What happened in my case is that I was able to download an image using the form:

tftp myserver.local
get NetBoot/NetBootSP0/Netinstall.nbi/i386/booter

…but not using the form:

tftp 172.25.26.27
get NetBoot/NetBootSP0/Netinstall.nbi/i386/booter

even though the “myserver.local” name pointed to the IP 172.25.26.27. At least, that’s what I presumed until I whipped out Wireshark and found out that using the “myserver.local” name resolved to an IPv6 address, not the IPv4 address I expected.

Next, I ran this on the server:

sudo lsof -i :69

COMMAND PID USER   FD   TYPE     DEVICE SIZE/OFF NODE NAME
launchd   1 root  144u  IPv6 0x0a9ab4a0      0t0  UDP *:tftp

Aha! The tftp server only runs IPv6 for some reason. That explains it.

To fix this, go into the tftp.plist file with pico:

sudo pico /System/Library/LaunchDeamons/tftp.plist

and add the optional key for IPv4 a bit down:

...
<key>Sockets</key>
<dict>
    <key>Listeners</key>
    <dict>
        <key>SockServiceName</key>
        <string>tftp</string>
        <key>SockType</key>
        <string>dgram</string>
        <key>SockFamily</key>
        <string>IPv4</string>
    </dict>
</dict>
...

After that, all you need to do is stop and restart tftp:

sudo launchctl unload /System/Library/LaunchDaemons/tftp.plist
sudo launchctl load -w /System/Library/LaunchDaemons/tftp.plist

Then check that the port is working on IPv4 as well:

COMMAND PID USER   FD   TYPE     DEVICE SIZE/OFF NODE NAME
launchd   1 root  144u  IPv6 0x0a9ab4a0      0t0  UDP *:tftp
launchd   1 root  150u  IPv4 0x07e2ee14      0t0  UDP *:tftp

After that, retry the tftp get command using both IPv4 and “myserver.local” addressing. Should work now. I must admit I don’t understand why IPv6 keeps working, though. Oh well, not that it bothers me, but it bothers me a little bit.

Update: this post is correct, but it still didn’t solve my problem, so please see next blog post for more, at least if you’re doing netboot stuff on Snow Leopard

In order to follow along, you need to understand the gift card process. When you buy a card, it is “activated” at the store’s cash register. It’s only after “activation” that the card exists in the iTunes system. Vice versa: if it is “activated” it was duly bought and paid for in a store. Once the recipient of the card wants to use it, he/she has to “redeem” it, which you do using the iTunes application. So, “activate” and “redeem” are two different steps in the process.

So I contacted iTunes support and what they said is this:

Martin, I did little investigation on this issue and my records indicate that your iTunes Gift Cards (<here the numbers were repeated>) have been canceled and that Best Buy provided a refund for the purchase price. I’m sorry that I could not  reactivate the card for you.

The key terms here are: “canceled” and “could not reactivate”, both of which make very clear that the cards were indeed activated at the point of purchase, but later canceled.

I checked with my friend, and he had no such refund on his credit card. So I asked again to find out more exactly when this refund was supposed to have happened, and got this reply:

Martin, I did research on this and found that the Gift cards with serial numbers …, … and … were cancelled on 09/16/2010. The reversed or the refunded might be deposited back onto your credit card. Please look for the receipt on your email and  also the credit card statement of this particular date.

Ok, so on September 16, according to Apple, Best Buy requested that the cards should be cancelled. I tried to redeem them a week after that. My friend then called Best Buy about it, and they could not find any record of any refund connected to this. They didn’t find any record of the cancellation either. Another round with iTunes support and I got this:

As the Gift cards were cancelled by the Best Buy,  with our resource I could only see that these cards were cancelled and refunded. Please contact Best Buy (1-888-BEST BUY/1-888-237-8289), with the receipt and they will be able to provide the more information and help you on this issue.

So now I called Best Buy and got Rick W. aka “Mitch” on the line. I gave him the story and he looked up the sales transaction. He confirmed that there was no refund requested or given. He even said he had no idea Best Buy could cancel iTunes gift cards. But he promised to look into it. I sent him forwards of the mails I had got from iTunes support, and he was going to take care of this pronto.

A few more back and forths, while Rick W’s enthousiasm clearly waned, response times becoming longer and longer, messages becoming more and more terse, until he finally said:

Martin

Best I can do is 75 dollar gift card to the purchaser

Mitch

My reaction to this was… “WTF??!”. His email was rude, late, brief, and wrong. The only reason I can imagine why I would accept half the amount is if I was trying to scam Best Buy and he didn’t find it worth his time to prove it. Oh, boy, do I dislike Best Buy customer support now… I wrote back saying it was entirely unacceptable. It’s my money and I want it back. Nothing more was heard from Best Buy, even though I sent reminder mails. Stone dead cold.

So, it’s back to iTunes. This time I get the following request:

In order to help you further, please take scans of the front and back of each Gift Card and include the scans with your response. I’ll need to see a photocopy or scan of the cards themselves. I’ll also need to see the receipt for each card.

This request makes sense, since iTunes support probably wanted to make sure I had the cards in my possession. So I scan in the cards, include an email with the scans explaining that my friend does not have the paper receipt, but that we do know the transaction number and they can use that to check with Best Buy that the cards were sold there. Response from iTunes:

Thank you for including the scans of the Gift Cards. I have verified that they are adequate scans. Finding a solution for you is important to me, so I have requested assistance with the issue you reported. You will receive an email after the matter has been investigated and further information is available.

We’re already past half november, but now I’m starting to see the light at the end of the tunnel. But then, a week later, “Tim, senior advisor” responds:

I appreciate your patience while I’ve been reviewing the information you sent about your gift card. Unfortunately, I will have to have a scanned copy of the receipt itself in order to assist further; I’ve been unable to verify the purchase of the card with the information you provided, since we don’t have direct access to Best Buy’s systems.

You may be able to contact the store in question to request a reprint of this receipt, but I won’t be able to assist further without an image of the actual receipt itself. I apologize for any inconvenience this may cause, but I look forward to your reply.

At this point, I started to lose my cool. I sent this to Tim:

I’ve been giving your message a day’s thought and it doesn’t make sense. Both Apple and Best Buy have confirmed to me that these three gift cards are the real thing, that they’ve been properly purchased, properly activated at the register, and properly activated in Apple’s systems. There has never been a doubt about that. A copy of the receipt will prove nothing to you that you don’t already know. It will only cost me hours on the line with Best Buy again.

*After* being properly activated, these cards were then de-activated September 16 this year. Apple told me so, and you know it. Best Buy tells me they don’t know that. The problem then is to find out if Best Buy did get a refund from you or not. They claim not. There is no way for me to prove a negative.

So, in conclusion, you know for a fact these cards are bona fide. If you have doubts about Best Buy having been refunded or not, *you have to take that up with Best Buy*! I can’t do this for you!

What we have here is Apple and Best Buy both knowing one or both of you cancelled my cards for no good reason and without refunding them, but you keep giving me the run around. I’ve spent two months and untold hours on this, and it has to stop right now. If you have any sense of customer service, you fix this without bothering me again. OR you state clearly and unambigiously that you’re not planning on honoring the gift card commitment. But I will not keep spending time on this.

Needless to say, Tim didn’t even respond, didn’t even acknowledge my message. I even sent a brief synopsis to Steve J himself. He didn’t bother either. This kind of thing, the theft of customer’s money, doesn’t seem to interest anyone.

So, back to phoning Best Buy again, trying to get a copy of the receipt, only to run up against another wall: they won’t send a copy to anyone else except the original purchaser. But my friend in the meanwhile, was incommunicado in Africa somewhere. Another two weeks go by, he returns, calls Best Buy and finally gets an email with a receipt, which is just a listing from their accounting system, not the “scanned image” iTunes support requires. And, interestingly, the credit card number was in the clear in that listing; makes one wonder…

So I send this non-scanned-image-of-a-receipt to Tim at iTunes, and finally, on December 21, I get this:

Thank you for the additional information. With this receipt information I’ve been able to obtain replacement codes for your gift cards; here are the codes:

You could say it all turned out allright, but I don’t think so. I’ve wasted untold hours on this crap. Right from the start, iTunes and Best Buy both knew with absolute 100% certainty that the cards were entirely legit and that no refund had been given. Both knew I, or my friend, had not cancelled them. Both totally refused to pick up the phone and call each other, instead letting the customer (me and my friend) do all their legwork. Finally, the only point they actually should have verified, namely that Best Buy never got the refund Apple says they gave them, never was verified.

My theory, which I’ve shared with all three (iTunes, Best Buy, and Steve J, even though he probably never even read it) is that someone at Apple or Best Buy has a scam going, where he/she is “cancelling” iTunes gift cards which have not been redeemed for a number of months after purchase, taking the money somehow and (usually) never get caught. Neither BB or iTunes have ever responded to my theory. They seem totally uninterested.

Another point is brought home by the request to scan my cards for iTunes. The only reason to ask for that is probably to see if I bought my iTunes “codes” over the internet, and refuse me a refund or replacement if I did. This strikes me as highly dubious. If I had indeed bought them over the internet, what right does iTunes have of not honoring them? Maybe such a clause is buried somewhere in the iTunes user agreement, I really don’t know, but it doesn’t sound very fair to me. In any case, that was not my problem, so I’m not going to research the EULA just for that.

My main conclusion is: iTunes gift cards are a really, really dangerous purchase. They are not to be trusted, since Apple by no means stands behind them. It’s a toss-up if they’re going to honor them or not. If you do buy any for friends or family, give them a copy of the receipt and ask them to redeem pronto. Which all seems to make the “gift” in “iTunes gift card” a very dubious term.

My second conclusion is that someone has found a nice extra income by ripping off late redeemers, and Apple doesn’t seem to care. That worries me as an Apple shareholder.

Now, seriously, if even the parking ticket dispenser calls you “leet”, how can you lose? It went beyond great, by the way. But I can’t figure out how the machine knew that in advance.

	From:     Central Inteligency Agency 
	Subject:  From Central Intelligence Agency
	Date:      8 February 2010 9:22:14 GMT+01:00
	To:         undisclosed recipients: ;
	Reply-To: inteligencyofficer@yahoo.in

Central Intelligence Agency
City in Carter Lane, next to St.Paul's.

https://www.cia.gov/

Att: Beneficiary,

This is letter from the Central Intelligence Agency (CIA) You was

reported in this office last year that you have been dealing with
some Nigeria Hoodlums through the internet, which we have monitored
you and confirm that you have sent so much amount of money to some
Hoodlums in the internet through Western Union and Money Gram all in
the name of transaction.

You have been advice to quit every communication that you have with
all those Hoodlums for the main time because we have marked some
trace on there email address and we are trying to get them arrested
and if you insist and continue with them you will be arrested, So
right now you are advice to disconnect communication with them and
give us details about them.

Get back to us as soon as possible.
Mr. Mualler
Central Intelligence Agency

We used to have anecdotal medicine, or experience-based medicine if you prefer, where each doctor largely learned from his own patients, mistakes, and successes. This led to a lot of wrong conclusions, since outcomes are multifactorial. That is, there are a bunch of reasons why any particular case goes right or goes wrong, and you can’t control for those reasons if you learn from cases after the fact.

Then we decided to only advance medical science on properly designed, prospective, and controlled clinical studies, which seems to be the only way to get anywhere in the long run. So that’s what we should do.

The reason I posted this today is that I just read something horrifying in an otherwise excellent book (which you can get for free here), the “4th Paradigm”, Microsoft Press. This is an excerpt:

…current trends toward universal electronic healthcare records mean that a large proportion of the global population will soon have records of their health available in a digital form. This will constitute in aggregate a dataset of a size and complexity rivaling those of neuroscience. Here we find parallel challenges and opportunities. Buchan, Winn, and Bishop apply novel machine learning techniques to this vast body of healthcare data to automate the selection of therapies that have the most desirable outcome. Technologies such as these will be needed if we are to realize the world of the “Healthcare Singularity,” in which the collective experience of human healthcare is used to inform clinical best practice at the speed of computation.

No, please don’t destroy medical science like this…

This got me thinking about how to solve DoS in general and there are ways. I’d suggest two mechanisms.

1. Move from a pull model to a push model for subscribed web content. Push can be done from any old place, so there’s nothing for the attackers do DoS. I’d imagine the client to have a front end or proxy that checks for the right digital signatures to allow content in. The bad guys can still DoS the clients, but with very little return on investment. Not so surprisingly, we don’t have the required technologies in place, but there’s an abundance of components already in existence for such a system, so it should be straightforward to assemble.

2. For those services that can’t be done with push, use a smarter client that is able to go look for services according to preset algorithms or using a form of dynamic DNS. IOW, move the load balancer to the client side instead of the server side. (I’ve done this, it works.) This won’t eliminate a DoS entirely, but will make it orders of magnitude more difficult.

The problem here is that there is no incentive for the large hosting players to do anything that diminishes the need for giant pipes and huge data centers. So we can’t count on them to help out.

Every time this happens, you have to uninstall Zinio, delete its prefs, clear up a cache somewhere, then reinstall and reauthenticate it. Yes, I’ve got the routine documented, but man, this isn’t right. So I wrote them this letter, with absolutely no hope of them giving a damn:

Guys,

Really, time for you to get a grip. I’ve had MacWorld on Zinio for a couple of years now, and I’m growing so sick and tired of this 22-M error you never seem to fix, that I’m almost prepared to give up on subscribing to MacWorld anymore. You really need to fix this pronto. Show that you care, for once.

Every time anything at all changes on my machine, I have to manually go uninstall all of Zinio and reinstall it again, just to make it stop accusing me of being a thief. I can’t count the number of times I’ve had to do this. I have it installed on two machines, a Pro and a MacBook, and if that is too much for you, well, it’s going to be goodbye at next renewal.

I’m copying MacWorld too, since I think they should be aware of why they’re losing this particular subscriber at least. I’d sincerely suggest they’ve got a better chance of keeping paying subscribers by distributing unprotected pdf’s, or at least pdf’s protected by somebody else than Zinio.

Sincerely,

– Martin

PS: I could have added “You’re worse than Microsoft”, but that would be overdoing it.

PPS: No, I haven’t read the MacWorld issue. I’ll try to find the energy to go through that crap later, so I can actually see it, but I can’t keep myself from wondering if it’s worth the trouble. Very bad sign.

Update Oct 11: after reinstalling on my desktop Mac Pro and redownloading the last issue of MacWorld, I got this dialog box instead:

I mean, seriously, reading a mag is supposed to be relaxing, but this??!

Update Oct 16: Got another message from Zinio support telling me to do the exact same thing their previous message told me to do. That is, download the uninstaller, uninstall, download the installer, install, authenticate, hope for best, try. Since they sent that message twice, I figured I could repeat the procedure just for kicks, and sure enough, this time it worked. Um, no, actually not. I discovered that the issue file I redownloaded from Zinio according to the instructions I got the last time was corrupt, with a bad filename and extension. In other words, when Zinio told me “you do not have rights to this publication on this computer” it actually meant “this file is corrupt”. Would you have guessed? So I copied the file I had on my MacBook to the Mac Pro, and then it worked. Except it took another hour or so until I could read the MacWorld issue due to this problem:

In other words, if the Zinio server is down anytime the reader wants to verify your status, which is the first time you open it and whenever it feels unsure of itself, you’re out of luck yet again.

Right, now I can finally read the November issue of MacWorld on my portable and my desktop. Am I happy? Not really. As I already said, reading a mag is supposed to be relaxing. I’m prepared to pay for convenience. But all I’m getting for my money is aggravation. I’m not going to extend my subscription anymore, hoping instead that the so far mythical Apple iTablet will revolutionize this market and bring something much more useful and pleasant. But if it doesn’t, I fear the end is near for DRM’ed online publications.

“Did MS consider that cache awareness for programmers in multicore development?”

…and he answered:

“The average developer is not capable of handling that kind of level of detail. … Most developers are that ignorant. Welcome to the real world.”

To me, this explains a lot. It explains why .NET looks like it does, and to clarify what I mean by that, let me simply copy in extracts from what I had to say about it in a private forum just weeks ago. In what follows, the italics are brief extracts of comments from others. The rest is my own text. It’s not always in a totally logical order and it starts out in midflight, but it’s a synthesis of a longish thread on a security related forum.

Note: I didn’t ask any of my correspondents for permission to quote, but the quotes are so limited that I consider them “fair use”. If you think I crossed a line here, beat me into submission and I’ll never do it again.

- – - here we go – - -

Even Java, Ada, and COBOL  do not inherently encourage “good programming style”.

Well, I wasn’t thinking of which language “encourages” good programming practices. IMNSHO, none really does. That’s an idea that isn’t even viable once you get into programming for real. The idea of “encouragement” from a language standpoint is, let me be blunt, something only wannabe programmers could think is relevant.

Once you really use a language and its platform, one is not bothered in the least about what the language or platform “encourages”, but what the language or platform *allows*, and that’s an entirely different kettle of fish. And this is where .NET falls down severely.

In .NET you can do reflection. Up to a point, and then not. You can do generics/templates. Up to a point, then it comes to a screeching halt. You can do aspects, but only to a very small point. You can do dynamic scripts, but only to a severely complicated and fairly worthless point. And on and on it goes. For every good abstraction technology they implement, you soon discover it’s just a faked out front that can’t scale up to something really useful.

So, like MS Basic before it, .NET languages and the platform have cheap selling points, leading you down a path of instant gratification and then you hit a wall. But it’s actually much worse than good ol’ MS Basic was, since MS Basic was actually pretty close to what could be done back then, which wasn’t much. And you hit the wall soon enough to realize you should take another path. .NET, on the other hand, limits you from exploiting what currently very well can be done with computers, and it let’s you invest considerable energy and time in the platform before you get down to the bare metal behind it, only to discover it’s a rusty shell of improvised junk.

Let me put this in yet another way. Limiting languages to what is considered “safe” by non-programmers may limit the damage relative amateurs can do with these languages. But if this limitation also means you limit the *depth* of the language, like .NET does, then you actually put a ceiling on the level of abstraction than can be reached in larger systems built by people who actually know what they’re doing. Meaning that you exchange junk on a small and local scale for architectural and design junk on an epic scale.

With the reality of rapid time to market/deployment and a realistic assessment of the skills many programmers bring to the table, limited is what is needed quite often.

Yes, but what… um. Let me restart. It’s not a “yes, but” thing.

No, that’s wrong. Because it let’s you build small systems quicker and safer, that’s true, but small systems almost always become large systems. And these large systems almost always become monsters, due to the limitation that was built into them from the start. IOW, the limitation you talk about will practically always result in severe problems a bit down the road. It rewards shortsighted development.

Maybe, just maybe, limited and “safe” languages will reduce stupid errors in small systems by unskilled programmers more than they will cause deep errors in architecture of large systems (written by skilled or unskilled programmers, since skill doesn’t bring much to the table if the system won’t allow advanced techniques), but do we know that to be true? Has anyone tried to find out? As long as we don’t know that, you buy into “safe” languages on no better basis than what you do when you choose one shampoo over another.

- – -

Let me take a real life example to show what I mean, and why I currently detest .NET so much. (Maybe, just maybe, someone on the forum then tells me the one feature I missed in .NET and everyone gets to laugh at me, but I’m willing to risk that. I’m actually willing to *welcome* that, since it would be such a relief.)

When doing an app with grids and details, like 90% of everything out there, you want to let the user change details, add lines, delete lines, whatever, and then hit “Save” to save it all to the database, or “Revert” to go back to the original state. You also want the system to ask “Do you want to save first?” when you try to leave without saving changes. Right?

Ok, there are several ways of doing this. The “right” way would be to have the objects in memory versioned. You should be able to ask any object “did you change?” and “what did you change?”, and tell the object to roll back to a previous state or commit to the current state and start recording changes from there from now on.

You can’t do that in .NET, there’s no such feature. So, you say, what else is new, let’s fix that. With, um, AOP, which sounds just about right. Looking for solutions on the net shows nothing but spurious outbursts of unprintable language and gnashing of teeth. So forget it.

A mix-in, then? Um, no, .NET doesn’t support mix-ins, that’s only if you’ve got multiple inheritance.

Ah, let the objects deep-copy themselves to save state. Um, no, .NET has no reliable or complete deep-copy. And even if it had, it would copy too much of dependent object trees.

Then, let’s try good ol’ raw bitblitting into memalloced save spaces and calculate our own offsets (and make the company CISSP, if there is one, turn blue in the face)? Um, no, such “unsafe techniques” aren’t allowed in .NET.

Let’s inject the dispatch table with a pre- and post-function to record changes (key/value observing or AOP, depending on taste)? Nope, can’t do. Unsafe.

Finally, if you still haven’t dumped the whole idea and started a bicycle shop instead, you may have worked your ass off to get a kind of reflection function lib going that can copy, compare, rollback your objects, if your objects conform to a fairly limited feature set and implement some clumsy attributes. That’s what I did, and I keep debugging this thing long past the time when it should have been clean. I’m also pretty sure it’s slow, but I don’t care anymore.

Or, you do what everyone else does, and that is riddling your code with checks if anything changed, and saving old values here and there when you think they may need to roll back. So if there are 15 ways of leaving that screen, you’ve got 15 different places you need to check if you need to reload or save any of maybe 20 different objects in your app. Leaving the support desk a never ending source of joy and happiness for years to come as customers find new and inventive ways of leaving half edited objects in memory.

You know what? If this had been C++, I would have done a real down to the metal hack of the dispatch vtable mechanism maybe, and gotten a fast solution working that could be used anywhere and forever to solve this problem. It would be “dangerous” but once debugged it would last forever.

What you see now in .NET is much less dangerous solutions, but they have to be done over and over again and everytime they risk new bugs, each of which is much harder to find than any bug I would have in my “unsafe” solution.

BTW, even my halfassed solution won’t work if you compile .NET apps in “secure” mode (or whatever it’s called) since reflection can’t be used then. (Meaning an even buggier solution with hundreds of times more code for the same thing…) And you know what, it’s actually *much more* difficult to get the 15 * 20 simple-code solution debugged than the one advanced vtable injection technique debugged.

So, that’s what “safe” languages deliver even for pedestrian apps. Hurrah.

- – -

Not sure I’d let most developers any where near C or C++.

Yes, but you also lose the opportunity to get really good scalable apps. I would suggest finding a few “real developers” instead of a load of “most developers”. Quantity can’t compensate lack of quality.

As for .Net, you could always mix managed and unmanaged code and do what you need to do in C++ if you’ve got the guys with the skills to do it right.

If that would let me attack the basic dispatch mechanism in .NET and have it install itself into all the objects in memory that I pointed out to it, with for instance attributes, I’d do it. But, AFAIK, you can’t do that. Then you need to switch over to C++ unmanaged for the entire project. Which, if we look back, was my exact argument. You *can’t* do scalable and safe programming in managed .NET even if you’re able to.

My argument is this: if you cripple a language, you’ve exchanged a few “dangerous” and qualified pieces of code against a sh..load of slightly dubious and simple pieces of code. And of the two ills, I am convinced the latter is the worst.

PS: I’m still waiting for someone to tell me I should’ve used disconnected datasets. Here I am, fully loaded for war and nobody shows up?

- – -

I’ve found it surprisingly practical on the scales I normally work with. I certainly concur that it’s not what you might call “large enterprise ready”, but then what really is?

BTW, couldn’t we define a “large system” as one in which none of the builders (are really able to) know what everything is doing?

I’ll take those two as the same question.

It *is* surprisingly practical for small scale stuff, or as the technical term goes: quick and dirty. But what is a “large system”? I’d say most useful systems are “large systems”, since the builder, even if he’s alone, can’t keep all parts of the system in his head all the time. I don’t think there are any, or more than very few, really “small” and useful systems out there, according to this definition.

A good programming system allows you to write “straight code”, or quick-and-dirty, as you start out and as soon as you see a pattern in your code, you are able to replace that pattern with a single implementation of an abstraction somewhere. All on the basis of DRY (Don’t Repeat Yourself). You *have* to be able to do this, else you get inheritance-by-editor, that is repeated and almost identical code in multiple places. Which is the most sure-fire way of making it a unmaintainable slag heap in no time.

For simple code sequences, we have functions. Even C# can do that. For structures we have objects. C# can, yay. For behaviours, we have templates aka generics. C# does that better than C++ in the “cute and nice to have” ways, but doesn’t do it at all in the “OMG-what’s-this- weird-code-but-it-saves-the-project” ways. It’s just cute and tantalizingly close to being real-world useful. Aspect oriented programming (AOP) or Key-value observing (KVO): C# is totally braindead. Same for run-time object extensions. Same for object delegation or runtime discovery of implementation (cfr respondsToSelector in Objective-C). None of these things are even there in any form. Even swapping out one DLL for another in runtime is painful in the extreme.

A highly abstract way to view this is to visualize a development effort curve that starts out linearly, then goes exponentially up. You stop there, grab the language by the neck and raise your code an abstraction level. You drop back to linear for a while, then you go exponential again, then you raise the code an abstraction level, etc.

With .NET, you can do this for a couple of times, then you either run out of abstraction levels or they don’t return you to a linear curve, but to another exponential curve (IOW, whatever you do, C# bites back). With C++ I’ve never run out of abstraction levels, they go on and on, right into user domain territory to an amazing degree. I suspect Objective-C won’t run out of them either. Languages like PHP don’t have them at all, they’re more or less at the level of MS Basic way back when. Almost. Which in itself is a kind of honesty, since PHP doesn’t even pretend to be a “real” language in that sense. It’s quick- and-dirty elevated to a religion.

Even though I can’t prove it, I strongly suspect that there are no simple projects really suitable for .NET. Almost all projects start out being the right scale, but almost all of them ultimately (or even “quickly”) escalate beyond the level where .NET is a good fit, but then they’re stuck on that platform. And it is in this phase of its lifecycle that we see the problems with unmaintainability and bugs, not while they’re still small.

So, in conclusion, I strongly doubt that “safe” programming systems bring us that safety. I think it’s the other way around. The problems we see due to poor use of sharp knives (horrible C++ code, for instance) can’t be solved by switching languages, but should be solved by switching or training programmers and fixing project management issues.

If you don’t have the project management and the developers you need to write solid, maintainable, and safe code with a real language, switching to “safe” languages won’t help you. I think that is what I’m trying to say.

- – -

A well-designed module will be maintainable. “Take the time to do the design before coding” beats the snot out of “pick the write language” when it comes to making the source readable and maintainable.

Uh, no. And yes. And no again.

The problem is that if you design your stuff first, the language has to be able to express that design. Unless you keep the design trivial enough to be expressed by any old (new) language.

For instance, if your design has the element “Restore this object tree to last savepoint” and your language has a feature that can be used to achieve that, you may get away with a handful of lines of code that clearly and succinctly express what you’re doing even without comments or docs, and that can be tacked onto your objects as mix-ins, categories, templates, reflection, or whatever.

If your language does not support the necessary operations and declarations, you’ll end up with stereotypical code that needs to be manually replicated into each and every darn class you’re building and that is specific for the very project you do them in, hindering reuse across projects. You end up with hundreds or thousands of lines of code spread all over, hard to understand, even harder to find when you need to find it and a real f…up to debug.

You can’t get around that if the language is too limited. Or “safe” as they call them nowadays.

I have seen readable structured code in assembler and incomprehensible spaghetti in Modula-2

Assembler is much less limited than C# in this respect, so that isn’t so strange. It starts out at a very low abstraction level, but can reach very, very high. I’d say assembler is more or less linear in development complexity, but the problem is that the line, however straight, is very long.

Also, if you’ve already concluded that assembler can be well structured, then you have to admit C can as well. Same thing, almost. Extend at will to C++.

Of course it can!  Any language can!  That’s my point….

Hah! OMG… so tell me, what’s wrong with MS Basic, then? Or MSDOS batch language?

Do an undo/redo manager for MS Basic, or even (let’s be generous here) C#, in an average accounting app. Then in Objective-C. Then compare for “well structured”. I’d guarantee you that the C# undo/redo manager will be unreadable, plastered all over the project up to the rafters, a neverending source of joyous bugs and a strongly contributing cause to the death of the product just a few years hence. Not so with Objective-C. (The undo/redo manager is already part of the libraries, but even if it wasn’t, it could be built by the developer in a very reasonable time. Not so for C#.)

And no amount of design will change that. C# simply doesn’t have the features you need and is brimming with the “safety” to stop you from getting it done. Thanks to the drive for “safer languages”, I have to add.

Isn’t the CISSP-relevant point here that your redo manager, or any comparable object, necessarily constitutes a locus of increased risk? Seems to me that might be why it’s hard to implement in such a language.

Yes, maybe, which points out why the CISSP-relevant point is nuts. Somebody decides that the undo/redo manager (or something equivalent) is dangerous, so let’s not do that. Um, so what do we do when we don’t have an undo/redo? We fake it in each of the 50 or 100 classes that need it and the problem is now orders of magnitude larger. Or, more likely, we prohibit undo/redo entirely, making the use of the app a bloody nightmare, causing the actual business to suffer. And if the bloody user makes an error, he can’t correct it, but then it’s his fault, right?

In any case, this method of suppressing any patterns that carry risk only moves the problem elsewhere, usually making it much worse at the same time.

Pretty much all languages these days do the real work with library calls. The accretion of platforms slowly renders specific languages less relevant, as implementations increasingly consist of calls to external libraries and objects held outside the language’s environment. So-called “safe” languages attempt to fulfill their promise by limiting external calls or, in the .Net case, opening holes to “unmanaged code”.

I intentionally took an example of something that can’t be done by libraries. You can’t equip classes or objects with runtime state monitoring by library calls if there is no dynamic injection or intercept functionality in the language. There is no equivalence between language functionality and library functionality; those cover disparate areas of functionality. Libraries have in absolutely no way taken over from languages, but libraries have grown much faster than languages, so it may seem so if you just compare sizes.

This is the dichotomy of Java: it lives in a sandbox that makes it very safe, leaving you with the problem of getting things in and out of the sandbox.

As taken right out of the marketing book. It’s BS. If it was as easy as prohibiting dangerous behaviour and then danger went away, Java would have solved world hunger by now.

…so I created bookmarks for this one and the corresponding URL for relay number 2 (using relay2State and pulseTime2 parameters), which looks like this in Safari:

If you start the ReadyNAS by pressing the button less than 15 seconds, it starts normally. If you press 15 seconds or longer, you enter the diagnostics mode and we don’t want that.

To shut down the ReadyNAS while it is running, you need to press and hold the button for at least 5 seconds.

So I chose 7 seconds for the pulse, guaranteeing to only start up the unit or shut it down, without entering any weird states.

Oh, one more thing: the URL I use here only work if your WebRelay is not set to use password access for status changes. Including a password is a little trickier.

No, that IP is not the IP I actually use, and anyway, it’s all on a local net behind a firewall without portmapping.

Update: don’t use Safari 4 for these URLs. What happens is that one of them may show up on your “top sites” page, and they’ll refresh every time “top sites” is shown, typically every time you start Safari. The effect is that your NAS units will power on and power off at really weird times. Took me a while to figure this one out. And then I moved the bookmarks to OmniWeb instead, since it doesn’t have a “top sites” page. Problem solved.