Assume for a moment that you’re watching a sports match involving a ball on a flat monitor, not in person. The monitor probably contains a million pixels, and the ball is represented by, say, a thousand pixels. In most sports, we’re concerned with the position of the ball at a given time. For your brain to follow what’s going on, you need to follow the position of the ball on the playing field. You do this naturally, without even thinking about it. Behind the scene, you’re converting the million pixels on the monitor into a three-dimensional image showing the ball’s position on the playing field, in real time. You’ve reduced the data from one million dimensions to three.
—
Peter Harrington, Machine Learning in Action
A great description of dimensionality reduction.
Changing of the Guard: From MacBook Pro to System 76 Gazelle Professional
Today I received my new work machine: A Gazelle Professional laptop created by System 76. This system marks a big change in how I do software development for a number of reasons. It replaces my existing Core2Duo based MacBook Pro with an Ivy Bridge based i7, and it marks my professional transition from Mac OS X to Ubuntu. A number of factors influenced me to move to Ubuntu, but my primary considerations were the need for greater similarity between my development environment and my software applications production environment (also Ubuntu), and my growing disillusionment with Apple’s emphasis on proprietary, closed-source, un-upgradable technology.
System 76
Dell’s XPS-based Sputnik project initially seemed like a promising way to move to Ubuntu. The selected XPS system unfortunately proved to be a little under-whelming, since it only included 4 GB of RAM, which was not upgradeable.
Other alternatives, like Lenovo, seemed likely to work well with Ubuntu, but after spending hours of frustration trying to get Ubuntu working on a Dell Vostro and generic HP notbook a few years back (windows only trackpad drivers?), and bad experiences returning mail-order systems (Dell shipping me 2 systems with bad LCDs out of the box), I knew that I couldn’t afford the time and heartburn required to wrestle Ubuntu onto incompatible hardware.
Since System 76 is all about Ubuntu compatible systems, and since they offer hardware that is modern and user-upgradeable this didn’t seem like it would be an issue. I had another trequirement however: fast,
full-disk encryption (FDE). Many projects I work on operate in an environment that falls under
HIPAA regulations, which require protected health information (PHI) to be encrypted at every point possible. Since I may come into contact with PHI I need FDE, but my daily software chores are IO intensive (running tests which thrash the database, building libraries), so I was concerned about the performance impact of running FDE using a software solution like
TrueCrypt, and also concerned about installation hassles.
Intel 520 Full-Disk Encryption
It turned out System 76 laptops optionally ship with an Intel 520 solid-state drive. The Intel 520 has FIPS-197 compliant AES-128 encryption baked into the drive controller, which operates transparently and with no (apparent) performance impact. While I would have preferred a sub-15 inch form factor,
I discovered that the Gazelle Professional was the only option that included the BIOS settings necessary for it to operate as of October 2012.
Purchase
After evaluating a few different options, including a new 15’ MacBook Pro with Filevault 2, and a few months of hand-wringing, I eventually pulled the trigger and purchased a Gazelle. I chose to bump up the stock i7 processor to the 2.6ghz i7-3720QM variant, add 4 Gb of RAM so it would have a total of 8GB, and swap out the default 500 GB drive with the Intel 520. After consulting with the sales reps at System 76, I also added on the matte-screen to hopefully reduce glare.
Un-Boxing and Configuring the Gazelle
9 days later, the system arrived on my doorstep, amazingly enough in perfect condition.
The packaging is very functional, and entirely fails to live up to Apple’s package design wizardry. Since I generally send the box straight to recycling / landfill, I’m not disappointed.
System 76 did provide a nice little “thank you for buying” message, which confirms that they are a small company, and still interested in making a good impression on their customers.
The system also came with two NVidia inside stickers…which was an exciting prospect since I had expected only the stock Intel 4000 display device. This turned out to be totally in-accurate, no NVidia inside, only the Intel 4000. The stickers were a surprising over-site, since System 76 sales people told me they had no laptops with dedicated GPUs, its rather mysterious as to how they ended up there at all.
Plug-in and power on all went as expected (it turned on). The boot-up speed was incredible: I pressed the power button, saw the BIOS screen, took a sip of coffee…and it was waiting for me to enter my timezone. I estimate 5 seconds? I can safely say its fast enough.
Plug-in and power on all went as expected (it turned on). The boot-up speed was incredible: I pressed the power button, saw the BIOS screen, took a sip of coffee…and it was waiting for me to enter my timezone. I estimate 5 seconds? I can safely say its fast enough.
The matte finish on the display worked as advertised. It functioned well in a high-glare, broad-daylight environment, and seems to beat out out my elderly MacBook in terms of subjective view-ability at all angles.
Setup took around 10 minutes, including time spent doing software updates. As pleasant a process as configuring a new OS install can be, possibly with a few more steps than a Mac. Nothing onerous, no required Apple ID or Windows ID.
All the hardware: display, keyboard, trackpad, wireless, bluetooth worked out of the box as expected. System76 installs their own driver package, which apparently handles all of this quite well.
Configuring Intel 520 Full-Disk Encryption
I did, however, run into problems setting up encryption on the Intel 520. There was no indication in the BIOS that I could set a drive password, which is required to enable Intel 520 FDE. After a few futile Google attempts, I contacted System 76 support, and got an answer from the support staff within around 45 minutes.
The solution was to update the BIOS firmware, which was a little complicated in that it required 2 USB keys. One key was imaged with FreeDOS, the other with FAT32 and the BIOS drivers. After power-cycling, selecting the FreeDOS USB as the boot device, and then switching to the other USB key and running the flash update batch file, it worked, however. The BIOS now presented me with several new options, which allowed me to set a drive password.
It’s not clear why the stock system does not have this enabled in the BIOS, from what I can tell the version of the BIOS did not change after flashing. I assume the build techs could handle this for you at order time if requested. Unfortunately this wasn’t the turn-key process I hoped for, hopefully System 76’s process will improve as in-drive FDE becomes more common. Support was fast, accurate, and did not require the multiple hour long phone calls, transfers, and support escalations that Dell and other larger vendors force you through.
Benchmarking
The system racks up impressive
Geekbench scores, comparing very favorably with mac systems costing $1000 more.
Conclusion
After several hours of use, and time spent typing up this blog post, the system is working well so far. The transition from my MacBook Pro has been seamless in terms of ergonomics, the keyboard is roughly analogous (a few more keys), and the form-factor is basically the same (slightly large view area, about 0.25 inch greater width). Like the MacBook pro, it’s uncomfortably warm, but in the keypad area, instead of on the bottom. I find the track-pad somewhat inferior to the MacBook, in that the sensitivity can’t be adjusted (the GUI slider was by default set all the way to minimum, changing has no affect), but perfectly usable. It is even larger than the old, pre-unibody MacBook Pro, but approximately the same weight.
All-in-all, the sales experience, support and the Gazelle itself have all been solid. I’m looking forward to setting up my development environment and seeing how the Gazelle performs.
Seeking Closure (Review: Clojure in Action)
I’m sure the “Seeking Closure” joke is thoroughly worn out it the community, but I couldn’t help myself.
Clojure is an interesting new(ish) programming language based on a strange brew of syntax that merges the AI-centric Lisp family with the enterprise-oriented Java language family, while mixing in exotic features like software transactional memory, immutability and an actor model of concurrency somewhat similar to Erlang. Below is a review of Clojure in Action (cross-posted to Amazon), a book by Amit Rathore published in 2011 that aims to introduce new users to the language.
It’s fair to say Clojure in Action has gotten me farther down the road towards being able to understand and use functional programming for real projects that any other book I’ve read on the subject, including other introductory books like Programming Erlang and Real World Haskell. It begins with one of the best explanations of the Lisp family and the theory behind functional programming I have read, and does a great job of introducing the fundamentals of the Clojure language.
The book strives to teach concepts from the ground up, which is it’s biggest strength and weakness. Instead of explaining how you use Clojure to create programs, it also fills you in on the background behind the why of Clojure, delving into concepts like abstract-syntax-trees, polymorphic inheritance, and software transactional memory in depth. This is in sharp contrast to other “in Action” titles by Manning like “Rails in Action”, which starts and ends with doing, and layers theory on as necessary.
Amit does an admirable job of covering these difficult topics in the first part of the book which he calls “Getting Started”. After discussing syntax and key concepts, the second part, “Getting Real” tries to bridge the divide between theory and practice by walking through TDD and common application implementations.
“Getting Real” is definitely the weaker of the two halves. It feels like Amit bites off more than he can chew by blasting through concepts like data storage, messaging and DSLs. For someone new to functional programming languages, this at times felt like drinking from a fire hose. Because so much ground is covered so quickly, I was left floundering. The book also glosses over the layout of the Clojure architecture itself, which leads to trouble when following along with examples. For example, the author seems to assume you know there’s always a “src” directory and that’s where the sample code goes, and are familiar enough with Java to work through issues related to requiring files and classpaths.
The book does not do an adequate job covering tools like lein, which greatly simplify tasks like setting up testing environments, the REPL, etc. I think the ground-up approach is laudable, but building a real-world application at scale requires some sort of framework and set of guiding principles, and CiA fails to provide this kind of guidance. Apparently lein and other tools were not heavily used in 2011 when the book was released, and so this is an understandable omission. I think a second edition would with this information would be great.
The good:
- An excellent explanation of functional programming concepts
- A good introduction to Clojure syntax and common functions
The bad:
- Too much detail, too fast
- Does not cover Clojure structure or programming tools like Lein in depth
- The author succumbs to the annoying language cheerleader role early adopters always seem to fall into. For example he says on page 6: “Clojure is an extremely simple language to learn; from a syntax point of view, there’s nearly nothing to it.” This is followed by 150 pages of syntax description, and another 200 pages of implementation examples, which stretches a reasonable definition of the concept of simple.
Other examples of wide-eyed optimism like “We’ll write own little web framework to demonstrate how easy and straightforward Clojure is.” and “Clojure makes the complicated task of writing multi-threaded programs that work correctly downright easy.” are sprinkled liberally throughout the book. Learning a new language and a new programming paradigm is a marathon, and it’s hard (albeit enjoyable) work, and telling me polymorphic multi-methods are easy doesn’t make them easy, any more than telling me mile 20 is easy magically gets me to mile 26.
Cheer-leading aside, Clojure in Action is an excellent, if at times frustrating, introduction to the language and functional programming.
The verdict:4 out of 5 stars
A truly terrible way to prevent SQL injection
During a code review, I came across the following jewel embedded in an HTML form.
Some thoughts on why this is bad:
- An attacker could disable Javascript and submit the form directly to dump the contents of the database
- Or if an attacker was incredibly bored, they could play along and figure out a new way to say “select * from table_name”…”selecT *” anyone?
- Users are prevented from entering a comment with the word “select”! So “I would like to select a new pair of shoes” triggers an alert. (double face-palm)
Another laughable element here is that the alert also reminds the user what words not to type, and gives them a heads-up that someone might not want people to insert comments with SQL.
The one benefit of this code is it was created “cheaply” in terms of up-front dollars paid to the developer to create it. Of course, the cost of having the database dumped, sold and posted online would probably reduce the TCO considerably.
“Think of it like this: What’s the cost to prevent a bug? If it takes you 1,000 lines of validation testing to catch the one time Bob accidentally removed the validates_presence_of :name declaration, was it worth it? Of course not (yes, yes, if you were working on an airport control system for launching rockets to Mars and the rockets would hit the White House if they weren’t scheduled with a name, you can test it—but you aren’t, so forget it).”
Installing pre-requisites for successful Ruby install on Ubuntu via RVM
Since I am constantly forgetting to do this before compilation, I thought I would post about it in case it benefits others.
$ gem install rake
ERROR: Loading command: install (LoadError)
cannot load such file — zlib
Installing rvm and ruby requires various per-requisites, namely development libraries ruby builds against during compilation. The RVM site leads you towards installation via RVM package, which introduces a whole other set of sources. A better solution is installing the appropriate native packages beforehand.
See also:
http://stackoverflow.com/questions/2441248/rvm-ruby-1-9-1-install-cant-locate-zlib-but-its-runtime-and-dev-library-are-the
