See the old post. Apparently this is called steganography and is a well researched field! That just proves you how hard it is to invent anything new. Anyway, I have optimised the algorithm and build a website dedicated to it: http://stega.maxant.co.uk.
Blog
Image Encryption
Problem The trouble with encrypting documents is that its quite obvious that they have been encrypted which makes people want to decrypt them. So what about some kind of sexy algorithm that encodes a message within a picture? If the picture only gets slightly changed, then no one will ever realise it contains a secret message, since it looks to all intents and purposes like its a genuine picture. Analysis So, an evenings hacking later and I've come up with an algorithm that does it. The program takes an image file (gif, jpeg, etc) and outputs a bitmap (it cannot be output to a format that compresses with loss like JPEG, otherwise its not possible to decrypt the message since what gets saved is saved with bits lost). Here is an example of a red image that has been modified to contain a message: OK, if you look close (see below which is zoomed in) you can see the modified dots. But its just an example. So here is a photo that has been modified to contain a different secret message: Again, without zooming in, its hard to see the changes. Below is a zoomed in version. You can see the changes as speckled dots. The algorithm has been tuned to try and match the changes to the pixels around the changed pixel. If the surrounding area is blue, the change will be blue, whereas if the area around the change is red, the result will be a red pixel.…
The End Draws Nigh
As we start seeing the light at the end of the RMR tunnel, we are on time, on budget! But is it purely down to my masterful planning and estimating skills? Or are other factors at work? Well the planning is in the right ball park, but as I started to ask myself if we could have finished any earlier, two things dawned on me. 1) Project Teams work to a given deadline and are unable to realign to an earlier one 2) Although Quality, Cost and Funtionality are all within the required boundaries, there are ways to cut corners without affecting them, when viewed from a high level (e.g. the project stakeholder) In terms of the former, I think it is well known that if you assign a task and allow a given time for it, it is very likely to take that long if the time allocated is realistic. It takes dedicated individuals with something to win by delivering early, in order to do that. The latter point relates to having loose requirements specifications from the customer, and moving requirements driven by the development team as we designed and engineered the solution. It is relatively easy to convince a customer how to change the system to make it easier to develop, when he cannot sit down and play with it to see if the proposed solution will work for him. It's like building a kitchen and negotiating using a different cupboard that is easier to install. If it…
Testing Migration Processes Early
When preparing the final stages of your project, you need to start thinking about delivering your system into production. Typically you need to pass from development environments through to testing, integration, user acceptance and finally production. In order to have a good plan that can be successful, here are some things that you need to consider: 1) Are the processes already in place to allow smooth transition? 2) Are there good guidelines and quality assurance procedures involved that will ensure repeatable deliveries? 3) Are all the technologies you are using already in production? 4) Is there experience of how long a typical migration through all environments might take? 5) What is the absolute fastest time that the migration cycle can be completed in? 6) What are the "no go" traps? What quality assurance points are in place that could stop your migrations? 7) Is your build process entirely automated and fully repeatable? 8a) How many people are involved in the migration process? 8b) How many of the people involved in the migration process do you know face to face? 8c) How many of the people involved in the migration process can you go and physically sit next to in the event of problems? 9) How many companies are involved in the migration process? All these points, and surely more, can have big impacts on the delivery process. I recommend doing a trial delivery very early on so that you can discover what the hurdles are. Of course, some quality control…
EJB Frustrations
This is by far not the first time I had worked on a project with EJBs (Enterprise Java Beans, see http://java.sun.com/javaee/), so why am I still amazed at the time wasted in the development of them, relating to configuration issues, compiling time (double compilation due to RMI requirements), slowing down of development environments due to the vast resource requirements of application servers, and obscure error messages? That last point deserves expansion - on Websphere, not only do you sometimes get strange CORBA related error messages on the client which have absolutely nothing to do with the problem, but you also get orb trace files secretly dumped with no warning! And similar on the server with the ffdc traces that get dumped, with a very simple warning message printed in the logs... I recently reviewed our current system to ensure that errors in logs were extremely concise and at the same time provide the exact details that second and third level support needs to resolve problems. Unique error codes, showing the customer the timestamp to report, User messages as well as technical messages in the logs for support staff, and so on. Shame application server vendors couldn't do a little more to make developing on their systems somewhat more efficient...
Requirements Gathering geht schief!
If requirements are gathered by someone who isn't an end user, but who is an expert in the domain, there is the likelyhood that the requirements will be only roughly accurate. If that gatherer then leaves the project and you lose touch with the end users, your'e even more likely to lose your way. On a number of occassions I have seen the end users arguing with the developers as a project comes to a close, over whether what was implemented was what was required. More frequently than not, the system will do what is required, it's just that it does it in a different way. There is more than one way to write a Word document for example! Systems that are complex naturally have more than one solution. It depends on how the persons implementing that solution think - their entire background, culture and education can affect the solution. A fully trained kitchen fitter might have a very different perception of how a kitchen design system should work compared to a software Architect, Developer or Business Analyst. But if the system allows them to design a kitchen, is it relevant if the dialogs, screens, functions and/or business processes of the system are different? Take an SAP system for example. These come preconfigured with thousands of business Processes, Forms, Dialogs, Data Models, etc. SAP allows for example, a company to implement a Supply Chain application. But there are many, many companies which have changed their business processes to match their…
Login doesn’t appear to work?
I've come across the following problem in IE7 in several products which I initially commented on at the MVN Forum forum (incidentally MVN Forum is a great open source Java Web Forum). Here is a copy: First, thanks for MVNForum - I've used it before, and I have now come back 4 years later to use it again. Its perfect for an all Java platform! But I have a strange bug, which I have figured out. For some reason, with IE7, Tomcat 5.5.9 (and later), MySQL 4.1.x, I find that with IE7 only (not Firefox), it is putting the jsessionid into the URL instead of using a cookie. I have tried changing all the settings in MVN as well as in IE, but it still uses URL rewriting when using my site, even though the cookies work perfect on this forum... I can't figure that bit out... Anyway, I debugged into MVNForum to see what was going on, and I noticed that after one enters their login details, it sends a redirect. In this redirect, the "redirect-to URL", does not contain the jsessionid, and so a new session is started. That means users cannot then do admin, or whatever, depending on user permissions, because the server thinks its a new session and wants them to authenticate again. I used the debugger and on line 426 of com.mvnforum.user.UserModuleProcessor (right at the bottom of the process(HttpServletRequest, HttpServletResponse) method), I modified the value of the responseURI in the JVM, to include ";jsessionid=XXX" where…
System Colours
We had an interesting experience on our project a few weeks ago. We asked the users for colour specifications for the GUI. Now bearing in mind they have been using a system that is 20 years old, they came up with "green back ground", "blacks", "grays", etc. Here is a demo: OK - I admit I used the brightest green I could find, but the point was that with modern look and feels, we thought it would be better to stick with default colours: Lessons learned? Work closely with the customer but don't be afraid to recommend the sensible options when they arise.
EJB Restrictions
I found this useful article on what restrictions EJBs should uphold. http://www.javaworld.com/javaworld/jw-08-2000/jw-0825-ejbrestrict.html
Making Off Shoring Work
Here is a paper I wrote some time back on how we made off shoring successful at a client site.
