Saturday, September 26, 2009

The General's Book Club: What's Petraeus Reading?

I love spotting books in the background of photos, and here's today's mystery. I've spent a fair amount of time tracking the reading habits of candidate and president Obama, and we've seen some of his favorites get a boost into our top 100. But he's not the only member of the government who can sell a book. I'm not sure if General David Petraeus, the cerebral CentCom commander, has released any reading lists, but no doubt his influence (or at least his example) has helped a book like The Accidental Guerrilla, by his Australian advisor David Kilcullen, become an unlikely bestseller on Amazon.

So my question for today, based on this AFP/Getty photograph of the general at this week's Marine counterinsurgency conference, which I came across on Tom Ricks's Best Defense blog: what book does he have on the table next to him? The title clearly is "Wildcat", but I can't decipher the author name. I thought my Amazon search skills were pretty good, but I can't find a book that matches the cover. (This is the closest I came.) I'm guessing the subtitle is not "The Joe B. Hall Story."

Anybody better versed in the subject, or in data extraction, who can help me out? --Tom

Update: In the comments, Lauren solved the puzzle with better sleuthing skills than mine--thanks! And the answer is even more interesting than I'd hoped: the book is Wildcat: Irak 1991/2003 : Carnets de guerre d'un journaliste rebelle by the Belgian soldier-turned-war correspondent Yves Debay. It's not available on or, but we do have it on I'm not sure if he was reading the book or was given it at the conference, but to be reading a book by a "rebel journalist"--in the original French--certainly would be consistent with the Petraeus mystique...

Saturday, September 19, 2009

Top Tips for Protecting Your Linux Servers

Unless you have been living in a strange planet somewhere outside out universe, you will have noticed that more and more companies are now making that transition from Microsoft Windows based server to Unix/Linux platforms for various reasons ranging from cost to security concerns.

If you or your company are part of that trend, the question is how do you ensure that your setup is as secure and robust as possible? It's one thing to move to a more trusted and secure platform, it's another when it comes to keep a tight lid on it to ensure that you do not leave your system to unauthorised access from just about anyone.

In this post, I will try and list a few of the vital steps you should take to ensure that your system is not porous.
  • Make sure no one can browse the directories
  • Make sure only root has write privileges to everything, and only root has read privileges to certain config files
  • Run mod_security

One of the most important things you should decide on is what ports should be open to the outside world. For most people, the only port necessary is the default HTTP port 80. Only root should have write access to the system. It is almost impossible to find a company without database of some sort these days, so if you have one, make sure that the root account details is changed.

If you must connect remotely to your server, make sure you open SSH port 22, disable you root account on your server, create a user on your MySQL database with limited privileges and review those privileges for those not required.

As crazy as it may sound, you should not announce to the world that you run your own server on your home or office connection. You never know you might come after your setup - that's another reason why you should not run your apps on root account. It also helps if you have a dynamic IP - this way you can't be endlessly getting hammered. A simple restart gets you a new IP.

Finally, bear in mind you're opening up a can of worms as soon as you start opening anything up to external traffic. Remember what you consider an experimental server, almost like a sacrificial lamb, is also easy pickings for people looking to do bad things with your network and resources.

Tuesday, September 15, 2009

Programming in Objective-C 2.0

Completely unlike any other programming book I've read. I would have gotten more seriously into programming alot sooner had I read Programming in Objective-C earlier.

The Programming in Objective-C came in good time considering I was outside the UK. I have to say it suffered a bit due to it being a paperback. The binding was good and the paper quality good.

The printed material is the most important part and I have to say that right from the start, I was learning alot about the language and the introduction was so clear, I could understand on the first sitting. On getting into the next chapter and starting to learn the language itself, I was surprised to find how easy it was to get through.

You really don't need a computer in front of you to actually understand what Programming in Objective-C really is.
The best part was the Q & A section at the end of the chapter. It makes you feel that you are taking a course in the language and also helps you evaluate how much you have actually learned.

I would recommend Programming in Objective-C to anyone who wishes to learn a language for the first time.

Friday, September 11, 2009

5 Days of Wicket

Following nicely from where we left off last time, I just wanted to show you a nice link to another smashing article on how to get well and truly into Wicket development. This is a 5 Days of free Wicket training.

With almost 3 dozens of Java web application frameworks out there, it can sometimes seem very daunting to decide which framework to concentrate on and specialise. So, if you're one of those still struggling, I would suggest you take a minute to check out this one.

As always, its entirely up to you to make up your own mind and decide if it's your kind of thing. Of course, there are other competing Java frameworks like Struts 2, JSF and the likes, so do make sure to check those out too.

Thursday, September 10, 2009

Continuous Integration with Subversion and Hudson

It's interesting what you can find online. I was going through some of my newsletter emails and stumbled upon this simple yet nice article on how to set up a local continuous integration server with Subversion and Hudson.

The article is divided into 2 parts - the first one walks you through installing and setting up the system including downloading and unpacking to running the commands needed to install. It then moves on to showing you how to check out a project with Subversion to get you running.

In the second part of this article, it quickly continues from where it left off in the first part. Tackling running Hubson and dealing with errors and compiling the build file needed to run the server.

If you have never used a continuous integration before, I'd suggest you take a minute to check it out. In fact, one of our recent recruit having gone through the article is now tasked with setting up a sample build system for us.

This is a nice and harmless way to get your junior team members to get their hands dirty and learn something in the process. You never know when something like this might come in useful.

Tuesday, September 08, 2009

Setting up a Subversion Server on Ubuntu

Having just decided that we would be bringing in all our SCM in-house, I delegated the task to one of our most recent developers.

His task was to configure one of the computers gathering dust and turn it into a mean machine for all our source code repository. First, we started off by getting a copy of Pragmatic Version Control Using Subversion. This book has just about everything you need to get you running quickly without any long winded story.

Beside that book, another resource we referenced heavily was this excellent resource: Setting up a Subversion Server on Ubuntu Gutsy Gibbon server. If you're looking to get into setting up something in house, make sure you check out the tutorial.

Now, we're left with managing access and secure and efficient back up plans.

I will update this blog once we have a stable backup plan in place.

Monday, September 07, 2009

Managing Datastore in Google App Engine

Working with Google App Engine has its ups and downs - one of which was the ability to delete and manipulate your data in the datastore.

As initially suggested by this excellent reply to a question in Stackoverflow website. The original poster wanted to know if it was possible to delete all the data in the datastore that he had entered for testing purpose. As it turned out, there was no obvious was to run the usual Create/Drop/Delete commands that we're all used to on a normal web application.

So, it was nice to see that Google has finally included the options to browse your datastore from the admin page. This, ofcourse also provides the facilities to create/update/delete.

So, if you have been finding it hard to clean out your data, it should be a breeze with this latest feature addition. Thanks Google for listening to your users.

One last thing that I have been working to address is running into timeout whilst my request is being processed. So, a workaround is to minimize the time/cycle for which my request lasts.

Saturday, September 05, 2009

Flex 3 in Action

I was very excited when I got an email to review the excellent Flex 3 In Action book from Manning. If like most developers looking to venture into the world of rich internet applications, then this is a must-have book.

Started off looking at the table of contents to see how and where to begin or have a sneak peek, it turned out that no matter where you looked, you would definitely find it quite easy to approach. Flex 3 In Action was written from a stand point of a tutorial - meaning that most of the sections have been thought out quite well making it easy follow. Unlike most technical books, this one shows you how to develop each of the sample app in tutorial format - taking you through each step as you go along. You can't get anything much simpler than that.

Coming in at 579 pages, Flex 3 In Action has 24 chapters divided into 3 parts. The first part starts by introducing you to the technologies and platform behind Flex and Actionscript development. This covers everything from getting started, working with forms, to layouts, getting user input, trees and other components - all with extensive and complete examples.

The second section takes a much deeper step tackling topics such as working with event handlers, dealing with network connections and XML Web Services; Pop ups, classes and reuse-abilities. The final section covers every other things you'd need to know about skinning Flex 3 applications, testing, debugging and building & deploying.

To give you a taste of what to expect in Flex 3 In Action, Manning is making 2 chapters available for download [pdf]...These are Flex Layout and Navigation and Testing and Debugging Flex Apps.

I highly recommend this book, if you are serious and looking to get into Flex 3 programming, I would suggest you get a copy. But if you'd like to wet you appetite first, then go ahead and download the free sample chapters.

Thursday, September 03, 2009

Created new sub-domain for my Utility Files

With the free time I have this week(which I rarely get), I thought I would use the time to tidy up my computer by moving a few files and documents and filing them away beautifully. So this morning, I decided to move all my files scattered around my computer to one sub-domain making it much easier to locate and work with.

Before I start on a project, I normally try things out to see how it plays out before fully implementing it. Sometimes, if not most of the times, the prototype normally end up becoming the core of the application. But in some cases, I just abandon it for something more polished. This normally results in half completed hacks around - and funnily enough I find myself coming back for inspiration from those files.

Over the years, I have accumulated many of such utility programs in half a dozen programming languages from Perl to Python, from Java to Ruby. Moving them to a sub-domain would mean that I can easily move into any relevant folder for a hack I've knocked together before.

Following the coding convention we use at work, I've called it Garage, as the name suggests is where we carry out everything from car repairs to DIY. So, this appropriately describes what my intention is with the sub-domain.

I would be happy to know how and where you maintain all the little hacks you accumulated over the years. If you have a suggestion or comments, please leave them in the comments.
Related Posts with Thumbnails