Sunday, October 28, 2012

SSH Module Installation on Strawberry Perl

Strawberry Perl doesn't come with SSH modules pre-installed. Here is how to insall
C:\>perl -MCPAN -e shell
cpan shell -- CPAN exploration and modules installation (v1.9304)
ReadLine support enabled
cpan> install Net::SSH
Fetching with LWP:
LWP failed with code[500] message[Can't connect to (connect: timeout)]
As a last ressort we now switch to the external ftp command 'C:\WINDOWS\system32\ftp.EXE'
to get 'C:\strawberry\cpan\sources\authors\01mailrc.txt.gz.tmp3104'.
Doing so often leads to problems that are hard to diagnose.
If you're victim of such problems, please consider unsetting the ftp
config variable with
o conf ftp ""
o conf commit
I would like to connect to one of the following sites to get 'authors/01mailrc.txt.gz':
Is it OK to try to connect to the Internet? [yes] yes
Fetching with LWP:
LWP failed with code[500] message[Can't connect to (connect: timeout)]
Fetching with LWP:
Fetching with LWP:
LWP failed with code[500] message[Can't connect to (connect: timeout)]
Fetching with LWP:
LWP failed with code[500] message[Can't connect to (connect: timeout)]
Fetching with LWP:
LWP failed with code[500] message[Can't connect to (connect: timeout)]
Fetching with LWP:
Fetching with LWP:
LWP failed with code[500] message[Can't connect to (connect: timeout)]
Fetching with LWP:
LWP failed with code[500] message[Can't connect to (connect: timeout)]
Fetching with LWP:
LWP failed with code[500] message[Can't connect to (connect: timeout)]
Fetching with LWP:
Creating database file ...
Gathering information from index files ...
Populating database tables ...
Running install for module 'Net::SSH'
Running make for I/IV/IVAN/Net-SSH-0.09.tar.gz
Fetching with LWP:
LWP failed with code[500] message[Can't connect to (connect: timeout)]
Fetching with LWP:
LWP failed with code[500] message[Can't connect to (connect: timeout)]
Fetching with LWP:
LWP failed with code[500] message[Can't connect to (connect: timeout)]
Fetching with LWP:
Fetching with LWP:
Checksum for C:\strawberry\cpan\sources\authors\id\I\IV\IVAN\Net-SSH-0.09.tar.gz ok
Scanning cache C:\strawberry\cpan\build for sizes
DONE Going to build I/IV/IVAN/Net-SSH-0.09.tar.gz
Checking if your kit is complete...
Looks good
Writing Makefile for Net::SSH
cp blib\lib\Net\
C:\strawberry\c\bin\dmake.EXE -- OK
Running make test
C:\strawberry\perl\bin\perl.exe "-Iblib\lib" "-Iblib\arch"
ok 1
C:\strawberry\c\bin\dmake.EXE test -- OK
Running make install
Prepending C:\strawberry\cpan\build\Net-SSH-0.09-cQfbZo/blib/arch C:\strawberry\cpan\build\Net-SSH-0
.09-cQfbZo/blib/lib to PERL5LIB for 'install'
Installing C:\strawberry\perl\site\lib\Net\
Appending installation info to C:\strawberry\perl\lib/perllocal.pod
C:\strawberry\c\bin\dmake.EXE install UNINST=1 -- OK

Monday, October 22, 2012

Identify a “Big Ball of Mud” in Software

“A Big Ball of Mud is a haphazardly structured, sprawling, sloppy, duct-tape-and-baling-wire, spaghetti-code jungle. These systems show unmistakable signs of unregulated growth, and repeated, expedient repair. Information is shared promiscuously among distant elements of the system, often to the point where nearly all the important information becomes global or duplicated. The overall structure of the system may never have been well defined. If it was, it may have eroded beyond recognition. Programmers with a shred of architectural sensibility shun these quagmires. Only those who are unconcerned about architecture, and, perhaps, are comfortable with the inertia of the day-to-day chore of patching the holes in these failing dikes, are content to work on such systems.”
—Brian Foote and Joseph Yoder, Big Ball of Mud. Fourth Conference on Patterns Languages of Programs (PLoP '97/EuroPLoP '97) Monticello, Illinois, September 1997
  In a development team, people are focused day to day to complete enhancements and/or new tickets. Generally the initial work of setting up the architecture is long over. The understanding of the structures set up and shortcuts thereafter due to exception requirements and a need to deliver ‘yesterday’ usually end up as residue and new dependencies in the code. After a while it is easy to identify codebases that are deemed unfit for consumption.

How do you know if the codebase you’re dealing with is Spaghetti ?
If you’re reviewing new code – well that is simple: as you’re reading the code it makes you proud of the team or person that contributed to it.

There are a lot of other measures: Cyclomatic Complexity, N-Path metrics, dependency mapping, Unused code etc. It is mathematically impossible to determine all unused code via static analysis, however it can provide useful results. A runtime comprehensive usage metrics determination is difficult, depending on the complexity and data needs – it can be nearly impossible to detect unused code. At work, I am working on a strategy that is going to take a million plus lines of code and begin a “cleanup” project. Lining up spaghetti in a big bowl of mud will be challenging. I will post strategies I employ, tactics I use, the tools that prove useful, and the technologies that help in the coming month.

Monday, October 15, 2012

COTS versus FOSS

COTS, FOSS or FOSS+Support. Which one should you choose.

The answer: it depends. (Surprise)

Just because various software vendors don't invest in cross-platform software development doesn't mean you can't migrate to a new platform. COTS doesn't necessary mean vendor-locking, FOSS doesn't necessarily mean vendor independence and open standards.

This is the nature of competition between Free Open Source Software (FOSS) initiatives and established Commercial Off-The Shelf (COTS) Software manufacturers. Executives are faced with immeasurable intangibles and difficult decisions for IT investment. There are many ways to crack the puzzle.  Here are 5 important things to ask yourself:

Ease of Integration: Open Standards - do you need the solution to be flexible and have ease of integration?
Flexibility and extension: Do you predict a need to extend internal components or extend the core product?
Supportability - do you have internal IT operations that need to support the solution ? Do you have skills in-house to support and diagnose?
Cost - does it make sense to buy a product versus the support costs of FOSS?

These are a few factors that need to be evaluated. Solution architecture evaluations require a deep dive into specifics. ATAM(tm) is a framework for architecture evaluations that I have used, I plan to get certified and use it officially in engagements in the future.  It is a valuable guide to generate a Utility Tree and evaluate Quality Attributes. More to come ....

Sunday, October 14, 2012

Alignment, Motivation, Change & Commitment

If you have a large new strategic initiative, how do you get buy-in, commitment, alignment, motivation and change management communicated. According to research led by Jim Collins in his book “Good to Great”. You don’t.

In a large company like Kroger, the Level 5 CEO did not spend too much time to align 50,000 employees to the new strategy.
Level 5 leaders simply don’t worry about that upfront, rather they depend on turning, what Collins calls the “Flywheel”: let the flywheel do the ‘talking’. Executing and then repeating success of a strategy and communicating that allows people to extrapolate – people want to be part of a winning team.
Alignment, motivation, change and commitment takes care of itself. In my professional life, I have seen that happen – your strategy becomes everyone’s strategy! Everyone takes ownership and enjoy a shared success. It is possible, I have been part of it and recognize the ‘chemistry’.

Saturday, October 13, 2012

Intellectual Property: Current Trends and Issues in I.T.


Open source software, out-sourcing software development and contract programmers pose intellectual property theft exposure for companies today.

More brick-and-mortar corporations are investing heavily in I.T. In-house software development teams come with additional responsibility and risk for the leaders. As more and more software products use component-based technologies there is an increased chance of using open-source products without understanding their licenses.

Consultants and contract workers are hired for software development projects in addition to permanent employees to reduce time to market. Software development work is outsourced to other countries to cut I.T. spending. All these strategies have once common negative aspect – violation of intellectual property rights and subsequent legal action.

In this paper, I explore these three strategies in brief detail and determine the risk and exposure relative to intellectual property violations.

Intellectual Property Issues in the I.T. Department

According to independent research conducted by Forrester, CIOs of $ 1 billion-plus companies cite “Intellectual Property Theft” as the type of IT security incident that poses “the most threat” to their company’s business (see Figure 1). Four out of ten CIOs don’t think they spend enough on the most important security threat. Although malicious code and intellectual property theft pose 60% of all risk, and 70% of CIO’s approve IT budgets – yet 40% think not enough is spent on security.

Most often the core differentiator of companies is its business processes, strategic information systems, and technology. Outsourcing forces the company to reveal its internal business processes to vendors. Certain companies do not have strict intellectual property laws. Forrester’s Stephanie warns “North American and European companies should not consider China a viable location for software development and maintenance support. The market is too immature, and the problems associated with this immaturity - a lack of English language skills, the legal and regulatory environment and lack of intellectual property laws - make China too risky today.”

Often open source software is used by IT teams to build software products. Several software frameworks are available to be downloaded for free. What several companies, architects, developers and programmers fail to comprehend is that open source is not the same as “free”. Open source software is licensed. However, most open source license types like Berkeley Software Distribution, Free Software Foundation, or General Public Licenses lack indemnification.

The “as-is” aspect of open source software is risky. There is a possibility that part of open source software “copied code” from some other licensed product. It is very difficult for the companies to identify or compare open source with licensed software products to identify theft. This exposes the company using open source software to lawsuits from companies claiming that the open source software violates their intellectual property rights.

(Figure 1)

Contract workers often are hired for short stints to work on software development and testing. This type of work needs full developer-access privileges on the source code. The obvious risk is to the code being stolen or exposed to others.

Three Regimes that protect IP

Trade secret classification, copyright and patents serve to protect intellectual property under law. In addition, compliance requirements of law such as Sarbanes-Oxley, Gramm-Leach-Bliley and HIPAA are driving software development shops to protect intellectual property, ensure privacy, and aim for correctness in development products and practices.

With time, Trade Secret laws are being tightened. Trade secret plaintiffs sometimes would couch their claims under other, alternative titles, such as "common law misappropriation," "unfair competition," or "breach of confidence." The tactic was often a deliberate ploy to avoid complying with state Uniform Trade Secrets Act [UTSA] statutes. California is the first state that pre-empts such attempts. As more states follow suits, trade secrets laws will be more and more effective.

1998 Digital Millennium Copyright Act that amended the copy-right statute, defeating any technological control that controls access to a computer program in order to make even a legitimate backup copy is infringement. Computer games almost always have copy protection built in, and defeating the controls would be infringement. DVDs are encrypted, another type of technological control.

Challenges to Intellectual Property by the Internet and Technology

Technology is an enabler for both innovation and crime. Companies spend millions in research, design and development. All this information is stored digitally in software files. These portable electronic files make theft easy. Software files can be copied to Floppy disks, CD-RW disks, memory sticks, or other digital RW media and sneaked out of facilities.

Files can be uploaded to web-sites or e-mails from a secure machine to the Internet. Worse, it is possible to install “spy-ware” that can regularly scan machines and upload files automatically.

Websites can screen-scrape or use portal technologies to “grab” published web-pages from other websites and present them as their own. Website mirrors can be created which give access to content of other protected websites.

Hardware theft can result in the same effect. A knowledge worker’s laptop containing critical engineering designs can be invaluable to the knowledge thief. CEOs have the greatest fear of loosing their PDA or laptops.


Although protection of intellectual property is a key issue in the United States, a challenge in the future will be to ensure the same standards across nations. The Patent Cooperation Treaty is a first step in that direction, while it is gaining support in developing nations, like Oman, it is yet to be seen as an effective measure against software piracy and intellectual property theft.

While laws and precaution protect intellectual property, the threat of exposure will continue to increase with technological advances. The proper use of technology is closely related to the ethical and social constituent of nations. At the core of the problem are people and their honesty and integrity. As long as money governs societal well-being, human greed for money will bulldoze over anything that comes in its way – including intellectual property rights.


  1. Moore, Stephanie: Planning Assumption IT Trends 2004: Offshore Outsourcing. Forrester Research Report. (December 2003)
  1. Laura Koetzle with Charles Rutstein, Angela Tseng, Robert Whiteley. How Much Security Is Enough? Forrester Research Report.(August 2003)
  1. Nikos Drakos, Alexa Bona. Questions and Answers on Open-Source Licensing. Gartner Research. (October 2002)
  1. Vijayan, Jaikumar. Security Expectations, Response Rise in India. Computer World, Vol 38, No. 5. (August 30, 2004).
  1. Graves, Tait. A Trade Secret By Any Other Name is Still a Trade Secret The Intellectual Property Strategist. April 7, 2004, NEWS; Vol. 10; No. 7; Pg. 3
  1. National Commission on New Technological Uses of Copyrighted Works. Making backup copies violates law. Information Outlook, July 2004 v8 i7 p32(2)
  1. Business News Publishing. Patent Cooperation Treaty Oman joins the treaty. (2001)

Tuesday, October 9, 2012

Error Handling on your Web Presence is Important

showed me the following error message

Server Error in '/' Application.

Server was unable to process request. --> Object reference not set to an instance of an object.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Web.Services.Protocols.SoapException: Server was unable to process request. --> Object reference not set to an instance of an object.
Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[SoapException: Server was unable to process request. --> Object reference not set to an instance of an object.]
System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall) +431766
System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) +204
WebReference.SeatBook.ShowSeats(Int64 TheatreId, Int64 BookingId, String ShowClass, Int64 NoOfTickets, String PartnerId, String PartnerPwd) +195
seatlayout.Seat_Layout() +743
seatlayout.Page_Load(Object sender, EventArgs e) +3161
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +14
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +35
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +50
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +627

Version Information: Microsoft .NET Framework Version:2.0.50727.3603; ASP.NET Version:2.0.50727.3082

This is an example of what not handling Exceptions does to the user experience.

Monday, October 8, 2012

Google’s Big Data Stats

YouTube: 60 hours of video uploaded every 60 seconds.
Google Search Index Size: 100,000,000 GB (and growing)
GMail Active Users: 350,000,000 (and growing)
Search Response Time: 0.25 seconds

These numbers are astonishing. Reliability, Available, Scalable & Performance are Google’s primary quality attributes.
Data – core business asset and few low hanging fruit, growth is faster than the ability to understand it, data capture is slower than the data getting generated, traditional BI tools can’t scale to capture it.
Google has innovated Map Reduce, HDFS, HBase are used by Google to solve for these requirements.

Sunday, October 7, 2012

7 Habits of Ineffective People–an inverse corollary

Once of my favorite non-fiction books is The Seven Habits of Highly Effective People by Steven Covey. Sometimes it’s helpful to apply an inverse angle to see if it sticks. And it’s fun.

So here’s my inverse corollary:
#1. Procrastinate until it’s urgent & important.
#2. Plan as you go
#3. Let tasks to automatically prioritize themselves
#4. Try to win at all costs
#5. Ensure others understand what you’re saying first
#6. Work alone and be a hero
#7. Learn just-in-time and on the spur
Of course this is not what’s in the book – it’s pretty much a contrast of it. Often times we read books/articles that list what one must do, and to make this post a bit more interesting & fun it tells you what not to do. Additionally It may be more instructive to learn from other’s experiences and try to avoid pitfalls and bad habits.