Wednesday, August 3, 2011

Debugging Eclipse Indigo plugins on OSX

I do not why this took me so long to figure out, but I have been having a problem with Indigo that whenever I fire up the Eclipse Runtime workbench to debug a plugin it would crash almost immediately. At first, I thought it had something to do with my plugins, but eventually I took the time to do a clean install without any of my plugins and saw the problem just by creating a simple demo project in the runtime. Since I already had a working Helios installation, I just shrugged and went back to using that for now and set the problem aside.

Well, last week I got a new Macbook Air with Lion preinstalled and so I am setting up a new system from scratch. This time I only have Indigo installed and lo and behold I am still seeing the same problem. Realizing that there must be a simple explanation, I now looked closer and see that there is a simple explanation. For some reason, on Indigo when it Eclipse creates your default configuration it is not including the PermGen settings by default. So I was just crashing due to not enough PermGen space errors. Pretty obvious, it has just been a long time since I had seen these problems.

Adding "-XX:MaxPermSize=256m" to the -vm arguments in my Runtime Configuration has everything working great again.

Monday, April 25, 2011

I've been hacked!

I was hacked today (or at least I learned of it today). Early this AM a SPAM was sent from my GMail account to all of the Contacts in my GMail -- which I believe is any address I have ever received an email from. Given all of the mailing lists I am on, this is a decent number of addresses. Since the email was DKIM-verified to come from GMail and it went to all my contacts, I have to assume someone was able to successfully login to my GMail. I have since changed my password a couple times, and turned on the 2-factor authentication feature. I would highly recommend everyone do this with their Google account if they have not. I also changed my password on every site I can think of, just for safe measure.

How did this happen? I have no way to know for certain, but I have a theory. The Sony Playstation Network has been down for several days now due to some kind of attack. My username for PSN was my GMail account and I was stupid enough to use the same password (or at least they matched last week, I may have recycled back to it). I mainly use PS3 and PSN for Netflix streaming. I suspect that when the site was first down last week that intruders were intercepting logins and they got the username and password. My main reason to doubt this theory is that hacking PSN seemingly was sophisticated to do, so why would they use the information they stole in such an amateurish way as to send an obvious SPAM that alerted me to the problem? I have to think they downloaded all my email and information before they did this. I wonder why they did not also change my password as it seems like they could have done so.

It is fairly disconcerting to wonder what private information, such as credit card numbers, that I might have in my GMail archive. For now, I at least think I have safely updated all of my accounts so that the passwords are different on every site.

Update (2011-04-26): Sony has now pretty much confirmed that this all originated with the hack of PSN. See this blog post: http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/ Of course it was still stupid on my part to use my GMail password anywhere outside of GMail.

Monday, January 3, 2011

Open Letter to WANDisco

Shortly before we all went away on our Christmas holiday, one of the companies that sponsors developers in the Subversion community, WANDisco, delivered a big fu#k you to the rest of the community in the form of a press release and blog post from their CEO Dave Richards.

I commend my fellow members of the Subversion PMC for being able to take a deep breath and wait a couple weeks to respond with a cool head. Had it been up to me alone, I am sure we would have said something that felt good at the time but that we regret later. You can read the official response here on the Apache Software Foundation blog:

Apache Subversion to WANdisco: +1 on the code contributions, -1 on the attitude

I was, and am, deeply offended by Dave Richards and WANDisco in general. Their business model seems to be to issue press releases rather than actually doing stuff. In my experience, companies that choose to issue press releases BEFORE they start working on something are usually to be ignored and I think that is the case here too. The difference is that WANDisco is attempting to portray themselves as leading the Subversion community and as such that they are speaking for the community. As the blog post from the Subversion PMC illustrates, they neither lead the community nor are the welcome to speak for it.

That said, I get it. No one knows or cares who WANDisco is and by issuing press releases and generating controversy a few more people will now have heard of you. Congratulations. Bully for you. However, in the process your actions are only damaging the product and community you claim to care so deeply about. This reveals your true motives.

If you are so desperate for attention that you feel the need to issue press releases we probably cannot stop you. If you absolutely have to to issue a press release to try to garner some attention, then why could you not simply issue something that says "Hey we think features X, Y and Z are important and we wanted to let you know that we intend to direct our resources to work on those features." I could live with that even though I would rather see you work on the features before you crow about it. As it stands, just as you did a year ago with the Obliterate feature, you are just setting your people up for failure. You have declared that you are going to implement new features that the Subversion committers that work for you already know cannot be solved in the near term. You have brought no new ideas to the table nor any idea how any of the known obstacles that have blocked these features will be overcome. To top it off you have attempted to slap a release date on it. Good luck with that.

I really hope that we implement some of the features in your list and it would be even better if we can get some of them done in 2011. Most of your list was already on the roadmap we published last year. Unfortunately, the way you are going about this is not going to help any of that happen and if we do have some success it will likely be in spite of your efforts not because of them.