What's it all about, Alfie?

This morning I noticed that Fantastico at HostMonster had gotten the update of WordPress to 2.5.1 - so I took the time to upgrade. It's pretty simple, and I keep the roll-back instructions in VoodooPad Pro (just in case), but I doubt I'll ever need them. I'm pretty sure the 2.5.1 upgrade is for security issues, and there aren't a lot of additional features in this guy, but it's always nice to stay current with these things - just in case someone decides to create a 10 million machine bot storm to crack all WordPress sites.

I'm still looking forward to the Google Summer of Code work for putting a caching system into WordPress. While I don't get enough page hits to really need a cache, you never know when you might be Slashdotted, and for that, a cache can be a lifesaver.

This morning I awoke to find that Firefox RC2 is out! I've noticed a few issues on the Windows version, but that is probably related to the fact that I go through so many more page views on the Windows version, due to my work, and it's probably no more or no less stable than the Mac OS X and linux versions I also use daily. As I use Firefox, I'm amazed that there's so much effort and real improvement going into browsers these days. WebKit and the new SquirrelFish JavaScript engine... Firefox and it's improvements... it seems that the browser really is trying to become the application delivery vehicle these days.

I'm not sure where all this is going... the browser has a ways to go before it's going to compete with a desktop OS for application building. Forms-based apps are easy - like the green screen apps of old, form fillers are a big segment of the use of computers. But there's still a lot of things that are at least done a lot easier on a desktop OS, than in a browser. But it's getting less and less. Impressive work.

UPDATE: so far, I'm very pleased with RC2. It's working much better on Windows than RC1, and as that's the one I do the most page hits on, it's nice that it's working better. I'm hoping the good news just keeps coming.

Today was one of those days that seemed to drag on for a very long time. The progress was there, but it was very slow at times. There was several hours of refactoring on some requests to the server to make them fit the style of the other requests, and then the addition of another request type was similar to the last, but different enough to make it hard work.

It's just been one of those days that you feel drained at the end. But you can look back and say Yeah... I'm glad it's over, but I did make good progress. The details are everything, and I'm glad to say that before I leave today all the details of these new additions are taken care of. The clients have the code, and it's working. The logging in the server is up to snuff. The code looks good as well as running well. All the details that make this a good project are there.

But I've left it all on the keyboard, as it were. Gotta go home now and get some rest.

Today the rumor mills were abuzz with the rumor that Mac OS X 10.6 would be unveiled at WWDC next week. The rumor has it that it's named Snow Leopard which is a slick name, if it's true, and they also say that it's an infrastructural release - no new features visible to the user other than the removal of PowerPC support and therefore better optimization of the Intel-only release.

While I suppose it's possible that Steve will talk about OS X, I have to wonder where these guys get all this stuff. If you look at what Steve is supposed to talk about at the keynote it's pretty significant:

• iPhone 3G
• New .Mac
• Updates to MacBook Pro
• Mac OS X 10.6

I mean it's possible, but that's a pretty full plate given that some of these things have taken the majority of a keynote all on their own. Sure, a lot of them can be brushed over a bit, but to have all this in one talk seems like a bit of a stretch. I'll certainly be listening, however.

Just now I realized that I hadn't plugged in my external FireWire drive, which is my TimeMachine drive, to my laptop yet this morning, so I plugged it in and in a few seconds it started cranking on the backup and everything was happy. And this lead me to realize that the upgrade for 10.5 was really quite marvelous. I have used TimeMachine probably less than a dozen times, but each time it's saved my bacon in a way that I didn't used to have. I've been able to create new machines from old dead ones... I've gotten back single files, and I've reached a level of relaxation with regards to the data on my laptop that I simply never used to have.

I've tried several programs, and ended up rolling my own eventually, but I didn't really keep up with it properly, and so I always had some exposure to loss. Now - it's only an hour. That's pretty impressive. It's really taken my data security to a new level. Thanks, Apple. Well done.

While I'm not a big JavaScript writer, I can see that there are a ton of sites that use this technology, and on that front, it's nice to see that WebKit has gotten a new JavaScript engine that is already significantly faster than the old one, but also has room for significant improvements as well.

This probably won't make it into Safari until a later release of 10.5.x, but it's nice once again to see that the Apple guys are pushing the envelope with this stuff and working hard to get the best and fastest tools to us. Bravo.

I very close friend of mine this morning pointed out the followers that I had on Twitter. I had no idea I had as many followers as I do. Oh, sure... it's nothing like the 20,000 or 30,000 that some folks have, but it's still very interesting to me to see that I'm basically using it to communicate with one friend. That, and the reliability issues with Twitter in general... well... I have to say that this has become something I hadn't expected.

If they can get their infrastructure cleaned up, and I think they can with the money they have, then this might be a very interesting little tool. Then again, I almost never use the web site - instead, I use Twitterrific client that's far more fun to use.

We'll have to see how things progress with Twitter, but I have to say that I'm really quite amazed with the following.

Today has been a very heads down coding day where I've spent almost all day getting the new features of the Vendor's new API working in the server and clients of my market data server. I was originally going to have the client-side code handle the authentication as I've done that in the past with pretty good success. But I know that this vendor is not really big into speed on his responses, so I was hoping to be able to build this all on the server-side and then cache the positive results for a day so that subsequent requests for the authentication would not hit the vendor's back-end systems all day long.

I was happy to see that they had what I needed - even if it took a little poking and prodding to get it to work, and know what data I needed to pass to it. In the end, I was able to incorporate it as a regular server-side feature which is going to make the cache a very welcome addition. Not the least of which is that we no longer are limited to their client-side code and response times.

With all this put into the market data server, I'll start tomorrow on the authorization - or the exchange-based filtering of the data. Again, I'm hoping to find it in the server, and I have a few leads to chase down before I'm sure, one way or the other, that I can or can't do it. It sure would be nice, though.

We have been forced into updating a Data Vendor's API because they never really envisioned that we'd use their desktop product in quite the way that we had - which is to say, built a server around it and made the content accessible to a large number of applications for the traders. So, when they saw what we did, they decided to make that unsupported, and brought out a product to be used in the same manner - for considerably more money. Surprise!

So, we had to upgrade, and in this upgrade, they biggest changes are in the authentication and permissioning of the data. It's understandable, they need to protect the data from unauthorized eyes, etc. The problem I'm running into over the last few days is the way they are having me (and all the other API users - all eight of us) do this authentication. First, everyone has to have a login to the service. Seems that's a good place to start and end. But no. They have an underlying 'ID' - that's guaranteed unique. Seems that's a good place to end then. But no. The minimal authentication is done in their Java client with an ID and the IP address of the machine they logged in on.

Now it seems to me that they already know this, and all they really need is the login. The login leads to the ID, and the login tells them the IP address of the machine they are logged in on. The way they have done it is doubly redundant. That's taking a bit of doing, but it gets even better in the C API.

In the C API - if I'm reading the documentation correctly, you need not only the ID, but four other pieces of information that are known by the service but I have to provide and have no way of knowing programmatically. I have to have the user go to a page on the service's application, read off four multi-digit numbers and then feed them to the C call.

That's an embarrassment. I can't believe they think this is a good scheme. I'm hoping that these four are redundant, or unnecessary, and the docs are simply out of date. But I have a feeling that they aren't and this is just the "way things are" with this vendor. I'm really shocked at this because I had a pretty decent way to have my market data server incorporate this into it's core so that data coming out of the server could be filtered based on the requested user. That would be wonderful as it would put all the permissioning behavior into one place which makes it far easier to control.

We'll see what I get back from one of their "API Experts". I'm really really hoping I'm wrong here.

UPDATE: I got a little help from one of the experts, but for the most part I have to say that getting bad information is worse than getting no information - which was the case today. I asked for the parameters I needed to pass in and got back a list that wasn't right. Once I figured out it wasn't right and what might the right set be, I was well into the afternoon and yet I did get it right. Then I had to realize that their idea of returning a negative was returning an error and not a negative at all. So I had to code for that as well. It's amazing... the people who created this additional functionality didn't even study the old style of doing things and it makes for a very clunky interface to the system. It's working, but as I had expected going in, it's not easy and it's a pain to make it look pretty.

Tomorrow I need to wrap this authentication into a request class and then integrate it into the market data server and finally add caching on the results so that multiple requests in a day don't need to each go to the service to be resolved. Once a day is going to be enough.