Dragons in the Algorithm
Adventures in Programming
by Michael Chermside

How Long is an Email Address?

Suppose you are setting up your database table, and you want to create a column to store an email address. How many characters should you allow in the field?

In Oracle (what I use most often), the correct type to use for an email is VARCHAR2(x) for some value …

Read more

Posted Wed 17 December 2008 by mcherm in Programming

My Security Nightmare

As Willie Sutton didn't say, "I rob banks because that's where the money is."

I work for a bank, and so I worry more about security than most programmers. After all, if a hacker were were truly motivated and competent who would they pick to go after? Probably a bank …

Read more

Posted Thu 04 December 2008 by mcherm in Programming

Election Guide, Nov 2008

Here is a description of all items that will be on my local ballot for this upcoming election, along with my own personal recommendations on how I expect to vote, and why. For quite some time now, I've done this sort of research before elections; this time I decided to …

Read more

Posted Sat 01 November 2008 by mcherm in Politics

Separation of Concerns

Once upon a time (in the dark ages of web application development) we built our applications as a single monolithic Perl CGI script, or perhaps a large JSP file containing the entire application. The code looked something like this:


<% Cost[] costs = CostHelper.calculateCosts(loanData, currentDecision); %>
Current Costs:

    Cost …

Read more

Posted Mon 27 October 2008 by mcherm in Uncategorized

Many ways to attack websites

Developers of web applications have quite a few different kinds of "attacks" to worry about. I will try to describe the major categories I know of, including one which is "new" as of the past month or so.

SQL Injection

The most venerable is the SQL-injection attack (and related attacks …

Read more

Posted Thu 09 October 2008 by mcherm in Uncategorized