Web protocols ate my hosting

New Year, same old blog. A new style, some broken links and some fixed-broken links. Here’s to yet another WordPress-based blog! Now for some background.

This website has been through a small number of hosts. It started off being hosted on a wordpress.com subdomain. I then migrated it over to a cheapo shared hosting solution, which worked pretty well for the low volume of traffic that it served. As we enter 2019 I am pleased to present the blog from a cheapo VPS, which is fronted by a free CDN.

Why change?

Coming into 2018 there were two aspects that prompted a reconsideration of my hosting:

  1. I started to take a deeper interest in running my own services over the web protocols I was spending so much time working on.
  2. The march of browsers towards treating http:// urls as insecure, and by virtue restricting powerful features (Web Platform APIs like Service Worker).

My old shared hosting was starting to feel restrictive in the face of these changes but I was in no rush to change things. Domains are cheap as chips, so I switched focus to a different project https://quic.stream.

quic.stream

The quic.stream domain was a fun name that was going cheap. For this not familiar with the QUIC protocol, it is a UDP-based always secure and multiplexed transport protocol undergoing standardisation in the IETF. It achieves multiplexing within a single QUIC connection by the use of logical streams.

Around the time I purchased the domain, the options for running a QUIC server that could speak to web browsers were pretty limited. The most straightforward way to get things working was to use Caddy server, a Go-based web server that made use of the excellent quic-go library. If you’re interested in trying it out the Wiki has some instructions that may, or may not, work for you.

Word of warning: at the time was based on Google’s earlier QUIC specification. Google Chrome was the only browser that seemed to interop properly. Google continue to experiment and the interop gets broken pretty often. If you visit https://quic.stream and try the connectivity test you are likely to find that QUIC fails, and there is no way for me to detect in JavaScript that this is because the browser outright cobbled it.

Simple-stupid security

Anyway, none of that matters much. What is of more interest is that QUIC’s “always secure” principle matches Caddy’s “Automatic HTTPS on by default” design philosophy. Caddy achieves this by means of Let’s Encrypt, and it does it all behind the scenes without making you waste your time on figuring anything out.

As a technical user I’ve gotten my head around the acronym soup of PKI, CSR, PEM, CRT. However, it all just becomes a PITA for something that is just supposed to be minimal effort or fun on the weekends. In contrast, Caddy and Let’s Encrypt made things so simple-stupid that I was able to do a live demo during a lecture to students at Lancaster University. This took the form of provisioning a new VPS instance (with Caddy pre-installed), creating a new DNS subdomain, and rolling a Hello World config. It took less than 10 minutes.

Tuning web security to the N-th degree

After creating a rough and ready site with Caddy that had great transport security, my attention turned to web security: CSP, CORS, HSTS, SRI etc. I’d never really looked at this before and found it pretty tedious to get right. I appreciate the difficulties in securing the Web Platform in complex User Agents but it sucks to have to rewrite simple button element script calls because of possible injections.

After much effort, quic.stream scores an A+ on the Mozilla Observatory’s HTTP Observatory tests. You can view results at: https://observatory.mozilla.org/analyze/quic.stream

What this exercise taught me is that I benefited from having fine-grain control of the server behaviour. For example, explicitly controlling HTTP headers and using scripts on the server to generate SRI hash values.

Shared hosting rubber gloves

After the success with one site, I took another look at this one. I wanted to secure it using free certificates from Let’s Encrypt, and I wanted to have more control over some of the lower level stuff.

The admin panel of the shared hosting felt like trying to scratch with rubber gloves on. Worse still, they wanted to nickel-and-dime me to pay for certificates.

Migrating the whole site to something else would require effort and time I didn’t have over the summer. So I took a different kind of quick, simple-stupid measure: I signed up for Cloudflare’s free CDN service.

This worked really easily and took about 10 minutes. I signed up, enabled 2FA, and followed the instruction to change my nameservers to Cloudflare’s. I got TLS 1.3 termination immediately, which was cool!

However, since my old shared hosting was insecure, I need to enable Cloudflare’s Flexible SSL mode (see this explanation). In essence, although the connection between User Agent and Cloudflare’s edge was secure, the connection to my shared hosting origin was insecure. There was no complete end-to-end security.

Now you might say that the site doesn’t handle much of importance but that doesn’t matter. For a long list of reasons why security is important regardless of content, check out Troy Hunt’s blog post Here’s Why Your Static Website Needs HTTPS.

Although the migration was smooth, I found some issues with mixed-config warnings while using Flexible SSL. In my haste to fix this I got into some weird URL issue that ultimately meant Cloudflare couldn’t load any images from my origin. Rather than waster time pursuing this, I decided the long term solution would be to migrate.

Rolling my own

So I finally found the time to take a look at rolling my own WordPress hosting. On first inspection running a LAMP-like stack using Caddy seemed a bit daunting. And I want PHP for some other future project, so the thought of changing blogging software was out of the picture.

I decided to go with a vanilla LAMP stack. And I was excited to use Apache HTTP Server because I’d heard a few things about the newish mod_md module. In this case md means Managed Domains. The module provides the means for automatic Let’s Encrypt certificate management. The other bonus was that the I’d shared a glass of wine with the author, Stefan Eissing, in the past. (Stefan also developed the mod_h2 module, which provides HTTP/2 support in Apache).

Now, unfortunately I somehow got completely side tracked during the setup phase of all of this. Rather than using mod_md I ended up using certbot.

The reason why is because I was very excited about Let’s Encrypt wildcard certificates when they were announced in March 2018. The benefit of certificates with wildcarded subdomains is that I can reuse the same one across the various experiments I have in mind this year, without having to go through a Let’s Encrypt dance. this is especially helpful for other pieces of software that have no automatic capabilibty in-built.

Flicking through the documentation, it states:

If you want to obtain a wildcard certificate using Let’s Encrypt’s new ACMEv2 server, you’ll also need to use one of Certbot’s DNS plugins.

Since I was a Cloudflare customer on this domain, I could use a Certbot plugin – certbot-dns-cloudflare.

All-in-all the Certbot process wasn’t too bad. I have a certificate and private key usable in a few contexts, and Certbot is responsible for updating it every 90 days.

I would have liked to get mod_md working. However, I was also a bit lazy and relied on my distro’s packaged Apache and my familiarity with the more conventional Apache config directives. It would be good to find out if the module supports what I ended up doing.

Was it worth it?

At the most superficial level probably no. I was able to fix broken images but they are pretty pointless anyway.

At a more fundamental level, I’d say the migration was worth it. I have the experimental platform and fine grain control that I wanted, while at the same time providing more robust end-to-end security. Furthermore, the VPS is more performant and has more flexibility to manage scaling. When combined with the capabilities of a CDN, I think this blog has the potential to be a lot more web performance happy. However, WebPageTest marks me down in a few areas, there is still work to do…

SpotifyStatusApplet v1.3 Beta 1

FYI: SpotifyStatusApplet was broken by a Spotify API change made in Q3 2018. This page is provided for archive purposes and the download has been removed. More information is available on the Project Page.

A small update to SpotifyStatusApplet has been released as a beta.

This version fixes a critical issue with newer versions of Spotify that prevent the applet from working. Thanks JeffreyO.

It also adds the (much requested) feature of playback control using the remaining soft keys: 2 – previous, 3 – play/pause toggle, 4 – next. Thanks JeffreyO.

More information is available on the Project Page.


SpotifyStatusApplet v1.2 Beta

FYI: SpotifyStatusApplet was broken by a Spotify API change made in Q3 2018. This page is provided for archive purposes and the download has been removed. More information is available on the Project Page.

A small update to SpotifyStatusApplet has been released as a beta. This version adds the ability to toggle on/off the Field titles (Track, Album and Artist) by pressing “soft key 1″, the first key underneath the LCD on most models.

More information is available on the Project Page.

Ode to IBM Rational Rhapsody

Ode to Rhapsody

to the tune of “Comme d’habitude” / “My Way”

Source: Wikipedia

And now,  the end is here
And so I face, the final codegen
My friend, I’ll say it clear
I state my Use Case, I’ll draw a Lifeline
I’ve declared a class that’s pure
I created each and every dependency
And more, much more than this, I did it in Rhapsody

And now,  the end is here
And so I face, the final codegen
My friend, I’ll say it clear
I state my Use Case, I’ll draw a Lifeline
I’ve declared a class that’s pure
I created each and every dependency
And more, much more than this, I did it in Rhapsody

Branches, I’ve merged a few
But then again, too few to mention
I did what I had to do and saw it through without testing
I planned each charted course, each careful step along the activity
And more, much more than this, I did it in Rhapsody

Yes there were times, I’m sure you’ll mention
When I lost my rag, adding functions
But through it all, there is still doubt
Should it be In, InOut or Out
I chose them all, I felt small, I did it in Rhapsody

I’ve waited, I’ve waited and cried
I’ve had my fill, my share of generating
And now, as tears subside, I find it all so amusing
To think, I did all that
And may I sat, not in an efficient way
Oh no, oh no not me, I did it in Rhapsody

For what is a shared pointer, what has it got
If not newed, then it should be nought
To be the thing it truly feels, must be cast dynamically
The model grows, the model slows, I did it in Rhapsody

Yes, it was Rhapsody

P.S. The etymology of Rhapsody leads us back to Greece; rhaptein ‘to stitch’ + ōidē ‘song, ode’.




Antimatter Poster

During university I produced a poster on the topic of Antimatter as part of a Communicating Science module.

I put this up on the web in 2007 and years on, I am seeing traffic to the site driven by a link contained in a Rutgers assignment concerning Information Design. Unfortunately, across the years the poster image had become unavailable…. until now. While the poster was discoverable via a Google search (finding it hosted without permission on other sites, another story) in order to help out those eager students I will post it here permanently.

Software Metrics and Craftsmanship

Software Development Metrics are a notoriously difficult area, there exists a large allure of quantitative measurements that can be condensed into a top-level dashboard showing progress, plan alignment, effort , costs and so on. However, the unfortunate reality is that the collection and analysis of Software Development Metrics is difficult for a number of factors such as complexity, variance, meaning and gaming of the system. Often it is a difficult case of understanding if we are more interested in the performance of the project (Health) or the performance of the developer (Efficacy).

The effectiveness of metrics themselves will most certainly affect their usefulness and the strength of decisions based on their analysis but it is the potential for gaming of the system that I find most worrying. In the simplest sense, I mean the Human optimization of the reward/penalty system for which the metric provides an input. This coupled with Measurement Inversion begets an environment that can devolve into detrimental, with the focus on low value metrics and developers preoccupied on maximizing their score rather than on the Health of the project.

I feel some of the difficulty with Software Development Metrics comes from the nature of the development activity. Despite attempts at documentation, formalization and rigidity (with various levels of success) much of the development activity can still be quite organic. To be more explicit, the concept of Software Craftsmanship is one that strikes a similar chord to my experiences. This goes as far as an online manifesto and prompts rebuttals of the craftsmanship concept. This seems to be quite a conflicting topic but the way I read things, it is often a matter of perspective with the contributors sometimes advocating the some underlying principles. Perspective and trend also come into the job titles; what are the differences between Software Engineer, Software Developer and Software Programmer?

Following the line of argument, although we could say that developers are not factory workers and that there may be some level of craft to their work, does it rule out metrics? I wouldn’t say so completely but I think the focus showed be more towards the Project Health side of things. A craftsman may prefer to be measured by the quality of the product rather than the volume – and if human nature tends toward gaming of the system, the result will ideally be to improve the quality. Now we just need to agree on Software Quality metrics…

Image courtesy of FreeFoto

UI Navigation – Android

Up vs. Back or in other terms hierarchy vs. chronology is one of the User Experience aspects touched upon in my post UML: Modelling User Interfaces Part 1 – Hierarchy and Navigation. The Android methodology for UI navigation has received some attention over the years and the largest change to date was brought in with the introduction of the Action Bar as part of Android 3.0+.

Pre-3.0, Navigation would occur as a result of widget interaction (forward nav) and the system Back button or user defined Back widget (backward nav). Post-3.0 the Action Bar now offers an Up button in addition to the previous Navigation methods.

The Up button is used to navigate within an app based on the hierarchical relationships between screens. For instance, if screen A displays a list of items, and selecting an item leads to screen B (which presents that item in more detail), then screen B should offer an Up button that returns to screen A.

If a screen is the topmost one in an app (that is, the app’s home), it should not present an Up button.

The introduction of the Action Bar and the Up navigation method is no news, so why am I posting about it now? The Google documentation of Android Navigation goes to some length to describe and clarify the current situation. I feel the information presented there resonates with some of the points made in my post that I shall explore further

Navigating to screens with multiple entry points

Sometimes a screen doesn’t have a strict position within the app’s hierarchy

Indeed! I wish I had been able to capture this point so saliently. The concept of an always available page runs counter the that of a fixed hierarchy and yet it is a very common use case. Following the advice of the Android documentation, back or up should return the user to where they previously came from, in a tree-like hierarchy this could only be achieved by having the page as a child node of every node. This sets some warning flags regarding duplication.

Changing view within a screen

Changing view options for a screen does not change the behavior of Up or Back: the screen is still in the same place within the app’s hierarchy, and no new navigation history is created.

Obvious? This can be treated as an internal state change. Some actions are clearly an internal change but are they all, this is very much a UX issue and the actions/outcomes should match the user expectations. The decision as to whether to keep the behavior internal or cause a navigational transition is debatable and often an area for user feedback and iteration. One approach would be to look at this from a function/non-functional change perspective – does the action cause a change to the current function or user sequence?

Navigating between sibling screens

When your app supports navigation from a list of items to a detail view of one of those items, it’s often desirable to support direction navigation from that item to another one which precedes or follows it in the list.

This is personally the most interesting point of the article, the concept that navigation between siblings is neither a hierarchical or chronological navigation action. On first site this may be difficult to articulate to a user, designer or implementer, however, in real term usage there are many straight forward use cases e.g. viewing multiple photographs one-by-one in an image gallery, or selecting between songs in a music player.  The Android article does highlight where the alternative approach is used and it is a legitimate case. The selection of implementation is therefore quite tricky and should be done to best provide affordance to the user.

Looking at this from a tree-like hierarchy perspective, the notion of sibling-to-sibling node navigation (and the notion that Up or Back should operate independently of the nodes) is something that breaks the rules.

Sibling Navigation

Summary

Hierarchy Navigation on the Android platform was enhanced with the introduction of the Up button in version 3.0. Android documentation provides guidance and clarification on the UI in order to provide the best UX. The documentation provides several examples that resonate with concepts raised in my earlier posts. The main theme of these is that a strict, rigid Hierarchy is not rich enough to articulate the nuances of everyday device and app usage, not convoluted applications but intuitive ones. From the perspective of a tree-like hierarchy, several elements bend or even break fundamental rules and pose the question “Is the Tree fuzzy enough to accommodate me comfortably?”

UML: Aside – Completeness vs Clarity and other CvCs

One of the recurring issues I have experienced with UML, or more generally Model Driven Design is the continual struggle between definition and interpretation. One of the tenants of UML is to abstract upwards towards a level that avoids implementation specifics. However, this introduces the potential for a need of a “Leap of Faith”, something that was discussed my post UML: Modelling User Interfaces Part 1.

In tools that allow a complete forward driven Modelling approach (by this I mean where the model generates code for implementation) the gap between abstraction and implementation must be bridged, generally by propriety extensions, properties or mechanisms. Ignoring some of the practical issues, this seems to work counter to the benefit of the abstraction in the first place, putting a larger burden on the Modeller. However, a counter argument is that these additional decorators offer and capture the bridging formally and explicitly; this could be view as beneficial in comparison to implicit knowledge held withing a group. Whether the Model is the best place to document such information is a topic for another day.

Continue reading “UML: Aside – Completeness vs Clarity and other CvCs”

Android Resource and the Eclipse switch Quick Fix

In the process of updating and refactoring an old Android project I unwittingly changed a Project configuration option (the “Is Library” option) that lead to my resource file being generated differently. E.g

Before

public final class R {
public static final class id {
public static final int button1=0x7f090001;
public static final int button2=0x7f090002;
public static final int button3=0x7f090003;
}
}

After

public final class R {
public static final class id {
public static int button1=0x7f090001;
public static int button2=0x7f090002;
public static int button3=0x7f090003;
}
}

A subtle change indeed but one that caused the following compiler error for each line

case expressions must be constant expressions

Continue reading “Android Resource and the Eclipse switch Quick Fix”