browsing hasn’t been worse for the wear.

A few days ago, however, I saw something that really brought a smile to my face. On a site I visited while trying to figure out what it meant to buy fertile eggs, I saw this image, where an ad belongs:

I just had to laugh. If a site wants to not send me ads because I reject cookies — then great! I didn’t want them anyway. But somehow I think they’ve missed the point of advertising. If I were they, I would send SOMETHING back. But all the same – I hope other sites take this approach. It could be the end to all the annoying flash ads I get, if instead I got these images everywhere!