Home » Author Archives: Bear Giles

Author Archives: Bear Giles

Auto-encrypting Serializable Classes

java-logo

A crazy idea came up during the post-mortem discussions in the Coursera security capstone project. Can a class encrypt itself during serialization? This is mostly an academic “what if” exercise. It is hard to think of a situation where we would want to rely on an object self-encrypting instead of using an explicit encryption mechanism during persistence. I’ve only been ...

Read More »

Tips for Importing Data

software-development-2-logo

I’m currently importing a large amount of spatial data into a PostgreSQL/PostGIS database and realized others could learn from my experience. Most of the advice is not specific to PostgreSQL or PostGIS. Know the basic techniques Know the basic techniques for loading bulk data. Use COPY if possible. If not use batch processing if possible. If not turn off auto-commits ...

Read More »

Signing Digital Certificates with OpenSSL Library

software-development-2-logo

While working on the pgopenssltypes extension I realized that I haven’t discussed how to sign digital certificates using the OpenSSL library. (At least I don’t recall doing so – I might have discussed this in the early days of the blog. I’m pretty sure I’ve already discussed signing digital certificates with the BouncyCastle (java) library.) My pgopenssltypes extension will have ...

Read More »

Adding OpenSSL User-Defined Types to PostgreSQL

postgresql-logo

PostgreSQL supports user-defined types (UDT). These types can be used to provide type-safety on user-defined functions when we would otherwise be forced to use simple BLOB objects. This comes at a significant cost. Many databases support UDT but implementation details vary widely so there’s a significant amount of vendor lock-in. In addition C language UDT require deployment via PostgreSQL extensions ...

Read More »

Database Threat Models

software-development-2-logo

I finally have a breather and can start working through my backlog of ideas. I start with some background that will make the motivation for subsequent posts clearer. What are the threat models for the persistence layer of an application, specificially the threats against the database itself? Remember that a ‘threat’ is an adverse act, whether intentional (by an attacker) ...

Read More »

Using rlimit (And Why You Should)

devops-logo

I’ve been going through some old notes and came across a reminder of setrlimit(2). This is a C system call that allows an application to specify resource limitations on a number of important parameters:               RLIMIT_AS – The maximum size of the process’s virtual memory (address space) in bytes. RLIMIT_CORE – Maximum size of ...

Read More »

Getting A List of Available Cryptographic Algorithms

java-logo

How do you learn what cryptographic algorithms are available to you? The Java spec names several required ciphers, digests, etc., but a provider often offers more than that. Fortunately this is easy to learn what’s available on our system.           public class ListAlgorithms { public static void main(String[] args) { // Security.addProvider(new // org.bouncycastle.jce.provider.BouncyCastleProvider()); // get ...

Read More »

Getting an Infinite List of Primes in Java

java-logo

A common problem is to determine the prime factorization of a number. The brute force approach is trial division (Wikipedia, Khan Academy) but that requires a lot of wasted effort if multiple numbers must be factored. One widely used solution is the Sieve of Eratosthenes (Wikipedia, Math World). It is easy to modify the Sieve of Eratosthenes to contain the ...

Read More »

Fibonacci and Lucas Sequences

software-development-2-logo

This posts touches on three of my favorite topics – math, transferring knowledge through experience (tutorial unit tests) and the importance of research. Most developers are aware of the Fibonacci sequence, mostly through job interviews. To briefly recap the series is defined a: F(n) = F(n-1) + F(n-2), n > 2 F(1) = F(2) = 1   There’s a variant ...

Read More »

Do You Have Tutorial Unit Tests?

software-development-2-logo

I haven’t posted much recently because I’ve been busy with my new job. This brings up an interesting question – you are busy with a new job a lot when you’ve been doing 6- and 12-month contracts. What works and what doesn’t? What is your learning style?   Depending on the source there are between four and seven learning styles. ...

Read More »
Want to take your Java Skills to the next level?
Grab our programming books for FREE!
  • Save time by leveraging our field-tested solutions to common problems.
  • The books cover a wide range of topics, from JPA and JUnit, to JMeter and Android.
  • Each book comes as a standalone guide (with source code provided), so that you use it as reference.
Last Step ...

Where should we send the free eBooks?

Good Work!
To download the books, please verify your email address by following the instructions found on the email we just sent you.