The Pajama Coder

My apprentice hard at work in her pajamas!  =)

Book Review – Object Oriented Software Construction Second Edition

Object Oriented Software Construction Second Edition by Bertrand Meyer

I discovered this book in 2007 while searching for references on the subject of object oriented programming. Although I knew the basics at the time and had been coding in OO languages for several years, I felt that I was doing it poorly and wanted to take my understanding to the next level. It did not take much time to realize that OOSC2 was generally regarded as one of the best, if not the BEST, book on the topic and so I happily spent an outrageous $78 for a new edition. That was exactly 9 years ago today and the book now sells for $120 brand new.

When it arrived I promptly read the first page, browsed through the chapters and set it aside with the sincere intention of reading it cover to cover “when I had more time.” Months passed, then years. I read many other books and continued to program in OO, but I could not seem to muster the motivation to tackle those 1200+ pages. One day I took a new job and brought this book to the office. One of the senior architects walked by and commented, “that’s one of the best books I’ve ever read.” I knew then that it was time. I cleared my schedule and over the course of many months, inched my way through it cover to cover.

Looking back, I would not recommend this book to anyone wishing to learn or improve their understanding of object oriented programming. Instead, I would recommend Head First Object-Oriented Analysis and Design. Although OOSC2 does explain all of the essential OO concepts in great detail, it reads like an academic thesis full of proofs and theorems. This is because at the time of the writing, OO was a somewhat controversial approach to software development. Meyer’s primary intention was not to make OO understandable, but to prove that OO as an end-to-end software development method was superior to all of the existing alternatives. To this end, many of the explanations and ideas are accompanied by mathematical proofs and notations which, while necessary to the progression of his arguments, only serve to frustrate those seeking to understand OO as quickly and plainly as possible.

Despite the fact that OOSC2 is not, in my opinion, the best book to learn or understand OO (although some would disagree), it is without a doubt one of the most important and influential works in the history of software engineering. As such, I recommend it highly to any person serious about software development. It is a challenging read that will add depth to your view of the craft and force you to grapple with concepts that are often taken for granted in today’s world of pervasive OO such as the superiority of single inheritance, the importance of designing by contract, the value of assertions, type checking and constrained genericity.

I thoroughly enjoyed the journey that is OOSC2 and hope you have the chance to as well!

Useful OpenSSL Commands

As a software developer, especially when working with security or web-based technologies, one is often required to deal with X.509 certificates. Although it is increasingly easy to obtain a certificate issued by a trusted certificate authority, understanding how to create and use them yourself is invaluable. Below is a list of the OpenSSL commands that have been the most useful to me.

Create a new RSA key:

openssl genrsa -out key_filename.key 2048

The genrsa command generates an random RSA private key consisting of two prime numbers. The size of the key in bits is determined by the last argument (2048 above). Larger values are more secure, but use more resources. NIST estimates that key sizes of 2048 bytes will be secure until 2030. Currently it is possible to crack a key of size 1024 in approximately 100 hours.

Create self-signed X.509 certificate:

openssl req \
    -x509 \
    -sha256 \
    -days 9999 \
    -newkey rsa:2048 \
    -keyout key_filename.key \
    -nodes \
    -out ca_filename.cer

The req command with option -x509 generates a self signed X.509 certificate which can be used for testing or as the root certificate of a certificate authority. Certificates generated in this manner are very useful for development but have limited use in production environments. A common use of self signed certificates is to enable HTTPS on a local or non-production web server.

When used in this manner, the req command will prompt for information to be included in the resulting certificate. When prompted for Common Name, provide the fully qualified domain name to be secured (ex. www.google.com). It is also possible to create a wildcard certificate which can be used to secure unlimited sub-domains by using the * character in place of a concrete sub-domain (ex. *.google.com). Note that to secure multiple domains with the same certificate (ex. www.google.com, www.google.org, www.google.net) the Subject Alternate Name (SAN) extention must be used instead. Using the SAN extension is discussed in the example for the x509 command below.

The -days option determines the number of days (relative to the current date) that the certificate will be valid. The -newkey option generates a new CSR and private key using the specified algorithm. If the -keyout option is used the generated key will be output to the specified file. Option -nodes (no DES) indicates that they generated key should be stored without encryption and can be omitted if you wish to protect the key with a pass phrase.

The -sha256 option indicates that the SHA256 hashing algorithm should be used to generate the message digest when digitally signing the certificate. Note that SHA256 is currently the default and this option can usually be omitted. It is important to use a secure digest algorithm because certificates signed with an insecure message digest such as SHA1 generate warnings in some browsers resulting in sites that clients will not consider trustworthy.

Create certificate signing request:

openssl req \
    -new \
    -sha256 \
    -key key_filename.key \
    -out request_filename.csr

The req command with option -new generates a new certificate signing request containing the information needed by a certificate authority to create a new X.509 certificate. This command prompts for the same certificate information as the example above.

The -key option specifies the key file to use. It is also common to generate a new key as part of this command by using for example -newkey rsa:2048 -keyout key_filename.key -nodes instead of -key key_filename.key. This technique eliminates the need for the use of genrsa as shown in the first example above.

Sign CSR to create new X.509 certificate:

openssl x509 \
    -req \
    -sha256 \
    -days 9999 \
    -in request_filename.csr \
    -CA ca_filename.cer \
    -CAkey key_filename.key \
    -CAcreateserial \
    -out certificate_filename.cer

The x509 command with option -req is used to create an X.509 certificate from a certificate signing request. The -CA option specifies the certificate of the signing Certificate Authority and the -CAkey option specifies the private key to use for the digital signature of the resulting certificate. The -CAcreateserial option indicates that a new serial number file should be created if needed and that the serial number of the resulting certificate should be read from this file.

To create a certificate with the Subject Alternate Names extension, add the options -extensions v3_req -extfile san.cnf as shown below.

openssl x509 \
    -req \
    -sha256 \
    -days 9999 \
    -in request_filename.csr \
    -CA ca_filename.cer \
    -CAkey key_filename.key \
    -CAcreateserial \
    -out certificate_filename.cer \
    -extensions v3_req \
    -extfile san.cnf

The file specified by -extfile is used to define the domain names to be secured by the certificate and should be in the following format.

[v3_req]
subjectAltName = @alt_names
[alt_names]
DNS.1 = your.domain.name
DNS.2 = another.domain
...
DNS.x = last.domain.name

For more information about creating certificates with the SAN extension see http://techbrahmana.blogspot.com/2013/10/creating-wildcard-self-signed.html.

Combine X.509 certificate and key into PKCS12 encoding:

openssl pkcs12 \
    -export \
    -out pkcs12_filename.pfx \
    -inkey key_filename.key \
    -in certificate_filename.cer

The pkcs12 command with the -export option can be used to combine a key and certificate into a single file in PKCS12 format secured by a pass phrase. This is useful when working with Microsoft systems where PKCS12 is commonly used. Note that the file extension used for PKCS12 is typically .pfx on Microsoft systems and .p12 on Linux systems.

Automatically ending a process in Linux

I have a Python script that I want to run from one console, and sometimes I want to be able to kill it from another console login (via SSH or direct to the console). To do this easily I simply wrote a bash script that uses grep and awk and then passes the results to a ‘sudo kill’ command like this:

sudo kill $(ps aux | grep 'sudo python script1.py' | awk -v i=1 -v j=2 'FNR == i {print $j}')
sudo kill $(ps aux | grep 'python script2.py' | awk -v i=1 -v j=2 'FNR == i {print $j}')
cp /var/log/security_camera.log ./

However, if you have a particularly stubborn script, you may need to use the KILL signal. To do that just specify the KILL signal like this:

sudo kill -s KILL $(ps aux | grep 'sudo python script1.py' | awk -v i=1 -v j=2 'FNR == i {print $j}')
sudo kill -s KILL $(ps aux | grep 'python script2.py' | awk -v i=1 -v j=2 'FNR == i {print $j}')
cp /var/log/security_camera.log ./

Only use the latter if you absolutely have to. There are actually a lot of signals in between the default SIGTERM signal. See:

man kill

to see the system documentation on which signals you should use when. Or just Google it. 🙂

As with most things in Linux, this is only one way to do things. But it works great for me.

This post was inspired by this Linux comic I saw on Google+ ✌  The code is all written by Leland Green (me). I take absolutely no responsibility with what you’re about to do with it! 

Jasper on Raspberry Pi Running Raspbian Jessie

This will get Jasper running on your Pi. This method really works! I’ve tested this and got it going on an RPi 2 running Raspbian Jessie.

The second script* prompts you for essential information and then it’s up to you to configure and use it.

All you need to do is download the two .sh files from my new project here: https://github.com/lelandg/Jasper-Installation-on-Raspbian-Jessie

See the repository for much more info Please report any errors that you may find there.

😎👍

*Technically it runs a Python script that prompts you for the info… but it appears as though it happens as described above. It’s all smoke and mirrors anyway, right? So everyone expects a little magic now & then.🙂

Book Review – The Art of Unit Testing: with examples in C#

The Art of Unit Testing: with examples in C# 2nd Edition by Roy Osherove

When I was a young programmer, I remember a job interview where I expressed my belief that coding was a form of art to a potential employer. The job was for an entry level position working with the RPG language on IBM systems. I knew very little about RPG at the time, but I was confident I could learn. I did not get the job and looking back, it’s clear to me that immaturity and lack of experience where the main reasons. Even still, the exchange about art stands out in my mind and I often wonder how that affected the outcome.

Some years later, I discussed this interview with a respected associate. He explained to me that managers and especially those above them usually see software development as a complex machine with many moving parts. In order for this machine to function efficiently, each cog and gear must be predicable, measurable and reliable. There is sometimes very little appreciation for art in this point of view and in many ways I agree. Much of software development is about the pursuit of correctness and certainty, the elimination of risk and the maximization of value. Despite this, I still believe that art must play an essential role in any venture for it to be truly worthwhile when all the amounts and values are finally summed. The Art of Unit Testing delivers the best of both worlds in a way that is direct, practical and immediately applicable.

I was first introduced to Roy Osherove’s work indirectly through the MVVM design pattern. I was researching it for a WPF project when I realized that it would be a great chance to learn about unit testing. I google’d the topic and discovered artofunittesting.com. After watching all of the videos, which were excellent, I gave the usual sales pitch to management and then opened up the beautiful can of worms that is legacy code. In the end, the decision to include unit tests in the project impacted the schedule significantly for the worse. I had to rewrite perhaps a third of the codebase and abandoned the idea of unit tests for the rest. The code was still buggy and when I joined another team a few months later, the existing unit tests were forgotten. Based on this, it would be easy to conclude that unit testing failed to produce value.

A year or so later, I decided to try TDD on a small project and picked up The Art of Unit Testing to give myself a jump-start. Although not specifically about TDD, this book is regarded as one of the best on the subject of unit testing in general, and having read it twice now, I have no reason to disagree. Unfortunately, I was not prepared for the system shock that exposure to the TDD worldview can produce. On one hand, the TDD code that I wrote was perhaps some of the best code I’ve ever written. On the other hand, the project went so far behind schedule as I adjusted that it was put on hold indefinitely. Based  on this, it would be easy to conclude that TDD specifically and unit testing in general failed to produce value.

Just last year, I was assigned a high risk, high profile project with a critical dependency on another sizable and legacy component. The main project required several complex changes to the legacy component and these assignments were given to developers who did not practice unit testing. The result was an extremely buggy and unreliable system and we wasted at least a month tracking down issues and troubleshooting them. Eventually, I realized that it would be better to rewrite it from the ground up and so I did–with a testable design and about 90% code coverage. I was able to do this in a reasonable time frame and the component has been rock solid ever since. No issues at all were found in QA and none have been found in production. Based on this it would be easy to conclude that unit testing successfully produced value and I would agree. It allowed us to complete the high risk, high profile project with a high degree of certainty about the correctness of the final behavior without negatively impacting the schedule. It was in fact the lack of unit tests and unknown code quality that posed the greatest risk to the project schedule.

It is important to realize that the last success would not have been possible without the first two failures. What you will gain from The Art of Unit Testing and pursuit of the discipline in general is not a magical power-up for your next project, but the skills you need to become a stronger developer in the long term. You’ll learn the basics of writing unit tests, you’ll survey the commonly used tools and you’ll be exposed to the concepts required to write readable, high quality, maintainable tests from the perspective of a veteran in the field. The transition to becoming proficient in this discipline won’t take place overnight, but The Art of Unit Testing will help make this worthwhile journey faster and less painful.

Bash By Example

If you’d like to learn Bash programming, there are few resources better than the IBM DeveloperWorks site. They have an awesome series of tutorials here:

Bash By Example:

Part 1: https://www.ibm.com/developerworks/library/l-bash/
Part 2: http://www.ibm.com/developerworks/library/l-bash2.html
Part 3: http://www.ibm.com/developerworks/library/l-bash3.html

See Also:

GNU’s bash home page

Parallel Processing In Python the Easy Way!

The technical term for what we’re discussing today is Decorated Concurrency. Don’t let this scare you! 😇 It’s just a fancy (and concise) way of saying that, “We have a simple way to do parallel processing.”

Parallel processing, in turn, means that we can start multiple threads, as needed, in our program such that everything runs faster. Behind-the-scenes, on modern processors that have multiple cores, Python can run different processes on different cores. This lets a developer decide which processes will run the fastest because they have their own core. Or, at a higher level, which functions/methods are candidates for running on multiple cores.

I’ve known about parallel processing in Python for some time but it has always required making special function calls. No big deal – especially since you have to write the code to be multithreaded in the first place – but it would be nice if it was all a bit easier, right?!? Well now it is!!! 😎

The Deco (deco) project allows you to easily create code that takes advantage of parallel processing in Python. You simply do it with decorators!

If you’re new to programming, a decorator is just something that you place in your code next to a function/method/class, etc. definition. For example, the Deco project uses

@concurrent

and

@synchronized

tags. In Python you apply a decorator immediately before a function/method, etc. You can see some examples in the README.md file (that is shown to you by default) in this project: https://github.com/alex-sherman/deco (same link as above)

I expect you will be able to see some examples and some of my code very soon, as well. 😇

🙂👍

Bonus Linux tip: 

How to Isolate a CPU (core) and dedicate it to a specific task

To run a task on core 3 of a Raspberry Pi, or other Debian-based distro, including Ubuntu, simply add:

isolscpus=3

to the end of /boot/cmdline.txt. (There can be only one line in this file.)

And then run:

taskset -c 3 <your task here>

BTW, if you get a chance, please check out my new blog! http://lelandgreen.com
And if you like it, will you please share it around? 😎👍

The Art of Electronics / Learning the Art of Electronics

I have recently become the proud owner of two books, Learning the Art of Electronics (3rd Edition, Hayes/Horowitz) and The Art of Electronics (3rd Edition, Horowitz/Hill) I still love a paper book for some things, and both of these are books I’d recommend that you purchase the paper version so you can lay them open beside your projects as you work on them.

Both are excellent and I have learned a lot from them, even though I’ve barely scratched the surface. They are some 2400 pages, combined, and these are textbook-size pages. Very densely packed with information, which I want to retain. So I’m taking my time!

I think it will help us all if I can create an in-depth review, as I go. For one thing, it will help me.

An exciting quote* for today from appendix G “Where Do I Go to Buy Electronic Goodies?”:

Manufacturers Direct: Many semiconductor manufacturers (Analog Devices, TI, Maxim,…) Will not only send free samples with the slightest provocation, they will also sell in small quantities via credit card; check out Many-Circuits for RF components, and Coilcraft for inductors, transformers, and RF filters.
(*My emphasis.)

Indeed, there are too many providers and tools listed for me to include them all here. A few that sound especially interesting are octopart.comfindchips.com and netcomponents.com. You give them a part number and it searches dozens of distributors, returning (“sometimes unreliable”) information on availability and pricing.

A sneak peek of some things I intend to talk about, and some very useful shortcuts for you in the meantime!

Scan of "Learningi the Art of Electronics" pg. 14

Learning the Art of Electronics pg. 14

Scan of "Learningi the Art of Electronics" pg. 15

Learning the Art of Electronics pg. 15

 

 

Pip Boy 3000 Build Log

As I posted on my blog yesterday, my brother Noel contacted me and asked me if I would help him build a fully-functional Pip Boy 3000! I’m totally psyched to do this.

History:

Adafruit has a very detailed build here https://learn.adafruit.com/raspberry-pi-pipboy-3000/overview, and that links to the “pypboy” software here: https://github.com/sabas1080/pypboy

Update 2016.05.20: I have found there are two “main” versions of this project floating around the web. The second one being here: https://bitbucket.org/grieve/pypboy/src/92970d3a53f86eba4dc99fc979c5d8682edd2b7e?at=master I call this the “second” because it appears to have more enhancements. (And, more importantly, because I presume Adafruit linked to the original – this may be incorrect!)

Important Note: Be warned that if you use the Adafruit feature to “add all to cart” you will get a different type of knob than the project expects! I got a full-blown rotary encoder, which is a much better option is and just the “rotor-switch” (or “multi-switch) type of knob that the script now expects. (I’m working on this.)

Repository for this project: (Update 2016.05.22) I found that I can easily import the “grieve” repository into GitHub. All I did was import the project and GitHub even preserved the complete history of the project! Apparently GitHub can import from any URL, as long as it contains a Git repository. Good to know! 😎👍

So this project now has a repository located here: https://github.com/lelandg/pypboy

Update 2015.05.29 – I’ve decided to backtrack slightly. I thought that the grieve repository was newer, but I’ve found this is incorrect. The sabas1080 repository actually has the most recent commits. Not only that, there are no less than 15 forks on Github. So I am spending a little time reviewing all of these to get the most complete implementation. I will then fork that project (fork/clone). I hope to make some updates to this, too. The software appears to be well-written, but without all hardware connected, it does not function properly. At this point, I think the only “problems” may be the missing hardware. At least I want to get it connected before I start trying to “fix” anything.

Enough of that, now back to some plans…. 😇

 

Pip Boy 3000 from Fallout 3

Pip Boy 3000 from Fallout 3 and Fallout New Vegas

I have seen some builds on other sites as well. However, I have not seen a build like I plan to do! I am quite knowledgeable in Python and becoming so about the Raspberry Pi (RPi).

Since this is our hackerspace and we like to feature actual builds, I will not post details about future plans here, but rather keep this post strictly fact-based. (I always have loved a strong dose of nonfiction along with my sci-fi and fantasy desserts!)

For now, all I’ll say is this is the goal. And you can even click-through to read all about the Pip Boy 3000 on the Fallout Wiki! 😎

So far I have all of the electronics (assuming this touchscreen is big enough!) and the 3D print is scheduled to arrive Thursday, 2016.05.19! So I hope you’ll stay tuned! 

Update 2015-05-20: 3D print has arrived! This thing is awesome. Check this out:

2016.05.23: I found the py-gaugette works well almost as-is for a rotary encoder. If you want to use a rotary encoder, I found that it works well. There is another library by Bob Rathbone that is much more compact, but I found that it expected different GPIO connections than my rotary encoder has.

However… (and I apologize if you are subscribed to this post today… I’ll try to limit future updates), we have decided to go back to a rotary switch. This is actually what the script expects. After this part arrives and I get it wired-up, I’ll post some details about it, and of course a schematic when everything is finished.

2016.05.24: The rotary knob arrives today so I hope to get that soldered in place. It would be nice to complete enough of it that I could run my first test today. This may be a little optimistic, but we’ll see.

Meanwhile, I’ve already started the soldering job so I can share a photo of that progress, at least!

Several electronics parts soldered together

Soldering progress so far, along with a printout of the “schematic” from Adafruit.

Update 2016.06.25: LED Buttons!

I wanted to make the buttons function like they do in the game. However, after calls to both Mouser and Digikey, I found that there is no such thing “illuminated button” of any type that will fit inside the holes in this Pip Boy. (Drilling them larger is not an option because the 3D print contains a “lip” or flange that wraps around each LED.)

So, I had the idea to make my own using only an LED and a button. I would simply superglue the LED on top of the button and wire everything up through perfboard supporting them. Simple, right? Well,  it turns out to be much simpler in concept than in practice.

First of all the holes in the perfboard did not line up  exactly with the  holes in the Pip Boy. to solve that, I sort of tilted toward the outside two LEDs on each end. (It’s not terribly clear in the picture, but the one on the right side is a little more obvious in this picture.)

"Handmade" orange LED pushbuttons

This doesn’t give me much room on the bottom  for soldering! The two leads from the LEDs go down on either side of the switch (obviously) and then come out the perfboard just between the two leads for the button. But I’ve soldered things that were tighter than that before and got them to work, so I’m sure I can do this.

Note that the taller LEDs are required. (Some of them are shorter, and they would not fit up through the hole in the Pip Boy.) also, you don’t really have room for the  wire leads to fit up through the holes, so this might not work  for some builds.

 

Return top

Info

Section9 is a hackerspace based out of the Springfield Missouri area. For more information, please see the About Us page or find us on Facebook.
 
%d bloggers like this: