Subscribe: Some Simple Thoughts
http://eddiedebear.blogspot.com/atom.xml
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
color csharpcode  color  csharpcode  it’s  i’m  i’ve  microsoft  music  net  new  phone  time  windows phone  windows 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Some Simple Thoughts

Some Simple Thoughts





Updated: 2015-09-17T16:04:29.690+10:00

 



Facebook, Oculus. Why not?

2014-03-28T10:59:12.920+11:00

I've seen so many articles speculating about why Facebook would want to by Oculus. Theories about different ways to delivery Facebook feeds, through to Facebook wanting to compete in the gaming market.

I've come to the conclusion that it's probably a lot more fundamental than this. It's about Ads.

Facebook is an Advertising company, it's how they make their money. Oculus are working on creating a highly immersive environment that can be used for games, research, manufacturing, you name it. Now imagine having ads in this highly immersive environment. Full field of vision, no distractions. Just you and an Ad, pretty much a captive market.

This might seem a little over the top, but just imagine waiting for a game or other VR app to load, and having a nice big Ad beamed right into your head. Surely it's the holy grail for ad delivery.

I could be wrong on this, they may just be looking at having ads inside games, like other companies have been working on for years. But just the simple fact that this is a fully immersive environment, the value of the ads would have to be much higher that what they can currently get.

Makes perfect sense to me.



WPF and COM

2013-07-04T15:23:51.029+10:00

I’ve been working on a migration of code from VB5 to .Net. Due to the size of the project, I’ve been slowly migrating functionality over and using COM interop to call the new code from the old VB5 code base.

One little gotcha that I’ve stumbled across access to the Application.Current instance for the AppDomain. When called from VB5, Application.Current is null, and it’s read-only. Oh no!!

After a few minutes of play, it seems the fix is very simple.

if (Application.Current == null)
{
    Application newApplication = new Application();
}



That’s it. Just create a new Application instance, and the Singleton Application.Current is now referencing the newly created application.


* Yes, VB5 apps still exist in the wild.




2 Clicks to Shutdown!

2013-06-26T11:23:16.856+10:00

The web is full of reviews from the new wave of 'Blue' coming out of Microsoft. Most articles seem to focus on the return of the start button. A fair number of these articles talk about how good it is that you can now shutdown your computer with 2 clicks of the mouse using the new start button. That's amazing. Two clicks!

Now, I'm starting to think I've been doing it wrong, as right now in Windows 8, I just press the power button once, with one finger. That was it, just one button, one finger, one click.  Clearly two clicks of the mouse is going to be so much easier... I can't wait!




Resistance is Futile

2013-06-17T15:34:23.851+10:00

Well, maybe that’s a little over the top, but it’s an absolute waste of time.

Before reading below, I need to make it clear that I use Windows 8 without any tweaks, I use Visual Studio 2012 with just a few small add-ins (that add features to improve productivity), and in general just stick with the defaults for most things.

Now, to my point.

I’ve been watching a thread in a mailing list recently, talking about how to change Visual Studio 2012 back to the style of Visual Studio 2010. It’s a series of tweaks, add-ins, and ancient Indian rain dances, and once complete, Visual Studio will kinda look a bit like the older version, but not quite.

I’ve seen this same thinking over and over with people trying to revert Windows 8 (Start to Desktop, Start Button) back to the old ways and I’ve seen people installing old/unsupported versions of Office to avoid the ribbon.

My question is why? Is it about Productivity? Usability?  These are the two main reasons that people use when justifying these reasons. For me, I just don’t get it.

First I want to look as Productivity… This is the strangest one of all. I’m a keyboard masher, I do everything I possibly can to reduce the amount of time my hand is resting on the mouse. I’ve been in the Microsoft eco system for a very long time, and despite the fact that everything is graphical, a vast majority of the tools I use fully support keyboards. By this, I mean I can do everything I need to, quicker with just a keyboard. This applies mainly to Visual Studio and Windows. Productivity in Windows 8, despite the strange dual personalities, is on par if not better than Windows 7. The keyboard shortcuts I used still work, or there are now quicker ways to do things.

Visual Studio is the same. I type, I mash the keyboard, I press shortcuts. I tend to focus my attention on the code I’m writing, not on the upper case menus, the lack of colour that was supposedly taking my attention, or the strange flat icons.

This is really what productivity is about, it’s about being able to do your job, it’s about a tool not interfering with your work, it’s about a tool that automates every day tasks. Both Windows 8 and Visual Studio 2012 do this.

Then there is usability. Once again, I’m a keyboard masher, I’m not an icon hunter, and I’m even less of a menu monkey. Visual Studio introduced a feature called Quick Launch. Press Control + Q and type what your looking for. Visual Studio does the rest. That’s very usable (and productive).

Windows 8 is much the same. Just type what your looking for, right from the start screen. Yep, just type. No scrolling, touching screens, or strange gestures. If your on the desktop, just press the windows key then type. It doesn’t get any easier than that.

I’m sure you’ve all noticed that I left out office. The fact is that I’m now on the third version of office with the Ribbon toolbar. I can’t remember much about using older versions that didn’t have it. The only thing I do remember was searching through menus, clicking on tabbed windows trying to find something, only to realise I was in the wrong screen and having to look for another menu option that may be right. Now, I just click a tab or two on the ribbon and normally find what I’m after pretty quickly. Having said that, most of my work in office is typing content. The way you type content hasn’t changed a single bit. It’s still mashing a keyboard.

I know this has been a lot of rambling, but I think it’s safe to say I just don’t get the resistance to these newer products. Yes, they look different, and yes, they come with some downsides, but without any wasted time looking for ways to resist the change, I’m more productive now than ever before. That’s a win.




I’m missing you already Windows 8..

2012-11-02T12:13:39.957+11:00

That’s my thought for the day.. As I’m busy working away on both Windows XP and Windows 7, I’m finding that I really miss some of the little things in Windows 8.

For those who know me, I’m a news junky.. I think I’m addicted to news, regardless of what it is, I just have to know, and know now. It’s one of the main reasons I have a Windows Phone, and the biggest reason I jumped head first into Windows 8. Instead of having to open apps/web sites, I now just rely entirely on live tiles. “Hey look, there are some unread articles”..

The other killer for me, is the ease of navigation around windows 8 with the keyboard. Yes, I know, lots of reviews will have you think that Windows 8 is touch only, but put simply, I find I now spend a lot less time reaching for the mouse than ever.




Tasks in Silverlight…

2011-09-02T09:41:55.377+10:00

Yep, the RC for Silverlight 5 now supports Tasks. You can do your own parallel processing in Silverlight 5 now.

Oh, and here are some of the other features:

  • P/Invoke (Native function calls)
  • 64 Bit
  • Vector Printing
  • Remote Control and Media Command Support (I have no idea what this is.. time to do some reading)
  • DataContextChanged Event
  • In-Browser Trusted Applications
  • PivotViewer Control
  • Power Awareness

All in all, some cool features seem to be coming..

More reading is here

Enjoy.




OMG It’s the Ribbon!!

2011-08-30T09:05:03.327+10:00

That’s what I’ve woken up to today. The web is ablaze about Microsoft’s decision to put the ribbon into Explorer in Windows 8. Everybody seems to be an expert about the ribbon, and the critics are all busy bagging it out. Exhibit A

Now, a lot of people may well be correct when they talk about the ribbon taking up extra room, and showing items that normally are not used. But I take a very different view on the ribbon.

In file explorer, 95% of what I do is hidden in the right mouse click context menu, or it’s done with shortcut keys. nice… But in this new world of touch screens, how does this work? I can’t just right mouse click or press Control + N as I no longer have a keyboard or mouse…

The ribbon provides common ground within the OS, allowing all form factors to perform the same tasks using the same mechanism. Is this a bad thing?

I think my only concern is to do with the one size fits all. Microsoft’s previous incarnations of Windows Mobile all tried to turn Mobile phones into computers.. It didn’t work. Finally they came out with Windows Phone 7, the phone OS that’s not a computer. Are Microsoft about to come undone in the same way with tablets? Are they trying to hard to force a PC based OS onto a tablet. I hope not.

If you have any thoughts, great opinions etc, drop me a line, I’d love to hear from you.

Ed.




Pure Speculation

2011-06-03T10:08:15.501+10:00

I’ve had a night to kick back and mull over the whole Windows 8 live tiles HTML 5/JavaScript thing. The more and more I think about this, the more interested I get in it. I need to clarify again that this is all speculation, based on a single presentation which lacked any information about technical aspects, but based on current implementations of various technologies we can come up with some fun speculation.

HTML, JavaScript and .Net are all interpreted. That’s probably the key thing about this whole argument that I find the most interesting. HTML and JavaScript have had a lot of love from the IE team, and more recently from within the Windows Team.

From various sources around the web, we’ve heard about Native HTML, and even the effort being put into a faster JavaScript engine. It’s the “Our JavaScript Engine is fastest” trend in the industry at the moment that’s driving a lot of this. Not so much the adoption within windows, but more the fact that Microsoft have a fast JS engine.

Just like JavaScript and HTML, .Net is interpreted at runtime. All .Net code is compiled down to IL, which is then JIT compiled on the fly. This isn’t a bad thing. What is a bad thing, is the current load time for .Net. The load time is still a pain for managed developers, and in fact, IE can now load and render a web site faster than even the most simple .Net apps can load. This isn’t a good thing.

So, we have 2 different technologies, one is lightning quick to load, while the other isn’t.

From here, we need to look at yet another trend in the industry, the “I want it now” trend. People expect PCs/devices to be running and usable in seconds, not minutes, and the Windows Team are busy playing this same game. This is pure speculation, but I suspect that by focusing only on HTML5 and JavaScript, they can have a “Start Screen” loaded and responsive well before the rest of the OS has time to finish spinning up services, pre-caching apps and all the other nice to have features used on desktop machines.

It’s this desire for a fast start up time that hurts .Net. Spinning up the .Net runtime is expensive at the best of times, and adding that cost to the start up time for Windows is expensive.

So, I would hazard a guess that this is the decision that the Windows Team were stuck with.

Now for my grumpy .Net Rant… It’s been the Windows Team that have done nothing for years to help the world of .Net performance, so in effect, this whole situation is probably of their own making. Had they put in some effort to help out, we may be in a completely different position today.

Now after this little rant, I’d like to say that I still hold out hope that yesterdays presentation was just a little poorly thought out, and the .Net is going to be treated like a first class citizen within the new tablet interface.




First thoughts on Windows 8

2011-06-02T14:07:27.030+10:00

I love it.. It’s different, vibrant and looks like it may be a massive winner on touch/portable devices. This is the exact area that Microsoft have been struggling in.. That would make this a Win++

Unfortunately, I have some massive issues that come to mind straight away.. I’ll do my best to explain, but while I do, please remember that I’m a desktop jockey, I’ve working in WinForms, WPF and Silverlight since .Net was first released.

Desktop Machines and Monitors

I work on PCs, I play serious PC games. Both my work machine and home machines have multiple/large monitors, and I always have a bucket load of apps running at any given time. Visual Studio can easily consume 2 screens, while a third hosts a browser, email, whatever. That’s three screens of content that’s needed at a given time.

From the initial view of Windows 8 (and yes, it’s still very early days), it seems to focus around a single application running in full screen mode. Multitasking is done via hiding the other programs, or even snapping 2 programs into onto a single screen. I’d like to see how this strategy works across multiple monitors, for what I consider “power” users.

The other thing I’d like to add to this is “Large” screens. I use where possible, the largest screens I can get my hands on at a decent price. 24” monitors are now cheap and plentiful. 24” touch screens are virtually non-existent.. The new UI, while it can be navigated with a mouse, looks to be way more fun and focused on touch. I’m really hoping MS know something about the future of touch screens and availability that isn’t currently available.

I’m not going to bother with the whole ergonomics of touch screens on desktops..

HTML5 and Javascript

The strategy is good.. Lets let all the little script kiddies to write apps for Windows… The more people we have the better.. Right??

It’s an interesting strategy, but one that I’m really hoping the guys in the windows team have thought long and hard about. As I noted about, I’m a desktop jockey. I write and support some apps that are just not suitable for the web.

I understand that “Windows” still exists under all the pretty tiles etc, but will this new interface be accessible to some of the existing desktop tools? It’s been no secret that WPF isn’t getting any love, and Silverlight’s life is being heavily evaluated. Am I about to be put into a position where I choose between becoming a HTML5/Javascript kiddie or going back to the dark ages and working with C++… I really hope now.

Windows Phone

This somewhat goes back to the whole HTML5/Javascript thing above. Right now, I have a nice, shiny HTC Mozart. It’s powered by Windows Phone 7. Apps on my phone are written in managed code, using Silverlight or XNA. Basically, apps are powerful, can do lots of things, and are very easy to write. What my phone can’t do is run apps written in HTML5 natively. Personally, I don’t have a problem with that, but why then, does my powerful desktop machine now have to run apps written by script kiddies, while it can’t run the same thing my phone can?

The rest.

Clearly, some of what I’ve written is quite possibly over the top. I hope that some managed languages continue to be supported as first class citizens in Windows 8, and that MS have their schiznitz together in the desktop department. I hope that Windows 8 isn’t so focused on winning ground in the tablet market that it completely abandons heavy desktop users.

As with most things like this, it’s still very early days. These are my first reactions (and appear to be the same as thousands of others based on my twitter feeds), and I can only hope that MS have a lot more information to announce over the coming months.




Really

2011-04-05T15:15:06.154+10:00

I’ve just been having a conversation with a college, and something very interesting popped up. It’s something that has been hinted at a bit through a few channels of late, but wasn’t until this conversation that I actually realised how bad it’s been.

The conversation was about Windows Phones. I have a HTC Mozart, which I flashed all around the office when I got it. The problem is, that nobody else around here has heard much about Windows Phone 7. Nada, not a peep. Now, being in the Microsoft space, I get bombarded with advertisement for all things Microsoft, but the conversation I had delved deeper into Microsoft Technology. We talked about Windows 7, IE9, Live Essentials, Security Essentials, Windows Phone, Silverlight etc but everything came back to the same “Really”.. The person I was talking to has not seen (or remembered) the smallest bit of advertising related to ANY of the newest things coming out of Microsoft.. Nothing, nada, zilch..

This person doesn’t hide in a closet, he’s out playing with Android Phones, Linux, anything that you can possibly imagine a geek playing with. Despite his love for tech, none of the Microsoft Advertising has made it his way… He’s seen Apple advertising, he’s seen ads on TV for Android based phones, Junk Mail with full pages dedicated to android etc.. But where is the Microsoft Advertising.

Microsoft have really turned the corner with the last wave of releases, their software if looking nicer, working better, and all round just awesome. Yet despite this, Microsoft just haven’t had a chance to capitalise. Being good is one thing, but you also have to make sure everybody knows it..

I think this is part of what’s killing technology such as Silverlight and WPF.. Microsoft just aren’t pushing them… With a small bit more work, they can become very compelling products, but what they really need is more advertising dollars thrown at them.




Microsoft failing with Windows Mobile 7 in Australia

2011-03-18T09:49:36.145+11:00

Today Microsoft announced MSN Onit, “The essential guy’s guide” for windows phone 7. I thought I’d take a peek, because, you know, I like guys things (including my blue crocodile skin shoes)..

The reviews looked good, I found it in the Marketplace using Zune then *bam*… There is no download button.. It seems that Microsoft (or MSN) has decided that this application should be locked down to only the US and a few other regions.

I understand that there are issues relating to copy write, licensing and all sorts of other legal nasties that can pop up when working across multiple regions, but it seems to me that Microsoft are happy to release everything to the US market without any thought of other markets. This is further evident with the lack of music available in Zune Marketplace.

It this something we should be blaming on Microsoft as a whole? Or is it something that the Australian branch of Microsoft has just been unable to work on. My bet is that it’s a combination of both. Unfortunately the result is that Windows Mobile users in Australia continue to have a broken user experience (don’t get me started on location based searching) when using Windows Mobiles. I really hope the Microsoft is working hard on getting these things fixed, particularly with the major update for the platform later this year that really targets business users. Right now there is no way I can recommend a Windows Mobile as a business platform with this lack of support outside of the US.

Ed.




Where is it?

2011-02-23T09:41:24.859+11:00

Where’s my phone update.. I want it now..

Ok, let me slow down a little.. I have a HTC Mozart, I love this phone. It does everything I need it to do (though copy/paste would be useful because I’m to lazy to write down the occasional phone number).. Microsoft are in the process of rolling out a small update to improve the update process before they release the much anticipated NoDo update..

So, the update updates the updater and does nothing else for me… So why do I want it so badly..

/sigh




Technical Debt

2011-02-16T10:56:02.219+11:00

We’ve all head this phrase before, we all know it exists, but yet it always seems to be the one thing that all projects carry around. Technical Debt tends to be more apparent in larger, longer running projects but I think it tends to stem from 2 main sources.

Change

As projects continue, more often than not you’ll find that the original assumptions made at the start of a project turn out to be incorrect, or that the system was designed with set requirements in mind but may not suit requirements that will pop up in the future.

The other thing that adds to “change” are phased project implementations. It’s implementing a core system that will have future features implemented.

Technology

Technology is the other key to technical debt. I know that the software I write now is massively different to the software I wrote 3-4 years ago. Dependency Injection, Linq, Entity Framework, Unit Testing, Mock Frameworks, Continual Integration, the list just goes on. The problem is that retrofitting some of these new technologies that can help to make your development efforts more productive, more testable and everything else costs time and money.

In addition to this, larger technology shifts like Windows Forms –> WPF/Silverlight are often not feasible.

Mitigation

I’ve read a lot of articles about how to reduce the risk of technical debt, and a lot of it is focused around Agile. “Embrace Change”. Well, this is all well and good, but there are still issues with this. The assumption is that the system(s) were developed in the first place with a full suit of unit test, encapsulation and everything else you can imagine to reduce the risk of change. The simple fact is that this very rarely happens.

The other end of this is the cost. Any project that will help to reduce technical debt needs to factor this work in, and unfortunately, it’s one of the first things dropped from a project because of time/cost constraints. Businesses just don’t care about it, as long as the application continues to run.

So, my question is, how else can you deal with Technical Debt in a way that has little cost on business?




Plan B?

2011-02-16T10:05:07.593+11:00

I was just made aware of an open letter from a few “young” Nokia Shareholders who seem to be a little less than happy with the latest happenings at Nokia. While reading the open letter, all I could do was laugh.

My thoughts on the new strategy are fairly straight forward.. Nokia’s brand is declining and they have a large amount of money being sunk into two different smart phone operating systems. If Nokia don’t do something soon, they will start loosing money at a massive rate. The cost of bringing Symbian up to scratch is going to be huge which leaves them with Meego.

The problem with MeeGo is that there is no app or developer eco system for it, which will mean that if/when the OS is ready, they will be on the back foot fighting for developers. The time lag between releasing the OS and phones running it is likely to be long, and the whole time Nokia will be losing more Market share and shrinking any money they have left in the bank.

Taking up another OS may not be an ideal solution for a company that has always stood on it’s own, but it is a strategy that can be executed quickly and can ensure the brand continues in the short term. This is the only reason (in my opinion) why Nokia are moving to an existing Smartphone OS. It’s about turning the company around quickly, with the biggest profit margin possible to allow them the freedom to execute a longer term strategy to differentiate themselves from the market.

Plan B in my option, would be the ultimate mistake for a company that’s lost it’s way, and would only speed up the decline of the once leader in the mobile space.




IE9, Windows Phone and More

2011-02-15T11:44:07.132+11:00

What an exciting time.. Unless you’ve been living under a rock, you’d know that I’m a heavy user of Microsoft Technology, it’s part of my job, it pays the bills and all that other stuff. Sometimes, working with Microsoft Technologies can be painful. I have had several older windows mobiles, and cursed nearly every day, I’ve worked in office environments where IE6 was the standard, and cursed at older versions of SQL Server. You name it, I’ve played with it.

But lately, I’ve been really excited about the software coming out of Microsoft, and the announcements from the last week are no exception.

IE9

Last week, the IE9 RC was released. I’ve been using the Beta since it was released, but the RC just blew me away. It’s performance was impressive, leaving the beta looking like panda bear on pot. The hardware rendering is awesome, start up time quick,and in general just feels extremely responsive.

This has all been achieved by:

  • A new Java Script engine
  • Hardware accelerated rendering through via GPU
  • Running the Java Script engine in process (no more COM interop)
  • Multi-threaded support
  • Reduced Memory usage.

The biggest punch with this release is the new Anti-Tracking protection. This is something that had been hinted at but nothing had been shown until the RC.

Usability has also had a big working over in the RC thanks to lots of feedback from the beta. Tabs are now by default next to the address/search bar, but can be moved to sit under the bar like they were in previous versions.

I think Microsoft are on a winner with this, and I hope they keep this sort of innovation up for future versions of IE.

Windows Phone

The first update for Windows Phone should be out in the next few weeks (March??), and this brings with it a few small updates related to 3rd party app performance and copy paste. Both of these features are nice, but not killer inclusions.

What IS exciting, is the talk about the first Major update which should ship this year. The update is now looking like it will include IE9 (sure, trimmed a little for mobiles) with the same rendering capabilities of the desktop counterpart. And by “same”, Microsoft are even talking hardware accelerate via the phones GPU!!! This I can’t wait to see.

The other big part of the announcement is the support for running apps in the background. Yes, I know, other mobile platforms have this, even the old windows mobile had this.. But it’s still big news for WinPho7..

Last but not least is the feature that I think is going to increase the uptake the most (besides the Nokia announcement) is the integration of Sky Drive. Right now, office documents are stuck on your phone (unless you have SharePoint), but being able to load/save documents in the cloud is a HUGE update, and one that was sorely missing. This one feature is probably the biggest inhibiter of businesses picking up these new phones.

And then..

There are lots of other bits happening as well, like Win 7 SP1, NuGet, the fast approaching VS SP1 and lots of other projects that have been popping up around the place.

I think in general, Microsoft has really turned a corner and seem to be shipping quality software again with fairly regular releases.

I think it’s a great time to be involved in the MS Tech space.




Windows Phone on Nokia

2011-02-12T09:23:49.211+11:00

It seems that the rumours were all correct, Nokia and Microsoft have announced (finally) that Nokia will be dropping the Symbian OS that has been their staple platform for over a decade in favour of Windows Mobile 7.

With Nokia’s declining market share at the cost of both iOS (iPhone) and Android, Nokia really needed to do something and quick. I believe there were 3 options that Nokia could of taken:

  • Upgrade Symbian
  • Android
  • Windows Mobile

Upgrading Symbian as far as I’m concerned was the least optimal solution. The cost of bringing Symbian up to scratch (Modernisation) would cost a large amount of money, and leave Nokia in the phone OS Market. By dropping Symbian, Nokia now has the ability to cut the fat from their business and focus on more innovating hardware.

Both Android and Windows Mobile could have been options, particularly when you look deeper into the announcement. This isn’t just about the phone OS, it’s also about the eco system including Maps, Advertising and Search.

The other part of the announcement is what I believe the real clincher for Nokia was. By dropping it’s focus on the Mobile OS, it allows Nokia to continue working on areas where it still leads the market. That is innovative hardware and it’s market lead in mobile imaging.

I believe that this move is going to be huge for both Nokia and Microsoft in the long term, but unfortunately the announcement has already been met with a log of negativity, including Nokia’s Developers staging a walkout, and compounding Nokia’s problems with a falling share price.

Personally, I’m excited, and can’t wait to see where this new partnership heads.




Geek Rage

2011-02-11T10:50:14.101+11:00

I thought I’d give it a few days to let the dust settle before I threw my opinion out into the world about Red Gate’s recent announcement about charging a fee for .Net Reflector.

This tool has been effectively free for a long period of time, from way back when Lutz Roeder first created it, right through the purchase by Red Gate. Not long after the initial purchase, Red Gate broke the product into two versions which were Free and Pro. As you can imagine, one was free and the other not.

This next part is purely speculation, but I suspect that Red Gate have not made very much money from the Pro Version because the Free version was adequate for most people. I mean, lets face it.. I don’t actually NEED .Net Reflector. It’s just a nice to have tool.

This brings me to the point of my post.. Red Gate are a commercial company. No commercial company is in the market to not make money. Even those big and nasty open source companies are in the business of making money, but they work by generating revenue through services.

But it’s $35 dollars.. Yep, the free version is now $35 dollars. I don’t know about you guys, but I spend more money than that on Coffee each week.. It’s also not even close to amount of money that most .Net Developers spend on tools like ReSharper ($199 for a personal license) or many of the third party control libraries out there.

I don’t think $35 dollars is a lot to ask for to ensure that a tool used by a large amount of the community continues to be maintained for future versions of .Net, and I think Red Gate have the right to do this.

That’s my though on the issue, and I know that if/when I need to use reflector again, I’ll happily suck it up and spend my $35 dollars (Tax deductable of course) .




Windows XP, Powershell and Deployment

2010-12-22T14:04:39.486+11:00

 

Anybody who has read my blog would understand some of my frustration with running in environments with out-dated operating systems. Well, this post is another in a series of mini-rants about how new technology running on old platforms, mixed with half-hearted implementations has again contributed to sub-optimal solutions.

I’m currently running Windows Powershell 2.0 on a Windows XP machine. A large majority of servers are still running 2003 Server. This “antiquated” environment outright rules out the use of powershell remoting for updating servers during deployment.

This shouldn’t be a problem, as powershell comes with very useful, built in commandlets that allow you to interrogate processes on remote machines, connect drives and do a lot of other really fun things. Once again, this is where my environment comes into play. Production Web Infrastructure doesn’t use our internal Active Directory for Authentication. This decision was made many years ago for security reasons. The result of this is that we need to pass credentials to both Get-Process and New-PSDrive to allow retrieval of processes and to map network drives. Lets look at each of these commands.

Get-Process

A quick look at this command (get-help get-process –full), reveals that it doesn’t allow input of credentials. The only way to use this command is to be pre-authenticated with the target machine, and have the correct permissions.

NEW-PSDRIVE

This command seems to be a little better, it actually has a parameter for credentials. This surely must be a winner.. Right??

It turns out, that the parameters are just passed through to the provider specified using the PSProvider parameter. Unfortunately the FileSystem provider completely ignores the this parameter, resulting in this commandlet completely useless for our environment again.

Where does that leave us?

It leaves me using Powershell, mixed with WMI and Windows Scripting for something that should have been very easy to implement.

I’m sure that this usage scenario isn’t particularly obscure, and hope that future iterations of powershell clean up some of the loose ends around being able to provide credentials to commands instead of assuming that the current user has access to all network resources.




Clearly ahead of my time

2010-11-09T12:55:14.876+11:00

Yesterday I put up a post about Validating user input. Today, news that the British Navy has been hit with a SQL Injection Attack.

I have a very simple question about this.. Why is this sort of thing still happening? Not only are we talking about an attack that is very simple to defend about, but we are also talking about a Military Organisation. I’m sure that most countries have invested large amount of money into Cyber Security etc, but yet they are still failing at implementing simple security measures.

Here are a list of possible ways to have picked up this BEFORE it became an issue:

  • Code Reviews. Easy, internal and should be done by a person who knows about these sort of things
  • External Code Reviews. If you don’t have in-house expertise, there are plenty of companies out there who can help
  • Application Security Testing. Get an external company to try and break into the system.

There are many other ways, but these in conjunction with better education would go a long way to ensuring these types of attacks are a thing of the past.




There is just no excuse for….

2010-11-08T16:54:29.058+11:00

not sanitising and validating your user inputs. These two items are the most important aspects of writing a stable and secure system.

Not only do I think that Sanitising and Validating is important, I also believe that it must be done in that exact order.

Here is a quick example of what can go wrong:

Imagine you have a web application used to sign up users. The only mandatory field is Username, and it must be a minimum of 10 characters in length. This is a very easy check, but developers will quite often perform a trim on data going into a database. What happens when you validate for length but then have your code remove 1, 2 or maybe even 10 characters?  The worst case here is that the string full of spaces pass validation then your code removes all 10 characters from the username, resulting in an attempt to insert a null into the database. From here, hilarity will ensue, with either a database constraint exception or random null reference exceptions down the track when you try to use the data for something useful.

This is a very basic example of what can go wrong when you either don’t sanitise, don’t validate or you get the two around in the wrong order.

We apps in particular are still a very popular target for malicious users, using SQL injection attacks, delayed injection attacks or any other method you can possibly think of.

So please, do the right thing, Sanities then Validate ALL your data.




My HTC Mozart

2010-11-08T14:18:38.412+11:00

Well, I’ve now had my HTC Mozart for a little over 2 weeks, and I felt it was time I put up a few of my thoughts. I’ll start off with a simple statement. I LOVE this phone and I LOVE Metro. What I like Metro. Texting. Emails. Live Integration. It’s all so seamless, intuitive and easy to use. Admittedly, I’ve come over from WinMo6.1, so a lot of people are going to scoff at this, but I really like the speech balloon approach to text message conversations. Keeping up to date with emails on this phone are a joy. I’ve pinned 2 of my email accounts to the main screen, and I can easily see when I have emails and how many. Reading emails is clean, easy and efficient. This is the first phone I’ve had where I actually question the need to use a desktop machine for emails. This is a good thing. My previous phone was with 3, and the handset had serious issues when roaming (reboots, dropouts, crashes).. This was a killer for me. My Mozart on Telstra? It’s awesome. I get coverage everywhere I’d expect it. I travel between Canberra and Cooma regularly, and with this phone I get coverage most of the way. This is just awesome. Yes, I know this is more about the network, but at least when I roam it doesn’t reboot. I have even grabbed the official twitter client, this app looks and feels like it belongs, while steel having the typical styling of twitter. It’s clean and easy to use. I’ve started using this for the majority of my twittering. What I don’t like As with previous version of WinMo and desktop Windows, a lot of manufacturers installed a lot of CrapWare. With WinMo 7, Microsoft limited the number of third party apps that could come pre-installed on these devices. This is a great idea. And the third party apps that came with my phone (Thanks HTC and Telstra) are perfect examples of why these sort of applications shouldn’t be pre-installed. I’ll start with the Telstra hub, because I have mixed feelings about this. I really like the weather view on this. The overall feel of the hub is alright, except for 2 grips. The first of these is it’s slow.. There is a lot going on in this tab, and sometimes it’s just not responsive for 2-3 seconds. This isn’t good. My other gripe with the Telstra hub is “My Places”.. Is this the best you could do Telstra? Have a few buttons that just pre-launch a web URL? It kinda takes away from the whole experience. Fix these two things, and the Telstra hub could be my new best friend. And then there is the HTC Hub..  Seriously HTC… Did you guys think about trying to fit into the Metro style? I think now. This looks/feels just like typical HTC I know better type of UI. It looks like it belongs on the front screen of an Android or WinMo6.5 phone. This isn’t Metro. All this screen does is provides Time/Weather information and links to other (reasonably useless) applications. If you can’t take this sort of thing seriously, then stay off my phone. You guys make great hardware, but I think you need to stay out of the phone software business. What I’m “Meh” About I’m still not impressed about the lack of a Music Marketplace for the phone. I understand that this isn’t just a Microsoft issue, but I do think that if Microsoft had been a little more organised, and maybe even been a little more aggressive then we would probably have a download service by now. The reason this is only “Meh” and not a “Don’t Like” is because I already have a large music collection and I already used the Zune desktop cli[...]



More on Open Music Platform

2010-09-23T09:19:49.790+10:00

Ok, so I’m sure some people have read my post yesterday about the market speak coming from Microsoft about the state of Zune Marketplace in Australia. I thought I should probably take some time out to explain my thoughts/feelings a little better. Open Music Platform I think the idea of having DRM free music, being able to share your music between devices regardless of where it came from is very important. I have a very large collection of completely LEGAL music that I want on my mobile devices. From an adoption point of view, being able to sync a Windows Mobile 7 device with music you purchased from iTunes is great, and I wouldn’t expect anything less. The State of Music In Australia In Australia, we have very limited ways to get downloadable music. We have iTunes, Bigpond Music if your a Bigpond user and that’s about it. There are a number of online music stores online, but due to licensing restrictions they can’t sell us music in Australia. Sure, we can trick them by using US Proxies, Paying with US credit cards etc, but the point is that it’s actually against the Terms and Agreements and probably illegal. Marketing Speak The post I pointed to from Dave Glover didn’t do anything to clarify the original point that Zune Marketplace doesn’t allow Music Downloads within Australia. He went on to point out how we could use existing music we owned, get music from other sources, and all the Video content we could get. But I go back to the point that he didn’t address the original issue of not being able to buy music through Zune Marketplace which can be enjoyed in the US and Europe. Usage Scenarios Lets look at the major competition from an Entertainment point of view. You know who I’m talking about, Apple and their iPhone and iPad. iOwners can use one tool to download new music and sync with their devices. It’s easy to use and just works. This is a simple scenario that won’t be available to Windows Phone 7 owners in Australia. iPhones and iPads can natively access iTunes through wireless internet access. If you want new music and you have signal then it’s available. Again, this won’t be available to Windows Phone 7 owners in Australia. Why is this happening There are only 2 possible reasons I can imagine that would prevent Australian Windows Phone 7 owners from accessing online music. MPAA or some other Music Industry representatives cannot come to an agreement with Microsoft. I actually find this unlikely due to the fact that Apple managed to get some sort of agreement in place. Microsoft View the potential market in Australia to be too small, and therefore won’t invest the time and money into getting an agreement and systems in place. My Criticism My issue with this whole thing is the Marketing crap that comes out of Microsoft about this issue. It is an issue that will affect the uptake of the phone. In addition to this, I did take the time out to reply to Dave Glover yesterday through the comments on his post. I think the worst thing I said in the post was “contempt”, in the context of the way they (Microsoft) can’t be honest about what’s going on. But it seems my comment didn’t make it through moderation process. What I’d Like to See This is really simple. I’d like to see Microsoft publicly acknowledge this as an issue and at least explain why we can get Video on our phones (I don’t care for this) but won’t be able to get music (I care about this). Possibly even detail what they[...]



An “Open Music Platform”

2010-09-22T15:15:56.821+10:00

Sorry, that just sounds like marketing speak for “We are not going to provide music downloads for you”.

What am I talking about? Read this.

One of the things that has made iAnythings so popular is iTunes. It’s a one stop shop for Apps, Videos AND MUSIC. The iWantItNow generation don’t go to the music shop to buy CDs, take it home, rip it (is that even legal?) and then sync to their iDevice. Nope, they login to iTunes, download it and sync. 5 Minutes max to get the music they want.

With Windows Phone 7, we will have a useful tool called Zune. This works with the Zune marketplace and in the US, most of Europe and a whole heap of other countries, it will be the perfect replacement for iTunes. In Australia, we can only download Videos, not Music. In fact, in Australia we can’t use most online music stores due to the fact that we are not in the United States..

The answer is actually pretty simple.. Buy your music through iTunes then use the Zune software to sync with your phone.. But this isn’t as easy as it should be. Another option is to trick Zune into thinking your in the US, but that’s just not right is it..

Anyway, please don’t treat people in Australia with such contempt by telling us about Open Music Platforms. That’s just a nice way of saying “You don’t get it, suck it up”.




ASP.Net Crypto Attack

2010-09-20T10:34:11.819+10:00

Well, unless you’ve been living under a rock for the last week you are probably now aware of the Crypto attack that is in the wild and targets ASP.Net applications. This attack is raising many of the same issues that we see regularly in the industry with SQL Injection Attacks. Wait, what?? Yes, this is another of those situations where Developers and Administrators have been lazy. Yes, it is a Vulnerability and it needs to be fixed, but it’s also become a massive issue because a large number of ASP.Net applications don’t handle errors correctly. The recommended workaround (from the MS Security Advisory) is to simply enable customErrors and redirect to a generic error page. Simple fact is that EVERY ASP.Net app out there should be doing this already. This is one of the many steps to mitigating against attacks on websites including SQL Injection attacks. Returning any information to potentially malicious users is bad. So, let me quickly run through the bare essentials. If your using .Net 3.0 or earlier, add this to your config file: .csharpcode, .csharpcode pre{ font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/}.csharpcode pre { margin: 0em; }.csharpcode .rem { color: #008000; }.csharpcode .kwrd { color: #0000ff; }.csharpcode .str { color: #006080; }.csharpcode .op { color: #0000c0; }.csharpcode .preproc { color: #cc6633; }.csharpcode .asp { background-color: #ffff00; }.csharpcode .html { color: #800000; }.csharpcode .attr { color: #ff0000; }.csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em;}.csharpcode .lnum { color: #606060; }For .Net 3.5 and above .csharpcode, .csharpcode pre{ font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/}.csharpcode pre { margin: 0em; }.csharpcode .rem { color: #008000; }.csharpcode .kwrd { color: #0000ff; }.csharpcode .str { color: #006080; }.csharpcode .op { color: #0000c0; }.csharpcode .preproc { color: #cc6633; }.csharpcode .asp { background-color: #ffff00; }.csharpcode .html { color: #800000; }.csharpcode .attr { color: #ff0000; }.csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em;}.csharpcode .lnum { color: #606060; }.csharpcode, .csharpcode pre{ font-size: small; color: black; font-family: consolas, "Courier New", courier, monospace; background-color: #ffffff; /*white-space: pre;*/}.csharpcode pre { margin: 0em; }.csharpcode .rem { color: #008000; }.csharpcode .kwrd { color: #0000ff; }.csharpcode .str { color: #006080; }.csharpcode .op { color: #0000c0; }.csharpcode .preproc { color: #cc6633; }.csharpcode .asp { background-color: #ffff00; }.csharpcode .html { color: #800000; }.csharpcode .attr { color: #ff0000; }.csharpcode .alt { background-color: #f4f4f4; width: 100%; margin: 0em;}.csharpcode .lnum { color: [...]



Another Sad Day

2010-09-16T10:31:52.107+10:00

Well, today’s the day. The official launch of the IE9 Beta, and it’s made me sad. I’m not sad because of what IE9 is. IE9 looks to be an absolutely awesome browser, much faster than previous version, possibly more secure and a hell of a lot sexier.

I’m sad because like may other people out there, I spend a large amount of time sitting in a Corporate environment that is still sitting years behind. Yep, I’m still on Windows XP. This limits me to IE8, or one of the many other browsers out there.

At home, I’ve already installed IE9 beta, and I have to say that my initial impressions are pretty good.. What can I say, I’m not particularly fussy about my browser, I just want it too work. IE9 Beta seems to fit that so far and has a few features that I’m pretty excited about. Pinning Web Pages and having them almost feel like an extension of the desktop is amazing. It’s just not the sort of amazing that I can experience at work.

I think for now, my Netbook

with wireless internet access is going to be how my web browsing is done from work. It’s just going to be separate from the corporate network.