Open Collaboration at Eclipse
The International Conference on Software Engineering is the premier research conference on the topic. This year it began with a keynote address by the Eclipse Foundation Executive Director, Mike Milinkovich, on Open Collaboration: The Eclipse Way.
Continue reading "Open Collaboration at Eclipse"
How to Create Your Own Git Server
Although I'm a happy (also paying) user of GitHub's offerings,
there are times when I prefer to host a private repository
on a server I control.
Setting up your own Git server can be useful
if you're isolated from the public internet,
if you're subject to inflexible regulations,
or if you simply want features different from those offered by GitHub
(and other similar providers).
Setting up a Git server on a Unix (Linux, Mac OS X, *BSD, Solaris, AIX)
machine isn't difficult,
but there are many details to observe.
Here is a complete guide.
Continue reading "How to Create Your Own Git Server"
Even by our field’s dizzying rate of progress I wouldn’t expect to revisit the subject of version control just six years after I first wrote about it in this column (Version Control Systems. Software, 22(5):108–109, September/October 2005). Yet here we are. The new kid on the block is git, a distributed revision control system available on all mainstream development platforms through a Free Software license. Git, a brainchild of Linus Torvalds, began its life in 2005 as the revision management system used for coordinating the development of the Linux kernel. Over the years its functionality, portability, efficiency, and third-party adoption have evolved by leaps and bounds to make it its category’s leader. (Two other systems with similar characteristics are Mercurial and Bazaar.)
Continue reading "Git"
How do Big US Firms Use Open Source Software?
We hear a lot about the adoption of open source software,
but when I was asked to provide hard evidence there was
little I could find.
article I recently published in the
Journal of Systems and Software together with my colleague
Vaggelis Giannikas we tried to fill this gap by
examining the type of software the US Fortune 1000 companies use
in their web-facing operations.
The results were not what I was expecting.
Continue reading "How do Big US Firms Use Open Source Software?"
Package Management Systems
DLL hell was a condition that often afflicted unfortunate users of old Microsoft Windows versions. Under it, the installation of one program would render others unusable due to incompatibilities between dynamically linked libraries. Suffering users would have to carefully juggle their conflicting DLLs to find a stable configuration. Similar problems distress any administrator manually installing software that depends on incompatible versions of other helper modules.
Continue reading "Package Management Systems"
How to Decrypt "Secrets for Android" Files
Secrets for Android
is a nifty Android application that allows you to securely store
passwords and other sensitive data on your Android phone.
Your data are encoded with your supplied password using strong
cryptography and are therefore protected if your phone gets stolen.
Although the application offers a backup and an export facility,
I found both wanting in terms of the availability and confidentiality
associated with their use.
Continue reading "How to Decrypt "Secrets for Android" Files"
In a recent
NPR interview the journalist
described how I used a mind map to organize my work while I
served as Secretary General for Information Systems
at the Greek Ministry of Finance.
A number of people asked me for more details;
if you're interested read on.
Continue reading "Mind Mapping"
Using the HP 4470c Scanner Under Windows 7
Hewlett Packard nor
Microsoft Windows 7
offer native support for my HP 4470c scanner.
Throwing a working scanner away to buy a new one only because some
software was missing seemed like a waste,
so I looked for an alternative solution.
This is how I made it work using SANE,
an open source framework for scanners.
Continue reading "Using the HP 4470c Scanner Under Windows 7"
Choosing and Using Open Source Components
The developers of the SQLite open source database engine estimate that it’s deployed in roughly half a billion systems around the world (users include Airbus, Google, and Skype). Think of the hundreds of thousands of open source components, just one click away from you. If you know how to choose and use them effectively , your project can benefit mightily.
Continue reading "Choosing and Using Open Source Components"
Applied Code Reading: Debugging FreeBSD Regex
When the code we're trying to
read is inscrutable,
inserting print statements and running various test cases can be
two invaluable tools.
Earlier today I fixed
a tricky problem in the FreeBSD regular expression library.
originally written by Henry Spencer in the early 1990s,
is by far the most complex I've ever encountered.
It implements sophisticated algorithms with minimal commenting.
Also, to avoid code repetition and increase efficiency,
the 1200 line long main part of the regular expression execution engine is
included in the compiled C code
three times after modifying various macros to adjust the code's behavior:
the first time the code targets small expressions and operates
with bit masks on long integers,
the second time the code handles larger expressions
by storing its data in arrays,
and the third time the code is also adjusted to handle multibyte characters.
Here is how I used test data and print statements to locate and fix the problem.
Continue reading "Applied Code Reading: Debugging FreeBSD Regex"
Applied Code Reading: GNU Plotutils
Robert, a UMLGraph user sent me an email
describing a problem with the
SVG output on Firefox.
I firmly believe that
code reading is a lot
easier than many think:
one can easily fix most software problems without detailed knowledge
of the underlying system.
I therefore decided to practice what I preach.
Continue reading "Applied Code Reading: GNU Plotutils"
Madplay on an Intel Mac
Numerous MP3 players around my house pull music from a central file server.
The hardware I'm using is extremely diverse and many devices
can nowadays be politely described as junk:
they include 100MHz Pentiums with 16MB RAM, and an ARM-based prototype
lacking support for floating point operations.
For the sake of simplicity I've standardized the setups around
a web server running on each machine to list static HTML pages
containing the available music files,
and simple shell-based CGI clients that invoke
play the music.
When I added an Intel-based Mac to the mix I found that madplay
refused to work, producing only a white noise hiss.
Continue reading "Madplay on an Intel Mac"
Greek Numerals in OpenOffice.org
doesn't support Greek numerals,
and this is a problem for its Greek localization,
because such numerals are often used for section and list numbering.
As an exercise in large scale
code reading and in the
writing of code I'm supposed to teach to undergraduate students,
I decided to contribute an implementation to OpenOffice.org.
Continue reading "Greek Numerals in OpenOffice.org"
Revisiting the Antikythera Mechanism Emulator
Over the past few weeks I updated the
Antikythera mechanism emulator
I built in 2007.
I was preparing for an invited talk on the subject, which I'll give at the
2009 USENIX Annual Technical Conference,
and for this I wanted to include in the emulator the new findings
recently published in Nature.
Continue reading "Revisiting the Antikythera Mechanism Emulator"
Fixing the Orientation of JPEG Photographs
I used to fix the orientation of my photographs through an application
that would transpose the compressed JPEG blocks.
This had the advantage of avoiding the image degradation of a
decompression and a subsequent compression.
Continue reading "Fixing the Orientation of JPEG Photographs"
Open Source Opens up for Business
Today, as I was reading the
I was impressed by the number of business-related software in the top-25
I was sure this wasn't always the case,
so I dug up the corresponding
the top-25 projects at the beginning of 2006
to refresh my memory.
The differences are profound.
Continue reading "Open Source Opens up for Business"
What are the ingredients of robust, elegant, flexible, and maintainable software architecture?
Over the past couple of years, my colleague
and I worked
on answering this question through a collection of intriguing essays
from more than a dozen of today's leading software designers and architects.
Continue reading "Beautiful Architecture"
Sound-Bytes from the Open World Forum
I'm currently attending the
Open World Forum taking place
The conference is proving extremely interesting with many notables,
Jim Whitehurst the president and CEO of Red Hat and
Mike Milinkovich the executive director of the Eclipse Foundation,
talking and exchanging opinions.
Many of the discussions are too cerebral to be effectively blogged,
but here are some sound-bytes I noted down from the session on
public policies to promote sustainable development of shared resources.
Continue reading "Sound-Bytes from the Open World Forum"
A Look at Zero-Defect Code
National Security Agency
has released a case study showing how to
develop zero-defect code in a cost-effective manner.
The researchers of the project conclude that,
if adopted widely, the practices advocated in the case study
could help make commercial software programs more reliable and less vulnerable.
I examined a small part of the case study's code, and was not impressed.
Continue reading "A Look at Zero-Defect Code"
UMLGraph Version 5.1
Over the summer two articles presented
UMLGraph to the masses.
Paul Duvall wrote on IBM developerWorks an article titled
Automation for the people: Pushbutton documentation, and
Meera Subbarao published on DZone Javalobby another piece on how to
reverse-engineer source code into UML diagrams.
In addition, I received a number of interesting patches and contributions.
As a result I decided it was time to release UMLGraph version 5.1.
Continue reading "UMLGraph Version 5.1"
Interoperability, at Last
Language is a very powerful way to describe behavior.
Therefore even when I create pictures, instead of dragging around my mouse,
I use declarative tools like GraphViz,
These allow me to describe what I want to draw, instead of
how I want the end-result to look like.
The truth however is that the end-results are not always perfect.
Today I realized that the state of the art has advanced to the point
where I can create the drawing declaratively, and then visually
polish the final drawing.
Continue reading "Interoperability, at Last"
Open and Closed Source Kernels Go Head to Head
Earlier today I presented at the
30th International Conference on Software Engineering a
research paper comparing the
code quality of Linux, Windows (its
research kernel distribution),
For the comparison I parsed multiple configurations of these systems (more than ten million lines), and stored the results in four databases, where I could run SQL queries on them. This amounted to 8GB of data, 160 million records.
(Iíve made the databases and the SQL queries available
The areas I examined were file organization, code structure, code style, preprocessing, and data organization.
To my surprise there was no clear winner or looser, but there were interesting differences in specific areas.
Continue reading "Open and Closed Source Kernels Go Head to Head"
LTO Tape Drive Compression Considered Harmful
I used to think that tape drive compression was a silly marketing trick
used by manufacturers to inflate the advertised capacity of their tape drives.
Apparently it is worse than that.
Continue reading "LTO Tape Drive Compression Considered Harmful"
The Power of an Integrated Platform
FreeBSD, unlike Linux, is not a kernel, but a complete
This allows a much smoother integration of its components,
which is a real boon when you try to locate and fix a problem.
The source code for all the parts is all ordered in a single
directory tree for you to examine and experiment with.
Continue reading "The Power of an Integrated Platform"
What I'd Say to Bill Gates
Bill Gates is visiting Athens tomorrow.
In his short stay he'll inaugrate Microsoft's
so-called innovation center, which is provided
as an offset for a deal Microsoft signed with the Greek government
for the purchase of 70.000 licenses, and he'll also give a talk
on Microsoft's vision for the future of technology.
As a prelude to this event
the Sunday newspaper Eleftherotypia inset
has invited a few Greek open-source advocates to give in a few sentences
what they would say to Bill Gates during his visit.
Continue reading "What I'd Say to Bill Gates"
An Update on UMLGraph
Today I released version 5.0 of UMLGraph.
This release contains a couple of important changes: six new shapes
(components, nodes, collaborations, use cases, notes, and active classes),
a facility for adding notes, and the hosting and packaging under its
own domain name
Continue reading "An Update on UMLGraph"
International BSD Conference in Turkey
I'm on my way back from the
International BSD Conference in Turkey,
which a group of enthusiastic members of our community organized on
Friday and Saturday.
Continue reading "International BSD Conference in Turkey"
Creative Commons Around the World
will be inaugurating the launch of
licenses in Greece.
This prompted me to investigate how pages licensed under creative commons
licenses are distributed on the internet.
Continue reading "Creative Commons Around the World"
Cooperative Development at the Speed of Light
The agility and responsiveness of major open-source endeavors never
ceases to amaze me.
Continue reading "Cooperative Development at the Speed of Light"
Using the Open-Sourced Java Platform
Having access to a system's source code is liberating.
I've felt this since I first laid my eyes on the source code of the
9th Edition Unix in 1988, and I saw this again as I used the freshly
open-sourced Java platform
to implement a UMLGraph
feature that has been bugging me for more than a month.
Continue reading "Using the Open-Sourced Java Platform"
One Traffic Light Per Child
The XO machine of the
One Laptop Per Child initiative
has a display with two remarkable properties:
in reflective mode it can be read under sunlight,
and it can also work in both laptop and tablet mode.
Add a dozen-line
program and you have a real traffic light.
Continue reading "One Traffic Light Per Child"
Software Development Productivity Award
Yesterday, at the
17th annual Jolt Product Excellence and Productivity Awards
Code Quality: The Open Source Perspective won a Software Development Productivity Award
in the Technical Books category.
Continue reading "Software Development Productivity Award"
Open source as a paradigm for evolving complex systems
Scientists in the 1980s hotly debated the feasibility of US's proposed Strategic Defence Initiative, commonly known as Star Wars. One argument concerned the amount of software needed to control the missile detectors and weapons.
Continue reading "Open source as a paradigm for evolving complex systems"
Cracking Software Reuse
[Newton] said, "If I have seen further than others, it is because I've stood on the shoulders of giants." These days we stand on each other's feet!
— Richard Hamming
Sometimes we encounter ideas that inspire us for life. For me, this was a Unix command pipeline I came across in the '80s:
Continue reading "Cracking Software Reuse"
Yesterday my research group and our partners officially launched the
a Software Quality Observatory for Open Source Software.
Continue reading "SQO-OSS Launched"
NASSCOM Quality Summit 2006
Last week I attended NASSCOM's 2006 Quality Summit in Bangalore, India.
There I gave a tutorial on tooling with open source software, and
delivered a talk on Global Software Development in the FreeBSD Project.
It was an edifying trip.
Continue reading "NASSCOM Quality Summit 2006"
Open Source and Professional Advancement
Doing really first-class work, and knowing it, is as good as wine, women (or men) and song put together.
— Richard Hamming
I recently participated in an online discussion regarding the advantages of the various certification programs. Some voiced skepticism regarding how well one can judge a person's knowledge through answers to narrowly framed multiple choice questions. My personal view is that the way a certification's skills are examined is artificial to the point of uselessness. In practice I often find solutions to problems by looking for answers on the web. Knowing where and how to search for an answer is becoming the most crucial problem-solving skill, yet typical certification exams still test rote learning. Other discussants suggested that certification was a way to enter into a job market where employers increasingly asked for experience in a specific technology. My reaction to that argument was that open source software development efforts offer us professionals a new and very valuable way to obtain significant experience in a wide range of areas. In this column I'll describe how we can advance professionally by contributing to open source projects.
Continue reading "Open Source and Professional Advancement"
SeaMonkey vs Internet Explorer Revisited
In an older blog entry
I compared the complexity of Mozilla with that of Internet Explorer
by looking at the components each linked to.
Recently, comments to a Slashdot posting I made, noted
that I was comparing the two products on different platforms and
source with binary dependencies.
I therefore set out to compare the binary dependencies of the two
Continue reading "SeaMonkey vs Internet Explorer Revisited"
What Can System Administrators Learn from Programmers?
Although we often hear about program bugs and techniques to get
rid of them, we seldom see a similar focus in the field of system
This is unfortunate, because increasingly the reliability of an IT system
depends as much on the software comprising the system as on the support
infrastructure hosting it.
Continue reading "What Can System Administrators Learn from Programmers?"
Interoperability Requires Temperance
After testing the CScout refactoring browser
on the FreeBSD kernel, I decided
to try it on Linux.
I'm getting there, but slowly, and the reason is the gratuitous use of
gcc extensions made in the Linux kernel source code.
Every time I come across a program construct that CScout doesn't
grok, I have to study the C standards to see if the construct is legal C
that CScout fails to implement or a gcc extension.
Extensions are trouble, because, they're typically only vaguely documented.
Continue reading "Interoperability Requires Temperance"
Surprising Findings on Software Reuse
Kevin DeSouza and his colleagues in a recent
article in the
Communications of the ACM published some surprising
findings regarding software reuse:
reuse happens more by novices rather than by experts,
within projects rather than across them, and in
transient teams rather than permanent ones.
The statement regarding the higher propensity of rookies to reuse
compared to older professionals rang particularly true to my ears.
Continue reading "Surprising Findings on Software Reuse"
Code Quality: The Open Source Perspective
My new book
Code Quality: The Open Source Perspective
three years after I started writing it.
The book owes more to open source software than any of the books
dealing with Linux, PHP, Apache, Perl or any other book covering
a specific technology.
Continue reading "Code Quality: The Open Source Perspective"
A Tree of Mentors
In the FreeBSD project, new
committers are assigned a mentor who overlooks their work, until they
are judged to be confident enough to work on their own.
As lots of things in the open-source landscape, having a mentor is a loan,
which we should pay back by mentoring somebody else.
Continue reading "A Tree of Mentors"
MIT's $100 Laptop
The MIT Media Lab is working on a research initiative to develop
a $100 laptop.
This will be distributed through governments to schools to
help the education of the world's students.
These are my notes from a talk
Director of Computing at the MIT Media Lab
gave on the subject, at an event organized by the
Netmode Laboratory .
Continue reading "MIT's $100 Laptop"
GCC Obfuscated Code
For years I've struggled to understand the
GNU compiler collection internals,
I am ashamed to say, without much success.
I always thought that the subject was intrinsically too complicated
for me, but after struggling to understand a two line gcc
code snippet of a fairly simple operation for more than two minutes,
I realized that the code style may have something to do with my problems.
Continue reading "GCC Obfuscated Code"
I have updated the UMLGraph program to
run under Java 1.5.
Continue reading "UMLGraph Update"
An Open Source Java Metrics Toolset Is Hard to Find
I spent many hours looking for a stand-alone open source metrics toolset
for Java programs.
Unfortunately, I was not able to find a single tool that would
fit my (relatively modest) requiremets.
Continue reading "An Open Source Java Metrics Toolset Is Hard to Find"
Maintainability of the FreeBSD System
Last November Ioannis Samoladas and his colleagues published an article
in the Communications of the ACM  that compared the maintainability
of open-source versus-closed source projects.
I applied the maintainability index  they used on the FreeBSD source
repository following the code's maintainability over time, and comparing
the maintainability of different modules.
Here are the results.
Continue reading "Maintainability of the FreeBSD System"
Who Maintains the GNU Plotutils?
The GNU plotutils
package contains a reimplementation of a pic language processor.
I find pic invaluable for drawing diagrams;
in fact the sequence diagram editor in my
UMLGraph system, depends on it.
The current version is 2.4.1, and was released in July 2000 - almost four years ago.
I have discovered two bugs, but no one seems to be maintaining the package.
This is unfortunate.
Continue reading "Who Maintains the GNU Plotutils?"
Code Reading Example: the Linux Kernel Load Calculation
A colleague's Linux machine was exhibiting a very high load value,
for no obvious reason.
I wanted to make him point the kernel debugger on the routine calculating
It has been more than 7 years since the last time I worked on a Linux
so I had to find my way around from first principles.
This is an annotated and slightly edited version of what I did.
Continue reading "Code Reading Example: the Linux Kernel Load Calculation"
Involving Students With Open Source Projects
A Slashdot story titled
OSDDP: Involving Students With Open Source Docs
prompted me to describe my experiences with the
Software Comprehension and Maintenance
course I am teaching.
The reactions from the—difficult to please—slashdot crowd
were surprisingly positive and friendly.
Continue reading "Involving Students With Open Source Projects"
Cracker Code Review
According to a popular myth, crackers are computer whiz kids:
brilliant software developers who run circles around their
"peers" in the corporate world.
When my undergraduate student Achilleas Anagnostopoulos sent me a
to the source code of the
Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow
exploit, I decided to test the myth
by performing a code review of the exploit's source code.
The results are not flattering for the exploit's developers:
no self-respecting professional would ever write production code of
such an abysmally low quality.
Continue reading "Cracker Code Review"
The hypot() Mystery
I was writing a section for the
followup volume, and wanted to demonstrate the pitfalls of
using homebrewn mathematical functions instead of the library
As an example, I chose to compare the C library
Continue reading "The hypot() Mystery"
sqrt(x * x, y * y).
I created a plot of "unit in last place" (ulp) error values between
the two functions, which demonstrated how the error increased for larger
values of y.
Not All Open-source Systems Are Perfect
I am a big fan of open-source software, and I use many open-source
programs on a daily basis.
Some of my favourite systems, on which I depend, include
the FreeBSD operating system,
the apache web server, and
the vim editor.
I also often use
the GNU C Compiler.
I find all of these systems robust, well documented, and, in many cases,
superior to their proprietary alternatives.
Continue reading "Not All Open-source Systems Are Perfect"
Optimizing ppp and Code Quality
While debugging a problem of my ppp connection I noticed that
ppp was apparently doing a protocol lookup (with a file open,
read, close sequence) for every packet it read.
This is an excerpt from the strace log, one of my
favourite debugging tools.
Continue reading "Optimizing ppp and Code Quality"
Software Complexity: Open Source vs Microsoft
In a readable and interesting paper titled
CyberInsecurity: the cost of a monopoly
seven notable security experts argue that the Microsoft's near monopoly
in the desktop operating system and office productivity markets is creating
a dangerous monoculture that exacerbates the effect of security vulnerabilities.
Continue reading "Software Complexity: Open Source vs Microsoft"
I became a FreeBSD committer.
I've been using BSD Unix systems
since 1986 starting with 4.3 BSD on a pair of VAX 780 machines. In
1992, as a bored PhD student, I reimplemented sed(1) and contributed it
the unencumbered BSD version that was then being put together; it is now
part of the *BSD family. I crossed again paths with BSD software when
the prize of the 2000 Usenix technical conference ``win a pet Shark
contest'', Digital's Network Appliance Reference Design-DNARD, came with
a NetBSD boot image. I used that code for drawing about 500 examples
for my book
Code Reading: The Open Source Perspective (Addison-Wesley
2003), detailing how to read software code others have written
Since 2001 I 've been using
FreeBSD to control my home's security, communications, and entertainment
systems as described in a
SANE conference paper
in Personal and Ubiquitous Computing
(as an academic I have to live by the "publish or perish" motto).
Continue reading "FreeBSD Committer"