overload103.pdf

OVERLOAD

CONTENTS

OVERLOAD 103

Overload is a publication of ACCU

For details of ACCU, our publications

and activities, visit the ACCU website:

www.accu.org

June 2011

ISSN 1354-3172

Editor

Ric Parkin

overload@accu.org

Advisors

Richard Blundell

richard.blundell@gmail.com

Matthew Jones

m@badcrumble.net

Alistair McDonald

alistair@inrevo.com

Roger Orr

rogero@howzatt.demon.co.uk

Simon Sebright

simon.sebright@ubs.com

Anthony Williams

anthony.ajw@gmail.com

Some Objects Are More Equal Than Others

Steve Love and Roger Orr look at what we mean by

equality.

The Guy We Are All Working For

Sergey Ignatchenko identifies who has the most power

in software development.

Exception Specifications in C++ 2011

Dietmar Kühl examines a new language feature in

depth.

Advertising enquiries

ads@accu.org

Why Interval Arithmetic Won’t Cure Your

Floating Point Blues

Richard Harris concludes his look at numerical

computing alternatives.

Cover art and design

Pete Goodliffe

pete@goodliffe.net

Systems Thinking Software Development

Tom Sedge shows how to customise and improve

your development processes.

The ACCU 2011 Crypto Challenge

Richard Harris poses the next in his historic

codebreaking challenges.

Copy deadlines

All articles intended for publication in

Overload 104 should be submitted

by 1st July 2011 and for Overload

105 by 1st September 2011.

Copyrights and Trade Marks

Some articles and other contributions use terms that are either registered trade marks or claimed

as such. The use of such terms is not intended to support nor disparage any trade mark claim.

On request we will withdraw all references to a specific trade mark and its owner.

ACCU

ACCU is an organisation of programmers

who care about professionalism in

programming. That is, we care about

writing good code, and about writing it in

a good way. We are dedicated to raising

the standard of programming.

The articles in this magazine have all

been written by ACCU members - by

programmers, for programmers - and

have been contributed free of charge.

By default, the copyright of all material published by ACCU is the exclusive property of the author.

By submitting material to ACCU for publication, an author is, by default, assumed to have granted

ACCU the right to publish and republish that material in any medium as they see fit. An author

of an article or column (not a letter or a review of software or a book) may explicitly offer single

(first serial) publication rights and thereby retain all other rights.

Except for licences granted to 1) Corporate Members to copy solely for internal distribution 2)

members to copy source code for use on their own computers, no material can be copied from

Overload without written permission from the copyright holder.

Overload | 1

EDITORIAL

RIC PARKIN

Can you keep a secret?

Privacy and security have been in the news a lot

recently. Ric Parkin looks behind the curtain.

It’s not been a good few months for Sony.

First of all it was one of many companies whose

manufacturing plans were thrown into turmoil due to

a major earthquake and tsunami. It wasn’t so much the

direct damage, but disruption to power generation and

supply chains has shown how vulnerable Just In Time production methods

are to even small delays. [Sony]

The automotive industry was affected even more, as it turned out that a

single chip making plant that was destroyed made about 40% of the chips

used worldwide in car manufacturing. With deliberately low stocks of

parts, car production has been severely disrupted [Renesas]. This did make

me wonder what sort of equivalent risks to production applied to software

development, given that the Toyota Production System, and other JIT

processes are the inspiration behind many Agile development practices.

A few spring to mind – a major risk is an unexpected change in production

capacity. This will usually be caused by personnel changes, such as illness

or leaving the company. Finding a replacement and getting them up to

speed is a non-trivial effort, which is why Brooks’s Law was noted

[Brooks]. Less serious causes can include power cuts, and problems with

computers and networks.

As I write this, the PlayStation network has only been partly restored

following an intrusion that potentially exposed personal details of millions

of users. Unfortunately they intially turned a serious problem into a PR

disaster by looking to be slow to admit to the problem, or giving details

about what had actually been compromised. Some of this could well have

been due to the difficulty of tracing where exactly the intrusion had access

to, what had been taken, and how this would affect users. But some things

were definitely handled badly, in particular whether passwords had been

stored in plain text or not. It turned out they had correctly only stored a

hash – a large number or string that was generated from the password and

used to confirm you’ve typed a password in correctly without actually

transmitting or storing the password itself [Hash], but it took time to

clarify this.

Unfortunately, some identity information was stored such as dates of

birth, and it’s this that is the main cause of concern as it can be used as

the basis of identify theft. It has severely dented their reputation. It did

make me question my own approach to computer and identity security,

both as a developer (yes, we only store hashes!) and as a user. I also

recently updated our password dictionary for cracklib [Sourceforge],

which sees how secure a new password is. The new dictionary is massively

larger than our previous version, and we’re finding that it includes many

passwords that used to be thought of as strong, but

now appear in dictionaries that are used by brute-

forcing algorithms. I’m seriously reviewing my

password policy to make them harder to guess,

and will avoid supplying unnecessary personal details (I was always

reluctant anyway).

Other sources of leaked information have been making the news recently.

One high profile one was finding out that iPhones stored a list of locations

where you’d been [Jones]. While this was only used internally for some

performance improvements, again it worried a lot of people as it

effectively gave anyone with access to your phone (or the iTunes backup

on your computer) a log of your movements. Promptly a fix has been

issued to delete the data when no longer needed. Of course, the authorities

have other ways of tracking your phone, even if they’re too much effort

to deploy except in serious cases. The obvious one is that phone companies

have logs of which mobile stations you can connect to, which is enough

to track you fairly accurately via some simple triangulation. Even before

that, getting access to telephone logs and doing some fairly simple traffic

analysis could be used to pick up patterns, and reveal the structure of an

organisation. I was reminded of this recently after seeing the latest

incarnation of some of this analysis software [i2]. Most scary of all is that

I was heavily involved with a major rewrite of this software back in the

mid to late 90s, and it was interesting to see that despite over a decade of

improvements, there were still signs obvious to me that the core of my

code is still there. A warning that code can last for longer than you might

think!

Of course, if an identity thief wanted a your details, or someone wanted

to track you, it’s probably easier to just keep an eye on people’s Facebook

updates and pictures in the Cloud. It’s troubling just how much personal

information can be gleaned by even a cursory glance and some simple

searches, and when coupled with position updates via tools such as

Foursquare, it’s pretty easy to see where someone is, what they are doing,

and who else was there. If that’s in real time and the person’s address is

known, and a break-in would be trivial.

The other interesting technology news thats been around recently is the

way that Twitter is being used to get around so called ‘Super-injunctions’

and reveal secrets that people had been trying to keep under wraps. By

rapidly retweeting, a story be spread extremely quickly, and the ‘Spartacus

effect’ of thousands of people doing it makes them think that they are

immune from prosecution. Time will tell whether that will remain true,

as there’s already talk of disclosing details to the police of people who

have helped. Dispiritingly, most of the cases seemed to be celebrities

trying to conceal affairs, which is a sad reflection on certain sections of

the press. Personally I’m not interested in that at all – they have as much

right to a private life to muck up as I do. But there are issues of privacy,

freedom of speech, and a society fast changing how it communicates.

One thing that was worrying though – at one time someone posted a list

of supposed injunctions which turned out to be wildly innacurate (some

so bizarre you just knew they were a joke), causing some swift rebuttals

and embarrassment. Is this a taste of things to come, where fast

Ric Parkin has been programming professionally for around 20 years, mostly in C++, for a range of

companies from tiny startups to international corporations. Since joining ACCU in 2000, he’s left a trail

of new members behind him. He can be contacted at ric.parkin@gmail.com.

2 | Overload | June 2011

RIC PARKIN

EDITORIAL

communications and ‘Chinese Whispers’ cause all manner of wild stories

and accusations to be propagated? As the saying goes, a lie is halfway

around the world before the truth has got its boots on. In this vein, there

was an interesting experiment performed accidentally by Graham Linehan

who writes the sit-com The IT Crowd [Linehan]. After tweeting an

amusing lie – that Bin Laden was watching the show on the captured videos

– he was suprised just how fast it spread and mutated incorporating

completely random stuff, before he finally exposed it.

And sometimes people just won’t talk about it when you want them to – I

noticed a couple of comments recently from ACCU developers who’d

written their own iPhone games about how much effort it was to try and

generate some interest. With so many apps to choose from it’s now an

uphill struggle to get any attention.

Bletchley Park fundraising effort

The past two Novembers have seen the enjoyable ACCU Security

conferences, held at Bletchley Park to raise money for their activities.

Well, Astrid Byro has decided to go that extra mile this year to raise even

more. About three and a half miles to be more accurate – upwards. On

16th August she’s going on an 8-day trek to the Everest Base Camp,

which is 5,545 metres above sea level. ‘You must understand the context

of this endeavour.’ she says. ‘ I’m afraid of heights and this will challenge

my fears on a daily basis with multiple crossings of rickety bridges across

torrential gorges. In addition, I will be doing this at the end of monsoon

season so there is the ever-present danger of flash floods as well as the

menace of leeches. I hate leeches.’

Bubble 2.0?

We seem to be in a technology stock bubble again. Things that make me

feel this way include the recent purchace of Skype by Microsoft for a

massive $8.5bn, and the imminent floatation of LinkedIn at a large

valuation, and rumours about FaceBook or Twitter being floated soon. It

all feels very reminicent of 2001, although this time it’s social networking

driving interest instead of early internet companies and biotech. But yet

again to pick the real winners without over paying for them will be hard,

especially when what seems to be the next big thing

suddenly goes out of fashion, or more likely, becomes

so widespread it’s no longer what makes a company

unique and hence valuable. Buyer beware.

References

[Brooks] http://en.wikipedia.org/wiki/Brooks's_law

[Hash] http://phpsec.org/articles/2005/password-hashing.html

[i2] http://www.bbc.co.uk/news/uk-13366706

[Jones] http://www.bbc.co.uk/blogs/thereporters/rorycellanjones/2011/

04/iphone_tracking_creepy_cool.html

[Linehan] http://www.bbc.co.uk/news/magazine-13467407

[Renesas] http://www.bbc.co.uk/news/business-13421065

[Sony] http://www.bbc.co.uk/news/business-13557431

[Sourceforge] http://sourceforge.net/projects/cracklib/

She’s set a fundraising target of £50,000, so would be a great help to

Bletchley. She is hoping to achieve this target by donations as well as

corporate sponsorship so if you would like a photo of your corporate logo

flag flying at Base Camp, want her to wear sponsored logo clothing, or

you have a stunt in mind, she’s open to negotiation.

You can follow Astrid’s progress on her blog as she pursues her training

programme, at www.abc-ebc.blogspot.com and you can support her by

making a donation at www.justgiving.com/Astrid-Byro . Good luck!

[Photograph published under Creative Commons Licence 3.0 – original can be

found at http://www.happytellus.com/gallery.php?img_id=5143]

June 2011 | Overload | 3

FEATURE

STEVE LOVE & ROGER ORR

Some Objects Are More

Equal Than Others

Comparing objects is a fundamental operation. Steve Love

and Roger Orr consider different language approaches.

esting for equality is an important concern in a lot of programming

tasks and is often used for control flow: equality is one of the

commonest expressions used in if , for and while statements.

However despite being something that is covered in almost any

introduction to a programming language the concept and implementation

of equality can be quite complicated.

std::string ), but is not automatically provided for custom types

defined in a program. However you can provide your own definitions of

operator== as long as at least one argument is a custom type: and you

can also specify your own return type for the operator (although returning

anything but bool is usually a bad decision.)

In Java ‘ == ’ is predefined for primitive built-ins and does a straightforward

value comparison. For object types ‘ == ’ performs identity comparison

between the two objects supplied. You cannot change this behaviour.

In C# ‘ == ’ is predefined, or overridden, for all built-ins and library types

(whether these types are reference [ class ] or value [ struct ] types). It

is not automatically provided for custom value types and performs identity

comparison for custom reference types. C# lets you define ‘ == ’ for any

custom type, but you must additionally provide an implementation of ‘ != ’.

Possible meanings of ‘equality’

There are a wide variety of meanings to the use of ‘equality’ in a

programming language. The list of possible meanings includes:

1. Refer to the same memory location

2. Have the same value

3. Behave the same way

This article explores some of the details and pitfalls with equality in terms

of just the first two items on this list. We found it was a harder task than

it appears at first glance to get it right (for some definition of right), even

ignoring the third item on our list or looking further afield for other

meanings.

The first item in the list is often described as ‘identity comparison’ and the

second one as ‘value comparison’, and we make use of these terms below.

Note that value comparison usually refers to the perceived value for users

of the object and fields that don’t affect this (for example internally cached

values) are usually not included in the comparison code.

We are further restricting the subject to focus primarily on only three

languages: C++, C# and Java. Despite their common heritage and obvious

similarities there are many differences in the sort of problems equality

raises in each language: even at the basic level of language syntax we see:

In Java: a == b always does something for all variables a and b of

the same type (and compiles in some cases when they are of

different types) and you cannot change what it does.

In Java & C#: anobject.[eE]quals(another) always does

something (we write [eE]quals because the method is spelled

equals in Java but Equals in C#)

In C++ & C# you can overload the meaning of == and in C# & Java

you can override [eE]quals to customize behaviour.

Let’s start with the language construct form of equality ‘ == ’ on the grounds

that this must be a pretty fundamental definition to have been enshrined

in the syntax of the programming language, What does each language

provide for this operator ‘out of the box’?

In C++ ‘ == ’ is predefined (as a value comparison) for all built-ins and the

subset of the library types for which equality makes sense (e.g.

Object comparisons

For Java and C# the presence of a single root class for all object types

allows for a sensible definition of an equality method in this base class

which takes an argument of the base class. In both languages the default

implementation of this method, on custom types, performs identity

comparison.

Java overrides equals() for some of the predefined types, such as

Integer . However there is some confusing behaviour as Listing 1

demonstrates.

If you compile and run this simple program you might be surprised:

Testing 10

Equals

Testing 1000

Equals

public class IntegerEquals

{

public static void main(String[] args)

{

test(10);

test(1000);

}

public static void test(int value)

{

System.out.println("Testing " + value);

Object obj = value;

Object obj2 = value;

if (obj.equals(obj2))

System.out.println("Equals");

if (obj == obj2)

System.out.println ("==");

}

Steve Love is a programmer who gets frustrated at having to

do things twice. He can be contacted at steve@arventech.com

Roger Orr has been programming for far too long but still

enjoys it far too much. Some of it is paid and some of it isn’t.

He can be contacted at rogero@howzatt.demon.co.uk

Listing 1

4 | Overload | June 2011

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: