As an athiest, sometimes I ask myself what do I believe? That is, what are those things I don't have proof for, yet I nonetheless believe. My core belief is that the scientific method will yield the closest thing to truth. While I may not understand the exact science behind, say, carbon dating, I believe that there are people who do understand it to the limits of human ability and our current state of knowledge, and that there is sound basis for their understanding. I believe that if it represented a flawed understanding, that other scientists would make their careers out of correcting the flaw. And that over time, the model will become more and more accurate.
But even this "belief" is subject to revision. Perhaps the scientific method itself will be improved upon.
Science has learned humility, which is why it now speaks more of "theories" than "laws". Einstein's theory of relativity refined Newton's laws. Science has learned that it must make all knowledge provisional... that any bit of understanding may be replaced by a deeper understanding. At each point, we have a picture of how the world works, but that understanding is subject to revision. Perhaps String Theory holds the key to the next breakthrough in understanding. If so, it will have to prove itself to a skeptical scientific community.
Skepticism is so important to progress in science. Any new idea has to prove itself to a skeptical community. This means it can take a long time for a new idea to become accepted. When I was a child, I remember a crazy notion that birds evolved from Dinosaurs. Now it is accepted dogma. Sufficient evidence was accumulated to convince a skeptical scientific community.
It is the combination of skepticism with a high burden of proof that makes it possible for science to advance in a sure-footed way. This is part of the scientific method, and one reason I can believe in the scientific method. I know that accepted scientific theories have been subject to intense skepticism and scrutiny, and have passed the test.
Can the same be said of religious belief?
Sunday, November 28, 2010
Thursday, October 21, 2010
Hyper Productive Programming
A couple of years ago, I started a payments company with a (non technical) co founder. We teamed up just before the stock market tanked, and needless to say, had a hard time raising money. Eventually we did raise some VC, but not much. Anyway, we had to build the product and the company on a shoe string.
I started developing a philosophy, born of necessity, of hyper productivity. There has always been the myth of the super programmer (think of the evil geek from Jurassic Park). The dude who can do it all. Generally this falls under the category of Hubris, and yet... with todays technology (open source and cloud computing), it is in fact possible for one or two good engineers to build and run a fairly complex software enterprise.
Cloud computing allows a software engineer to let somebody else, such as Amazon, worry about the hardware. The cost of using a service of Amazon is so much cheaper than buying equipment and staffing an IT department that it's really the only way to go.
Google Apps provides an intranet in a box. Group Scheduling? Check. Email? Check. Shared Documents? Check. The free version is fine for a small organization.
Leveraging appropriate software engineering tools keeps things productive. We use a Java stack with Hudson and Ant for build automation, Ivy for a repository, Junit for test, Eclipse IDE, GIT for source control, and Jira for bug tracking. It's what you'd expect to find in any large organization. Except that, uh, it's just me.
It seems like a lot of infrastructure, and it has certainly taken time to put all the pieces in place. But I don't regret any of the time spent in building the infrastructure. It's all paid dividends. If an outside observer were to look at our software stack and engineering infrastructure, they would easily believe it was supporting a serious software organization. And it is. Just a very small one.
Saturday, July 10, 2010
IFrame URL should be displayed by the browser
I wasted several hours struggling through a problem with facebook's OAuth implementation, trying to get it to work within an iframe. After a bit of research, I worked out that it is designed NOT to work in an iframe, to avoid phishing/clickjacking attacks, and this is, in fact, the recommended practice in the OAUTH spec. Because the user can't tell (from the URL bar) what site an iframe comes from, it is recommended practice that the OAuth authentication happen in a popup window, or a page that you're redirected to, but not a page within an iframe.
In my opinion, this is getting things back asswards. This is a browser problem. Browsers should display (on mouse over, or focus) the actual URL for the iframe. If you're on www.foo.com which contains in iframe hosted by www.bar.com, when you mouse over the iframe, it should display the URL for that site (maybe hovering below the URL bar). Perhaps the browser could also change the mouse pointer, or have the favicon for the actual site appear near the cursor. It could also indicate whether the iframe is secure (https).
IFrames are great, but they do have security concerns... but those concerns should be addressed at the browser level, not by requiring unnatural user interface design.
In my opinion, this is getting things back asswards. This is a browser problem. Browsers should display (on mouse over, or focus) the actual URL for the iframe. If you're on www.foo.com which contains in iframe hosted by www.bar.com, when you mouse over the iframe, it should display the URL for that site (maybe hovering below the URL bar). Perhaps the browser could also change the mouse pointer, or have the favicon for the actual site appear near the cursor. It could also indicate whether the iframe is secure (https).
IFrames are great, but they do have security concerns... but those concerns should be addressed at the browser level, not by requiring unnatural user interface design.
Subscribe to:
Posts (Atom)