Choosing a C++ Editor

This is an update of a post that originally appeared on August 25, 2014.

A lot of people have asked why I chose Code::Blocks as the editor for C++ All-In-One for Dummies, 4th Edition. There are a number of reason that I chose this particular editor including:

  • Ease of use
  • Free download
  • Runs on a large number of platform types
  • Provides internationalization support

However, the fact that Code::Blocks works well for the book and for most beginning projects doesn’t mean it’s the best solution for your particular needs. There are many different C++ Integrated Development Environments (IDEs) out there and I’m constantly trying new products. When the new version of Visual Studio comes out, you can be sure I’ll obtain a copy and check it out because some of my readers use Visual Studio. The problem with Visual Studio is that it tends to use Microsoft additions to the C++ language and it also doesn’t run on all the platforms that the book must support. However, if you’re working with Microsoft systems and need to create a relatively large project, Visual Studio might be a good choice for you—only you can make that determination.

The Eclipse IDE is another good selection. I had thought about using Eclipse for C++ All-in-One for Dummies, 4th Edition, but after reviewing the IDE and comparing it to Code::Blocks, I felt Code::Blocks was a lot simpler. Even so, if you need great multiplatform support for your C++ projects, Eclipse is a great choice.

I recently looked at another IDE, Intel® oneAPI Base Toolkit. This is most definitely not a IDE for the faint of heart or the light of pocketbook (the asking price for the cheap version is $1,499.00). The main reason to obtain a product like this one is that it provides phenomenal parallelism support for multiprocessor applications. In other words, you use this sort of IDE for high end projects. You can read all the other features this product offers on the vendor site. One of the other items that grabbed my attention is that it provides both multiplatform (Windows, Mac, Linux, and Android) and multiformat (Phone, Tablet, PC, Ultrabook, and Server) support. Whether this particular IDE makes sense for your needs depends on the kind of applications you create.

Although the information in Wikipedia is often suspect, you can find a comparison of various IDEs at http://en.wikipedia.org/wiki/Comparison_of_integrated_development_environments. The best way to choose a C++ IDE is to look for a product that meets your needs and then try it out on a subset of the problem you’re trying to solve. Researching the IDE you use is essential because a mistake can cost you a lot of time later. Not every IDE support every C++ feature, every platform, or every team need. Tell me why you think I should move to something other than Code::Blocks for the next edition of the book at [email protected].

Techniques for Choosing a Technical Book

This is an update of a post that originally appeared on April 13, 2011.

I often get e-mails from potential readers asking whether a book I’ve written is the right choice for them. I try my best to ask about their needs and provide an unbiased answer. It’s in my best interest to provide the best answer I can, rather than make a quick sale and have to deal with a discontented reader later. However, in all honesty, it’s hard for me to be completely unbiased because I know my books better than any other book out there. I’ve spent many hours carefully crafting my books and know them quite well. Even when I read a work written by someone else, which I do regularly, I’m less familiar with it. Still, I do try my best to provide a good answer.

Getting a potential reader to make a good selection is still the best scenario in my mind. A number of readers have asked that I provide them with some specific technique for doing this, but all I can offer is a partial solution. The technical content of a book is only part of the solution for any reader. A reader must also consider the author’s method of presenting material and writing style. The use of teaching aids is also important. You must ask whether you want a book that contains questions or activities at the end of each chapter—many readers learn more by doing, than by reading. Communication, even in books, is a two-way process. The author often communicates ideas in subtle ways that help some readers and offend others. When a reader writes to an author, the author picks up subtle hints on how to improve the next book. It’s an ongoing process.

Everyone begins looking for a book by viewing the cover. Something about the title tells you that this could be a helpful book. The cover design and text tell you something about the book’s content from a marketer’s perspective. If you stop here, however, be prepared for disappointment. I’ve had more than a few covers that just didn’t do justice to the content of my book and a few that ended up misleading some part of the reader population. Believe me when I say that it’s never my goal to mislead anyone—I want my readers fully informed before making the purchase and happy with the book they receive. Covers are incredibly hard to get right because there is so little space on them to convey information that’s truly useful to everyone.

When I select a book, I normally begin by reading the Introduction. This important bit of reading is only seven or eight pages long in most cases, but usually characterizes the author’s attempt to convey everything the book contains as an overview. Reading the Introduction tells you about the author’s writing style and informs you about skills required to use the book successfully. You also discover special equipment and software that you need to use the book. If you find yourself disagreeing with the Introduction, you can be certain that you won’t like the rest of the book either.

Most people purchase their books online today. Gone are the days of browsing for books in bookstores, which is a shame because I found many unexpected treasures that way. I still go to a bookstore when I can, but most of the time I have to make do with a site like Amazon.com. With this in mind, make sure you avail yourself of the Look Inside feature and take the time to read things like the table of contents, introduction, and a writing sample. Some publishers hide the content of their books and don’t provide a Look Inside feature. I generally don’t buy these books because it’s not possible to know what I’ll get.

Next, I look at the Table of Contents to determine whether the topic I need is covered in sufficient detail to warrant a purchase. A book’s title and cover material is often deceiving. The Table of Contents tells me more about the book content from the author’s perspective. I go through the entire Table of Contents just to see what sorts of interesting information the author has decided to include. I may also thumb through the index to determine more about topics covered in the book. It’s important to note that the index is normally created by a professional indexer and not the author, so the index may not tell you everything you need to know, but it’s a great place to see the sorts of topics the author has chosen to discuss.

Finally, I go to the specific chapters that I feel provide the information that I want from the book. (When I can’t see the specific chapter I want online, then I at least try to read through the sample chapters that the publisher does provide.) I’ll eventually read most of the book, but these chapters are my main reason for buying the book today, so that’s where I look. I probably won’t read the entire chapter in the store (or online using Amazon’s Look Inside feature), but I’ll scan it and pay attention to particulars such as the code provided in examples or figures used for explanation. I’ll read segments of the discussion to see how much information the author provides and how the information is conveyed.

I know that many people consider my approach too time consuming. It is a time consuming approach, but I find that I make fewer bad purchases using this technique. I’ve had more than a few people write to me to ask why I didn’t cover a particular topic in my book and I have to wonder why they didn’t realize that the material was missing when they made the purchase. A few readers have literally written that they ran into the store during lunchtime (or checked it out on Amazon), looked at the cover and decided the book must include what they need, put down their hard earned money to buy the book, ran back to work, and only then bothered to look inside. If you truly are pressed for time, please do write before buying one of my books. I’ll provide you with the least biased answer I can. However, the best way to buy a book is to make your own decision using the techniques found in this post. Let me know your ideas about buying books at [email protected].

Machine Learning Security and Event Sourcing for Databases

In times past, an application would make an update to a database, essentially overwriting the old data with new data. There wasn’t an actual time element to the update. The data would simply change. This approach to database management worked fine as long as the database was on a local system or even a network owned by an organization. However, as technology has progressed to use functionality like machine learning to perform analysis and microservices to make applications more scalable and reliable, the need for some method of reconstructing events has become more important.

To guarantee atomicity, consistency, isolation, and durability (ACID) in database transactions, products that rely on SQL Server use a transaction log to ensure data integrity. In the event of an error or outage, it’s possible to use the transaction log to rebuild pending database operations or roll them back as needed. It’s possible to recreate the data in the database, but the final result is still a static state. Transaction logs are a good start, but not all database management systems (DBMS) support them. In addition, transaction logs focus solely on the data and its management.

In a machine learning security environment, of the type described in Machine Learning Security Principles, this isn’t enough to perform analysis of sufficient depth to locate hacker activity patterns in many cases. The transaction logs would need to be somehow combined with other logs, such as those that track RESTful interaction with the associated application. The complexity of combining the various data sources would prove daunting to most professionals because of the need to perform data translations between logs. In addition, the process would prove time consuming enough that the result of any analysis wouldn’t be available in a timely manner (in time to stop the hacker).

Event sourcing, of the type that many professionals now advocate for microservice architectures, offers a better solution that it less prone to problems when it comes to security. In this case, instead of just tracking the data changes, the logs would reflect application state. By following the progression of past events, it’s possible to derive the current application state and its associated data. As mentioned in my book, hackers tend to follow patterns in application interaction and usage that fall outside the usual user patterns because the hacker is looking for a way into the application in order to carry out various tasks that likely have nothing to do with ordinary usage.

A critical difference between event sourcing and other transaction logging solutions is the event sourcing relies on its own journal, rather than using the DBMS transaction log, making it possible to provide additional security for this data and reducing the potential for hacker changes to cover up nefarious acts. There are most definitely tradeoffs between techniques such as Change Data Capture (CDC) and event sourcing that need to be considered, but from a security perspective, event sourcing is superior. As with anything, there are pros and cons to using event sourcing, the most important of which from a security perspective is that event sourcing is both harder to implement and more complex. Many developers cite the need to maintain two transaction logs as a major reason to avoid event sourcing. These issues mean that it’s important to test the solution fully before delivering it as a production system.

If you’re looking to create a machine learning-based security monitoring solution for your application that doesn’t require combining data from multiple sources to obtain a good security picture, then event sourcing is a good solution to your problem. It allows you to obtain a complete picture of the entire domain’s activities that helps you locate and understand hacker activity. Most importantly, because the data resides in a single dedicated log that’s easy to secure, the actual analysis process is less complex and you can produce a result in a timely manner. The tradeoff is that you’ll spend more time putting such a system together. Let me know your thoughts about event sourcing as part of security solution at [email protected].

Perfect Love

Perfect love casts out my fear.
Keep your perfect love so near
that I never fear again.
Perfect love for you attain,
‘til my heart with love is filled
and my spirit never chilled.

All around the world I see,
how a perfect love could be,
an answer for mankind’s woes,
when hatred and evil flows,
fueled by fires of doubt and fear,
no one lets the other near.

Open eyes to perfect love,
gift of wonder from above.
A love that gives, never takes,
love that grants others mistakes,
that counts no loss and no gain,
that makes our hearts young again.

Copyright 2012, John Paul Mueller

Is Email Dead?

This is an update of a post that originally appeared on March 4, 2011.

When I originally wrote this post, everyone was proclaiming the death of email, yet here we are 12 years later and I’m still using email to conduct almost all of my business. The original ComputerWorld that I cited describes a company that is moving from email to social media as an exclusive option. However, many current articles like Is email dying as a business communication channel? talk about the demise of email being premature. Currently, I don’t use any of the options mentioned in the ComputerWorld article and don’t have time (or the inclination) to start using them. Don’t get me wrong, social media probably solves problems for some part of the population, it just hasn’t worked out well for me. I can’t see myself outputting tweets about my daily activities and some of the articles I read about Facebook are just plain scary. The company that thinks your right to privacy is irrelevant is facing all sorts of legal problems these days, but it’s entrenched enough that I doubt we’ll see it go away anytime soon.

My main problem with most modern communication solutions is that they’re overly intrusive. I was in the bathroom the other day and a guy was engaging in business while sitting on the commode; he just couldn’t be bothered to turn his cellphone off to take care of personal matters. That’s just one of many scenarios I’d prefer to avoid. There is strong evidence to conclude that our society has become preoccupied with communication, to the detriment of all. Just how many people died last year from texting accidents? According to the The Zebra, texting causes 1.6 billion accidents per year (and the other statistics on the site are even scarier). The National Highway Traffic Safety Administration (NHTSA) logged 3,142 texting-related deaths in 2020. I’m pretty sure I don’t want to talk with someone that badly.

All this said, I did have my first Zoom meeting this year. Except for being able to see the people I was talking with, I just don’t see any reason to use it. Actually, I don’t care what the people I talk to look like as long as they can “lift their end of the log.” Products like Zoom perpetuate bias by promoting impressions based on personal appearance—I consider them dangerous. There is even an issue with the stress and fatigue that using products like Zoom cause as described in On the stress potential of videoconferencing: definition and root causes of Zoom fatigue. All this would be bad enough, but email eliminates issues like people’s accents (given that I’m hard of hearing, accents cause me no end of woe in understanding someone’s conversation). It also provides a paper trail I don’t get with Zoom. So, unless someone is having a serious tantrum, I plan not to revisit Zoom.

I have to admit that in the past 12 years that social media has proven to provide some benefit to business, as described in 22 Benefits of Social Media for Business. As with anything, the disadvantages could outweigh the benefits, as described in 10 disadvantages of social media for business. Here are my personal reasons for choosing email over social media or other options like Zoom:

  • Social media assumes a level of connectivity that I’m simply not willing to allow.
  • Email works better because someone can send me a message and I can handle it later; at my convenience.
  • More importantly, I can handle the email at a time when I’m not distracted by something else.
  • I can provide a thoughtful answer; one that I’ve researched and thought through carefully.
  • Email also provides me with a permanent written record that I can reference later when I have questions about the discussion.
  • Most important to me is that email makes it possible for me to deal with other people without any bias—I don’t care what they look like, what they’re wearing as they type their response to me, where they live, whether they have an accent, or any of a number of other issues that seem to have the world in an uproar today. All I care about is whether they can do the required work.

Personally, I don’t see e-mail as a dead communication technology. If anything, it’s becoming more important to me as I age and my memory becomes less dependable. As far as I’m concerned, the always connected nature of most social media today simply isn’t a good solution if you want to be productive. So, what’s your take on social media? Let me know at [email protected].

Pausing the C++ Example Output

This is an update of a post that originally appeared on December 23, 2013.

A number of readers have written to ask about running the example code in C++ All-In-One for Dummies, 4th Edition. The book shows that the examples pause so you can see the output, yet a few people experience problems getting the example to pause as shown in the book. Let’s take the first book example. When you run the example, you should see a command window similar to the one shown here open.

The paused output of a Code::Blocks example.
The paused output of a Code::Blocks example.

This is how the command window looks in Windows, but if you use some other operating system, you should see something similar. Notice that the output is paused. Pressing any key will cause the window to disappear and the example to end. The purpose of pausing the output is so that you can see the result.

There are two common reasons that people aren’t seeing the output pause. The most common reason is that the example is run in debug mode. Make sure you click Run or choose Build | Run to execute the example. If you click Debug/Continue or choose Debug | Start/Continue instead, the example will execute without pausing and you won’t see the output. Of course, you can always set a breakpoint to get the example to pause, but most people simply want to see the example output which means running the example, rather than debugging the example.

A less common cause is that the project environment is configured incorrectly. Normally the Code::Blocks environment automatically pauses when you run the example. However, it’s possible to set Code::Blocks not to pause. Some readers inadvertently change this setting while exploring the environment. In order to check this setting, choose Project | Properties to display the Project Targets/Options dialog box. Select the Build Targets tab and you see the dialog box shown here.

The Build Targets tab of the Project Properties dialog box contains a Pause When Execution Ends setting.
Changing the default Code::Blocks settings can cause the IDE not to pause the output.

Notice the Pause When Execution Ends option. If this option is cleared, the example won’t pause when you run it. Make sure this option is checked and click OK. The projects that come with the downloadable code all have this setting set up correctly.

Of course, there could always be other reasons why the examples aren’t pausing. Please let me know if you have any problems setting the example output. It’s essential that you be able to see the example output as you follow along in the book to understand how C++ works. Send your queries about this (or any other book-specific) topic to [email protected]. I always want to ensure you have the best possible experience when using my books.

Finding Code::Blocks Tutorials

This is an update of a post that originally appeared on February 10, 2014.

Sometimes it’s hard to know precisely how to cover information in a book because each reader’s needs are different. One reader may be somewhat knowledgeable and not need tutorials, another reader might me a complete novice and require more assistance. Over the years, I’ve come to appreciate the landslide of comments I receive about my language books when they deviate to discuss topics other than the language. Most readers don’t want to read about anything other than the language. In fact, in a few of my language books I’ve stopped mentioning any sort of IDE except in passing (and sometimes not at all).

C++ All-In-One for Dummies, 4th Edition is a little different from most of my language books in that it must make mention of an IDE in order for the reader to follow all of the examples. (In fact, there are two: one for mobile development and another for desktop development, this post is specific to Code::Blocks, which is used at the desktop.) Because I want the book to work well on all platforms, I’ve chosen Code::Blocks as the IDE for this book. This particular IDE works on all of the platforms that the book supports (Mac, Linux, and Windows) in a similar fashion, so one set of instructions works for everyone. In addition, Code::Blocks enjoys great community support and has a large enough user base that it’ll be around for a long time.

This book does contain a few bits of information about Code::Blocks because it must in order for the reader to follow the examples. However, I’ve purposely kept the amount of information about Code::Blocks to a minimum because this really is a language book and you could use any IDE with it, not just Code::Blocks. It’s difficult to walk the line between providing enough information about the IDE and not enough. Whether I’m successful depends on the skill level of the reader for the most part. The beta readers of the current edition are definitely letting me know where I need to add more information to ensure the material is understandable, but there will always be some room for readers to feel there is either too much or too little coverage.

With this in mind, I’ve provided tutorial-type posts in the C++ All-in-One for Dummies category. If you have a question about how to perform a task in the book, this is the first place to look. Make sure you contact me at [email protected] if you have questions, because then I’ll know to discuss the topic as part of a blog post. What it all comes down to is my wanting to provide you with the information you need, but not knowing what that requirement is until you contact me.

Code::Blocks also comes with a nice help file, but you might not know it. Choose the Help | Codeblocks option and you’ll see a new window pop up with the help information. I must admit that it would have been better had the vendor provided a different command for accessing the help file, but at least the help file is there.

Even with these two resources, you’ll likely find situations where you need more information. As I said, Code::Blocks enjoys good support in the development community. The following list contains some tutorials you can try when none of the other sources I’ve mentioned help.

There are other tutorials available. What I need to know is whether these tutorials answer your questions or not. If not, what topics do you need covered that my blog doesn’t already discuss? It’s important to me that you have a good learning experience with my books so always feel free to contact me about topics you’d like to see covered in the blog.

Giving Hackers an Exciting Target

Hackers will attack anyone, any organization, or anything that seems to offer the promise of something in exchange for the time spent: money, resources, revenge…the list goes on. However, for many hackers the kicker for choosing somewhere to hit is some level of challenge, some sort of excitement. After all, why attack a boring site when there is one out there literally begging you to attack it? Such is the case with GrapheneOS, which bills itself as:

The private and secure mobile operating system with Android app compatibility.

GrapheneOS Website

According to Multiple DDoS Attacks at GrapheneOS — What’s Going On Behind the Scenes?, GrapheneOS has recently endured multiple attacks. I verified the story on Twitter from a post by GrapheneOS. Such an attack can happen to anyone at any time. Keeping a low profile seems prudent, but not always possible (as is the case here). One of the things I stressed when writing Machine Learning Security Principles is that anything an organization can do to make attacks harder and less attractive will only reduce the security burden of the organization in the long run. Keeping a low profile tends to make an attack less attractive.

The reason that I was attracted to this particular DDoS attack is that GrapheneOS is using Synapse, an AI-based product. The article, Synapse Technology Corporation: Using AI to Take a Good Look at Airport Security, tells you a bit more about the history of this product. In looking at the Synapse website, you can see that they have some interesting customers, including the military and government. Oddly enough, I’m not seeing any other reports of major problems with Synapse. The problem must be with the GrapheneOS security setup.

The bottom line is that if a hacker decides to break into your organization, it’ll happen at some point no matter how good your security systems are, which means that it’s essential to combine security with monitoring and analysis of attack vectors. Keeping a low profile is essential too because hackers, like the most of the rest of us, love a good challenge. Reviewing attacks like the ones targeted at GrapheneOS can help you improve your own security setup. Let me know your thoughts on AI-based security at [email protected].

Mind Boggling Questions in C++

This is an update of a post that originally appeared on December 13, 2011.

I constantly tell readers they need to view my books as a starting point, rather than the end of their education on a particular subject. This sentiment holds true for C++ All-In-One for Dummies, 4th Edition as it does for all of my books. When you read this book, you get a really good start with C++. By the time you’re finished, you can create some useful applications and you know enough about the Code::Blocks IDE to use it effectively. Fortunately, there are many places online to expand when it comes to C++ and I ran across one of them in an article entitled, Amusing C++. The title, more than anything else, caught my attention. What, after all, could be amusing about C++?

This is one of those sorts of articles I wish I had thought to write myself. The author has a unique perspective about C++ and some of the issues you could face when working with it. More importantly, the article uncovers some interesting compatibility issues between compilers, all the while having fun with the C++ language.

These sorts of mind boggling questions force even professional developers to think about the language and how it works. It may seem as if a language specification is solid, but then you see that there are gaps in how the specification is put together and that there is room in the standards for unique vendor implementations. Working with unique implementations can lead to innovation, but it can also lead to all sorts of compatibility issues when you need to move your application from one product to another.

After you’ve completed reading my book, make sure you continue on with online resources. Of course, the place that you should look first for issues related to this book (and some general interest C++ topics) is the C++ All-in-One for Dummies, 4th Edition category on this blog. It’s a shame that this particular Dummies book doesn’t include the Parts of Tens feature that is found in other Dummies books. However, here are ten places you can look for C++ materials and examples:

Where do you get additional information about C++? What sorts of information do you look for on these sites? Let me know at [email protected].

Comment and Document Updates for CI/CD

In reading about Continuous Integration/Continuous Deployment (CI/CD) I often find ways to manage the code, to get people around the code, to keep errors out of the code, and so on. It’s all about the code. Developers have, in fact, developed myriad ways to keep code size small, updated, deployed, tested, and so on to ensure that users have what they want, when the they want it (if not before). Sometimes my head spins on its axis after reading such documents because it becomes a high speed dizzying affair. It’s somehow assumed that everyone can just keep up. Except, there are new people and older people and people with lesser attention spans who can’t keep up, which is why comments and documentation are so important.

As part of the coding process, developers also need to update both comments and documentation or someone will come along and make modifications based on outdated information. Even though making such updates seems like a waste of time since everyone should be able to keep up, the truth is that these updates ultimately save time. However, the updates, when they occur (which apparently isn’t often) are often made in a haphazard manner reminiscent of an old Keystone Cops movie.

Adding a process, a workflow, to the CI/CD mill is important to ensure that everything remains in sync: code, comments, and documentation. A best practice way to accomplish this task is to add steps to every update process so that nothing is left behind. Here’s how you could approach the problem:

  1. Perform the required code updates.
  2. During testing, ensure that the comments within the code actually match what the code is doing. Testing and other review processes should not only look at the code, but the comments too.
  3. Update the documentation as final testing occurs. Make sure to include these elements:
    • Text
    • Drawings
    • Mockups
    • Visual Aids
    • Videos
    • Any other documentation elements
  4. Specify that any old comments/documentation are outdated using one of these approaches:
    • Mark it as deprecated
    • Remove it from the work area and put it in an archive
    • Delete it completely
  5. Deploy the application update. If you don’t deploy the update after these steps are done, they won’t get done. Everyone will wander off somewhere and forget all about any sort of comment or documentation update.

Obviously, the approach you end up using has to meet the requirements of your organization. It also has to be simple enough that people will actually, albeit begrudgingly, perform the work. What methods do you use to keep everything in sync at your organization? Let me know at [email protected].