Your hotkey to alternative software development

Joy of Coding

I'm co-organizer of Joy of Coding - a Rotterdam based conference that celebrates the art, craft, science and joy of software development!

Jan '22

VIC-20 Improved Notes Table

VIC-20 Improved Notes Table Music made with the VIC-20 almost always sounds off tune. I've always accepted that as a fact until I found out that the musical notes table in the reference manual is badly transposed. And so I set out to make a better table. Learn more..

Dec '20

DIY VIC-20 Game Cartridge

DIY VIC-20 Game Cartridge I made a small batch of VIC-20 Game Cartridges for Overthrown. With parts readily available you could do this yourself as it makes a nice retro hobby project. This tutorial shows you the steps and links to information you need for testing and such. Learn more..

Dec '17

There is a proxy in your Atlassian Product!

There is a proxy in your Atlassian Product! You might not know it but the Atlassian OAuth plugin is part of most Atlassian products such as Jira and Confluence. Until recently it had a vulnerability that allowed the unauthenticated execution of HTTP GET requests from the server. You can do all kinds of interesting things with it, like accessing resources on the internal network or spoofing pages with a valid TLS connection. Learn more..

Jun '14

Checking framework vulnerabilities using Dependency Check

Checking framework vulnerabilities using Dependency Check A web-application is never finished. Even when no new features are being developed new vulnerabilities may be found in the frameworks used in the application requiring a patch or an upgrade. Are you actively monitoring the frameworks that are in use in your applications? My guess is no, or at least not all of them. Well, luckily enough OWASP has a very nice utility that easily integrates into a build environment and can do most of the hard work for you. Let me tell you about it. Learn more..

Dec '13

Securing web apps using OWASP ZAP in Passive Mode

Securing web apps using OWASP ZAP in Passive Mode The OWASP Zed Attack Proxy is a powerful open source web application security assessment tool. Even in passive mode, where it just inspects the traffic generated by your browser, it can give valuable pointers for securing your web application against abuse. In this blog post I will explain how to configure your browser to use the OWASP ZAP Proxy to click through a web application running on local host. Also I will explain its various findings and how to solve them. Learn more..

May '13

Liberating Encrypted TPS Files

Liberating Encrypted TPS Files My previous article on Clarion TPS files left one big question unanswered: how do encrypted TPS files work and is it possible to decrypt them. In this post I will dissect the encryption algorithm and explain how it works. It involves quite a bit of binary arithmetic and hexadecimal numbers, so take a deep breath before diving in! Learn more..

Mar '13

The Dark Secret of Spring MVC

The Dark Secret of Spring MVC Do you use Spring MVC in a basic CRUD setup, like with an OpenSessionInView filter and your Entities also as Data Transfer Objects? Then you may have exposed more of your model than you've anticipated. Learn more..

Jan '13

Liberating Clarion TPS files

Liberating Clarion TPS files Migrating a customer from a legacy system to his shiny new one never goes smoothly. In this case the customer had a huge amount of data in a Clarion based system with the tables stored in proprietary TPS (TopSpeed) files. In this blog post I will discuss the various ways of liberating data from their TPS container and dive deep into the internals of the TPS file itself. Finally I present a TPS to CSV converter. Learn more..

Nov '11

Webservices with CXF and Maven

Webservices with CXF and Maven I really like the Apache CXF Webservices framework. It works really well and is very programmer friendly. And when combined with Maven dependencies and packaging are a breeze as well. As I use this combination quite a lot, I keep explaining how to get this working (its easy, really, you only have to know how :) So I decided to write a tutorial. Learn more..

Jun '10

Commercieel gebruik van Open Source

Commercieel gebruik van Open Source Als Open Source dienstverlener kom je nog wel eens voor verrassingen te staan. Het merendeel van de commerciële software die wij maken leunt op Open Source bibliotheken. Dit stelt ons in staat om sneller en beter software te maken. Echter, Open Source is niet zonder verplichtingen. Bijna alle Open Source bibliotheken hebben een licentie in één of andere vorm. De voorwaarden in deze licentie moeten worden nagekomen anders is er kans op juridische problemen. Learn more..

Jul '09

The Great JavaDoc War

The Great JavaDoc War We're using Checkstyle to enforce that every public method that is not a getter and setter must have a JavaDoc comment. However, our developers didn't see the point of writing JavaDoc for all these methods. After a period we now refer to as the 'Great JavaDoc War' we came to the conclusion to make Checkstyle smarter and built a check that uses the Non Commenting Source Statements algorithm to determine if a method should have JavaDoc or not. Learn more..

May '09

Java Game Development

Java Game Development Computerspellen geschreven in Java zijn lastig te vinden. Dat is eigenlijk raar gegeven het feit dat er al jaren uitstekende ontwikkelomgevingen voor Java beschikbaar zijn en er nu ook middleware is die het maken van spellen sterk vereenvoudigt. Kortom de tijd is rijp om spel software in Java te gaan schrijven. Naast het tonen van een aantal commerciële voorbeelden van succesvolle spellen geschreven in Java vertelt dit artikel hoe je aan de slag kunt om zelf een spel te maken. Learn more..

May '09

First meetup Dutch Groovy User Group

First meetup Dutch Groovy User Group Het is donderdagavond en ik sta op het balkon van het schitterende pand van Lunatech Research met uitzicht op een heerlijke rustige omsloten tuin, weg van de drukte van het Rotterdamse verkeer. Terwijl ik een drankje krijg aangeboden, complimenteer ik organisator Erik Pragt met het vinden van deze locatie voor de eerste bijeenkomst van Nederlandse Groovy gebruikers groep. Learn more..

Dec '06

Masters of Java 2006

Masters of Java 2006 Masters of Java 2006 was held on 23rd of November 2006 and was a success. 23 Teams participated in a action packed programming contest to decide which is the best Java programmer. This article gives an impression of that day. (Dutch) Learn more..

May '06

Ruby en Rails

Ruby en Rails The first Ruby on Rails seminair in the Netherlands was held on the 18th of May 2006. Ruby is a ten year old scripting language. Rails is a webapplication framework. And together they make it very easy to create web applications. This combined with the lack of productiveness in creating webapps using conventional means RubyOnRails has become very populair in a short time. A very good reason to visit this seminair and see what RubyOnRails can do. (Dutch) Learn more..

Feb '05

Object Spaghetti

Object Spaghetti This article in Dutch tells you about how to (and how not to!) write flexible and maintainable software using a series of patterns like Singleton and AbstractFactory. Also the article delves into the wonderful world of Dependency Injection and reflection. Learn more..

Jun '04

DIY : Aspect Oriented Frameworks

DIY : Aspect Oriented Frameworks After an introduction on how the current Aspect Oriented Frameworks operate, this article dives into building a small aspect framework based upon the java.lang.reflect.Proxy class in no more than 5 classes. Learn more..

Oct '03

Java GUI's : Disaster Area ?

Java GUI's : Disaster Area ? This article written in Dutch examines why Java GUI development still takes more time than the same development in Delphi or Visual Basic. In the conclusion guidelines are given to speedup Java GUI Development. Learn more..