Typically, a well designed web application will respond to a POST request with a redirection to a suitable URL (e.g. one that shows the contents of their e-mail inbox, their Facebook homepage etc.). The main advantage of this approach compared to sending whatever resourse the user thinks they are requesting in the body of the response to the POST request itself is that the latter technique breaks things like the ‘back’ and ‘reload’ buttons (’This request contains POST data…’), as well as making the resulting page unbookmarkable. This happens because, if the HTTP spec is to be taken literally, POST requests are not guaranteed to be ‘idempotent’ (i.e. the order in which they are sent or resent matters because they may perform some action which alters the server’s internal state).

As a sort of historical accident, the standard way of accomplishing this redirection seems to have become responding to the original request with a 302 (Found) status code, and providing the URL of what I call the ‘result page’ in the ‘Location’ header. An informal consensus seems to have developed around the convention that the new URL should automatically be retrieved using a GET request, which is exactly what we wanted, but contravenes the HTTP/1.1 (RFC2616) specification:

 10.3.3 302 Found

The requested resource resides temporarily under a different URI. Since the redirection might be altered on occasion, the client SHOULD continue to use the Request-URI for future requests. This response is only cacheable if indicated by a Cache-Control or Expires header field.

The temporary URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s).

If the 302 status code is received in response to a request other than GET or HEAD, the user agent MUST NOT automatically redirect the request unless it can be confirmed by the user, since this might change the conditions under which the request was issued.

RFC2616 helpfully points out that older versions of the specification go even further and explicitly prohibit changing the request method at all. Either way, the more correct status code is 303 (See Other):

10.3.4 303 See Other

The response to the request can be found under a different URI and SHOULD be retrieved using a GET method on that resource. This method exists primarily to allow the output of a POST-activated script to redirect the user agent to a selected resource. The new URI is not a substitute reference for the originally requested resource. The 303 response MUST NOT be cached, but the response to the second (redirected) request might be cacheable.

The different URI SHOULD be given by the Location field in the response. Unless the request method was HEAD, the entity of the response SHOULD contain a short hypertext note with a hyperlink to the new URI(s).

Now, 99.9% of the time it doesn’t make any practical difference which response code you use, and, as even the HTTP spec itself conceeds, using 302 redirects can improve compatibility with older user agents which may not understand the newer 303 response code. In practice, the vast majority of web applications use 302 redirects, but this may be partly due to their use of certain web development languages or frameworks that don’t easily support anything else - e.g. the sendRedirect() method of J2EE’s HttpServletResponse interface uses a 302, and, unless you explicitly tell it otherwise, calling header(’Location: www.mynewlocation.com’) in PHP automagically rewrites the response code with, you guessed it, a 302. There is also the fact that most people who call themselves web developers have never actually looked at the HTTP specification.

The reason I’m so annoyed about this at the moment is that I recently found myself trapped in that 0.1% of situations where the distinction actually matters. I was working on a mobile web application being developed in Java, which made heavy use of the ‘response.sendRedirect(…)’ method. When running the app on a Nokia 6300, I was surprised to find that the device actually popped up a dialog along the lines of ‘Data will be sent to another server…’. That wasn’t actually the case - the data was being sent to the same server - but testing confirmed that the handset really did resend all the POST data to the new URL. Switching to 303 redirects solved the problem on the Nokia, but it turned out that about 20% of all the handsets we tested simply didn’t understand the new response code (despite the fact that they all identified themselves as HTTP/1.1 compliant).  The result is that we are stuck using the ugly kludge that is user agent sniffing in order to work around a problem that shouldn’t exist in the first place.

Whenever a new story about Microsoft and the EU happens to be doing the rounds, I always make a point of visiting DailyTech. It is easily the worst of the major technology news sites, but nothing brings it to life like a good story about those sissy socialists in the EU fining a good ol’ hard working ‘merican company. You rarely need to read more than a few comments before the jingoistic wannabes chime in with their usual drivel about how Microsoft should pull out of Europe, and that the U.S. should impose sanctions and/or nuke Brussels. Something tells me MSFT stockholders are rather glad these people aren’t in charge.

However, as in almost any conflict, it is important to remember that just because one side is blatantly wrong, one cannot always assume that their opponents must be right. Of course, the half baked opinions of these pitiful plebs are hardly worth wasting bandwidth on, but is Microsoft really receiving fair treatment from the EU?

The new €899m ($1.35bn) fine has come about as a result of Microsoft’s failure to comply with an original 2004 anti-trust ruling, where the EU determined that MS were abusing their monopoly in the desktop Operating System market to edge out rival back-end server software vendors and competing media players. Now, the EU’s complaint about server-side interoperability may well be a valid one, but it doesn’t take a genius to see that the media player issue is a complete red herring. If you haven’t kept up with this story, the original ruling led to Microsoft’s European-only release of the ‘N’ editions of Windows XP, which, unlike the standard versions (which were still available for sale), were not bundled with Windows Media Player - essentially a re-run of the old Internet Explorer vs Netscape thing.

The problem with this approach is that Microsoft are hardly the only Operating System vendor to bundle a media player with their product. Apple have iTunes, and while Linux distributions typically offer a choice of playback software, there is normally one that is installed by default (e.g. Totem on GNOME based systems). In other words, the EU seem to think that practices which are acceptable for smaller companies become anti-competitive when they are employed by a company that already has a monopoly, when they should be concentrating on practices that are only possible because of that monopoly.

Let me give you an example:

In my opinion, Microsoft’s most anti-competitive practice by far is their habit of applying pressure to the major PC manufacturers so as to make it next to impossible to buy a computer ‘off the shelf’ that does not come with Windows preloaded (the so-called ‘Microsoft Tax’). I’m not necessarily suggesting that suppliers should offer a choice of Operating System - that would be an understandable support nightmare. But, if the EU seriously wants to put a dent in the Windows monopoly, they could do far worse than to pass legislation requiring Dell and friends to offer ‘naked’ PCs that, crucially, carry an appropriately lower price tag. Should this ever look like a serious possibility, Microsoft will, of course, play the ‘piracy card’, and assert that every PC sold without an OS will have a pirated copy of Windows installed on it, and, as our friends on DailyTech would tell us, software piracy funds terrorism and drug smuggling, but that’s another story entirely.

Since I started contracting three years ago, I have probably attended more job interviews than in all my previous years combined. My success ratio is finally high enough that I now decline more job offers than I accept, and for that I have to thank my newfound ability to see the interview process for the farce that it really is, and the tricks I have learned to turn this horribly broken system to my advantage. If you want the short version, here it is: tell them what they want to hear. It may sound obvious, but in my opinion, the biggest skill most interviewees lack is the ability to accurately interpret the interviewer’s speech, mannerisms and body language in such a way that they can frame their answers to suit the psychology and expectations of that particular individual. I’m not suggesting that you transform yourself into a spineless yes-man - that may well have the exact opposite of the desired effect - but just try to bare something in mind; every candidate that makes it to the interview stage is probably 100% capable of doing the job. The successful one will be the guy or gal that the interviewer thinks will slide into any existing team, business practices or strategy with the absolute minimum of friction. In other words, you will not help yourself by rocking the boat at this stage.

Fortunately, most interviewers you are likely to encounter show at least some of the traits I have stereotyped below.

The ‘Techie’

This is the only role that I have personally played on an interview panel, so I would like to think that it is the one that I understand the most. As the name suggests, the techie will be primarily interested in your technical abilities (or ‘hard skills’ as some of the more tedious business people call them). The techie may or may not have any actual faith or interest in the company’s product or business model, but you can normally tell quite quickly whether or not this is the case. Unless you are technically incompetent this will probably be the easiest part of the interview, but, as ludicrous as it sounds, the techie will probably be the member of the panel who gets the least say in the final decision. This is largely because their main role is to short list candidates before the actual interview stage, so, if you made it this far, you should thank the techie, because it means he or she liked your CV. Congrats.

The ‘Enterprise Architect’

This is a something of a techie-variant, but can be far more dangerous. They are often former programmers who found that they are actually more interested in the business side of things, and so they latch on to anything that they think advances software engineering as a craft in its own right. In other words, they view following whatever development methodologies or ‘best practices’ happen to be fashionable at the time as an end in and of itself. These people are the main reason why most large IT projects come in late and over budget, and proceed to under-perform from the day they are deployed to the day they are replaced. The problem is that senior management types tend to like these people because they speak in terms that they understand. That means you NEED the Enterprise Architect (’EA’) on your side.

Remember, the one thing the EA hates more than anything else is a geek. They see themselves as ‘professionals’, and don’t want to be associated with scruffy haired Star Trek fans. You will also need to remember not to make too much noise about your l33t c0d1ng 5kills - the EA’s own coding abilities are probably out of date, and rather lacking. Essentially, they are looking for someone who shares their philosophy that things like flipcharts full of Use Case diagrams and properly following the pair programming paradigm are more important than having the first clue about what you are actually doing.

The Middle Manager

The middle manager probably doesn’t know much about software development, and will probably ask generic questions designed to probe your ’soft skills’ (groan…). This is where you need pithy answers for questions like ‘could you tell be a bit about your strengths and weaknesses?’, ‘how well do you work with others’, or ‘how would your friends describe you?’. For the love of God, don’t tell them you’re only weakness is that you’re a perfectionist, that working with others is a hindrance, and that you don’t have any friends. In my opinion, this is one part of the interview where it is absolutely 100% acceptable to be, shall we say, less than honest. Your answers are essentially unverifiable anyway, and nobody really cares what you actually say. This is largely a box ticking exercise, and in any case, just seeing that you are socially savvy enough to tell them what they want to hear tells them almost everything they need to know.

The ‘Entrepreneur’

Like the Middle Manager, the Entrepreneur probably doesn’t have any software development experience of his own. What he does have is an idea for a product, a DVD box set of ‘The Apprentice’, and some sample interview questions he downloaded from the internet. I actually have a special place in my heart for this type of employer, since it was while being interviewed by one that I first developed the level of cynicism displayed in this article.

You see, the one thing you need to know about the entrepreneur is that when it comes to the scale and significance of his business idea, he is absolutely 100% deluded. The first time I met one of these people, the job advertisement made no mention of what specific technologies the product would be using - they just asked for a ‘web developer’. After describing the details of this supposed killer app, the interviewer said something along the lines of: “and since this is such a major project…” (it wasn’t) “…I think we should go with enterprise strength technologies, like J2EE, what do you think?”. And that’s when it hit me. Instead of answering “no way, I could do it in half the time in PHP and it would work just as well”, I realised that the way to this guy’s chequebook was through his ego, so I chirped back something like “Absolutely. The scalability requirements of something like this go far beyond what competing lower end technologies like PHP could provide”. I felt dirty, but it worked.

As an aside, I find it remarkable that supposedly business savvy people are often more tempted by marketing fluff than their technically-minded underlings. The unwritten subtext in the promotional material put out by people like Sun is something along the lines of “Open source technologies like PHP or RoR are OK for small scale web stuff, but Java is meant for serious business applications, and you are building a serious business application, aren’t you?“.

One other thing to bare in mind when dealing with the entrepreneur is that they will be far more impressed by an ‘Enterprise Architect’ than a run-of-the mill developer. That means you need to throw in buzzwords like Agile Methods, XP, RUP, and so on. He won’t have a clue what you’re talking about, but will pretend he does, and will make a point of looking them all up later, and like what he sees.

The Web 2.0 Wannabe

This is really just a special subclass of the ‘Entrepeneur’, but their business model is usually so laughable that they deserve their own mention. Essentially, the Web 2.0 Wannabe sees news reports about college kids raking in hundreds of millions off the back of one web site, and decides he wants a piece of that pie. What he fails to realise, though, is that the vast majority of successful Web 2.0 sites started out as either personal projects, or as a handful of developers collaborating on something in their spare time. In other words, they didn’t hire in a team of highly paid contractors to do the work for them - at least not at first - but remember that the wannabe is just as deluded as any other entrepreneur, so he thinks that his idea is bigger, better and more innovative than any that may have come before it. Using revenue from click advertising alone, it would often take 10 years to make back the money these people spend on the initial development, which means their one hope is that maybe, just maybe, they could get bought out. But I wouldn’t advise them to hold their breath.

If all else fails…

Just be honest. Don’t spend so long trying to psychoanalyse the interviewer that your answers come across as weasily or evasive. At some point you are always going to have to commit yourself to a firm stance on something, and if the interviewer doesn’t agree, well, too bad. The truth is that you also have to ask yourself whether you really want to work with people you know are fundamentally wrong anyway. If you are first starting out, you probably think that you can learn to live with anything so long as the pay is good, but, trust me, it grates a little more on you with each passing day. Just remember, there will always be other job interviews - that knowledge alone often gives people a sense of confidence that is lacking in those who show up thinking that the next 30 minutes are going to decide the course of their whole life. Convincing the interviewer that you would be doing them a favour by taking the job is never a bad thing.

Or should that read a ’second try’? I must confess that I was never really convinced by Torchwood’s first season. To explain why, I can do little more than direct your attention to this Dead Ringers spoof:

Dead Ringers parodies are often a little hit and miss, but this one captures Torchwood’s hopelessly contrived premise, tacky use of bad language and unconvincing attempts at gay rights activism perfectly. I particularly hope you caught the line about ‘the scrapings off the floor of a Buffy the Vampire Slayer script meeting’, because the producers obviously did. Indeed, they decided that the best way to attract viewers to the big season opener was to cast Buffy’s James Marsters, who played Spike, to play, well, Spike. Of course, this being a Russel T Davies show that goes out after the 9pm watershed, he’s a bisexual Spike, who has had a past relationship with Jack, but Spike nonetheless.

If you don’t believe me, think about this for a second: James Marsters isn’t really English - he’s American, and yet he turns up in Cardiff as Jack’s charismatic old flame from the future sporting the same mockney accent he spent seven years perfecting in Buffy. I imagine the rehearsals went something like this:

Marsters: Hi, Jack, you look hot in that trenchcoat // or words to that effect…

Producers: Cut. Do the Spike voice.

Marsters: You know, I’m an actor, I can perform using any of a number of…..

Producers: Do the Spike voice.

Marsters: Awright mate, keep yer hair on

I shouldn’t be too critical of Marsters, though, since it has to be said that his performance really is the only thing that gets this season off to a better start than last year’s mediocre effort. They have probably done enough to keep me watching, but the question I have to repeatedly ask myself is: If it weren’t for the Doctor Who connection, would I bother to sit through this show? If I’m being brutally honest, the answer is almost certainly ‘no’.

As I am sure most of you are already aware, Sun Microsystems has acquired MySQL AB (the company behind the open source MySQL database server that powers much of the world wide web) for the princely sum of $1billion. Many commentators are predicting doom, gloom, fire and brimstone (in that order), largely as a result of Sun’s supposed long term strategy to undermine the LAMP stack by promoting their own Solaris operating system as the platform of choice for MySQL deployment. From there, it wouldn’t be a great leap to assume that Sun would rather like Java to replace the PHP/Perl/Python part of LAMP. Personally, I think that Sun’s plans for world domination are probably far less ambitious than most doom sayers suggest, but if they are in the slightest bit interested in improving MySQL integration with their own technologies, they could do far worse than to eliminate one of my pet hates.

Database interaction in Java is normally performed using the JDBC API, and compatibility with individual database engines is provided by a vendor specific driver - Connector/J in the case MySQL. Now, Connector/J used to be licensed under the GNU LGPL (or Lesser General Public License), which essentially meant that it could be linked against proprietary software products, so long as certain conditions were met. Which was fine. More recently, though, MySQL AB decided to switch their JDBC driver to the full GPL, which, at least according to a strict reading of the license, means that any software linked against it (i.e. any Java application which needs to communicate with a MySQL database server) must also be distributed under a GPL compatible license. Now, some of you may think that MySQL are heroically doing their part in the fight for software freedom, but, look more closely and you will see that, coincidentally, MySQL AB will quite happily sell a commercial license for, and I quote, “those who don’t wish to be bound by the GPL”.

In other words, MySQL AB are abusing the spirit of the GPL in order to extort money from commercial software developers. Okay, perhaps ‘extort’ is too strong a word, but, ultimately, they are asking for money in exchange for a service that companies like Oracle, and even Microsoft (!) provide free of charge. Neither commercial database vendor’s JDBC driver is ‘Free’ in the GNU sense of the word, but both allow for commercial redistribution at no additional cost.

None of this would annoy me as much as it does were it not for the fact that this issue is largely unique to Java developers. For example, look at vBulletin, the commercial forum package developed in PHP. It is completely dependent on an underlying MySQL database, but I seriously doubt they have paid MySQL AB a penny. Communicating with a MySQL server using PHP requires that your PHP binary be linked against the MySQL client libraries, which are also licensed under the GPL, but MySQL AB actually go so far as to grant a specific exemption which grants “permission to distribute derivative works that are formed with GPL-licensed MySQL software and with software licensed under version 3.0 of the PHP license”. The exemption is not actually relevant for our purposes, since it is intended to allow the distribution of PHP binaries with MySQL support built in, but not even the most devout Stallman follower is going to argue that a script that runs under a GPL-licensed interpreter must itself be distributed under the same license.

So, will Sun do anything about this? They should do, but somehow I doubt it. Having coughed up $1 billion for a company that gives its main product away for free, I suspect that Sun will, if anything, look to expand MySQL AB’s range of paid options. But they will be making a mistake.

A statistician friend of mine has given me permission to publish a few preliminary results from a study he has been performing into sexual attitudes of young adults (aged around 18). The study pays particular attention to the level of impact, if any, that education and academic performance have on those attitudes.

Methodology

A total of 1000 questionnaires were sent to 4 tertiary education colleges and sixth forms in 4 different parts of England: Bridgwater (in Somerset), London, Manchester and Leeds. They were issued to students during tutorial or social studies lessions, and the students were asked to complete and return them anonymously. A total of 619 responses were received. Apart from their answers to the questions outlined below, the only personal information obtained about each individual student was their gender (male or female), orientation (gay, straight or bi), age on 01/06/07, and the name of the academic institution they attend. The survey only counted results from respondents who considered themselves heterosexual.

Before I proceed with the results, it may be necessary to define some terms for the benefit of any overseas readers. In England, compulsory education ends at the age of 16, when students generally sit exams in approximately 10 subjects for the qualification of ‘General Certificate of Secondary Education’ (GCSE). All but the very least academically inclined students progress to tertiary education - for most, that means the ‘A-Level’ qualification (which is taken in around 3 subjects), but there are also other options, some of which are equally as respected as the A-Level, but many are seen as vocational employment training for weaker students (we’re talking hairdresser certifications here…). Whatever type of qualification the student chooses to pursue, 99% last for two years, and take them up to the age of 18. All of the students questioned as part of this survey were near the second year of their course.

Anyway, for the purposes of this survey, students were allocated an academic achievement score based upon their performance in three core subjects: Mathematics, Science and English Language. Note that the vast majority of students now take a combined ‘Science’ GCSE that combines topics from both pure sciences (physics, chemistry, etc.) and applied sciences (one of which is laughably referred to as ‘the science of sport’, but that’s another topic entirely). GCSEs have eight passing grades: A* (pronounced ‘A star’), A, B, C, D, E, F and G. An A* was deemed worthy of 8 points, an A of 7 points, and so on in that fashion until a grade G becomes worth 1 point, and a fail worth 0. So, a student with A* grades in all three subjects is allocated 24 academic achievement points, while one with a C, a D and an E is allocated 12. As a rule, grades C and above are considered ‘good’ passes, so, in this survey, a ‘minimally competent’ student would get 15 points.

Results

One thing I should probably point out that I don’t have access to the individual responses, only the summary data that has been e-mailed to me. With that in mind, we can proceed to the first question.

1. Are you a virgin?

This question left it entirely up to the respondent to decide the exact meaning of the word ‘virgin’ - i.e. some may consider themselves virgins only if they have never engaged in full intercourse, whereas others may consider other activities such as oral sex to be ‘de-virginizing’.

Essentially, this is the theme of the whole article so unless you are particularly interested, you may as well stop reading here :-P. Basically, the more intelligent students were more likely to be virgins at the age of 18 than their less intelligent peers. One thing that struck me as particularly interesting, though, was that the trend looks much stronger amongst females than males:

Yes, it’s blue for boys, pink for girls. Please, don’t bother with the gender-traitor hate-spam. Thanks.

2. How many sexual partners have you had?

The data for this question includes results from respondents who claimed to be virgins in response to Question 1. This is because the ambiguous use of the word ‘virgin’ might mean that someone who considers themselves a virgin because they have not experienced actual intercourse could easily count someone with whom they have, for example, performed or received oral sex as a ’sexual partner’.

Reactions

Without meaning to paint myself as either a paragon of virtue nor a prude, I have to admit that the thing that struck me most about these results was the amount of sex that teenagers are having nowadays. Of course, my surprise probably stems largely from the fact that I attended an all-girls school, and didn’t lose my virginity until my second year at University, so I am hardly representative of the majority of students.

Turning to the data itself, as I have already mentioned, I don’t have access to the full data set or any more summary data than is presented here. That means that I am very much looking forward to the full publication of this study, and would like to offer my congratulations to all involved. For the time being, though, my observations can be summarised as follows:

• On the surface, it seems that the stereotypical view of the brainy geek with big glasses and no sex life is still at least partially valid. However, I hope that the final publication includes a subject-by-subject breakdown of the results.

• It is fascinating that the correlation between academic performance and virginity is much more pronounced amongst girls than boys. I think that there is still a tendency for virginity to be seen as a virtuous state for a girl, especially amongst those born into a higher social standing, whereas an adult male virgin tends to be looked down upon regardless of class distinction. Yes, I know I’m assuming that academic performance is linked to social standing, but, as unfortunate as it is, this is still largely the case

The only potential issue I have with the survey itself is that only inviting students at further education colleges and sixth forms to take part must, presumably, have meant that the number of respondents coming from a background of very poor academic achievement must be tiny - I would be surprised if each institution had more than three or four students who didn’t manage to pass at least one GCSE.