Northwest Python Day 2010


Today, I’ll liveblog and tweet from Northwest Python Day 2010. I’ll update this article as the day progresses.

—————

1734: The day’s over!

1717: More lightning talks. (I’m fading. Lots of great info and discussion today, it takes energy to stay focused!) A Google Maps – Twitter mashup. WebHelpers. IronPython. (Bleh.)

1647: Python vs. Ruby, Gary Bernhardt. Ruby fails to live up to the Zen of Python. (E.g., Calling functions with or without parens, gah! Rails has junk drawer of monkey patches.) Good aspects: Ruby core types have composability; Ruby has “the full Lisp chainsaw.” RSpec. “Ruby is ugly, Python is beautiful. But…” Compared syntactic expressiveness and semantic flexibility. Wants to see blocks added to Python.

1603: Python & GIS, Dane Springmeyer. Unofficial Python GIS SIG. Gentle guide to GIS. Where am I? Python and OO GIS. GeoDjango, GeoAlchemy / Shapely, GeoHASH for AppEngine, and Mapnik. TileMill is a tile rendering engine using Amazon’s cloud.

1513: Justin Cappos, a platform for developing and deploying networked applications. Clouds are great for scalable computation, no hardware purchases, minimizing IT overhead, and providing fault tolerance. But cloud providers need to make money somehow, sometimes including advertisements; there’s loss of privacy; censorship; and vendor API lock-in. Cloud computing erodes software freedom. P2P is an alternative, but problems with heterogeneity, short use patterns, fault tolerance, and distributed state management. His solution (Seattle) uses a safe virtual machine environment, and is run like a potluck. It executes a Python subset, which is implemented in Python.

1441: Justin Samuel talking about securing software update systems. All existing software update systems are insecure to man-in-the-middle, mirror, replay, compromised key, etc. attacks. Current EasyInstall/PyPI security: Package file hashes aren’t a security measure; developers can sign packages, but there’s no trust root, key revocation, etc.; almost nobody checks signatures. He and Justin Cappos are working on an automatic, scalable, and mirror-able general solution: Trust PyPI to tell the user which developers own a package, and what the keys are; Developer signs a metadata file that specifies the packages they provide, with package names, hashes, and sizes; PyPI signs the metadata; Clients download the metadata and packages, and checks the signatures and hashes. If his system proves out, “it will be much more secure than any existing software distribution system.”

1411: Back a little late from lunch. Another set of lightning talks.

1216: Lunch.

1157: Steve Howell, SHPAML. I dunno…if you know XHTML or HTML, why have another abstraction level? Don’t see a lot of value add here. The examples didn’t have a large character count savings.

1116: Jon Jacky, model-based testing, PyModel. Solves problem of testing behavior (ongoing activities with history dependence and nondeterminism), many variations, or so many test cases are needed that it is not feasible to hand-code them. Examples: communication protocols, web applications, user interfaces, control systems. PyModel represents behavior with traces, which are sequences of actions with arguments. Deterministic models are represented with Finite State Machines (FSMs). Infinite systems are represented with model programs, which contain state variables, action functions, and enabling conditions. Jon’s one smart dude.

1029: Gary Bernhardt talking about BitBacker, a failed start-up. Never went commercial. One user had > 100GB of backups and > 4K snapshots. One developer, 17 KLOC including tests, three years of development. Talk focused on testing. Lessons: Should have written more unit tests, because they are much faster than integration tests. (Eh?) Unit tests will better localize failures. Recommended reading is “Integration Tests are a Scam,” by J. B. Rainsberger. Did not like PyObjC – among other problems, object names got way too verbose. Advocated graphically tracking test performance. Advocated releasing early. Advocated not using SQLite, due to ACID bugs.

0950: Talk by Dan Helfman on a NOAA project for the visualization of large datasets, called Maproom. Used PyOpenGL. Cons: “Nearly half of OpenGL is deprecated.” Presentation covered hardware acceleration, NumPy, caching, optimization, profiling, Cython, etc.

0930: Lightening talk from Dave Peck about Wherebe.us. Open-source, Django back-end hosted on Google App Engine. Gee, very few comments in this code.

0916: We’re getting off to a late start.

0852: Every attendee has a unique username & password on SCCC’s wireless net. I’ve never seen this level of security in a conference. Lisa said that with SCCC being in an urban core, they’re constantly on guard against unauthorized people trying to use their networks.

0825: Here early. Wife dropped me off, after we had breakfast at a diner. Met Lisa Sandoval, the Seattle Central Community College IT department head. Online and chilling until others arrive.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: