Monthly Archives: május 2012

Heti érdekességek 15.

The Tube – újabb, Libre eszközökkel készülő filmen dolgozik az Elephants Dream rendezője 

Elephants Dream (1, 2) – nyílt eszközökkel készült 3D animációs rövidfilm Bassam Kurdali-tól 2006-ból

Bassam Kurdali – az Elephants Dream rendezője – és csapata egy újabb, Libre eszközökkel – Blender, Python, Gimp, Inkscape, FFMPEG stb. – készülő rövidfilmhez keres támogatókat a Kickstarter-en. A film címe: The Tube.

Java SE 7: java.util.Object 

The java.util.Objects class is new to JDK 7 and described as: “This class consists of static utility methods for operating on objects. These utilities include null-safe or null-tolerant methods for computing the hash code of an object, returning a string for an object, and comparing two objects.”

JavaDoc: java.util.Object

Java 7 Objects-Powered Compact Equals

JDK 7: The New Objects Class

5 Things all Java developer should know when developing for the cloud

The last couple of years, “Cloud Computing” replaced Web 2.0 as the new buzzword. You can read, hear and see everywhere the cloud is coming. To most developer, this is still the same old sh*t. If you have experience in developing distributed system then you should be fine, you say. Well not entirely true, the IT department wants to deploy on cheap cloud and therefore some restrictions now applies. I will list 5 things that I think all developers should know when working with cloud Platform as a Service provider such as Amazon Beanstalk or Google App Engine. This list also applies to IaaS architecture. Some of the points might be obvious to the more experienced, nevertheless, they need to be mentioned.

The Simplicity Thesis 

The only companies or products that will succeed now are the ones offering the lowest possible level of complexity for the maximum amount of value.

A fascinating trend is consuming Silicon Valley and beginning to eat away at rest of the world: the radical simplification of everything.

Want to spot the next great technology or business opportunity? Just look for any market that lacks a minimally complex solution to a sufficiently large problem.

Open Source Web Application Security Audit Tool 

ratproxy is a semi-automated, largely passive web application security audit tool, optimized for an accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex web 2.0 environments.

Detects and prioritizes broad classes of security problems, such as dynamic cross-site trust model considerations, script inclusion issues, content serving problems, insufficient XSRF and XSS defenses, and much more.

Ratproxy is currently believed to support Linux, FreeBSD, MacOS X, and Windows (Cygwin) environments.

  • No risk of disruptions. In the default operating mode, tool does not generate a high volume of attack-simulating traffic, and as such may be safely employed against production systems at will, for all types of ad hoc, post-release audits. Active scanners may trigger DoS conditions or persistent XSSes, and hence are poorly suited for live platforms.
  • Low effort, high yield. Compared to active scanners or fully manual proxy-based testing, ratproxy assessments take very little time or bandwidth to run, and proceed in an intuitive, distraction-free manner – yet provide a good insight into the inner workings of a product, and the potential security vulnerabilities therein. They also afford a consistent and predictable coverage of user-accessible features.
  • Preserved control flow of human interaction. By silently following the browser, the coverage in locations protected by nonces, during other operations valid only under certain circumstances, or during dynamic events such as cross-domain Referer data disclosure, is greatly enhanced. Brute-force crawlers and fuzzers usually have no way to explore these areas in a reliable manner.
  • WYSIWYG data on script behavior. Javascript interfaces and event handlers are explored precisely to a degree they are used in the browser, with no need for complex guesswork or simulations. Active scanners often have a significant difficulty exploring JSON responses,XMLHttpRequest() behavior, UI-triggered event data flow, and the like.
  • Easy process integration. The proxy can be transparently integrated into an existing manual security testing or interface QA processes without introducing a significant setup or operator training overhead.

Megjelent a PostgreSQL Magazine első száma 

A PostgreSQL Magazine az első nyomtatott, non-profit médium, amelyet a PostgreSQL közösség hozott létre saját maga számára. Megjelent a magazin első száma. Benne a cikk a PostgreSQL 9.1 új funkcióiról, szolgáltatásairól, a kiadás előtt álló 9.2-es verzióról. Interjú, tippek és trükkök, hírcsokor stb. Online olvasható itt. Letölthető PDF-ben innen.

A StatCounter adatai szerint a Google Chrome első ízben nyomta le az Internet Explorer-t 

 a Google Chrome a  legnépszerűbb böngésző

Decembert írtuk, amikor a pár éve a semmiből jött Google Chrome lenyomta a Mozilla Firefox-ot. A StatCounter adatai szerint világviszonylatban tekintve a Google Chrome már az Internet Explorer-t is átlépte. Igaz, hogy csak egy napra, de ez mindenképpen mérföldkőnek tekinthető a Google webböngészőjének életében.

A StatCounter bejelentése itt olvasható.

Apache TomEE: Java EE for Tomcat 

Apache TomEE, pronounced “Tommy”, is an all-Apache stack aimed at Java EE 6 Web Profile certification where Tomcat is top dog.

The Web Profile version of TomEE contains

  • CDI – Apache OpenWebBeans
  • EJB – Apache OpenEJB
  • JPA – Apache OpenJPA
  • JSF – Apache MyFaces
  • JSP – Apache Tomcat
  • JSTL – Apache Tomcat
  • JTA – Apache Geronimo Transaction
  • Servlet – Apache Tomcat
  • Javamail – Apache Geronimo JavaMail
  • Bean Validation – Apache Bean Validation


The TomEE Plus distribution adds the following:

  • JAX-RS – Apache CXF
  • JAX-WS – Apache CXF
  • JMS – Apache ActiveMQ
  • Connector – Apache Geronimo Connector

Interest in Cloud Computing Has Peaked

Lately I’ve been hearing some rumblings during my various discussions around cloud computing. Some in the industry have been quietly saying the end is near for the much over hyped term.  I wouldn’t go as far as to say the cloud is dead just yet, but there is a growing sense that  interest in cloud computing, at least from the point of view of a buzz word, has peaked.

EMFStore Release 0.9.0 

We are proud to announce the release version 0.9.0 of EMFStore!
For those of you who don’t know EMFStore, it is a server solution for EMF entities or ‘model repository’. EMFStore allows parallel and distributed editing of entities, supporting continuous offline work. This means that a client can modify the available entities until it decides that a set of changes is consistent and should be shared with the other clients. The potentially conflicting changes between two clients is resolved through EMFStore’s support for interactive merging of EMF model entities. The EMFStore model repository is a headless framework.