GnuCash Configuration for DKB

Diese Infos habe ich verteilt und unvollständig im Internet gefunden. Hier ist alles einmal zusammengefasst:

Um ein DKB-Konto für GnuCash zu konfigurieren:

  • AqBanking Wizard Starten
  • Erstellen eines neuen aqhbci backend
  • Auswahl: Setup PIN/TAN
  • Bank Code: 12030000 (BLZ)
  • Server: https://hbci-pintan-by.s-hbci.de/PinTanServlet (siehe DKB FAQ)
  • Name: Kontonummer einsetzen
  • User Id: Legitimations-ID einsetzen. Diese kann gefunden werden im DKB online banking unter Verwaltung & Sicherheit > Benutzerinfo
  • "Show Special Settings" auswählen, dort folgendes ändern:
  • HBCI-Version: 2.2
  • Force SSLv3 (Hinweis: bei mindestens einem anderen Nutzer funktioniert es nur, wenn SSLv3 deaktiviert ist – wenn’s nicht klappt, beides ausprobieren).
  • Ab hier sollte alles problemlos abgeschlossen werden können.

Viel Erfolg!

Major annoyance: Web sites that detect your language by IP address

Why is it that nobody cares about the fact that web browsers can send the preferred locale to a web server?

I like Google, but the way they handle this is just horrible.  Yes, there are workarounds, but I don’t need a web site detecting what language I am interested in.

The latest site with this habit that I noticed is IMDB: Browsing it in Germany leads to the comical situation where the site content is in English but the Movie Titles are in English.  This doesn’t make ANY sense.  Yes, there is a workaround too (create an account, set the language in the settings), but this is just stupid.

The sad thing is that this won’t improve any time soon.

Bad Experience with Afian File Manager

I recently installed the Afian File Manager for a customer.  All they needed was a simple way for safely sharing large files with customers.  There are plenty of web file managers available (free and commercial), but surprisingly few support uploads beyond what the web server allows.  Afian was one of them.

Turns out they realized the big file upload with a Java Applet that chops the file into small chunks that are sent one by one and then reassembled by a PHP-Script on the back end.  So far so good.  It worked in their life demo, but it didn’t work on our server.  The difference?  We used SSL.  I didn’t consider this an issue, as the Q&A page stated:

"Does it work with SSL?
Yes, you can use it with SSL, and there’s no configuration involved. It’s just a matter of running Afian under a https (secure http) address. Our personal opinion is that this method would be a bit excessive. But we all know that it puts people at ease about security…"

When I contacted tech support, they told me that the Applet-Upload doesn’t work with SSL.  What the… didn’t I just read something else?  So I revisited their Q&A page, which now read:

"Does it work with SSL?
Yes, you can use it with SSL, and there’s no configuration involved. It’s just a matter of running Afian under a https (secure http) address. The drag&drop upload method however, will still be using HTTP."

In fact, they changed  this within minutes of my support question regarding SSL. But fortunately, the Google Cache still held the original text.

Afian has a strict refund policy (something that actually made me nervous before the purchase).  But I thought okay, let’s give them the benefit of a doubt.  So I requested a refund without mentioning the Google cache page.  Had they just refunded the money, then I wouldn’t have written this blog entry.  Instead I got this:

"Please review the agreed refund policy: http://www.afian.com/refund-policy
We did not claim that the drag&drop upload feature works over HTTPS."

After I pointed out that the feature was offered at the time of purchase (proving it with the Google Cache link), they withdrew and issued the refund.

But this left a sour aftertaste, that is just no way to treat customers.  They are free to do business as they see fit – even though changing the web site for not having to issue a refund is borderline, to say the least.  But ultimately they are hurting themselves.  With a little more generosity, they may trigger positive blog entries.  And let’s face it, with a product like this, positive reviews are by far the best marketing – and bad reviews are poison.

Running Rodin 1.1 with Ubuntu 9.10

I had a few issues getting Rodin 1.1 to work properly after Updating Ubuntu to 9.10.  The main issue is the HTML-Viewer that Eclipse uses.  It wraps Firefox/xulrunner in an SWT-Control.  Unfortunately, Firefox 3.5 (xulrunner 1.9.1) is incompatible with Eclipse 3.4, on which Rodin is based.

To work around this problem, you need to install xulrunner 1.9.0.  I installed it locally at ~/opt/xulrunner-1.9.0.15

Next, you need to edit your rodin.ini (in the Rodin installation directory) and add the following line:

-Dorg.eclipse.swt.browser.XULRunnerPath=~/opt/xulrunner-1.9.0.15

That’s it!  This also works for running Eclipse 3.4 (in that case, you have to edit eclipse.ini).

Good luck!

Building a GWT app that is an Eclipse Plug-In

For my own reference:

  • Create a new GWT-Project
  • Give it a standard Plug-In name (e.g. de.jastram.gwtexample)
  • Give the Project the Plug-In Nature (Right-click on Project > Configure > Convert to Plug-in Projects…)
  • Add Dependency to de.jastram.jettyrunner
  • Add Extension de.jastram.jettyrunner.warrunner
  • Add a war-element
  • That’s it – don’t forget to compile.

Using Map Requirements Modelling with the B-Method

A colleague recommended a paper by Babar, Tosic and Potter, entitled "Aligning the Map Requirements Modelling with the B-method for Formal Software Development."  There is certainly some overlap with my research, and it’s interesting for me to see Problem Frames being integrated in the approach presented as well.

To be honest, I was a little disapointed.  The most crucial part of the method is how to get from the requirements to the formal model.  This is described in Sec. 3, but in such an informal manner that I don’t see that much value.  It shows that the methods are compatible, but little beyond that.  I guess that’s what the authors mean by "aligning" the methods.

Independent Verification and Validation of Software pays of (big time!)

Just finished a paper Evaluating the effectiveness of independent verification andvalidation by Arthur et.al.  What the authors state is not that surprising: independent verification and validation (V&V) efforts result in significantly better results than V&V done by the same team.  This paper is interesting for a number of reasons:

  • The result stem from a controlled study of two identical projects, one realized with "normal" V&V (done by the team), the other using independent V&V
  • The independent V&V group detected significantly more critical faults (97 vs. 58).  Why? The authors conclude that a new class of faults was identified by the IV&V group: "The IV&V team from Group 1 identified an additional class of critical faults not found by Group 2. More specifically, a substantial number of the critical faults reported by Group 1 stem from the detection and recording of ambiguous or unclear statements in the requirement specifications and design documents. (…) Group 1 reported 40 such faults. (…) Group 2 reported only one such fault."
  • Even though both projects were completed and considered a success, things during acceptance testing looked different.  An independent acceptance test suite consisting of 36 tests was provided.  The non-independent V&V group’s software passed only 11 tests, while the independent V&V group’s software passed 33.

Analyzing Natural Language Requirements – automatically?

QuARS is a tool for analyzing Natural Language Requirements – although it would be an exaggeration to call it "automatic".  The tool performs a morphological and syntactical analysis on plain text requirements and attempts to measure vagueness, subjectivity, weakness, and a few more.

Natural Language Requirements (NLRs) won’t go away any time soon – that’s why this kind of research makes a lot of sense.  But it’s unbelievable tricky to work with NLRs in an automated way.  There are three main approaches to deal with the richness of natural languge:

Restrictive: constrain the form of the NLRs, e.g. using templates.  Very convenient for the Requiremens Engineer, but not that nice for the stakeholder.

Inductive: This is mainly theory about writing styles, without going into detail on how to do things better.

Analytic: In this approach, we accept the NLRs, but provide feedback for fixing them.  These have the hightest chance of adaption, because they are the least invasive.  This is also the route of QuARS: Analyze the requirements and provide some feedback on how to improve them.

The biggest catch (in my opinion) is that many analyses require well-maintained dictionaries to be effective.  I wanted to try the tool out, but they didn’t provide a download link (or information about a commercial version, for that matter).  I wrote them an email, if I get an answer, I’ll update here.

Fluents: Events or Ticks?

Imagine you have a system that can have a number of states, and "events" for state transitions.  Fluents are then the constructs that help to reason about state transitions.

Here is an example inspired by [Queins et. al. 2000] that got picked up by [Letier 2005]: Assume that you have the task of building a light controller.  By pushing a button, light is turned out and will switch off after some time.  pushing the button when the light is on will reset the timer.

In this example, we may have the state variables light ∈ {on, off} and timer ∈ {0..n}.  For now, the timer simply counts ticks.  To set these state variables, we may have the events "pushButton", "switchOn", "switchOff", and "tick".

A Fluent is a proposition defined by a pair of sets of events.  Events from the first set the fluent to true, the second to false, e.g.:

fluent LightOn = <switchOn, switchOff>

We can use the Fluent in  temporal logic (e.g. LTL):

â—» (pushButton X LightOn)

The box means "always", and X means "next". So the above means "When pushing the button, next the fluent LightOn must be true".

Quite a bit is fishy here.  For instance, what exactly does "next" mean?  This is where Letier’s contribution comes from: it could be the next event (which he calls asynchronous) or the next tick (which he calls synchronous).  Also check out how restrictive the statement is in the asqnchronous case: It is not allowed to insert any events after pushButton, which would make refinement through stuttering impossible.