It’s that old “make vs. buy” trade-off, or “write vs. reuse” in this case: do you go with an existing library, even if it’s problematic, or do you write your own implementation from scratch?
What am I talking about? The networking code in Cloudy.… MORE

Stickies and I hadn’t spoken in a while, but this morning I just heard it’s made its acting debut in a music video! That was unexpected, to say the least, but it’s an exciting career move, and I had to congratulate it; it does a great job.… MORE

It strikes me that ucontext is basically no lighter-weight than a pthread, in terms of address-space usage and context switch speed. Is that true? Or is there additional overhead to pthreads besides the stack + registers?

If so, then it might be simpler just to use pthreads, since the API is already in place, and existing system facilities (like ObjC and C++ exceptions, and Cocoa autorelease pools) already know how to work with them. But the cooperative scheduling of coroutines is a bonus in some ways, as it makes the flow of control more deterministic and reduces the need for complex locking and synchronization.

So my second question is whether there’s a clean way to implement cooperative scheduling of pthreads?… MORE

I’ve started using NSOperation in a few places in Cloudy, which means I’m backsliding into using threads and locking and so forth. It definitely makes writing network code easier than Cocoa’s asynchronous API, but I really don’t want to get into a morass of threads.

What I’d really like to use are Actors. In a nutshell, an Actor is an object that has its own [cooperative] thread and message queue. Actors interact by message-passing instead of shared state. The idea is to eliminate the need for standard synchronization primitives like semaphors and locks, and get rid of the race conditions and deadlocks that plague multi-threaded programs.… MORE

The first time you connect to someone, how do you establish that digital identifier you’re communicating with is the human being you think it is? This is surprisingly difficult to do, because it’s prone to what cryptographers call the “man-in-the-middle attack”.

First, consider the most obvious attack: simple spoofing.

Let’s suppose there’s an instant-messaging UI, and while working at home you receive a message from someone with an unknown key, whose nickname is “AliceLidell”, which happens to be the name of a co-worker.… MORE

WHEREAS the iP•••e SDK is technically under NDA (even though anyone in the world can sign up and download it); and

WHEREAS most members of Apple developer mailing lists are aware that we are not supposed to discuss anything about the iP•••e SDK on those lists; and

WHEREAS I and almost everyone else have good-naturedly gone along with this annoying ban; but

WHEREAS more than a month has gone by, and there is still no forum for such … MORE

I don’t want to make a habit of replying on my blog to posts on other blogs, because (a) it’s dorky in an autistic way, and (b) it only encourages the annoying practice of blogs that don’t allow comments.

But I’ve seen a couple of references now to Dean Allen’s complaint about sites that offer multiple RSS feed formats, none offering comments, and since it directly relates to my past job monkeying with feeds I feel like I should answer.

There are two reasons why a web page would advertise multiple feeds.… MORE

Next I need to talk about networking; having an identity and minting certificates isn’t very interesting until you can connect to someone else.

When one Cloudy peer wants to communicate with another one, it opens a TCP socket to its IP address —

[Hang on, there are two issues I suddenly glossed over in that last phrase. First, how did this peer find out the others’ IP address? These are just random computers, not servers, so they don’t have their own domain names or even stable addresses.… MORE

At the root of Cloudy is the means for creating and establishing identity. A lot of peer-to-peer systems treat the peers mostly as interchangeable anonymous nodes, often deliberately so, but Cloudy is a social system. Your Cloudy identity is simply a public key, currently 2048-bit RSA, generated the first time you launch the program. (The matching private key is stored securely in the Mac OS Keychain.) From then on, that public key uniquely identifies you.… MORE