港交所披露易攻擊事件

無人想到港交所'披露易'網站對網上攻擊是這麼不堪一擊.

'披露易'今次受到'分散式阻斷服務政擊'(distributed denial of service attack, 簡稱 DDOS), 攻擊者以不同地方的電腦向被攻擊網站不斷發出傳送/顯示網頁要求, 變相阻止其他電腦連上這網站. 簡單說, 是像網路版排隊黨把通向'披露易'的連線通路阻塞. 但沒有直接嘗試登入. 有部份不負責任傳媒竟說其系統被入侵, 簡直是誤導!

一般商戶如遇此情況, 可要求服務供應商把攻擊分隔(技術上不是太大的難度), 也可直接向香港電腦保安事故協調中心求助.

不過, 只有單一發放上市公司資訊渠道這樣蠢的安排, 由港交所弄出來, 實在丟人現眼.

Netbook storm

I myself cannot believe that this blog has been on hold for so long.

In late 2007, ASUS released the EeePC. Then the world suddenly realized the potential of a cheap mobile internet access notebook. Intel invented the term Netbook for their own concept notebook but this term was soon borrowed to cover EeePC and its competitors.

It is interesting that EeePC put great pressure on the demand of XP again (as some people do successfully migrate to GNU/linux but most do not). It also put great pressure on high end some size, light weight notebook PC. People make the message clear: I need to travel and access internet and do the general work only, not sophisticated power machine. This also accelerates the trend of pushing processing power to service provider and the so-called cloud computing.

There are more to explore later.

Home computer lab

Although it is still costly (mainly hardware-related) operation, nowadays it is still much easier to setup a home computer lab to test your website, database, etc. There are freeware or open source quality software out there (GNU\linux, opensolaris, openbsd for OS; MySQL, postgrep, sqlite for database; lighthttpd, Apache for webserver; GIMP for photo-touching; Scribus for DTP; Scratch, Alice for animation; etc). One can also bid for cheaper second hand Cisco routers from Ebay to create a mini network, and add a Wireless hub as well.

The problem is: besides coping with certification exam, what are you going to do with this setup considering the running cost (rent, electricity bill, sir!)?

Animation besides Flash and children software

Can you imagine the combination of kindergarten, computing scientist and animation?

You may think of the programming language LOGO that is about 40 years old then. Yes, the humble turtle that accompanied some of us in 1980's. As time goes by, there is Flash and then Flex from Adobe. But MIT Media Lab keep themselves busy with a new one by working with kindergarten group. And the outcome is Scratch.

Sounds like a children's version of Flash but it is like LOGO that have underlining programming structure and power - and with the help of Internet, it is slowly building up a community of users.

Similar effort also occurs at Carnegie Mellon University with Alice, which focus on 3D animation.

Java becomes open source with GPL

This news has been rumoured for some time and turned real on 14 Nov 2006. Just a few months ago Sun's CEO Jonathan Schwartz was still criticizing the GPL. So what has changed his and other Sun's managers' mind?

Everyone agrees that Sun cannot turn Java software alone into profit. The ones who gain were and are users/developers like middle ware (application servers) BEA, JBOSS (now RedHat), and the Apache communities. The real value of Java is on the platform, associated infrastructure and enterprise penetration. No matter how people criticize the slowness of Java client, Java is still the first software platform (yes, I know .net is getting stream finally) to make complex software infrastructure with cleaner software syntax and structure / flow design - no pointer manipulation, no subtle logic error.

J2EE have seated well in enterprise. In spite of the steps .Net make, enterprise will still be reluctant to put their mission critical applications on Windows alone (especially when people are still reserved on Microsoft/Novell's deal and the future of Mono under such circumstances).

In order to respond to challenge from scripting languages (especially Perl, Python and Ruby), Sun has hired the project leaders of JRuby (a Ruby implementation in Java) starting from October 2006 so that Ruby scripts can incorporate with other Java libraries and JSP.


It seems that Sun have finally realized that it has to turn around its profit model to cope with declining sales of Solaris/Sparc servers.

Good bye Cobol code? Long live short file path!!!

Recently I have come across some finance applications written in - Cobol.

The vendors will not like to mention directly (why? it is not a shame to write applications in Cobol as long as it works and lives well with other applications and the host operating system!). However, through prompt-up runtime error and installation runtime libraries they reveal themselves.

The real problem is lazy program practice: modern Cobol compilers have allowed more flexible locations for file path. Unfortunately this is not the case for our programs. There are mysterious printing failures. After long time troubleshooting, it comes back to 'printer path too long'!!!

What is happening to their project manager?

New generation of HK IT staff -lack of mentors?

Recently there are opportunities to work with IT staff from Big B and SC bank.

Big B guys are nice but do things without any queries while in doubt and cause me some troubles and annoyance. They are recently lack of staff and sending all their 'Stretch-Wing' trainees to do lesser critical jobs. I have no complains for these SW but their seniors could have given them clearer guidelines.

SC bank people are more confident but in certain situations I have to let them know that they have some wrong diagnosis that I have observed and suggested alternative ways to troubleshoot again.

Both cases point to one common thing - a mentor with experience can make a great difference in front line job.