OAuth

If you don’t understand your software, it can never be secure. This is because if there are things you don’t understand in your code, you are destined to misconfigure it, or use it erroneously, opening up your solution to crackers.

OAuth was created to authorise an application to act as an agent on behalf of you within the space of another application. This is known as authorisation. Later authentication was added to it as an afterthought, rendering it ridiculously difficult to understand and configure correctly. To further the insult, it was implemented as a bastardised combination of OAuth and OpenID.

Normally I am all in favour of Open Standards, because they allow us to collaborate with each other, based upon mutual agreements, facilitating for a common platform of understanding each other. However, with OAuth I’ll make an exception, and I’ll publicly state that you shouldn’t use it. It’s simply too complex, has too many moving parts, and is ridiculously difficult to implement correctly. No reasons to use a lunar landing vehicle, when a bike will suffice.

Use JWT for authentication and authorisation please!

Code

Conceptually code is of little difference from English written text, or Norwegian for that matter. It is the ability to use logic, to attempt at trying to make something else do what you want it to do, through the means of communication. With English of course, the intended recipient of your communication is (hopefully) a human being. With code, the intended recipient is a computer. But that’s really the greatest difference between the two concepts.

If the goal is to make your computer do what you want it to do though, why make this difficult through arcane instructions, and difficult to understand programming sequences, unless you have to? Why not create higher abstractions?

Communication between humans have several layers. You can speak, you can write, you can sing, and you can create subtle messages through using symbols and imagery – Intended to convey some sort of deeper meaning and influence the recipient of your message. The same is true for communication between a human being and a computer.

Code is not the only way to make a computer do what you want it to do. Have some creativity as you create your systems please.

YALOA

YALOA implies Yet Another Layer Of Abstraction, and the idea is that you can often solve your problems by providing another abstraction layer, allowing you to solve whatever problem is currently at your hand. In many ways, it’s the core idea of dependency injection and IoC containers. If you separate your implementations from the places that use your logic through interfaces, and combine this with an IoC container, you can always exchange the class implementing your logic, with minimum changes to your project. Hence, there is a common agreement in the software development industry, that YALOA is something you should always strive for.

YALOA is actually the main feature of Hyperlambda, since it ensures that you always have another layer of abstraction between your interface and your implementation. For instance, the HTTP REST endpoints the crudifier creates, doesn’t contain any compiled code references at all. This allows you to intersect your existing Hyperlambda code, by simply editing a text file, and/or completely exchange its current implementation. This is only possible due to that Hyperlambda slots, are simply references to C# classes and methods. In such a way, Hyperlambda becomes basically a dynamic IoC container, allowing you to orchestrate your C# code together dynamically. Watch the video below to understand this relationship.

Hyperlambda as a never ending YALOA

Executing 432 million scheduled background jobs per day

We just created a performance test of the Magic Scheduler, and although it’s using a version of Magic that is not yet released, the numbers were impressive to say the least.

We were able to use Hyperlambda to create and execute 4.000 scheduled background tasks, and wrap everything up in roughly 2 seconds, on a 5 year old MacBook Air.

Afterwards we only created the jobs, as fire and forget jobs, for then to execute them, and wait for all jobs to finish. Our results gave us a throughput number of roughly 5.000 jobs per second.

Of course, what your job actually does is important, and our jobs were pretty empty to be honest with you, simply performing an interlocked increment of a shared integer value – But this tells us something about the throughput of the Magic Scheduler, which obviously is pretty amazing compared to other similar tools. Watch how we tested below.

Throughput of 432 million scheduled jobs per day

You can find the code below. First the C# code.

using System.Threading;
using magic.node;
using magic.node.extensions;
using magic.signals.contracts;

namespace magic.lambda.slots
{
    [Slot(Name = "test.reset-job-count")]
    public class JobCount : ISlot
    {
        internal static int _count;
        internal static ManualResetEvent _waiter;
        internal static int _maxJobs;
        public void Signal(ISignaler signaler, Node input)
        {
            _count = 0;
            _waiter?.Dispose();
            _waiter = new ManualResetEvent(false);
            _maxJobs = input.GetEx<int>();
        }
    }

    [Slot(Name = "test.increase-job-count")]
    public class IncreaseJobCount : ISlot
    {
        public void Signal(ISignaler signaler, Node input)
        {
            if (Interlocked.Increment(ref JobCount._count) >= JobCount._maxJobs)
                JobCount._waiter.Set();
        }
    }

    [Slot(Name = "test.wait-for-jobs")]
    public class WaitForJobs : ISlot
    {
        public void Signal(ISignaler signaler, Node input)
        {
            JobCount._waiter.WaitOne();
        }
    }
}

Then you can find our Hyperlambda code file below.

/*
 * How many jobs we want to create.
 */
.max:int:4000

/*
 * Resetting job count.
 */
test.reset-job-count:x:@.max

/*
 * Creating a bunch of jobs.
 */
.no:int:0
while
   lt
      get-value:x:@.no
      get-value:x:@.max
   .lambda

      /*
       * Creating a unique name for each job,
       * and creating our job afterwards.
       */
      strings.concat
         .:some-task-
         get-value:x:@.no
      scheduler.tasks.create:x:@strings.concat
         immediate
         persisted:bool:false
         .lambda
            test.increase-job-count

      /*
       * Incrementing job count.
       */
      set-value:x:@.no
         math.increment:x:@.no

/*
 * Waiting for all jobs to finish.
 */
test.wait-for-jobs

I want to emphasise, that this test was conducted with a branch of Magic that has not yet been release. But the above features will be released in the 5.5.6 version of Magic, coming up in a couple of days.

Even without that amount of throughput, Magic is still pretty awesome. Feel free to download it here.

Introducing Magic Scheduler

In the video below, you can see a demonstration of our latest feature, which allows you to schedule your code, to be executed some time in the future.

Scheduling your C# method for next Thursday

Some of its more interesting traits, is that it allows you to 100% dynamically declare your tasks through Hyperlambda – Which of course in itself is a DSL. This allows you to create fairly advanced tasks without even having to recompile or restart your Web APP.

Download Magic by clicking the download link at the top of this page.

Black Friday Magic sale

What would Black Friday be without a little bit of White Magic to scare away the demons? We at Server Gardens thought so too, so we decided to knock off 60% of the normal price we charge for a Magic License, and sell a license for only €195 instead of our usual price of €495.

However, this offer will expire when Black Friday is over, so if you want to buy licenses for Magic, you should probably get your VISA card ready, and head over to our licensing page ASAP!

For this Black Friday we also have something special up our sleeves for you, besides the usual Magic Show. So it’s not only 60% off on its usual price tag, but there are brand new features too 🙂

Options

If presented with a binary option, most human beings will feel obliged to choosing one of the specified alternatives. This is simply human behavior, and probably originated somewhere deep in our early evolutionary days, as a part of our need to belong to a group, having cognitive resonance with the rest of the herd – Resulting in being given protection from the rest of the group, due to a commonly shared cultural belief system, creating unity within the group as a whole.

No human being was ever successful within the safety boundaries of a herd however. If you ask Einstein what his most brilliant strike of genius was for instance, he’d probably answer “being in disagreement with the rest of the world.” This is simply the nature of innovation. Henry Ford famously said “if I had given people what they wanted, I would have created faster horses.” – And so on …

A brilliant NLP friend of mine taught me the definition of a leading question once, which is a question where regardless of what answer you’re giving, you’ll end up criminalizing yourself. His particular example was as follows: “Is it long ago since you stopped beating your wife?” If you answer yes, you admit having beaten her previously. If you answer no, you also admit having beaten her previously. With such questions, realizing any answer or option becomes futile is easy, and most will choose to utter something outside of the binary options presented. With other more subtle binary options, it’s not always that easy, such as for instance “will you vote for the Democrats or the Republicans this year?” Even the once telling you they don’t know, will probably choose one of these two (binary) options. They simply don’t know which at the moment, and reserve the right to make up their minds later.

However, intrinsically in all binary options, exists also the option to not choose anything – Sometimes also everything, and always something completely different.

Be the Einstein my friend!

Turning down half of Nasdaq

As I had my lunch today, I realized I have now turned down literally 50% of all Nasdaq top 10 companies that exists in the world. My first was Microsoft, who wanted me to work as their chief evangelist and researched for their Norwegian department in 2003. A position Rune Zakariassen later was given, and did an excellent job in too may I add. I wish I had some sort of moral reason for turning down MSFT, but it was simply that I didn’t want to commute between Oslo and Porsgrunn at the time. Later I did some work for them through their MSDN Magazine, so I guess I kind of ended up working (some) for them in the end anyway.

My second was VMWare. VMWare wanted me to move to the US, which in itself was enough for me to reject them at the time. 2 years later, I actually moved to the US, which arguably illustrates I am not completely free from hypocrisy myself I guess. However, yes, I turned down VMWare in approximately 2005/2006, because I didn’t want to move from my children in Norway to the US to work for them there. At the time, VMWare was huge, and featured explosive growth.

The third company I said no to was Motorola. They wanted me to be one of 7 core architects for their largest software development initiative throughout their history. They had 3-4 job interviews with me, and kept on calling me for more than a month, and they kept on trying to convince me to work for them, telling me “how I’d have 250 developers beneath me as a part of my team”. However, the project Motorola wanted me to work on was a project I had absolutely no faith in what so ever. In addition, they’re one of the largest suppliers to the US Military of all sorts of different equipment, and since I have roughly the same relationship to the US Military as I have to the Gestapo and the SS, I “politely declined” their offer. To be honest with you, I think I’d rather eat my left arm for supper, before I accept a job that involves helping the American armed troops do anything, besides from going home of course.

The 4th company I turned down, was Amazon. To be fair, I choked on the recruiting process, even before I bothered to take their online test. My reasons for declining is adequately summed up in this article.

To avoid confusion though, I am writing this article now, such that I can lead other head hunters at it later, once I am offered a job I don’t want for some reasons. First of all, I do not want to work for companies that are in any ways facilitating for the creation of Artificial Intelligence, and use of such AI in military units, to create autonomous killing machines. I also do not want to work for governments, at any level, if these governments have a military presence outside of the borders of their own countries, without being sanctioned by the United Nations Security Council. I do not want to work for organisations or companies that are helping and/or collaborating with neither American intelligence services, Russian intelligence services, Chinese intelligence services or North Korean intelligence services – Mostly due to the same arguments and moral objections too may I add.

Now if you’ve read this far, and think you still have something of interest to me, feel free to use the form below to contact me 😉

Thank you, but no thank you Amazon

I just had an email from some recruiter at Amazon. He wanted me to work for Amazon in Madrid in Spain. I love to travel, I love Spain, and my friend Marco adequately explain it as follows: “You start travelling, it’s like some sort of disease. You can’t stop! It’s like a drug.”

In such a regard, I am an addict, addicted to travelling, so naturally Amazon’s offer made me enthused. Of course, the fact that they’d probably multiply my current salary somewhere between 5-10 times, also helped for my motivation. Madrid’s also a big city, with bright lights, interesting history, and probably all the coolest clubs in Europe for all I know. However, I turned them down. In fact to be specific, this is how I turn them down, because I haven’t turned them down yet, but I’ll send the recruiter a link to this article, in an attempt at trying to explain why I turn them down.

First of all the crime rate in Madrid is 90% higher than the national average. In fact, you’re safer in 95% of American cities than you’re in Madrid. Don’t get me wrong, I am used to living in crime infested cities, ranging from Natal in Brazil and Los Angeles in the US, to Oslo in Norway, so this doesn’t scare me that much, but it becomes exhausting after a while.

Secondly, Madrid is 357 kilometers from the sea, which basically implies that taking a swim in the ocean, requires me to ask for a week of vacation – It might as well have been situated in the Mongolian desert to be honest with you. Big turn off for me personally.

However, third and most importantly, Amazon just sued Microsoft because they lost a contract for building AI weaponry for the American Military. From a personal ethical and moral point of view, they might as well have had a dedicated department for killing kittens and puppies, without this being a larger turn off for me personally. Sure, they didn’t get the contract, and I would probably not end up working in that department – But I could probably also find some job as a bureaucrat in the Nazi Party somewhere, which didn’t imply herding Jews into the gas chambers too, if I only looked hard enough.

Besides, what would become of Magic if I started working for Amazon …? 😉

Sorry Amazon, I am deeply grateful for you considering me, and I consider it a personal honor to be invited to Madrid to work for you, but I have to politely decline your offer. Feel free to forward my apology to Jeff.

Have a nice day,

Thomas Hansen

Scheduling your C# method for next Thursday

Yesterday we released a new version of Magic. One of its most important features is the ability to schedule execution of C# methods, either repeatedly, or to be executed once in the future.

This feature of course, ties well into the automation philosophy of Magic. Automation for us, is the single largest unused resource for software development – Especially considering how difficult it is to hire good developers. By automating as much as possible, you reduce your requirements for developers.

This feature is in BETA state though still, so don’t go too berserk, and deploy it to super sensitive production environments just yet.