Android app security

David Ireland wrote “Reading Japanese govt: Use operator-run app stores, not Google Play reminded me of an app that I use a lot, but who’s permissions are a cause for concern: Ocado on the Go. The Ocado app wants to use your phone’s video camera, so it can scan bar codes. This is a legitimate requirement: there’s no way…”

Three approaches to ambiguous grammars

Frank Shearar wrote “We have many tools in our parsing toolbox. Today let’s look at how three different parsing techniques handle ambiguity caused by choice.”

Enums: not always the right tool

Frank Shearar wrote “Enums are a way of encoding a set of ordinal values in a type system. That is, they formalise the notion that a value may be one of a small set of specific values. We’ve had them since at least the 1970s. They’re really useful. So why might they not always be the right tool?”

The unreasoned Javan

Tim Clark wrote “I really hate null! Reflect on that statement. Apparently Tim has a strong dislike for a concept found in lots of programming languages (even brainiac languages like Haskell) and successfully used in millions of programs. He must be crazy I wouldn’t like to have a discussion with him about something contentious like tabs versus spaces.”

King Kong! Misadventures in Ruby meta-programming

Tim Clark wrote “Sometimes after a particularly fraught bug stomping session you make a frivolous offhand remark to a colleague, for example “I will write a macro that converts lisp definitions in prefix form so that arithmetic looks like how it was taught to you in school” or “I won’t let my unit test really be an integration…”

By Heinrich Klaffs [CC-BY-SA-2.0 (], via Wikimedia Commons

Mustache for your mail merge

Tim Clark wrote “At LShift we like to program on blackboards using untyped lambda calculus, and we enter code into a computer only once we have a truly generic solution to a problem. However, most of the time we need to earn money so that we can eat and wear clothes other than LShift t-shirts – this usually…”

“Nearby art”: using the V&A API and geolocation

Tom Parker-Shemilt wrote “A little while back, I was informed that the V&A had an API. To be honest, my first response to this was “why on earth?”. There’s been a few similar APIs coming out recently from organisations, with some sort of “build it and they’ll come” expectations i.e. expecting that all they have to do is…”

Yahoo doesn’t know what an email address is

Tony Garnock-Jones wrote “Many websites refuse to accept email addresses of the form ``, despite the fact that the `+sometext` is perfectly legitimate1 and is an advertised feature gmail offers for creating pseudo-single-use email addresses from a base email address. My guess is that the developers of these sites think, because they’re either lazy or incompetent, that email…”

Adventures with the Fisher Price My First Firewall

David Ireland wrote “I’m writing this blog entry for therapeutic reasons. Everything you need to know is in the link below. Readers are invited to share the worst anti-features they have found in network devices by posting a comment. I had a strange problem sending email from a host. I first discovered that trac couldn’t send messages via…”

Smalltalk vs. Javascript; Diff and Diff3 for Squeak Smalltalk

Tony Garnock-Jones wrote “Many of my recent posts here have discussed the diff and diff3 code I wrote in Javascript. A couple of weekends ago I sat down and translated the code into Squeak Smalltalk. The experience of writing the “same code” for the two different environments let me compare them fairly directly. To sum up, Smalltalk was…”

E4X: Not as awful as I thought

Tony Garnock-Jones wrote “Long, long ago, I complained about various warts and infelicities in E4X, the ECMAScript extensions for generating and pattern-matching XML documents. It turns out that two of my complaints were not well-founded: sequence-splicing is supported, and programmatic construction of tags is possible. Firstly (and I’m amazed I didn’t realise this at the time, as I…”

.NET is an endless supply of fascinating puzzles

Tony Garnock-Jones wrote “In C, size_t is unsigned. In Java, there are no unsigned fixed-width pseudointegral types, so it can perhaps be forgiven for having an array’s length field be signed. In .NET, however, which has unsigned ints, an array’s length field is also signed. What could it possibly mean to have a length less than zero?”

Closing over context still not easy in mainstream languages, Film at 11

Tony Garnock-Jones wrote “I find it fascinating that after so many decades of support for closures, we’re still stuck in a C-style mentality of passing function-pointers that take an explicit context argument rather than a proper closure object. Witness the design of .NET’s Type.FindInterfaces method: public virtual Type[] FindInterfaces (TypeFilter filter, Object filterCriteria); The TypeFilter argument is a…”

No CV?

Sophie Clare wrote “Although we’ve been very pleased to welcome Felix and Simon in the last few months, and we’re very happy about the return of Sam Jones, we’re still on the lookout for fresh blood. We really haven’t had much luck with recruiting strangers recently. Simon and Felix both came to us via personal introductions. We’ve been…”

Why does everything on the web require registration?

Michael Bridgen wrote “Some sites or services, quite reasonably, need to know who I am (and that I really am that person, to some acceptable level of verifiability). It’s usually because they hold data on my behalf, and neither me nor they want anyone else getting at that data. But why does InfoQ require me to register to…”

E4X and the DOM

Tom Berger wrote “Reading through tonyg’s recent post I came across something i haven’t yet seen in use – inline XML within Javascript code. E4X, it seems, has landed. It is now available by default in Firefox and Rhino – other implementation will surely follow. E4X, shorthand for ECMAScript for XML is a nice language extension to Javascript…”