I'm sitting on the balcony watching the world go by, helping various people with homework, and trying to dive back into my aborted development of yet another OS X livejournal client. Unfortunately, the camera's not letting me adjust the colour settings, so I may look a trifle blue.

(Updating Version)

(Warning, spoiler)

Signs sucked. It was a typical M Knight Shamayalan movie—all the characters were unbelievable and totally impossible to identify with, and the pacing was way off. This worked in Sixth Sense, where the two main characters were both supposed to be other-worldly, but both movies since have fallen flat because of it. He tried to offset it with a bit of David Lynch–style small-town weirdness, but he didn't manage to pull it off. There were a few funny moments, but not enough to carry the movie.

It was totally impossible to suspend disbelief. I'm not talking about the the whole “Crop Circles” rubbish, where you have to believe that aliens capable of space-travel are so bad at drawing maps that they have to flatten fields to remember where they parked their cars. You figure hey, that's the premise of the movie, I can live with that.

It's the stupid things. Like blurry video that looked like one of those newsreel bigfoot movies being automatically accepted as a real alien by the news. Or the fact that aliens can fly across the boundless reaches of space, but can't get through a locked wooden door. Or the total lack of any reaction from the powers that be. Or aliens who melt when exposed to water raid a planet that is 70% water, and they DON'T WEAR PROTECTIVE SUITS! I mean, for fuck's sake!.

Anyway, Signs was rubbish. You don't want to see it.

I'm definately seeing XXX, and Bourne Identity, but pass on the others. I don't think i can really stomach a saving-the-world-from-mass-destruction moofie, or a Mel Gibson trying to be a farmer moofie.

—Brett Morgan

Signs sucked. It was a typical M Knight Shamayalan movie—all the characters were unbelievable and totally impossible to identify with, and the pacing was way off. This worked in Sixth Sense, where the two main characters were both supposed to be other-worldly, but both movies since have fallen flat because of it. He tried to offset it with a bit of David Lynch–style small-town weirdness, but he didn't manage to pull it off. There were a few funny moments, but not enough to carry the movie.

It was totally impossible to suspend disbelief. I'm not talking about the the whole “Crop Circles” rubbish, where you have to believe that aliens capable of space-travel are so bad at drawing maps that they have to flatten fields to remember where they parked their cars. You figure hey, that's the premise of the movie, I can live with that.

It's the stupid things. Like blurry video that looked like one of those newsreel bigfoot movies being automatically accepted as a real alien by the news. Or the fact that aliens can fly across the boundless reaches of space, but can't get through a locked wooden door. Or the total lack of any reaction from the powers that be. Or (I've stuck this in a comment because it's a spoiler for the end of the film. You'll have to view source to see it. Search for "MORONIC MOVIE" to find the spot)

Anyway, Signs was rubbish. You don't want to see it.

In Bruce Schneier's latest Crypto-Gram, he links to Carnival Booth: An Algorithm for Defeating the Computer-Assisted Passenger Screening System. It's a description of how the CAPS program, a system in use in US airports since 1999 that selects people to search based on terrorist profiling, actually makes it easier for a sufficiently large and organised terrorist organisation to sneak something onto a plane.

It works like this. Say the security at an airport have the personnel to thoroughly search 8% of passengers. Normally, you'd have an 8% chance of being caught sneaking something through that doesn't get picked up by the metal detectors. Enter CAPS. If CAPS flags the top 6% of passengers for search (and you keep doing the remaining 2% randomly), now your chance of being caught if you're on the profile is 100%, but if you're not on the profile, your chance of being caught has dropped to 2%.

So all terrorists have to do is send potential attackers on three or four flights before the main event. If they get searched, they're replaced by someone else. The "security measure" has actually reduced their chance of discovery by a factor of four.

I am number one!

Cory Doctorow, proprietor of Boing Boing Blog, has managed to get an incredibly geeky short story published in Salon. It's a good read too.

Spent the afternoon at Apple's OS X Tech Talk. Highlights of the afternoon were:

• The Quartz Extreme demo. Transparent terminal window overlapping with a semi-transparent animated 3d demo, over a running QuickTime video. Composite that, inferior operating systems!
• The new zoom feature in Jaguar's accessibility panel. Sometimes the simple things are pretty impressive.
• The explanation of why Java 1.4 is delayed. Apparently, the current OS X Java GUI (both Swing and AWT draw themselves using as much of the native kit as they can get away with) is Carbon-based. They hit a speed-bump, so they've been busy rewriting everything in Cocoa.
• The American's silly pronounciation of “Jagwar”, and the Australian server-guy's insistence on saying “authentification”
• The whole thing made me want to do a lot more Cocoa programming. I've done some hacking with it before, and it's way cool. After beating my head against Swing a few times, putting GUIs together in Cocoa was an absolute joy. I even have a grudging acceptance Objective-C

Remember that email that was floating around a few years ago? The Australian Bureau of Statistics just released the information that in the most recent census, 70,000 people put down “Jedi” as their religion.

From a link in Euan Semple's Weblog, I found... a guide to the psychology and etiquette of the British pub.

Before you can order at all, you must learn the correct bar-counter etiquette. You will notice that the bar counter of the pub is the only place in Britain in which anything is sold or served without the formation of a queue. Many visitors have observed that queuing is almost a national pastime for the British, who will automatically arrange themselves into an orderly line at bus stops, shop counters, ice-cream stalls, lifts, entrances, exits, and sometimes in the middle of nowhere for no apparent reason.

...

Whether you are male or female, and whatever the sex or social background of your native companions, the words “It's my round - what are you having?” will always be appreciated as a friendly gesture. This line may not be in your phrase book, but it is one of the most useful sentences in the English language.

Many of the rules on this site also apply in Australia.

Before you can order at all, you must learn the correct bar-counter etiquette. You will notice that the bar counter of the pub is the only place in Britain in which anything is sold or served without the formation of a queue. Many visitors have observed that queuing is almost a national pastime for the British, who will automatically arrange themselves into an orderly line at bus stops, shop counters, ice-cream stalls, lifts, entrances, exits, and sometimes in the middle of nowhere for no apparent reason.

...

Whether you are male or female, and whatever the sex or social background of your native companions, the words “It's my round - what are you having?” will always be appreciated as a friendly gesture. This line may not be in your phrase book, but it is one of the most useful sentences in the English language.

Many of the rules on this site also apply in Australia.

Rogers Cadenhead thinks my idea of avoiding main methods when teaching Java might be a bad idea:

Beginners ought to be shown that they can accomplish something with the language before the subject of object-oriented programming is introduced, which often confuses the bejabbers out of people the first time they are exposed to it.

After two minutes investigation, I discovered Rogers co-wrote one of the books I originally learned Java from, so perhaps I should listen. :)

Perhaps it's a difference of situation, though. I find that objects are a lot easier to demonstrate than to describe - in the classes when I just read out the OO stuff from the foils, everyone shrugs and looks bemused. Then I sit down and show them, and it all becomes a lot clearer. The learning environment thingy might exacerbate the “telling” problem, while making the “showing” thing a lot easier.

Idle thought of the evening: if I had taken advantage of every penis-enlargement spam I'd ever received (and they'd all worked as advertised), how long would it be by now?

If you want something to accompany the image, and that will show up as a tooltip, use the title attribute.

Read the rest of this entry…

I've spent the evening watching Apocalypse Now Redux. One of the fun things about watching this movie (apart from the fact that it is a total mind-fuck), is spotting the places that have been sampled by industrial bands. Fear Factory used a couple of places, and I just spent five minutes wondering why a particular one-second sound-byte was familiar. It suddenly dawned on me that it was a sample in Ministry's N.W.O.

<Lonita> Spatula-slapping fun!

Don't shoot me, I'm just the messenger.

Well, the browser that became Netscape was always called Mozilla IIRC. –Brett Morgan's Insanity Weblog Zilla

Jamie Zawinski tells his version of the story of where the name Mozilla came from, in his scary journal of how Netscape 1.0 came about.

A week or two ago we all sat around and tried to think up a name for the client; we can't call it Mosaic, because that's the name of the company. The marketroids had all kinds of silly suggestions like Cyber this and Power that and blah-blah Ware. Then someone said something about crushing NCSA Mosaic, and I blurted out “Mozilla!” Everyone seemed to like that, so I think that might end up being the official name of the browser.

The readme files for each version of Netscape Navigator and Communicator ended with the line: ‘And remember, it's spelled N-e-t-s-c-a-p-e, but it's pronounced “Mozilla.”’

If you have the chance to see the video clip for Weezer's Keep Fishin', it's got the Muppets in it.

One of the sad things about being a garden gnome would be the monotony. You're generally stuck in your spot, looking in the same direction, surrounded by the same people. Sure, they were all interesting when you moved in, but you've all been standing in the same place for years, and you quickly run out of conversation. And there you are, still, covered in moss, dangling the same fucking fishing-rod in the same fucking pond all day, all night. It's torture, plain and simple! It would be a favour to these gnomes to give them a change of scenery!

But, at the same time, it would be unfair to completely deprive a garden of a gnome. What the world needs is... Gnome Swapping™!

Gnomes could swap gardens overnight. Change suburbs. Make new friends. Dangle their rods in whole new ponds. A gnome for a gnome, and for each gnome a new home. No gnome left unturned.

I see a great need.

In “Rethinking the Java Curriculum: Goodbye, Hello World!”, Daniel Steinberg talks about how non-OO current introductions to the highly object-oriented Java language are, and challenges us to come up with an alternative. I've taught a number of Introduction to Java courses, and I've long thought there must be a better way.

Update: Like all good ideas, it seems someone else has had this one first. Check out BlueJ for an example of pretty much exactly what I was talking about.

Read the rest of this entry…

Remember. Groove is in the heart.

Today's quiz, courtesy of David Cassel's weblog. What was the artist of this comic book cover thinking of?

I recently wrote this to Bugtraq, about the Recent SSL Vulnerability (It's called an IE vulnerability in the email I was responding to, but since it affected Opera, libssl and Konquerer as well, it's really the "Pretty Much Everything Except Mozilla" vulnerability.)

On Fri, 2002-08-16, robert walker wrote:

A huge amount of infrastructure is managed remotely via SSL and IE these days. It just boggles the mind the extent to which the security integrity of that infrastructure is now under a cloud unknowing

Actually, the SSL vulnerability is a very predictable answer to an old question. For a while now, one of the big “what ifs” of Internet security has been “What if one day, the SSL infrastructure is completely compromised?” The most common hypothetical example of this was the compromise of a Verisign root signing key.

Predictions have ranged from the death of e-commerce, to the end of the world as we know it.

Now, it's not hypothetical any more. Until this is patched and the majority of users upgrade (in other words, give it two years), anyone can forge site certificates that seem valid to 90% of Internet users. The result? The news hasn't reached the “real world” at all. The story has stayed on news-for-nerds websites and in the technical section of mainstream press. E-commerce hasn't skipped a beat.

Certainly none of our¹ customers, who were so adamant when we were speccing their web-applications that it must be secured with SSL, have come screaming to us wondering what to do now anyone can man-in-the-middle them.

I'm not sure whether to be saddened or wryly amused. I think I'll go with the latter.

Charles Miller

¹ Well, none of mine anyway.

Ian Hickson sets the following quiz, as a demonstration of the limitations of HTML Validators. The following is a complete HTML document that parses as valid according to the W3C HTML Validation Service.. Despite this, it goes against the HTML specification in four ways. Can you guess how?

(If you're reading this in Radio's News Aggravator, it's probably not unencoded properly. Don't blame me!)

    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">
   <html lang="english">
   <title>Written by Ian Hickson</title>
   <h1>Current weather in <cite>Berlin, Germany</cite></h1>
   <p>There are thunderstorms in Berlin at the moment. The air is
   very humid. The temperature is a warm 24°C.
   <img src="icons/low-wind" alt="low wind icon">

(If you're curious about the answer, it's probably better to email me than Hixie. That way he won't get spammed by the propagation of the link. I'll only respond to honest guesses, though.)

One day, I'll fix the HTML on this site. Honest, gov.

“The $100 bills are another matter. This is an airport; they can drag me to a windowless room in the basement and handcuff me to a chair. They can confiscate my stash, call in the DEA, FBI, and IRS. It will be up to me to prove that I'm not a drug dealer. To customs agents, $100 bills smell like cocaine. In reality, I'm a writer, with six pulpy thrillers under my belt, but today I'm on the scent of a real life story even more high-octane than any of my fictional jaunts. I'm ferrying money for Kevin Lewis, one of the best card counters alive. He's taking me back to his glory days when he ran a card team that hit Vegas for millions.” –Wired 10.09, Hacking Las Vegas, (via Mike Cannon-Brookes)

I've always loved stories about good hacks, and this is one of the more impressive ones. Give it a read.

The other day, I spent the afternoon drafting a prototype network security policy. We don't have one, and it's something I'd been worrying about for a while, especially since we have to have a machine lying around running that notoriously secure Redhat 6.2 in order to support Websphere 3.5. At the same time, we're getting into a bit of the security business ourselves—providing external audits for other companies and trying to sell them expensive Lotus network management gear.

So, as a result, the company's going to pay for me to take the rather expensive CISSP certification. Looking through the material, and doing some of the sample questions on the web, I already know most of this shit. I mostly have to make sure I know the proper names for things (like what exactly is RAID level 10, or the Bell LaPadula model, or how does TACACS really work)

Trainrek would probably be somewhat amused at all this. It's a six-hour exam though. *shudder*

Excuse me for being a Trek nerd. The Ferengi were first introduced in The Next Generation. A big point was made at the time that these aliens had never been seen before. And, lo and behold, they show up in Enterprise. I didn't watch enough of the episode to see what kind of retconning they did to justify it, but I don't care.

It's just another sign of the laziness and ineptitude on the part of the writers and directors that caused me to give up on watching the show in the first place. They don't trust themselves to come up with anything original or interesting, so they have to fall back on the old faithful "these guys worked in the last series". If they hired decent scriptwriters, and gave them free rein, perhaps they wouldn't have to wave goodbye to continuity? Gutless and weak.

The typical Livejournal poster is a 17-year old girl from California. It explains a lot, really.

Update: In fact, there are more 17 year olds on Livejournal than the sum of all people my age (26) and older.

Right. So we are having a meetup at Harry's to test the validity of this claim. If Harry's pie should prove inferior (by what ever ambiguous rating scheme that Charles dreams up), we shall be a-dunking the Rebelutionary in our midst. Now we can't say fairer than that, can we? [Brett Morgan's Insanity Weblog]

Sounds perfectly fair to me. Just so long as I remember my keys.

I feel like I have a head full of fog this morning

The dragon that sits on your shoulder must, logically, shit down your back. -- Terry Pratchett

I'm posting this from the cafe across the road from my apartment, courtesy of the wireless hub sitting on my balcony. The signal strength isn't bad either, except when a big truck drives by.

Bacon, eggs and nerding. What a combo.

Update: Hardware involved - Powerbook with AirPort card, D-link wifi hub. Distance of 100-120m, pretty much direct line of site from the cafe table to my apartment balcony.

So this morning, I was considering breakfast. There's a rather nice cafe across the road and a little way up from my apartment. I can see it from my balcony. Aha! I thought. That means line of sight! Without further ado, I packed up my laptop, wandered across to the cafe, sat at a nice table outside by the road, and... voila! I'm still connected to the Internet.

The signal gets a bit dodgy now and then, especially when a truck drives by.

Where's my nerd award for the day?

You can't see this. I never take polls. Never.

Read the rest of this entry…

It's one of those things I've conditioned myself to do—it takes no conscious effort. As soon as I step out of my door, my hand is in my pocket checking the keys. And I'm not satisfied until I've found the leather National Theatre Company keyring that distinguishes my house–keys from my office keys (which have an old 1-meg SIMM on the keyring).

I make sure I listen for the click of the door closing, though. Sometimes the door doesn't close properly, and I have to turn around and pull it shut. Since I was burgled, I've been pretty paranoid about things like that.

So this evening, I was ducking out to Shakespeare's Pies to get dinner. This is the shop that proudly proclaims that it sells "The best pies on the planet", and while they're possibly not that good, they're pretty bloody nice.

I pull my jeans on, grab my wallet, and walk out the door. I'm wondering whether I should turn the radio off, but I decide I'll only be out for ten minutes, I may as well leave it on. By this moment, the door is swinging shut.

That's when the mental image hits me. My front-door keys, sitting spread out by the keyboard on my computer desk. And I know, I know without having to check my pocket, that they're still there.

They're still fucking sitting there on the table.

I leap for the door.

click

Fuck.

It just goes to show. You can foster a good habit until it's second nature, but one moment of thinking about something else, and it's as if you never bothered.

So I decide to be sensible about this. Apart from one moment of annoyance, there's no point getting upset about something like this. It's like when someone in a shop makes a mistake—people make mistakes, it's human nature, and getting pissed off about it is counter-productive. I'm not perfect, and berating myself for something I'm usually pretty good at is pointless. I just resolve to get a spare set of keys cut on Monday and give them to my mother for safe-keeping, like I should have in the first place.

I panicked the last time I got locked out of my house. This was when I was 15 and living with my mother and brother. Mum had been on holiday in Europe for the previous two weeks and my brother and I had been taking care of the house. She was due to return at 2am, and the afternoon before that I came home from my previous all-nighter role-playing nerd session to find my brother had vanished indefinitely, and my keys were sitting inside on the kitchen table. The house needed cleaning before my mother got home. The house needed a lot of cleaning. It was then that I learned how useful (and how bloody expensive) locksmiths are, but not before I'd panicked for an hour or two wondering what the hell I could do.

So this time, I go and have my pie. No point wandering around on an empty stomach, and it's not as if I'm in a hurry. My apartment isn't going anywhere. After dinner, I phone my father to make sure he's home, and catch the train to North Sydney. From there I arrange a locksmith to meet me back at my place. I don't bother trying to contact my agent or landlord, it's Saturday night and I don't want to annoy them any more than I already have by being constantly late with rent.

My mother lives closer, but she's got a new phone number, and the only place I've got it recorded is on my mobile phone. My mobile phone is sitting on the computer desk next to my keys.

It's absolutely amazing how quickly a locksmith can earn $100. My front door has two locks on it, one regular one in the handle, and one pretty expensive Lockwood 001 deadbolt. One pick shoved in the bottom, a few pokes through with a lock-picking gun, and they were both open in the space of two minutes. We put all this faith in locks, but the fact is, anyone can open them in a snap with enough practice. I downloaded an instruction manual for lock-picking over the net a few years ago. I'm wishing I'd practiced now—If I had, I'd not be out a hundred bucks.

Remind me not to do that again.

I've spent the last few hours trying to clean up the code of my Wiki, with a goal of eventually ending up with something I can make more widely available.

One big problem. I was lazy when I wrote this. No unit tests. I'm trying to do major changes to the functionality, and there's nothing telling me what I have, or haven't broken. You get this interesting feeling in the pit of your stomach when you make a big change, one of those "what have I missed?" feelings. If I'd written unit tests, I'd have a little green bar to tell me nothing was broken.

Of course, what I should do is take time out to write tests now. But...

Error seen whilst opening an MS Word document which amused me no end:

wvError: (decode_simple.c:514) Alert, insane repeat "insane" paragraph structure, making wild stab in the dark to attempt to continue

[polonius]

Heh.

After spending the last few days banging my head up against JBoss 3.0, I'd like to post the obligatory link to Richard Stallman's Why Free Software Needs Free Documentation.

Why are people so afraid of Java? I came across a post on the cms-list mailing list that I found quite disturbing. This guy was looking for a Content Management System written in PHP because "java is s...l...o...w..."? Where did he get this from? Has he ever tried a java app before? [Rick Salsa via Anthony Eden]

This always amuses me. "Java is slow because it's a byte-code interpreted language with JIT compilation. So use [foo], which is a fully interpreted scripting language!"

Why are penguins just naturally funny?

Read the rest of this entry…

I was reading an obituary for Edsger Dijkstra, one of the great computer scientists, who died this week.

Apparently he used to go exploring with his wife in a Volkswagen bus.

They called it "The Touring machine"

*groan*

This is the Strangest piece of spam I have ever seen.

It's so weird I can't describe it. It sounds very much like they're selling marajuana, except they arent, but, it... you just ahve to go read it for yourself... it's is realllly strange. [weblog.masukomi.org]

That is truly whacked. Bet they were smoking their product ... [Brett Morgan's Insanity Weblog]

This is TheWeirdestSpamIEverReceived. It's very long, so I'll just paste the first three paragraphs here. Follow the wiki-link for the rest.

Hello

Later this year - prophecy will holdtrue, you will see.
For it is written in the eyeinthepyramid...

The Entity does not want to be caught out!
In fact right now, the Entity is doing everything in its power to get you to discredit this emailcommunication. The Entity is a ForeignInstallation that sits inside your consciousness and lies to you and dis-empowers you, robbing you of your essence, and aims to weaken you and bring you into pain and suffering.

3y3 4m l33t h4x0r
j0! 3y3 4m t4lking to j00!
fux0red 5cr1pt k1dd13.
      -"l33t h41ku"

...

Forms is replaced with XForms (http://www.w3.org/TR/xforms).

Events are replaced with XML Events (http://www.w3.org/TR/xml-evens).

Frames (not in 1.1 at all) are implemented via XFrames
(http://www.w3.org/TR/XFrames when it is published - might not be there yet).

[Some points elided -cm]

Tables has a more normalized content model.

Applet is gone - use object.

Img is gone - use object.

My prediction of the day. XHTML 2.0 will be the HTML's dead-end. In five years time, people will still be writing tag soup in HTML4 transitional, because thanks XHTML's march into complexity, the option to move to something cleaner will just not be there for them.

Modularity is wonderful. In theory it allows you to only concentrate on the bits of XHTML that you need to know about. But the simple fact is, to write a web-page you're going to need to use something like 14 of the 16 modules in XHTML 2.0, plus XForms, so what's the point of splitting them up again? And, of course, once you start splitting the spec up like that, tracking HTML versions is going to be a big game of mix and match.

(That said, my weblog is HTML4 transitional tag soup because I'm too lazy to write my own template)

Mike Cannon-Brookes wrote a post about the perennial Open Source debate. If you haven't read that, read it first or this will be way out of context.

Probably the best response you'll see to open source has come from Apple. Open Source does infrastructure very, very well. Take the infrastructure, and build something on top of it that Open Source doesn't do well at all - a consumer operating system, populated with fantastic, original applications.

IBM's done the same. It's not supporting Linux just because it likes penguins. It's using it as a cheap platform to stick really big expensive things like DB2 and Websphere on top of.

JIRA's another good example. An open-source base (WebWork, OFBiz, and it can run on the major open-source appservers), topped with a slick user-interface, and very responsive support.

Open source is great for commoditising things that deserve to be commoditised - the implementations of standards and protocols, areas of computing where innovation has slowed or stopped, and the building of tools that can be used to build other tools.

Even Microsoft recognise the value of open source, which is why you'll find the BSD license reproduced in your Windows 2000 licence booklet.

Dave Winer is a trifle disingenuous, because even Userland benefits from programmers working for free. Radio may not itself be open, but Userland has a very liberal policy on allowing people to post patches for it or add-ons based on Radio code. Because there's no competing Radio clone, everyone who creates and distributes a free add-on for Radio (under the open-source principle that it's easier to share than to hoard) is improving the Radio application, and making it more valuable to Dave Winer.

Closed source vendors could also learn a lot from open source. They're mostly Cluetrain-style lessons. The first lesson would be "Don't lie to your customers". Keep an open bug database. Let people know early what you're working on, and when their pet problem is likely to be fixed. Don't just shovel new releases into the trough under a cloud of hype.

Maybe if they'd learn that lesson, there'd be a lot less crap released.

Although I must admit, there have been one or two occasions I was tempted to say "Congratulations! I'm amazed you two worked out where to put it."

This is an admission that reading in a news aggregator is fundamentally different than reading individual sites in a web browser. I don't use my aggregator to read things; I use it to find things to read. I tried the whole "read everything in your aggregator" thing, and it depresses me. It reminds me of when I used to smoke, and everything tasted the same.

Too many steps have been taken
returning to the root and the source.
Better to have been blind
and deaf from the beginning!
Dwelling in one’s true abode,
unconcerned with that without,
the river flows tranquilly on
and the flowers are red.

Oh My God.

The updating version

That said, the wireless LAN is way cool. I'm sitting out on my balcony right now, typing on the laptop, drinking my beer, watching the cars drive by, breathing the open air, feeling the breeze and watching the late-afternoon sky. I will be doing this more often I think.

What I'd really like to do is be able to take the laptop down the road to the little park, sit on the grass and nerd away, but I somehow doubt the network stretches quite that far. I am, however, tempted to go downstairs and across the road, just to see what the reach of the signal is.

And no, it's a closed network. There will be no warchalking.

"It's like... ... .. a bummer."

My brother is currently writing the astrology column of a major newspaper. You can read his own opinion on astrology here.

The problem with the data-centric approach of Commons-Sql (and OfBiz, and Torque, ADO.NET, etc) is they approach persitence from the wrong way round. Data-models are still thought of data-models - they just have a nicer interface than raw SQL (be it Java objects, generic value objects or XML).

...

As clunky as entity beans are, they do encourage the Domain Model approach. Of course there are more elegant solutions, Kodo (a commercial but affordable JDO implementation) being my personal favorite. [Joe's Jelly]

A shameless plug for a colleague. After a long and annoying project trying to do XP with EJB1.1, Gavin and Daniel from our Melbourne office came up with Hibernate, an open-source (LGPL) O-R mapping tool written with agile development in mind.

It supports the Domain Model. It's lightweight. It runs on reflection so you can persist your objects without an extra code-generation step, and without following any coding conventions more stringent than "use properly named getter and setter methods". It supports object composition, inheritance/polymorphism, relationships, and the Collections API. It may even make tea, if you ask it nicely enough.

(I believe Joe knows about Hibernate already, but it was still worth plugging to the wider audience)

I need therapy.