What if Ruby adopt Python style indentation?

Python’s most famous feature

One of the famous features in Python is its semantic indentation. Here’s a code snippet from Python official documentation:

There are no “end”s, no curly brackets. Python uses indentations to group statements, which is one of the features I like Python over Ruby. Here’s the identical code written in Ruby:

If Ruby adopt Python style indentation, the Ruby version can save 4 lines, which will become something like this:

Curly Brackets are less noticeable

Indentations are used to improve readability in the source code. But since then, curly brackets remain exist for compilers. Programmers don’t really pay attention to them when reading codes. Have you ever tried fixing the missing closing brackets? Your code looks completely fine when you scan through the structure, but that missing bracket screw the compilation.

Repeat yourself with that indentation + curly brackets

By using indentation and curly brackets together, we are violating the DRY rule – Don’t repeat yourself. In order to follow the rule, you need to pick either indentation or curly brackets. I would pick indentation over curly brackets because of the visual benefit.

We interprete the code by indentation

The the famous “if-else” pitfall of C code, which seems to be fine at first sight. But it turns out that in case Country A is friendly, when president has some time, he will make a phone call to Country A. If president doesn’t have time, he will bomb Country A.

Turns out organising blocks by indentation can solve this problem. Since organising blocks by indentation is more intuitive, less faults will be made by programmers even if he is somehow careless or less familiar with the language syntax.

Conclusion

Why write more if you can write less? Some programmers argue this limits the way they can organise the code, but I would say it gives more benefit than its cost. After all, all programming languages limit the coder in some way. Another language which follows the Python indentation syntax is F#, which is developed by Microsoft.  I predict more programming languages will adopt this syntax in the future.

Annoying SSH brute force attack from zombies

The problem

If you have ever checked on your SSH access log, you will find a lot of login attempts like this:

On this server, I want to check how frequent the attempts are so I type in the shell:

I haven’t excluded my connections here because it was only a few. It shows that my server had 1545 SSH disconnects on 3rd of May, I received an SSH login attempt per minute on average.

There are a lot of tips to secure your SSH server out there already so I am not going to repeat them here. Theoretically speaking, the attacker will have no chance to access your system if your password is long enough. For a random 10 character alpha-numeric password, there’s only 1% chance to break in after 229 million years if the attacker try 10000 times per day. It is also a good idea to enforce RSA keys on a multi users system.

Still, it is annoying.

Although it’s impossible for attackers to break in a secured server, I’m annoyed. Most of these attacks come from zombie networks, and the real hacker is behind them hiding so you can’t really do anything about it. There’s almost no cost for each SSH attempt so they will do it 24/7.

zombies-620x412

Consider increasing the cost for failed attempt?

I was thinking of a way to increase the cost for SSH attempt after a fail attempt, which is controlled by a new SSH protocol. The server can generate a factorisation problem for the client, and then double the difficulty of the problem after each fail attempt. Would this kind of protocol drastically decrease the throughput of the brute force attack? Feel free to put your 2 cents in.

If your code doesn’t solve a problem, it creates more.

I have already been working on startup projects for about 2 years. Startup software engineering is not easy because the requirements change a lot, and they change quickly. The code that is written today might become useless next week, sometimes even worse that it hasn’t been used at all.

Through out the development process, we are constantly implementing new features for the new requirements. This process is often limited by the existing designs including the database design and system architecture  You either need to dive in and make a lot of changes, or commit to the current design and work on a hackish patch to provide that feature. This makes me think, “It would be much better if I didn’t write that code at the very beginning.” If your code doesn’t solve a problem, it creates more. The requirements will eventually change and smack you into your face.

3091859101_d1b2216df0

Ancient soldiers don’t carry the most powerful weapons or armours to war, because they are heavy. Most prefer leather armours or chain mails over plate mails, it is much lighter and also cheaper. In fact, soldiers travel over 90% of the time during wars. A more powerful gear could have exhausted them before they fight. Similarly in software engineering, you need to maintain your code base all the time. You want to be lightweight and swift so that you can be ready for the requirement changes.

Simple modular design in Unix is probably why it is still widely used nowadays (Of course, the free, open source is also a major factor).

Related reading:
http://www.codinghorror.com/blog/2007/05/the-best-code-is-no-code-at-all.html
http://www.skrenta.com/2007/05/code_is_our_enemy.html

Hello World!

Hi guys, I have been thinking of writing a blog about programming, software engineering, and other stuff about my living. So…here it is!

I haven’t planned any regular update of this blog. But I think I will update it at least once a month.

Peace.