Archive for the 'Technical Notes' Category

Xpath Basics: Introduction to XPath with an Example Java Project

xpathXPath is a W3C recommendation used to search and find parts of an XML document through a path expression. The elements or attributes that match the path expression will be returned for further processing by the invoking command, module, actor, or component.

In this post, I will explain about the basic concept of XPath via presentation slides. The presentation starts with a revisit to some of the XML key concepts. Subsequently, it shows sufficient elaboration of the basic concept of XPath. It concisely describes the key features of XPath that are worth knowing and practically useful especially when searching inside XML files.

The final part of the presentation consists of a sample project accompanied with some screenshots provided for readers to experiment with. In an upcoming post, I will show how the sample project can be converted into a Maven project for more convenient use and distribution.

You can download the slides from the following URL:

Xpath Basics (820)

Quick Guide to Detecting Phishing and Avoiding Being A Victim

Having talked about spamming, in this post, I would like to shortly discuss about phishing, a technique for identity theft, which in my personal experience, has become more rampant these days.

If it is the first time for you to read this fancy term, phishing is an attempt to steal somebody else’s sensitive information such as username, password, credit card details, and other personal credentials usually done by sending an email containing a false claim to the target. The content can be a threat, warning, and other form of falsified truth carefully crafted to encourage the target to submit his personal credentials. As you may have predicted, phishing was derived from “fishing”. The “fisher” is the person who wants to steal the information and the target is the “fish”. The false claim is obviously the “bait” used to attract and hook the “fish”.

Identity theft is disadvantageous and can sometimes become disastrous to the victim. Let us take a case of a phishing attempt from a sender who falsely claims as your email account provider. The message contains warning to verify your email account by supplying your user account id and password. If you inadvertently submitted the requested information to this site, you might have never imagined how creative the phisher is in exploiting this private information they stole from you.
Continue reading

VMWare Customer Day 2010 Korea: Cloud Computing Adoption in Enterprises and vSphere 4.1

On Friday, September 10th, I attended VMWare Customer Day 2010 Korea, which was held at COEX Intercontinental Hotel, Seoul. Even though it has been a while past the event, I would like to share some notes worth sharing, combined with my personal thought about substantial content found in the talks I listened to during the event.

As the event title suggests, the talks mostly covered introductory concept about cloud computing and virtualization as well as some promotional materials about VMWare products. This is coherent with the majority of the audience who came from the enterprises: IT staffs, ISV representatives, and company delegates. Three sessions were arranged for the whole event. The first session was a talk from Mike Sumner, the VMWare Asia Pacific SE Director. He talked about customer journey to IT as a service by riding the cloud and harnessing virtualization. Second talk about VMWare case studies was presented by Lee Mun-hyong, the Director of Channel and Alliance, VMWare Korea. The last session was delivered by Lee-Hyo, the head of VMWare Korea. He explained about vSphere 4.1 especially the new features in the release. The second and third session were presented in Korean so I only grabbed the general understanding and did not really grasp the details.

In his presentation, Mike talked about cloud computing as an emerging trend in the enterprise. He also explained key drivers and phases toward its adoption in the enterprises and an era of IT as a service powered by the cloud. He started with listing several IT challenges in the enterprise environment. The challenges he mentioned include the necessity to deliver more business value, the ability to move faster and stay ahead of the competitors, the competency to maintain secure and compliant environment, and the capability of maintaining a stable system. Legacy IT business model relies on infrastructure ownership and dedicated IT force. With the introduction of the cloud in the enterprise, CIO may consider the transformation from a pay-in-advanced system into a cloud-based, pay-as-you-go system.
Continue reading

Fedora Quick Tip: Resolving Permission Denied Issues in HTTP and FTP services with getsebool and setsebool

If you are running Fedora Linux as a server, one issue you frequently encounter is strange permission denied error message triggered when you are accessing one of the available network services run on the server. There are a lot of network services to mention, but HTTP and FTP are two good examples of such services. Assume you are trying to access FTP server on your Fedora box. You type the IP address of the server and then supply the username and password. Voila!!! You thought you would be immediately logged in. But instead of seeing the files in your home folder, you are shown an error message. The error message may vary, from something like “Login incorrect for user blah” displayed by Midnight Commander, “500 OOPS: cannot change directory: /home/blah” from Total Commander, to other error messages shown by different FTP client programs.

If you are 100% sure that you supply the correct user and password information, why couldn’t you get in? Let us assume that you have root access to the server so that you can remotely troubleshoot from the console. This post will give some guide on how you can solve this problem based on common configurations of a Fedora server.
Continue reading

Fighting Against Spam Comments, an Endless War for Blog Owners

I have been experimenting with comment settings in this blog to observe how willing spammers leave undesirable footprints aka spam comments on the blogs. Someone might have said that spamming is as pervasive as the web itself and it grows as the web evolves and reaches more audience. Still, having a hindsight experience in analyzing spam comment trending and behavior will be beneficial for me and also other website owners and bloggers especially when they are considering a loose commenting policy on their website.

Interaction in social web sites

As the web evolves to be more social, we can also observe higher level of interactivity on the web. Not only quicker page load, better content presentation, and improved system interface is interactivity characterized with, it also includes a simplified way of interaction among the website or web application users. In a bigger picture, interactivity encompasses user-application interaction and user-user interaction. If we talk about user-user interaction, we may think about creating such a user friendly platform for them to interact and communicate. Specific to blogging, user-user interaction can take form as commenting on the posts and also other user’s comment.

Now, here the question comes. If we can provide our users a friendly interface for interaction even for first-timers, can we expect for more quality interaction? And my personal answer to this is it depends on how good we are in implementing the website growth strategy. The first thing on which attention should be put thoroughly is the content. “Content is the king” is an undisclosed truth that tops the strategies towards website growth. I have been analyzing the growth of this technology blog by comparing number of posts in a certain month with the incoming traffic (user visits) for the corresponding month. I found two cases where traffic was higher than the average. The first case is the month with quality post(s) that drew users’ attention regardless of the total number of posts in that month. For the second case, it is the month with more posts, regardless of the quality, compared to the average monthly number of posts.
Continue reading