Symfony is a PHP web development framework, similar to Ruby on Rails. The framework is currently gaining in popularity; a few months ago it was announced that it is used by Yahoo! Bookmarks, for instance. Recently, version 1.0 of symfony was released. A print manual, “The Definitive Guide to symfony” by François Zaninotto and Fabien Potencier, was prepared in conjunction with this major update of symfony.

As the title suggests, the Definitive Guide to symfony is a guide book. Every chapter explores a certain component or part of symfony, ordered in such a manner that someone who hasn’t touched symfony before can easily get started. The book is not a tutorial; even that the chapters are sensibly ordered, the book does not take the reader through the process of developing an application.

The sections of the guide are,

1. The Basics: An introduction to symfony, who made it and why, and a primer to the underlying technologies used by symfony including PHP itself. Later chapters in the first part delve into an overview of how symfony works and how to set up an application in the framework.
2. The Core Architecture: This part of the book is essentially a description of the MVC pattern and how it is employed in symfony. The chapters talk about how the Control, View and Model layers work in symfony.
3. Special Features: If the previous parts are about the foundation of symfony, the Special Features part of the book is really about the bells and whistles of the framework. The routing system, the form helpers, Ajax, caching and internationalization are described here.
4. Development Tools: A description of the tools and mechanisms in symfony used during the development tools, just like the name would imply. Generators, unit testing and other important tools are described here. Towards the end there is an oddly placed chapter about extending symfony.
5. Becoming a symfony Expert: This is a very interesting section which gets into performance optimization for symfony. The authors pool some very valuable practical experience about deploying symfony applications into this part of the book.

The book places almost no requirements on the reader. Obviously you will need to know PHP 5, but apart from that the book carefully introduces almost every concept used in the framework. At the same time I don’t think that a more experienced programmer would find the hand-holding excessive – the 450 or so pages went by quickly when I read the book, and I have worked with symfony before.

The book also features a good selection of sample code and examples. This is in line with the general pragmatic feeling of the book. There is no key concept left without an illustrative code sample. Anyone who has worked with symfony and its developers before will recognize this. The official website is absolutely brimming over with code samples, and Mr. Zaninotto in fact even wrote ‘snipeet’, a code snippet repository. The book is right in line with this demonstrate-by-code philosophy.

The book has some shortcomings. The chapter about Generators feels incomplete for one. Ostensibly the chapter is about the automatic generation of code, called scaffolding, that is a common feature for many modern web development frameworks. This kind of generation makes it faster to develop web applications since it creates a foundation (hence the term scaffolding) for building the web application. But the Generators chapter is really hijacked by the automatic admin generation feature of symfony. While this is a very powerful and impressive feature, the very strong focus on this feature may leave the reader wondering about the ordinary, non admin, scaffolding functionality. For example, it is not at all clear how to customize what generated scaffolding should look like. With such a lengthy description about how to customize the generation of the admin interface, the omission of a corresponding general section is conspicuous.

(For the record, this is how to theme or customize the generated scaffolding:

1. Copy the default theme from

   $sf_symfony_data_dir/generator/sfPropelCrud/default/theme

   to

   data/generator/sfPropelCrud/default/theme

2. Edit the files in data/generator/sfPropelCrud/default/theme/templates as you would with an admin template.
3. Generate like usual: symfony propel-generate-crud <app> <module> <base>.

The generated code will be built to specification.)

Another shortcoming of the book is that there are a few instances of bugs in the provided source code. It might have been useful if the authors had taken a day to test-run their code. For example, in the database section, page 156, the following sample databases.yml listing can be found:

all:
  propel:
    class:                sfPropelDatabase
    param:
[...]
      encoding:           utf-8     # Default charset [...]
[...]

When I tested this code I got an error message: Unknown character set: 'utf'. Turns out that “utf-8″ is not the correct identifier – “utf8″ is correct.

These shortcomings are minor though. A few typos are to be expected, and with so much to cover omissions may accidentally be made. All in all the book is a friendly and pragmatic one. The material is described in a light and fluffy way – there is no ‘academic’ dead weight or terse theoretical descriptions, but rather a hands on description about what symfony programming is like. The book can be used both as a primer and as a reference for a person who is not yet a symfony expert.

If you want to know more about the book, you can actually finds its whole contents online. At the time of this writing, the online edition is available at The Definitive Guide to symfony. This is very generous and a great aid when you want to quickly search for something. Curiously enough Apress, the publisher of the book, has a full page ad for an eBook version in the print edition. They charge $10 for this pleasure, which is a bit odd.

Update 1: The original article credited Mr. Potencier with the Snippeet application. Snippeet was in fact written by Mr. Zaninotto. I apologize for the mistake.
Update 2: Jason Gilmore, the book’s editor, wrote to let us know that Apress sells the $10 ebook as an additional means to support GFDL work. Take a look at the comments section below for the full clarification.

That title sure caught your attention, right? It’s not as bad as it sounds. I’m not a Black Hat hacker, I just enjoy reading security related books.

Back in 2003 the famous/notorious hacker Kevin D. Mitnick released his first book called The Art of Deception which discussed different elements of security that relate to social engineering. When I read the book back then I was really both chocked and amazed how easily a well-skilled social engineer can gain access to the most sensitive type of information.

In his latest book The Art of Intrusion, Mr. Mitnick moves on from social engineering to discuss digital security. Since I personally have much more experience with digital security than with social engineering, the techniques used in the stories were not that exciting. However, the plots of the stories were quite interesting. In a couple of the stories in the book the reader gets to follow security consults who work on penetrating various companies (the company names are not mentioned). Even though the techniques used by these consults were maybe not shocking in any way, the way thought was. The guys in these stories really know how IT-administrators at midsize and large corporation think, and where they’re likely to cut corners and be lazy.

- Did you disable all network ports that are not in use?
– Did you change the default password on all your network-equipped devices?
– Is your internal voice-mail system using the default password?
– Did you install the latest patches on all you servers? Even the internal ones?
– Did you disable all services that are not in use?

Even though the book brings little new technical knowledge to a tech-savvy person, it shows you how a skilled hacker can obtain important information about your system with, what you think is, trivial information.

Verdict: I would recommend this book to anyone who works with technology or security in a corporate environment. Also, if you haven’t read The Art of Deception, I’d also recommend you to read it.

           

There are some major drawbacks with today’s laptops. Some of these bothers me a lot. Battery life is one of these things. I know there are some Sony laptops out there with 6 hours or so of battery life, but I only get about 2 on my PowerBook.
Weight is another thing that really bothers me. No matter if you’re a student or a business guy who carries around you laptop in you all day, you know how annoying the weight of a laptop is.
In this article I will explore the future of mobile computing the way I predict it. There are no scientific evidence behind my predictions, this is just my thoughts and ideas.

As I already mentioned, one major drawback with today’s portable computers is the battery-life. Why can’t they make computers with 24 hours of battery life? There are several reasons for this, one major reason is because of weight. I guess it would be no problem creating a laptop with today’s technology with 24 hours of battery life. Just hook up a couple of UPSes to you laptop and you’re set. However, It would probably not be very portable, since the weight of the laptop would turn it more into a huge server rather than a portable laptop. Let’s explore this for a while. What can we do to change this? As I see it, there are a couple ways we can achieve this (which can possible be combined for higher efficiency).

More efficient CPUs. Developing new CPUs with lower power usage is a given one that the CPU manufactures are constantly working on. However, I would also suggest that we lower the performance and focus more on batter-life. I’ll get back to why I think this later on in this article.

Switch away from traditional hard drives. One component in the computer that uses up quite a bit of power is the standard hard drive (which is a 2.5″ hard drive in most (all?) laptops). Do we really need to go for this approach? Why can’t we use a small flash-drives for hard-drive? Flash-drives are far more power-efficient than regular hard drives, and they are also far less sensitive to damage since they have no moving parts. In addition to this they can also access the data quicker. The downside is that the price per megabyte is really high for this kind of storage, but I’ll come back to how we will solve this later on.

Batteries with higher capacity. This is a field that is being researched a lot these days. Fuel-cell batteries seems to be something that will change the battery-world quite a bit of they now manage to make these stable and less dangerous. The question remains if they ever will be allowed on board a commercial jet in the post 9/11 era.

Now we’ve dealt with the internal part of the computer for a bit and how we can make those more power efficient, now let’s move on to the features that the laptop of feature will offer.

Touch-screen. I know, this is fairly common today, but I think we just seen the beginning of this trend. Let’s say you have a ultra-portable laptop with great battery life, wouldn’t this make a perfect e-book reader? You just flip and twist you monitor and you have a perfect book. You can read, high-light and make comments right there on the screen. No more carrying books around, you have it all in your laptop.

Wireless Gigabit network. In the post 802.11n era, I think we will start seeing country-wide networks that are freely available to the public. Google WiFi is just the start, Hight speed Internet connection will be taken for granted as we look at water and air today. Sure, there will be plenty of companies who will be lobbying against this (such as T-mobile etc), due to their own interests, but they will eventually realize that they’ve lost the war.

Biometric authorization. I’m still not sure which of the biometric methods that is the better one, but I’m sure we will see more of biometric authorization in the future.

Now lets sum up what I’ve written so far and think about it for a second. We now have an ultra-portable laptop with a slow CPU, a small hard drive, but a battery life of 24+ hours. However, we also have a Gigabit Internet connection available wherever we go, so what can we do with this? Well, a lot I’d say. Why do we need a big local hard drive if we always have a high speed Internet connection available? We don’t. Some of you might start to see where I’m going. Remember back in the days when we used those terminal-computers? Everything we ever needed was located on the server. I like that idea. Seriously, it’s brilliant. How many of you guys have ever dropped or lost your laptop? How much data was lost when that happened?

Thin-clients such as Citrix offers similar solutions today, but they tend to be very slow, and they only work (as far as I know) with desktop solutions (except for the client software).
If you have a hight speed Internet connection wherever you go, why do you ever need to store any data or do any calculations on you local computer?

Instead of booting up you laptop you operating system, you have a small loader on your flash-drive or in your BIOS that initiates the network card, create a secured tunnel to your company’s server and connects to a terminal window. In the terminal you have all you data accessible, always available from whichever of you terminals you connect. No more worries about taking backups of all your data on a regular basis, the server takes care of that for you.
In addition to that you don’t need to worry about sensitive data. Even if you loose your computer, all your data is located on the server anyway, and since they need you biometric authorization to access the data, the client is useless to them. Yey! no more laptop thefts.
Now when we’re connected to our super-fast server, why do we need a fast CPU on our laptop? We don’t, since all calculations will be done on the server anyways.

So when will this be possible you might wonder. It’s actually not that distance, everything except for the Gigabit WiFi would be possible with today’s technology.

  Digg This!  Reddit!  Add to del.icio.us  Blink This!  Add to Furl  Plug This!

A couple of months ago we wrote that Google’s Searchmash was secretly experimenting with the real next thing in search. Today I noticed that a service similar to what I described in that article has already popped up: Yoople. Here’s what they write:

At Yoople! Project we believe that Web Searches are quite good, but not as smart as a human brain could do. As today we are forced to accept the order given by search engines and click the results as they are, unfortunately this does not mean the human searcher agrees with the returned results index. Moreover clicking a result does not mean the website contains the contents we were looking for.

This is essentially true. No matter how good a machine is at sorting search results and removing spam, it will always be just a machine. It cannot possibly know what people wish should be their top result without in some way actually asking the user. Google tries to work around this limitation by assuming that web pages linking to other web pages constitute ‘the people’s voice’ so to speak and that a link to a web page within a certain category is a vote for bringing that page up to the top of search results for that particular category. This is a sensible approach but it is not perfect. A limited amount of links is one problem. It is also not necessarily the case that the most relevant page has the most links to it: consider spam sites or sites that just get a lot of links in general and therefore rank better even for irrelevant searches.

The people voting ranking algorithm does have a couple of flaws though. Once again the most important one is spam. First of all it’s hard to verify that users are humans. If a user had to fill out a captcha thing every single time they want to rearrange some search results it would get old really quickly. And what’s worse: even if there was a good way to verify that the voter really was a human, how would you be able to verify his intentions? Maybe he’s just a guy paid to vote up search results by some company. Imagine Paypal asking their telemarketing section to take a day off their schedule just to go and vote away Paypal Sucks from the major search engines. It wouldn’t cost them much and it’d almost certainly succeed. A great investment of their money and time.

It is not unlikely that this is something we will see more and more off. Realizing the immense power of sites like Digg, marketing companies will start paying little groups of people to get articles on the front page. Imagine if you’re a technology company and you’d normally pay 15 cents per visitor through normal banner advertising or what have you. You could instead give 50 people $10 each and get 15,000 visitors from Digg. It’s cheaper and comes with all the attached buzz. As we move towards people controlled search engines this will definitely become a problem there too: 50 people voting a website up to the top will have a huge impact for most search terms since it is unlikely that most legitimate users will vote at all.

None the less, the way forward is to allow people to reorder their results and to delete spam results. It’s the only way to really teach search engines what us humans actually want. There are problems along the way but there will be solutions.

           

If you’ve been with us from the start, you probably already read our article Building the Base-camp Part 1. If you missed out on that one, I suggest that you go ahead and read it. In this series we talk about software applications that we as young entrepreneurs of the open source-generation use in our daily business-life. If you’re not familiar with many open source applications, you’re likely to find plenty of new tools that you will find useful. However, even if we are using many open source applications, that doesn’t mean that we never use commercial softwares. There are a few commercial softwares we do like as you will discover in this series.

Today I’ll talk about two utilities that might not be very well known to the average user, and therefor deserves some extra attention. The reason why I chose these two softwares is because I use these softwares very frequently, and I love using them.

The first software is not so much of a software as it is a set of Perl scripts. The software is called awstats, and is a log-analyzer that creates a nice statistics page from a given log file (such as Apache or your FTP-server). We use this to analyze the traffic to this page, to see where our visitors comes from, as well as what they find interesting. Awstats also gives you other information such as how much time your users spent on your web-site, and what browsers and operating system they are using. If you enable the IP-lookup feature, you can even track down you users, to see from what country are from (assuming they are not using any proxy etc. in another country).

The setup of the software is fairly straight-forward. Just follow the instructions in the INSTALL-file, and you’ll be up running in no time. The only issue I’ve been experiencing with awstats has been related to the log-format in the config file. Make sure the config in you awstats config agrees with the log-config in your apache config file (assuming you’re using apache). By the way, do I need to mention that awstats is open source?

The second software is, in contrast to most of the other tools we use, not an open source application. If there was an open source replacement that could produce an equally good result as this software, I wouldn’t hesitate to switch. Anyhow, the software is called OmniGraffle Professional, and is a great tool for creating outlines, flowcharts and other types of drawings. Prior to using this software I always ended up with a bunch of papers laying around with numerous of flowcharts and drawings for every project I was working on. Still I usually start with some drawings on a piece of paper, but then I usually digitize it and throw away or shred the paper. The result is a fabulous looking flowchart or drawing. Not only do the result look better, it’s also much easier to send, print and share it with other people involved in the project.

I know there are plenty of similar tools out on the market to do these kinds of tasks, but I really like this software. Not only is the software easy to work with, it also uses graphics that make you want to show your work to others rather than hiding them from the world.

Nowadays I use this software for every possible usage. It doesn’t matter if I’m designing a web portal, a database or documenting a network or an organizational chart, this is where I begin. Another good thing is that it comes with numerous icons, and if these are not enough, you can download more of them from their website.

Stay tuned for the next article in this series. If you have any comments or suggestions, please post a comment.