When writing an application, it seems conceptually simpler to make many small queries. On a small scale, this seems to be okay. What about large scale applications? Would the application take a performance hit?
Here's some pseudocode that given a list of employee ids, gives you a list of employee names:
//simple function that returns a name given an employee id
func getName(var id) {
data:= sqlQuery("SELECT employee.name FROM employee WHERE employee.id = " + id + ";")
return data;
}
func Main(){
Int[] ids := [1, 2 3]
Str[] names := []
ids.forEach id => do
names.add(getName(id))
end
}
For me, this seems clean and easy to read. Every time that you want an name, provide the method with an id. Simple. But does this solution scale? What if the list of ids was 50,000 names, or even 50 million? The overhead of the DB parsing and processing each request and potential network traffic make the idea that fewer queries are generally faster, make sense. This does make the application code a bit more complex
func getName(Int[] ids) {
sqlString:= ""
ids.forEach id => do
sqlString += "or employee.id = " + id
end
Str[] names := sqlQuery("SELECT employee.name FROM employee WHERE employee.id =" + sqlString +";")
return names ;
}
This is a RESTful server implementation for my Android app. It is written in PHP, and uses MYSQL. I'm hosting it on WAMP. It accepts GET, POST, PUT, and DELETE requests. It sends and accepts responses in JSON. This was harder than expected to implement, so I hope that this helps somebody out. I launched this on my local Windows Machine for development, and on an EC2 Windows Instance.
How to setup:
Download WAMP onto your local machine.
Modify the httpd.conf which is located in wamp/bin/apache/Apache2.4.4/conf. -Append this line to the end: Alias /users "c:/wamp/www/api/index.php"
Create a folder and file named c/wamp/www/api/index.php
Place this code in index.php. (And obviously modify it to you needs.)
Restart your WAMP server. (Or start it if it's never been started.)
Navigate to the URL http://localhost/quotesNote: You may need to try http://localhost:80/quotes orhttp://localhost:8080/quotes if your server is configured as such. You may need to reconfigure wamp to accept connections on port 8080 because Skype defaults to 80.
Here' s a live demo of my Network Security team project, Music Based Authentication. Here I show authenticating with a MIDI keyboard, and on my PC keyboard.
We're most interested in your thoughts about a music based password, more than a specific implementation. Our current implementation includes but hypothetically isn't limited to taking in input from a physical MIDI keyboard, and a computer program that maps keystrokes to musical notes. (See the first iteration of our interface below!)
Description
I'm working on a team project for my Network Security class at the University of Utah. We are creating a music based authentication system. When creating a password, you not only want something that is strong and secure, but also easy to remember. Many current password methods enforce it's users to create strong passwords that are hard to remember. (e.g. You've seen password generators ask you to choose a password that contains at least one-upper case letter, one lower-case letter, one number, be at least 8 characters, have no repeated values and a special character.) We are arguing that remembering a musical melody is easier to remember than a long password string. I always seem to get songs stuck in my head, but I can never remember long and complex passwords.
Our professor has asked us to conduct a small amount of research, to branch out from our anecdotal evidence, to see if people found the idea of using music based authentication instead of regular password authentication useful.
Please take this quick 3-question survey and let us know if you think a music-based password would be useful or interesting!
Thank you for your time and interest!
Other factors to consider
There's other ways of authenticating, which are worth considering when deciding whether a music based authentication would be useful from a user point of view.
Biometrics, such as fingerprint or eye scanners.
Last Pass: a platform that stores all of your passwords
Using Facebook or Google Account to log in.
My anecdotal evidence
This idea is more of a cool novelty. I got the idea mostly because of the video game, Resident Evil. Parts of the game require you to play musical melodies on a grand piano to advance to the next part of the level.
Also I think that musical melodies, such as "Ode to Joy" are much simpler to remember than long strings. I can picture the melody quite clearly in my head, even though it has been 3 years since I've heard it or played it. I constantly find myself looking for the Forgot Password? button on many of my online accounts, even though I just reset the password a couple weeks ago.
Resident Evil, playing Moonlight Sonata to advance in the level.
Is music based authentication actually secure? How secure?
This section is irrelevant to the question we pose in our survey; I only include this if you're interested, or your decision of it's usefulness depends on whether or not the password is strong or not. There's three aspects to consider when answering this question. The second and third aspects being more interesting, and ultimately the focus of our project:
We are using a TLS 1.2 handshake to set-up a connection between a client and server that will provide key network security features, such as perfect forward secrecy, protection from an eavesdropper, server break-in, person in the middle, and offline dictionary attacks. A shared secret is used to produce session keys that will encrypt correspondence between the server and client.
We are interested in figuring out just how complex a musical password can be, how many bits of entropy does it have? Typing a string password, the only factor is the order of the individual characters. Music not only has to worry about the order of notes, but rhythm, note duration (quarter notes, half notes, eighth notes), note dynamics (ff, f, m, p), etc... We are currently researching and investigating this question.
Some passwords are easy to guess because they are common, or follow patterns. I imagine the melody of "Twinkle Twinkle Little Star" being a common password. We're interested in how to choose a strong non-predictable melody that is also easy to remember.
I have fond memories of playing Resident Evil. In a couple of the RE games, you have to play a piano to unlock puzzles. Batman also has a piano password to enter the bat cave in Batman Begins.
A good password is usually long, random, and easy to remember. Often time, it’s easy to forget a long and complicated password, and easier to remember passwords are predictable and vulnerable to a variety of offline attacks. Musical phrases can be long, hard to replicate, and most importantly easy to remember. Playing a few keys or a musical phrase can be very secure, and it would be extremely difficult for an intruder to replicate with a brute force attack.
While this idea isn't 100% flushed out, I think it would be very fun, and prove useful to the would be vigilantes of Gotham City to keep their hideouts safe.
My Senior Project group has decided to switch gears and choose to do an Augmented Reality Navigation application. I use my phone all the time for Google Maps.I know that it would have been great to have a navigation app when we traveled Europe, something that pointed out
Points of Interest, showed me where food is, and told me info about certain landmarks. Our instructor told us that AR is the future of development.
While I'm sure this is true, the market for AR apps is also saturated. We're confident that we can improve upon what already exists. Many of the iPhone apps we found are too busy, with too much text all over the screen. We spend about an hour talking about different possible uses for AR, everything from education, navigation, and entertainment. A major limitation is that looking at the world through your phone is non-intuitive by nature. An idea was to create an app that would help a mechanic take apart an engine. Certain parts of that he needed to work on would be highlighted, it would show him how to do the repair step by step. The major problem is that nobody wants to be holding their phone while repairing their engine. Perhaps when Google Glass and similar tech gets bigger, the AR market will expand. Imagine Tony Stark having to hold a phone to control his suit.
Here's some of the existing AR navigation apps I discovered:
Augmented Reality, but the overhead map view is more impressive. It filters the map based on a search query, and then filters your results further using Google, 4 square, yelp, etc…
Search for tacos with google and bing.
Display all of your places in Augmented Reality, show address, phone and distance. Integrates with 60 navigation apps.
Integrates with a bunch of APIs. We don’t have to integrate with all of them
Simple app that shows an overhead view of POI. In augmented reality mode, it displays arrows above head where the places are, and below it displays tabs, where if you click on one, the Wikipedia page opens open.
I've been blessed to become trained in the arts of Computer Science, honing my skills at school and at work.
No matter how pro-efficient one becomes in the art of coding wizardry, there's always one limiting factor: having
a good idea. To graduate, we need to do a senior project in a group of 4. We take a semester to create, develop and plan an idea, and another to implement it.
I'm lucky to work a talented and motivated group of 4, we call ourselves git-mo. (Like the popular versioning software, git and Guantanamo bay combined)
We recently decided upon the great idea of a hiking app, one that would allow users to navigate trails using GPS, even when they were offline.
We were all excited and pumped about the idea until our instructor informed us that our idea probably has already been done before. We did a little research and were greatly disheartened by the sheer quantity and quality of many of the existing apps. It's like trying to invent the light bulb 20 years after Edison with only the hopes of creating something 20% as good. We only have 2 semesters. The creators of these apps have sometimes spent
years developing and refining their apps.
One of our team members reminded us that Google emerged in a market saturated with pre-existing search engines. They took an existing idea and made it unique. Now they're dominating force in the tech world.
While, I think just creating a working hiking/GPS app that integrates maps and GPS coordinates will be a miracle just to get working (maybe it wont' be, I've just never done anything like it!) adding a distinguishable, useful, and unique feature seems even more daunting. Like the old adage says, we have to think outside the box. Whatever the case, I'm to the challenge and I remain optimistic!
Here's a couple of the ideas we found:
AllTrails interface, similar to what we want to do.
I'm a senior and a Computer Science major at the University of Utah. We have to complete a senior project to graduate. Here I list some of the ideas that I have:
1.Diabetes Manager (Preferred Project)
Possible idea for architecture
University of Utah Medical gave us many suggestions for
useful applications. It’s exciting because they have real problems to which
they want to see real solutions. They’d be involved and invested into the
project. They’d be contributing time, talent and resources. They could help us
define what the app will do. The main projects discussed were health management tools; software that will help inform patients and help them individualize and manage their healthcare experience. This will also help the caregivers track their patients, and collect meaningful data from them. The app could be specific to diabetes, cancer, surgery, or pregnancy. While I’m fine with any direction, I have a sister who has type 1, hereditary
diabetes. She was diagnosed at 3 years old. It was a scary and confusing ordeal
at first for my parents. It was a lot of work to manually write down blood
sugar levels, report those numbers to the doctor, and for him to analyze that
data. A glucometer, is a device that measures blood
sugar levels. They now have Bluetooth enabled glucometers, that can transfer
the data via Bluetooth. With that, we could create an app that helps transfer,
analyze, predict, visualize, store, and input data from the glucometer. There
could be a web and mobile interface, with different views accessible to
patients and caregivers. If numbers are dangerously out of the acceptable range,
or if there is a continuing bad trend, there could be automated notifications
to user and to caregiver. There’s many possibilities and features that could be
implemented. I have a lot of relevant experience to implement a project like this!
2. Craigslist++ (Neighborhood Market)
If you Google “Craigslist Scam”, you’ll get pages and pages
of incidents and troubles. You probably have been or know somebody who has been
on Craigslist who has been scammed. On a more sinister note, you’ve probably
heard on the news about murders and sexual assaults that started as a
Craigslist postings.
You have no idea who you’re dealing with. You risk being robbed,
your house being ransacked, and your person being harmed.
Anybody can post, and no account or verification is
required.
I would combine elements used in popular apps.
eBay’s user system. Users get ratings from other
users based on transactions.
AirBnb, renters and rentees, have to verify
their identity, and they also get a rating system.
Communication within the app would be encouraged
for safety.
3.Guitar Master
“Practice
does not make perfect. Only perfect practice makes perfect.” Vince Lombardi
While most of the music world uses sheet music, many guitarists and
bassists use “guitar tablature” to read and compose music. There are some
programs such as Guitar Pro, which allow you to compose music, read music, and
playback songs as midi. Guitar Tablature is open source, and there’s many
communities that create tablature for songs, such as http://www.ultimate-guitar.com/.
Anybody can “tab out” a song on Guitar Pro, and create a song file. They can
then upload this song onto Ultimate Guitar for the world to benefit.
This is great for the community. There’s one barrier; There’s no way to track your progress or
get feedback. You can’t tell how accurate you are. The traditional way is to get a guitar
teacher. They can point out areas that you need to work on. The limitation is
that you see them once a week, and sometimes you don’t remember what you’re
supposed to work on.
There’s been one answer to this, trying to combine the game
Guitar Hero, with guitar education.
This game is a great start, but it has two major downfalls:
1. The songs available to play on the game are limited. New
songs are added by the developers from time to time, but they cost money.
2. The game layout looks like Guitar Hero, which is
non-intuitive to the normal guitar player.
It would be great to have a program similar to Guitar Pro,
that tracks your playing. It would let you know which notes you hit, and what
percentage of correct notes were played, and track progress. It would be
lightweight and would be able to read the vast library of Guitar Pro files.
4.Restaurant Manager
Management uniform
I was a manager at McDonald's for a while, and we had to manage KPIs (Key Performance Indicators). We had to track inventory, sales, food waste, man hours, etc... at the end of the night. We entered all of this data manually into a DOS like command line computer. At the start of each shift, we had to position employees and we had to set goals on sales based on numbers from the same date from previous years and the same day of the week from last week. We positioned employees with a piece of paper, and we had to rely on experience to know which employees would be best in which position. If somebody didn't show up, we had to run into the manager's office to retrieve the employee binder and desperately call and try to find somebody who was available to work. We had to also be looking at the schedule printed on the wall to see who was available. We were supposed to share the goals with our crew, every hour to motivate them. A great idea, but with the current manual system, it was impossible to implement. There's a lot of potential to create software to manage all of this smarter.
This is my first post! I'll be posting mostly about Computer Science and professional related topics. Check me out at my website! http://www.darylbennett.net/
