CR Linefeed

Thursday, October 13, 2005

How to break the National Identity Register

I've just been at a public meeting of the Oxford branch of NO2ID, where a couple of MPs spoke about why they are opposed to the legislation. Before the event began a bunch of us in the office were having a database related discussion on the National Identity Register (NIR). We came up with ways to break the Register:
  • Change your name to add some funny characters like a single quote or question mark,
or best of all:
  • Turn your name into a SQL Injection Attack. I'll let you know when I've changed my name to '; DROP TABLE REGISTER;

Wednesday, October 05, 2005

Thoughts from JAOO

So, I've finally got round to blogging about my trip to JAOO in Denmark. I've already posted something on my official work blog about the surprising lack of non-Danes at the conference. Looking back on it, I think the most interesting talk was by Jaron Lanier on Phenotropic Computing (see this interview for more). His basic thesis is that protocols are bad, because they don't degrade nicely. As a program gets larger and larger these problems build up until the whole thing falls apart. The solution? Use something like pattern recognition for components to talk to one another. It wasn't something you could take back to the office and use straight away, but it certainly was something to get you thinking.

On a more practical level, the introductory talk by Martin Fowler on Domain Specific Languages was very good. He managed to get a good deal more interesting material into the short, half hour slot he was given than certain other speakers delivered in an hour. The point that I found particularly interesting was that he pointed out that all programming is using domain specific languages (DSLs) to one degree or other. As soon as you start using an API, that is in effect a DSL. The real difference is the programmers attitude rather than anything else.

I think the biggest disappointment was Ivar Jacobson's keynote speech. I didn't really 'get' it and I wasn't the only one. Another of the speakers characterised it as 'basically nonsense'. He seems to be reacting to the fact that people have difficulty using the Unified Process not by thinking 'Hmmm, perhaps this is too complicated', but by trying to create some kind of intelligent agent to guide your development. This sounds like 'Clippy' from Microsoft Word to me - I'd rather pair program with a person than an animated paperclip, thanks!

(By the way, if you're looking for somewhere to eat in Aarhus close to the Scandinavian Center and the Concert Hall (Musikhuset), I'd recommend the Raadhuus Kafeen (ugly website:, right opposite the City Hall. I'm no expert, but this seems to me to be an old fashioned Danish restaurant. It wasn't too busy even on a Friday night, the food was good and the portions were enormous. I just hope they're still in business if I get to go to JAOO 2006...)