Greg's Cool [Insert Clever Name] of the Day

Tuesday, March 20, 2012

YOUZ CAN HAS LOLZCDE - Welcome to the LOLCode Parser

On the second Thursday of the month at 5pm, the Rochester, MN .NET User Group meets at Mann Hall. You’re very welcome to join us if you’re in the area.
We often have someone interesting presenting something exciting, but occasionally that doesn’t work out and I’ll present something instead. This is where the LOLCode Parser was born…
First you should try it out here. It’ll ask you to write some LOLCode and optionally give it some inputs to pass in. Let’s start with “Hai World”…
HAI
CAN HAS STDIO?
VISIBLE "HAI WORLD!" N " I SLEEPIN"
KTHXBYE
Paste that and click the “PLZ RUN THE CODE 4 ME” button. This demonstrates the VISIBLE statement and the N concatenation operator.

Let’s step it up a bit and add some conditions (to see this work its magic, you’ll need an input value in the second textbox):
HAI
CAN HAS STDIO?
I HAS A VAR
VISIBLE "GIMMEH INPUTZ!..."
GIMMEH VAR
VISIBLE "U SEZ " N VAR
IZ VAR BIGR THAN 10?
YARLY
BTW this is true
VISIBLE VAR N " IZ BIG NUMBER!"
NOWAI
BTW this is false
VISIBLE VAR N " IZ LITTLE NUMBER!"
KTHX
VISIBLE "I IZ DONE"
KTHXBYE
...
If you’re thinking this isn’t very impressive, you’re right. Still, it does have some cool points:

It’s using a parser generated by TinyPG (awesome tool on CodeProject by Herre Kuijpers).

The LOLCode is being parsed into a LINQ expression tree (similar to this old post, but no DLR and much simpler).

Because it’s an expression tree, it can be compiled and cached on the server. This should run as fast as C#, so your cat will be happy. For this demo, if you don’t change the code between requests it’ll just run the cached, pre-compiled code. Anything in the Inputs box is passed as a parameter.

This isn’t just an expression returning a value; it’s building a full LOLCode program (with conditions, loops etc).

It allows your program to run for up to two seconds; if it overstays its welcome, it will be brutally terminated (putting your cat in an infinite loop is animal cruelty).

You’re unlikely to want LOLCode in your own apps, but some of the ideas could be useful. For example, you could use it to provide a custom scripting language for clients to automate aspects of your apps.
..."

And not only can you try this online, but Chris has made the C# source code available too (click through for a link for that).

I think I'm going to make this the default scripting language for one of my solutions... :|

Okay, only for our bug reporting system. LOL :P

CodeStash - Seeing how the sausage is made (well how a Visual Studio Extension...)

CodeProject - CodeStash - a journey into the dark side of Visual Studio, or how I lost my hair

CodeStash source: http://codestash.codeplex.com/

CodeStash Article Listings

Part 1 : CodeStash web site overview / High Level Architecture / How To Install CodeStash
Part 2 : CodeStash web site Low Level Architecture
Part 3 : (This article) CodeStash addin

I beg your indulgence

This article was originally intended to be launched alongside Sacha's two articles. Unfortunately, due to circumstances beyond his control, Sacha is unable to post his articles tonight. Saying that, I did promise that there would be a posting of CodeStash, so I am uploading this part for those who are interested in how I developed the extension. Once Sacha has uploaded his articles, I will come back and update the section above to link to those articles.

I promised that there would be an announcement, and I will not disappoint. When Sacha and I developed CodeStash, which consists of a website and a Visual Studio extension, there was always the question hanging around about how we were going to host the website. We decided that we would initially offer CodeStash as a self-hosting site in order to gauge how useful people found the idea, and to get feedback on the type of features they would like to see.

Obviously, this is not an ideal situation on something which is intended to be a central repository for code snippets. Well, who should step into the fray to help us and to offer to host CodeStash for us but our very own Chris Maunder, who has kindly offered to host the site for us. To this end, we will be working with the Code Project team to turn CodeStash into a Code Project packaged snippet manager. And we need your help. We need you, the Code Project community, to try out CodeStash. We need your requests and your feedback. We need your enthusiasm and your boundless creativity.

...

What we will cover

In this article, we are going to cover some of the thought processes behind writing a reasonably complex multi-layered Visual Studio extension. We will find out how the commands were put together and how to interact with a well defined REST interface from inside an addin. We will see how we can use MEF to ease the pain of working with shared code, how to interact with internal Visual Studio services and to provide our own property pages.

This article does not teach writing XAML code, or how to use MVVM. We will not be covering how to use Cinch (I would heartily recommend reading Sacha's series on the Cinch framework to get this background). It also does not aim to cover MEF development in great depth, as all these concepts are tangential to the aim of understanding what the CodeStash addin is designed to achieve. CodeStash also makes use of Daniel Grunwald's excellent AvalonEdit control to display snippets, the sheer depth of this control means that I have to recommend reading the original article he wrote to support it; right now I'd just like to say a big thanks to Dan for writing this control and making it freely available.

...

..."

As you can see from the page snap above, this book... err... I mean... article is very indepth and pretty much just awesome. If you're thinking about creating a VS addin, this is a must read.

Get a little more Live... QFE Windows Live Essentials 2011 update released

Aaron's Live Writer Blog - An update for Windows Live Writer–Wave 4 is now available

" While I am no longer working on Windows Live Writer I still talk with that team and today we announced that there is an update to the Windows Live Essentials suite — http://windowsteamblog.com/windows/b/windowsexperience/archive/2012/03/20/update-for-windows-live-essentials-2011-now-available.aspx.

When talking with the Writer team they said they just made QFE level bug fixes and did not add new features to the product. As always I would recommend updating as things should be more stable than what you have today. You can get the new version from http://get.live.com

As an aside working on the Photo Gallery team we did make some improvements when working with web services in that users of flickr, Facebook, or Geo-tagging will enjoy and that should be reason enough to update your build" [GD: Post leached in full]

While the future of WLE is very much up in the air, I'm glad it's not totally dead...

How to compare stored procedures in different databases/servers to confirm they are the same, without third party tools or Diff's?

MS SQL Tips - Verify SQL Server Stored Procedures are the same on multiple servers

Problem

I have a stored procedure I push down to all of my servers that does a custom backup job and I want to make sure all servers have the same stored procedure. Is there some way to check without going to each server and reviewing the stored procedure? Check out this to find out.

Solution

SQL Server doesn’t offer any way for you to control this from within the standard set of tools. What I’ve done is created a procedure to compare one server that we know has the correct stored procedure against one or more other servers we want to check. With this simple procedure and a little SQL Server knowledge we’re able to standardize all our servers and sit back and enjoy a job well done.

...

Comparing Code in sys.objects vs. the OBJECT_DEFINITION and HASHBYTES functions

Another option is to pull the object definition from sys.objects into a variable and compare it with the correct version. This probably isn’t a bad option and when I first started working on this problem that was the method I started with. I wasn’t sure if this accounted for things like white space, tabs, etc. so I looked for another option. I decided on using the OBJECT_DEFINITION function provided by Microsoft to assure I was getting the best results. If you’re not familiar with the OBJECT_DEFINITION function it provides the definition of an object in a standard format. If I had to guess it's probably pulling the definition from sys.objects, but I found no evidence of that in the documentation. Review OBJECT_DEFINITION here.

...

Wrapping it up

There are some points mentioned above, but worth noting here too.

The HashBytes function will not accept enormous sizes; review the Microsoft link for more information but be prepared to do some tweaking.

The multi-server querying ability allows you to switch to a different database, but you'll need to call that in your script too with a "Use myDB" statement.

There is an extremely tiny possibility that two stored procedures will be different, but still result in an "ok" message. The Microsoft article discusses collisions albeit extremely rare.

Next steps

Take a look at the OBJECT_DEFINITION function: Link to Microsoft

Review documentation from Microsoft on HashBytes here: Link to Microsoft

Check out the MSSQLTIPS piece on querying multiple servers at the same time: MSSQLTIPS article

..."

This looks like it could come in handy. I dig the idea of hashing the SP's and then using that hash. So obvious in hindsight (especially since I use this same kind of technique in a bunch of other places... I just never considered using it this way... )

Monday, March 19, 2012

The Free Universal Construction Kit - One kit, infinite connection possibilities? (And another great reason to get a 3D printer?)

Make: - Universal Adapter Set for Construction Toys

"Not a physical product, of course, but a physible one, consisting of almost eighty free 3D models from anonymous designers at the Free Art and Technology collective :

..."

fffff.at - The Free Universal Construction Kit

Ever wanted to connect your Legos and Tinkertoys together? Now you can — and much more. Announcing the Free Universal Construction Kit: a set of adapters for complete interoperability between 10 popular construction toys.

F.A.T. Lab and Sy-Lab are pleased to present the Free Universal Construction Kit: a matrix of nearly 80 adapter bricks that enable complete interoperability between ten* popular children’s construction toys. By allowing any piece to join to any other, the Kit encourages totally new forms of intercourse between otherwise closed systems—enabling radically hybrid constructive play, the creation of previously impossible designs, and ultimately, more creative opportunities for kids. As with other grassroots interoperability remedies, the Free Universal Construction Kit implements proprietary protocols in order to provide a public service unmet—or unmeetable—by corporate interests.

The Free Universal Construction Kit offers adapters between Lego, Duplo, Fischertechnik, Gears! Gears! Gears!, K’Nex, Krinkles (Bristle Blocks), Lincoln Logs, Tinkertoys, Zome, and Zoob. Our adapters can be downloaded from Thingiverse.com and other sharing sites as a set of 3D models in .STL format, suitable for reproduction by personal manufacturing devices like the Makerbot (an inexpensive, open-source 3D printer).

...

Download

The Free Universal Construction Kit 3D models are freely available in .STL format from three locations:

Individual adapters from the Free Universal Construction Kit may be downloaded from Thingiverse.com — the world’s foremost website dedicated to the free sharing and remixing of user-created digital design files.

The complete Free Universal Construction Kit can also be downloaded in its entirety*, as a 29MB .zip archive from the F.A.T. Lab web site, here.

We expect the Kit to be available shortly from The Pirate Bay, as a torrent in TPB’s new "physibles" (physical downloadables) channel.

...

So not only is the 3D printable designs free, but they've even provided a poster too.

Really, I think it's getting close to that time where I really need a 3D printer. I mean, who doesn't need or want this kit? :)

NOTE: Do not turn this project title into an acronym. I was going to use it in the post title, but when actually I saw it, I laughed and moved on..."The FU.." oh... um... yeah. :P

RDPCheck.com - Quick check to see if your system is vulnerable to the recently patched RDP issue

http://rdpcheck.com/

"CRITICAL RDP VULNERABILITY THREATENS PCS & NETWORKS WORLDWIDE.
THE THREAT OF AN THREAT OF RDP WORM LOOMS.

The MS12-020 vulnerability in Remote Desktop Protocol (a.k.a. RDP or Terminal Services) promises to cause some serious havoc... and many won't realise the risk until it is too late. RDPCheck is our humble attempt to make a positive difference to that...

RDPCheck helps individuals and businesses check their PC's and networks for exposure to attacks on the RDP vulnerability by hackers, bots or an RDP worm.
It's easy...

Enter your email address.

Click "Start The Test".

We'll run our test on the IP address you're visiting RDPCheck from. The test is quick, non-invasive, and does not put your PC, network or business at risk. If you need to test other addresses contact us.

Note: For your security we do NOT store your IP address/result combination.

A report will be emailed to you with the results and recommendations for what you should do next.

Ready? Ok.

..."

I won't pile on about the RDP issue patched last week. You've all heard about it, that there's exploits in the wild and know to get your systems patched ASAP, so enough said there. What? You'd like to hear a little more about this?

F-Secure - Joe's Garage (SMB): - Most Likely to be Pwned by RDP

Last week, we advised readers to apply Microsoft update MS12-020 sooner than later. For those of you that have — good work. And if you haven't yet applied the patch — stop delaying.

Ever since MS12-020 was released, there's been a flurry of activity attempting to "weaponize" the Remote Desktop Protocol (RDP) vulnerability. The race to an exploit is on and is in top gear. Lab Analyst Timo Hirvonen is tracking the situation on his Twitter account.

So… just how many computer could be affected by this RDP bug?

Well, researcher Dan Kaminsky scanned the Internet and estimates that there are millions of computers that are exposed. RDP and the Critical Server Attack Surface

What do you need to do?

Lenny Zeltser offers the following advice.

...

It's from the above article that I found RDPCheck.com, and while a simple check and one that won't really help anyone inside of firewalls that aren't redirecting/DMZ'ing that port, I still thought it worth a quick share.

You say you don't care or are not impacted because your systems are all behind firewalls? Well that's just silly because you know that somehow, someway, exploit code will get inside your firewall and then you're systems will be toast. If you use RDP anywhere, patch.

Now go, patch.

"Windows Phone Unleashed" the "mostly west coast free BYOD #WP7dev training tour"

The Sociable Geek - Windows Phone Unleashed

"Want to learn how to build a windows phone application (Become a WP7Dev). Then join us for the Windows Phone Unleashed Series. The content was created by Daniel Egan (me) and Bret Stateham.

Windows Phone Unleashed is put on by the community. It is an all day event with 3 instructor led sessions paired with Hands On Labs that when you are finished complete the Coffee Findr application. At the end of the day there is a app contest with Prizes.

You can download the finished app from the Marketplace . From this application you will learn the following skills. Check it out now.

Register for an Event Near You.

Working with Live Tiles

Periodic Execution

Pulling Data from Rest Services

Deserializing Json

Binding data to your UI

Using Bing for Maps and Directions

Using Isolated Storage and SQL CE on the Phone

Navigation

And much much more

..."

http://www.winphoneunleashed.com/

Windows Phone Unleashed

All Day of Hands on Programming, B.Y.O. Laptop!

Windows Phone 7 is HOT! Come check out Windows Phone 7 Unleashed for everything you need to know to develop for WP7. Whether you're a seasoned veteran or you're just starting with .NET development, there's something in it for you. The first half of this deep dive event is lecture and hands on lab. At the half point mark of the day, you'll have a solid foundation for building WP7 applications. The second half of the day is going straight to code.

Build an app and win from $800 in prizes

1st Place: $500 Gift Card

2nd Place: $200 Gift Card

3rd Place: $100 Gift Card

Free Marketplace Tokens

A limited amount of complimentary tokens are available for those submitting their application to the Windows Phone Marketplace. Organizers of each event will collect names of those interested.

Limited Seating

In order to deliver the best possible experience for attendees, seating at these events is VERY limited. Register NOW!

Community Events!

These windows Phone Unleashed events are run by your local community friends and leaders.

Nothing like some free training to get the brain cells firing... The LOB focused content caught my eye. Signed up. :)

Data, data, if only I had access to some data that I could code against...

The ShiSh List - Some Excellent Open Data Sources

There are some very interesting looking datasets here, some free, some not, but most interesting...

Some open apps at open.NASA with SpaceApp examples...

open.NASA.gov - #SpaceApps: Space Makes Anything Possible

"What exactly is a space app? What could you do with all that data, anyway? And how can we use space to improve life on Earth?

On the first night of the first codeathon-type event I ever attended, I saw this quote from Herb Kelleher posted on the wall: “We have a strategic plan, it’s called DOING THINGS.” And that’s the key to what’s going to happen at the Apps Challenge: we’re in this to do things. We’re in this to make things. We’re in this because we believe that the questions that motivate us to explore space can change the way we live here on Earth and the way the next generation will continue to explore, and we’re ready to see where that takes us.

To stir up your imagination, the Apps Challenge team has assembled this list of some of the coolest apps we have seen recently using space data, space experience, or just plain space awesomeness. They include software and hardware, science and art, education outreach and creative ideation. Some of these apps originated as official NASA projects; some are the work of engaged, inspired citizens. Nearly all demonstrate the vital importance of open data and the scientific and technological possibilities it creates.

You can read more here about the four types of challenges we will address at the event. We’re adding new challenges to the site every few days… go here to read and comment on the current challenges, and go here to submit a new challenge idea for the International Space Apps Challenge.

...

..."

Besides being space'ish (I know, I know, space app's should be more than enough... but...), many of the projects provide you the details, source, designs, etc...

Thursday, March 15, 2012

Music of the... Simi Valley couple that's part of the Smithsonian gaming exhibit... (Think "8 Bit Game Geek Music Madness")

Ventura County Star -Simi Valley couple's music is part of Smithsonian gaming exhibit

Simi Valley couple Seth and Michelle Sternberger are proof you can make a career out of video games.

Five songs from their bands — 8 Bit Weapon and ComputeHer — were selected to provide the soundtrack at the entrance to "The Art of Video Games" exhibition at the Smithsonian American Art Museum in Washington, D.C.

The exhibit, which runs from Friday through Sept. 30, will explore the 40-year evolution of the genre. When it leaves the Smithsonian, it will tour the country for five years.

Visitors to the exhibit see a 12-foot projection that includes footage from most of the 80 games featured in the show, said Georgina Goodlander, coordinator for "The Art of Video Games."

"The exhibits team struggled to come up with the right soundtrack for this — something that would capture the excitement and energy of the games without being specific to any one title or genre," Goodlander said. "We had seen Seth and Michelle perform and thought that their music was the perfect fit. We are thrilled that they not only allowed us to use several of their tracks, but that they also titled one in honor of the exhibition."

"The Art of Video Game Anthem" and two other songs — "Mini Dub Bounce" and "Chip on Your Shoulder" — from their band 8 Bit Weapon's new album, "Bits with Byte," along with two songs from the "Modemoiselle" album of Michelle Sternberger's solo project ComputeHer — "Twilight Byte" and "Dark Pub" — will be on a continuous loop at the entrance

..."

Not only is this kind of geek-cool, but it's a local couple too! Got to love that...

You have to check out their site, http://www.8bitweapon.com/ and their music page, http://www.8bitweapon.com/music.htm, where you can buy their CD's or download a few of them free (like the TRON one! :)

O what is OAuth? "OAuth: The Big Picture" Free eBook (PDF/Mobi/ePub)

apigee - API Best Practices Blog - OAuth: The Big Picture - Free e-Book »

"OAuth has become standard practice for large social media APIs and it's becoming common across enterprise APIs. OAuth is good for your customers' security and experience making is critical if you want adoption on your API.

Over the past year, we've been talking OAuth with some of the leading API teams around the globe as they design their API security strategies, and we've participated in enlightening discussions with designers and developers on the API Craft google group. All these interactions have helped us build and refine our perspective. We've also received a lot of feedback that people want this stuff for their e-readers so we've pulled our ideas together in this e-book.

If you want to understand how OAuth fits with APIs and the emerging world of open platforms, its advantages and challenges, what role it might play for your products, and without having to know the fine details of the protocol, we hope you will find it useful.

..."

Most of you will know what OAuth is and not need something like this... Until your boss, new project manager, QA member, senior management ask you, "What is this OAuth thing?" Then you'll thank apigee for providing you this free ebook... :)

Introduction
OAuth has taken off as a standard way and a best practice for apps and websites to handle authentication.

OAuth is an open protocol for allowing secure API authorization from desktop and web applications through a simple and standard method. It manages handshakes between applications and is used when an API publisher wants to know who is communicating with the system. Many of the largest API publishers have implemented OAuth to handle write access to their APIs.

We titled it OAuth – The Big Picture because it does not attempt to compete with sites about the protocols as defined by RFC 5849 (OAuth 1.0) or OAuth 2.0 or explain the architecture and in-depth technical and implementation details of OAuth. There are many great sites and discussion groups (including wiki.OAuth.net and OAuth Google groups) that delve into the details of OAuth and the evolving specification.

Rather, this e-book is designed for those who want to understand OAuth, its advantages and challenges, what role it might play for their products, without having to know the fine details of the protocol. We hope it will be a guide for members of the business development team, product managers, technical evangelists, product architects, and so on who make strategic decisions about their API products.

This e-book discusses what OAuth is, how it works, and how it fits with APIs and the emerging world of open platforms. We take a look at the evolving OAuth specification and why implementing OAuth can be complex. We provide some recommendations for how to approach implementing OAuth to ultimately deliver a secure and great user experience for web and mobile apps.

..."

VS 11 ALM DemoMates updated for the Beta

Brian Keller - Visual Studio 11 Beta ALM DemoMates now available

The Visual Studio 11 DemoMates for showcasing application lifecycle management scenarios have been updated based on the beta release. You can download the DemoMates here.

DemoMates are a nice alternative to the Visual Studio 11 Virtual Machine for when you don’t have time or hardware resources to run the virtual machine.

Brian Keller - DemoMates for Visual Studio 11 ALM Demos

"Mar 15, 2012 Update: This post and accompanying downloads have been updated based on the Visual Studio 11 Beta.

...

A DemoMate is a Silverlight-based rendering of a software demo which can be used to easily learn a demo or show it to an audience (albeit in a strict, linear format). It’s not a substitute for the virtual machine and being able to go “off road” of the script, but if you plan on sticking to the script then it’s the next best thing.

...

You can run these DemoMates online, or if you plan on using these in an environment where you might not always have Internet access then I suggest installing the offline version.

Online:
Agile Project Management in Team Foundation Server 11
Building the Right Software - Generating Storyboards and Collecting Stakeholder Feedback with Visual Studio 11
Diagnosing Issues in Production with IntelliTrace and Visual Studio 11
Exploratory Testing and Other Enhancements in Microsoft Test Manager 11
Making Developers More Productive with Team Foundation Server 11
Unit Testing with Visual Studio 11 - MSTest, NUnit, xUnit.net, and Code Clone

Offline: (gets installed locally on your computer)
Agile Project Management in Team Foundation Server 11
Building the Right Software - Generating Storyboards and Collecting Stakeholder Feedback with Visual Studio 11
Diagnosing Issues in Production with IntelliTrace and Visual Studio 11
Exploratory Testing and Other Enhancements in Microsoft Test Manager 11
Making Developers More Productive with Team Foundation Server 11
Unit Testing with Visual Studio 11 - MSTest, NUnit, xUnit.net, and Code Clone

..."

A quick and easy way to see some of the features coming in VS/TFS11...

Here's some snaps from the Building the Right Software - Generating Storyboards and Collecting Stakeholder Feedback with Visual Studio 11 DemoMate

Visual Studio 11 ALM VHD's, VirtualBoxed (and even on x86 hosts too)
Want to play with Visual Studio 11 & TFS 11 Dev Preview but don't want to install it (and have access to a Hyper-V server)? Here's a VHD just for you...

Complete (and eBook version is free) "Introduction to SQL Server 2012" is now available for download...

Microsoft Press - Free ebook: Introducing Microsoft SQL Server 2012

"Friends, the final and complete version of Introducing Microsoft SQL Server 2012, by Ross Mistry (@RossMistry) and Stacia Misner (@StaciaMisner), is now ready as a free download! You can download the PDF version of this title here (288 pages; 10.8 MB).

We will update this post soon with links to EPUB and MOBI files. We expect these files to be available by March 23.

If you prefer a hard copy of the book, you can order it here for $14.99.

Introducing Microsoft SQL Server 2012 includes 10 chapters:

PART I DATABASE ADMINISTRATION (by Ross Mistry)

1. SQL Server 2012 Editions and Engine Enhancements
2. High-Availability and Disaster-Recovery Enhancements
3. Performance and Scalability
4. Security Enhancements
5. Programmability and Beyond-Relational Enhancements

PART II BUSINESS INTELLIGENCE DEVELOPMENT (by Stacia Misner)

6. Integration Services
7. Data Quality Services
8. Master Data Services
9. Analysis Services and PowerPivot
10. Reporting Services

..."

Who Should Read This Book?
This book is for anyone who has an interest in SQL Server 2012 and wants to understand its capabilities. In a book of this size, we cannot cover every feature that distinguishes SQL Server from other databases or previous versions, and consequently we assume you have some familiarity with SQL Server already. You might be a database administrator (DBA), an application developer, a business intelligence solution architect, a power user, or a technical decision maker. Regardless of your role, we hope you can use this book to discover the features in SQL Server 2012 that are most beneficial to you.

Assumptions
This book expects that you have at least a minimal understanding of SQL Server from both a database administrator’s perspective and business-intelligence perspective. This also includes an understanding of the components associated with the product, such as the Database Engine, Analysis Services, Reporting Services, and Integration Services.

Who Should Not Read This Book
As mentioned earlier, the purpose of this book is to provide the reader with a high-level preview of the capabilities and features associated with SQL Server 2012. This book is not intended to be a step-by-step comprehensive guide. Moreover, there have been over 250 new improvements associated with the product; therefore, the book may not cover every improvement in its entirety.

I dug that "Who should not read..." paragraph. You see the "Should" all the time, but rarely the "Should Not".

Note that this book was written using SQL Server 2012 RC0. I don't remember seeing many changes mentioned between RC0 and RTM, but...

Eight ways to "bug" your developers...

Maurits thinks aloud - Bug reporting: 8 ways to annoy your software development team

"As usual this blog post should be read with a large grain of salt. It is a collection of bad practices I have seen during many software development projects. There are positive exceptions. For example when the testers are part of the development team and the whole team is committed to delivering valuable software instead of two opposite parties trying to fight each other. Having said that, the ugly situation mostly happens in fixed-price contracts where the bug versus feature discussion often takes place.

Disclaimer: all the examples are made up. Any resemblance with bug reports from projects I did are pure coincidence

...

..."

This list made me laugh and cry. I think my "favorite" is #4, though #6 & #8 are close to the top... If you've been developing for any length of time (say more than 15.74 minutes) you've seen all eight of these.

But I'll tell you what's worse, it's when you get one of these eight comes from another developer. Those make me want to reach through my screen and [insert description of physical violence and loud profanity here].

SQL Server Cell Level Encryption.. It might not be as hard as you might think.

IT Pro Connection - “The SQL Guy” Post #20: Using Cell Level Encryption in SQL Server

"Last week you learned how to setup the encryption key hierarchy in SQL Server. Now, let’s use encryption to encrypt sensitive data in SQL Server.

It is quite possible that you might have sensitive data that needs encryption at a finer level of detail than the entire database. Most of the row might need to be visible to users, while certain sensitive information such as employee salary might require encryption. You might also want the ability for certain users to be able to encrypt/decrypt certain cells as shown in figure 1.

The solution is to use cell-level encryption in SQL Server.

With cell-level encryption in SQL Server, it is possible to encrypt data in individual cells within a table.

BENEFITS OF USING CELL-LEVEL ENCRYPTION:

(1) Granular, user specific control on encrypting individual cells or column values rather than entire databases (compared to using Transparent Data Encryption – TDE).

(2) Data retains its encrypted state in memory unless it is actively decrypted.

DRAWBACKS OF USING CELL-LEVEL ENCRYPTION:

(1) Requires application changes and analysis of tables to locate sensitive data that needs to be encrypted.

(2) Encryption of data introduces randomization. This makes it impossible to index data and causes a performance impact since indexes on encrypted columns cannot be used while searching for a value.

(3) Cell-level encryption built-in functions only return varbinary type data and the output is limited to up to 8000 bytes.

..."

If you're saying to yourself, "Gee, I wonder if we should encrypt this..." or "Boy, it would suck if someone unauthorized got this data..." or "Heck, no I wouldn't put my personal data in this, even for testing..." or "Encryption is for sissies" or "But we've got lasers protecting our data center!" then you might be in need of this article...

Microsoft GDC 2012 Deck Dump (A bunch of Pptx's from GDC 2012)

Visual Studio 11 for Game Developers

The upcoming version of Visual Studio brings a slew of innovations for game developers with first-class access to build DirectX games on Windows 8. Learn how it enables you to write modern, cross-platform code while unlocking ever more performance from today’s hardware. Speaking of modern hardware, we demo how VS11 embraces the GPU like never before. From new integrated diagnostics support for DirectX to new language extensions for GPGPU, these demos will blow you away.

Game Data Anywhere Using Xbox LIVE Cloud Storage

With gaming capabilities spreading rapidly across devices, there is an ever-increasing need to have service-based data sharing support. With our new scalable and flexible title storage service, developers enjoy the ability to persist user and game-specific data to the Xbox LIVE cloud! Come learn how to leverage these new RESTful APIs to enable cloud-based data storage and sharing for your cross-device game titles.

Developing Metro Style Games on the Full Range of Windows 8 Devices

Windows 8 runs on the broadest range of form factors, from super-light, low-power tablet devices to high-end gaming rigs with 3D displays. This session teaches you essential techniques for getting the most out of the GPU across the full range of form factors. This is a must-attend session for developers who want to reach the broadest possible market for their games.

Innovative Solutions to Gesture Detection

Many successful and innovative games use gestures as input. These games range over a wide variety of genres, platforms and input technologies, from a touch screen of a smart phone device to a full natural motion controller input device such as Kinect. Developing high quality reliant gestures is a non-trivial time consuming engineering task. In this talk we present an innovative new technology for developing high quality reliant gesture detection using machine learning. Demos, results, implementation and optimization details is discussed. Two case studies are also presented where solutions to gestures from Kinect Sports and Kinect Sports: Season Two are discussed.

Xbox LIVE Services - Entertainment Powered by the Cloud

This talk describes how developers can create compelling entertainment experiences on any device by using Xbox LIVE services by way of our new RESTful APIs. Learn how your application can obtain secure access to our service, make HTTPS API calls from a variety of clients, as well as how to use the expansive set of Xbox LIVE services, including some new services, to keep your customers engaged with your experiences. This session provides you with a broad understanding of Xbox LIVE from a platform perspective, as well as insights into the API roadmap.

Xbox LIVE Multiplayer Gaming on Windows 8 and Other Devices

Multiplayer features make a game more fun, and are the driving force behind many successful games today. Cross-device gameplay provides publishers with a unique opportunity to delight players on any device, at any time, wherever they are. But how can a game have compelling multiplayer experiences when a player may be interrupted at any time by a phone call or a business meeting? With Asynchronous Gaming! Come learn how to build great multiplayer games for Windows 8 and other devices using Xbox LIVE services. We cover everything from asynchronous game patterns to best practices for managing sessions, matching players and using notifications to pull players back into the game.

Asynchronous Gaming with Xbox LIVE

Multiplayer features make a game more fun, and are the driving force behind many successful games today. Cross-device gameplay provides publishers with a unique opportunity to delight players on any device, at any time, wherever they are. But how can a game have compelling multiplayer experiences when a player may be interrupted at any time by a phone call or a business meeting? With Asynchronous Gaming! Learn how you can use Xbox LIVE services to create the best possible end-to-end asynchronous gaming experience on a single device or across multiple devices!

Building Cross-Device Xbox LIVE Games

Cross-device gameplay provides publishers with a unique opportunity to reach and delight players on any device, at any time, wherever they are. This type of gameplay experience is going to be a fundamental part of future gaming on Xbox LIVE. Come learn about the platform and experience components that Xbox LIVE is introducing as a means to help create the compelling cross-device experiences that people want to play with their friends, on the device of their choice!

Xbox LIVE Web Games

If you’re not building games for the web, you’re not capitalizing a captive audience. Web games are an easy way to reach millions and millions of eyeballs and integrating Xbox LIVE services keeps customers engaged and allows them to truly play anywhere at any time. Learn how your web games can be even better with Xbox LIVE Achievements, Title Managed Storage, Multiplayer Services and more!

Xbox LIVE on Windows Deep Dive

Xbox LIVE on Windows 8 provides a rich and robust set of APIs that enable game developers to accelerate the integration of Xbox LIVE services. This session is for developers who want to understand how we've taken advantage of the new Windows Runtime model to provide quick and easy access to Xbox LIVE services such as profile, achievements and leaderboards as well as value added scenarios, such as offline support, authentication and Windows integration. We dive into the code and design to ensure you walk away with the knowledge you need to quickly enable your Metro style games with Xbox LIVE.

Monetization Strategies for Windows 8 Games

Windows 8 delivers the opportunity to reach a huge worldwide audience for your games. This session shares key information and insights to help developers and producers maximize gamer engagement and game revenue. We introduce the Windows 8 Store, and discuss revenue-enhancing strategies including app trials and DLC. We discuss Xbox LIVE for Windows 8, and share insights based on real data gathered from successful Xbox LIVE titles on Xbox 360 and Windows Phone.

Kinect Human Tracking - Better, Stronger, Faster

Kinect’s human-tracking algorithms represented significant advances in computer vision when launched just over a year ago. And luckily, the team didn’t stop there. Learn about the new features and quality improvements added since launch, as well as best practices for incorporating this new functionality into your Kinect title.

"Xbox, Play" : Harnessing the Power of Speech

Speech provides the opportunity to create uniquely engaging experiences to delight your audience. Explore the new capabilities of voice recognition for Kinect, focusing on the user interfaces and types of experiences that mesh well with this technology. We present several case studies, including Mass Effect 3 from BioWare, Kinect Sports 2 from Rare Ltd. and BigPark Game Studios, and the Xbox 360 Dashboard. We discuss the benefits of evaluating and incorporating voice UI (VUI) early in the design; share our discoveries and best practices in testing and tuning speech for an optimal experience.

Creating a Great Metro Style Game for Windows 8

Windows 8 delivers the opportunity for you to create engaging games that reach the broadest audience, and run across a wide range of devices. In this session, learn the essentials of the new Windows 8 game development and application environment, including the Windows Runtime, CoreWindow, DirectX 11.1, Process Lifetime Management, asynchronous execution, and C++/Cx. We will also demonstrate Visual Studio capabilities for debugging 3D applications, managing code and basic content types like shaders, textures, and meshes in both design-time and run-time formats. Each key step will be illustrated with code from a Windows 8 SDK sample app such as MarbleMaze or Simple3DGame.

A bunch of decks, no videos or other documents, but something to give you an idea of what we'll likely be seeing in the coming months and years...

Here's some snaps from the first deck in this list, Visual Studio 11 for Game Developers

An Outlook Add-on Round-up

KC's Blog - A good list of free add-ons to make your Outlook better and more efficient

"If you use Outlook you have reason to rejoice, because there is a wide range of free add-ons that greatly enhance Outlook’s functionality and add considerably to it’s user experience.

Here comes a list of them that are free and useful. Tip my hat to FreewareGenius for making a good list of them here and here.

Note that all add-ons listed below are linked to the original posts that have more details about them.

..."

A number of Google related add-on's which I found interesting. Also some bellwethers (Xobni, etc) and some that I've not seen before... If you live in Outlook, this looks like a "must browse"

Tuesday, March 13, 2012

"Microsoft Script Explorer for Windows PowerShell" Beta Released (Think PowerShell ISE Addon to help you search and browse for more PowerShell scripts)

jonoble.com - Microsoft Script Explorer for Windows PowerShell

"Attendees of my presentation to NEBytes in January got an early look at this, but now everyone can join in the fun because today sees the public release of Beta 1 of Microsoft Script Explorer for Windows PowerShell.

An add-in for the PowerShell ISE, as well as a standalone application, Script Explorer brings together a number of online repositories for PowerShell scripts, snippets and modules, like the TechNet Script Center and PoshCode, as well as How To guidance, to make them easy to search and browse. This is particularly useful for people new to PowerShell to find examples of code from which they can learn, but also helps more experienced users to avoid re-inventing wheels.

...

Script Explorer is fully extensible, so you can configure your own focus areas and repositories. The web-based content is accessed through an aggregator that Microsoft are managing, so they can add additional resources dynamically too.

I've already started to build a corporate repository for all the scripts and snippets that I've been writing over the years - useful work that I perhaps haven't been sharing with colleagues as well as I might. I'm able to break those down into the focus areas that are specific to the services we provide and deploy that config with Script Explorer to the rest of my team. It's a definite improvement on the current hierarchical folder structure that we're using on a network share.

..."

Microsoft Downloads - Microsoft Script Explorer for Windows PowerShell (pre-release)

Microsoft Script Explorer for Windows PowerShell (pre-release) helps scripters find Windows PowerShell scripts, snippets, modules, and how-to guidance in online repositories such as the TechNet Script Center Repository, PoshCode, local or network file systems and Bing Search Repository

Version: Beta 1
Date Published: 3/12/2012

Language: English

ScriptExplorerSetup.msi, 1.7 MB

Microsoft® Script Explorer for Windows PowerShell® (pre-release) helps scripters find Windows PowerShell scripts, snippets, modules, and how-to guidance in online repositories such as the TechNet Script Center Repository, PoshCode, local or network file systems and Bing Search Repository. Microsoft® Script Explorer enables:

Integrated community and Microsoft resources to help you unlock the power of Windows PowerShell.

Seamless searching across online repositories to locate script samples relevant to you

Establishing and searching local, network, and corporate script repository is easy

System requirements

Supported Operating Systems: Windows 7 Service Pack 1, Windows 8 Consumer Preview, Windows Server 2008 R2 SP1, Windows Server 2008 Service Pack 2, Windows Server 8 Beta, Windows Vista Service Pack 2

Additional Requirements:

Windows PowerShell 2.0/3.0 ISE (Client computer that is to run Script Explorer as an add-on)

Microsoft .NET Framework 4

..."

I dig that it's extensible, that you can add more repositories to it...

Now THIS is a Lego Mindstorms kit I'd buy in a minute... The "Get a Cool Beer Dude (with Bluetooth remote)"

Gizmodo - The Best Use of Lego Mindstorms Ever In the History of Best Uses of Lego Mindstorms Ever

"I seriously can't imagine any better use for Lego Minstorms than building a machine that can serve two types of Dutch beer, chilling them down at the perfect drinking temperature, opening the bottle and serving them. Can you? CAN YOU?

..."

The NXT STEP - LEGO® MINDSTORMS® NXT Blog - The Beer Machine

The machine can serve 2 kinds of typical Dutch beers, then it will open the bottle and cool it down to the perfect drinking temperature.

As a beer lover, I sure want to have his machine, but I'm sure it will also work with your favorite brand of soft drinks.

Enjoy the other movies where Jan explains how he build the separate parts of the machine.

You have to watch the video... I SO want one of these. :)

Solar cells into hydrogen?

Earth Techling - Solar Power Makes Fuel Cell Vehicles Truly Green

"In Hempstead, N.Y., the city not long ago began creating truly clean hydrogen fuel for their fuel cell vehicles by hooking a 100-kilowatt wind turbine into the system. But wind is just one renewable way to skin the hydrogen cat: The German research powerhouse Fraunhofer ISE this month fired up a station that uses photovoltaics to create hydrogen fuel with reduced impact on the grid.

The process at play here is pretty simple, actually: Power from solar panels on the charging station canopy and a nearby building is used indirectly to separate hydrogen and oxygen in water by the process called electrolysis. The hydrogen can then be stored and later used by fuel-cell vehicles.

...

One big advantage, for example: Fraunhofer said that a vehicle can fill up with hydrogen in just three minutes and then travel nearly 250 miles. Even the so-called “fast chargers” being developed for battery electrics can do a full charge in less than about a half hour.

...

..."

Glad I'm not a total idiot (well I it depends on who you ask...)

I've been telling just about anyone who will listen that the above process, using solar to crack hydrogen for longer term energy storage and fuel cell usage, is what I want to see. Batteries are lame, They are not a long term, via solution for vehicles, homes, buildings.

Is a huge store of hydrogen a safety issue? Yes. But so is the gas in your car, the natural gas in your house (and/or car), all that crap under your kitchen sink, those old as heck cans of "stuff" on "that shelf",yada, yada. And as if batteries don't have their own issues?

Anyway...

I don't even think it has to be at the house level. Think substations is here the hydrogen is cracked and stored. And where the fuel cells are. Solar panels on the houses for that substation feed into it during the day, surplus is used to build stores of hydrogen, at night, fuel cells are used to generate power back to said houses.

Smart grid baby.

And heck that substation can also act as a hydrogen fueling station for cars?

Until then, I'm keeping my eyes open for at home options for this. I'd SO love to have a fuel cell car that I fueled with hydrogen cracked via my solar panels... :)

.Net 4.5 is what to .Net 4.0? [Replacement++] Or .Net 4.0 = .Net 4.5 but .Net 4.5 != .Net 4.0

Rick Strahl's Web Log - .NET 4.5 is an in-place replacement for .NET 4.0

"With the betas for .NET 4.5 and Visual Studio 11 and Windows 8 shipping many people will be installing .NET 4.5 and hacking away on it. There are a number of great enhancements that are fairly transparent, but it's important to understand what .NET 4.5 actually is in terms of the CLR running on your machine.

When .NET 4.5 is installed it effectively replaces .NET 4.0 on the machine. .NET 4.0 gets overwritten by a new version of .NET 4.5 which - according to Microsoft - is supposed to be 100% backwards compatible. While 100% backwards compatible sounds great, we all know that 100% is a hard number to hit, and even the aforementioned blog post at the Microsoft site acknowledges this. But there's so much more than backwards compatibility that makes this awkward at best and confusing at worst.

What does ‘Replacement’ mean?

When you install .NET 4.5 your .NET 4.0 assemblies in the \Windows\.NET Framework\V4.0.30319 are overwritten with a new set of assemblies. You end up with overwritten assemblies as well as a bunch of new ones (like the new System.Net.Http assemblies for example). The following screen shot demonstrates system.dll on my test machine (left) running .NET 4.5 on the right and my production laptop running stock .NET 4.0 (right):

...

Clearly they are different files with a difference in file sizes (interesting that the 4.5 version is actually smaller).

That’s not all. If you actually query the runtime version when .NET 4.5 is installed you still get:

4.0.30319

There’s no real easy way to tell whether you are running on 4.0 or 4.5 – to the application they appear to be the same runtime version. And that is what Microsoft intends here. It’s intended as an in-place upgrade.

...

..."

I'm of two minds on .Net 4.5. I kind of like that we're not back in the .Net 2.0/3.0/3.5 days. But I also don't dig the uncertainty I believe we're going to see... So if I understand the replacement idea, we can see support issue where someone has built a 4.5 dependent app (let's say using the new Yield in VB) but the user only has 4.0 and so they will break at runtime? If 4.0 is going away and will be replaced everywhere on every system with 4.5 via a mandatory Windows Update, then okay, I'm good. But that's not going to happen. So we're still in the .Net 2.0/3.0/3.5 kind of world, but one that's even more confusing?

I really like that 4.0 apps will "just run" on systems with 4.5.

I don't like that 4.5 apps will "mostly run" on systems with 4.0, until you run into a 4.5 feature at runtime.

I feel I've got to be missing something? Am I being stupid again and this really isn't the case? That at app start up we can know what version of .Net is installed and gracefully handle cases where our 4.5 app is on a 4.0 machine?

<snarkycomment>I'm sure we can build our Setup and Deployment packages to force .Net 4.5 as a dependency. Oh wait! There is no Setup and Deployment projects in VS11.. gee, I forgot. :| </snarkycomment>

I guess you could say that Microsoft (or the teams involved) are being agile and trying to constantly improve with each iteration, learning from the last...? (cough... so I hope at least... cough)

Monday, March 12, 2012

Using SQL Server Authentication (i.e. not Integrated/Trusted)? Concerned about your passwords being discoverable? Wish you could using something like SecureString?Check out the new SqlCredential in .Net 4.5

ADO.NET team blog - Safer passwords with SqlCredential

Introduction

Many users of SqlClient with SQL Server Authentication have expressed interest in setting credentials outside of the connection string to mitigate the memory dump vulnerability of keeping the User Name and Password in the connection string. Starting with .Net Framework 4.5, we have introduced the ability to set the credentials outside of the connection string via the new SqlCredential Credential property of SqlConnection. Now the developer can create a SqlCredential object with a UserId and a SecureString Password to hold the credential values of a connection when connecting to a server. This helps mitigate the threat of credentials being leaked out to the page file in a page swap or being evident in a crash dump.

SqlCredential Class

More information about the new SqlCredential class can be found at:
http://msdn.microsoft.com/en-us/library/system.data.sqlclient.SqlCredential(v=vs.110).aspx

For information on how to get or set the SqlConnection.Credential property, please refer to:
http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlconnection.credential(v=vs.110).aspx

It’s important to note that the SqlCredential constructor only allows SecureString marked as read only to be passed in as the Password parameter or it will raise an ArgumentException. The new credential property is incompatible with existing UserId, Password, Context Connection=True, and Integrated Security=True connection string keywords, and setting the credential property on an open connection is not allowed. It is strongly recommended that you set PersistSecurityInfo=False (default) so the credential property is not returned as part of the connection once it is opened.

Connection Pooling with Credential Property

With this new improvement now the connection pooling algorithm also takes the Credential property into consideration in addition to the connection string property when creating connection pools and getting connections from the pool. Connections with the same connection string and same instance of Credential property will use the same connection pool, but connections with different instances of the Credential property will use different connection pools, even if they use the same UserId and Password. For example, the developer tries to open several connections with different configurations as below:

...

Of course the usage of SQL Server Integrated Authentication Mode is still the recommended way to authenticate for users with an Active Directory® infrastructure as there is no credential propagation and all security sensitive information is stored in the Active Directory’s database. And the usage of SQL Server Mixed Mode Authentication with UserId and Password specified in the connection string remains unchanged.

..."

This is one of those thing that would so easily fall through the cracks with all the recent news and releases, so I wanted to call it out. If you have to use Standard security in your SQL Server apps then when you move to .Net 4.5, take this extra step to secure your users passwords. At first glance it looks pretty painless yet could have a nice security bang for the buck...

Curators Unite! "The Curator's Guide to the Galaxy" (think "Common curation scheme and code")

The Atlantic - The Curator's Guide to the Galaxy

"How do you avoid being a jerk on the Internet? (Beyond, you know, all the obvious ways?) When you post someone's words or images on your blog or your Facebook feed, what's the best way to make clear that it's someone else's words or images? When you pass along an idea on Twitter, how do you show your followers that you're sharing, rather than creating? How do you maximize the generosity ... and minimize the jerkery?

If you're not entirely sure, you're not alone. Linking -- in the narrow sense and the broader one -- is not as simple as it seems. The Internet is still incredibly young, and it's grown up organically. Because of those two things, its users haven't yet come together to determine a fully standardized system for attribution. We're making it up as we go along. Which leads to a lot of experimentation (the hat-tip and the via and the RT and the MT!) ... and to a lot of confusion. On the web, the line between sharing and stealing -- between being a helpful conduit of information and being, on the other hand, a jerk -- can be frighteningly thin.

That could be changing, though. This weekend, Maria Popova (whom you may know as an Atlantic contributor, or as the author of Brainpickings, and either way as one of the web's foremost experts on the art of curation) is launching The Curator's Code, a system -- and, she hopes, a movement -- to "honor and standardize the attribution of discovery across the web." The new project offers both a code of ethics and a common standard for borrowing and sharing. It aims to provide a framework for celebrating curation by way of formalizing it -- or, as Popova describes it, of "keeping the whimsical rabbit hole of the Internet open by honoring discovery."

The code is based on two basic types of attribution, Popova explains, each indicated by a special unicode character (along the lines of ™ for "trademark" and © for "copyright"):

..."

http://curatorscode.org/

Why attribute?

One of the most magical things about the Internet is that it's a whimsical rabbit hole of discovery – we start somewhere familiar and click our way to a wonderland of curiosity and fascination we never knew existed. What makes this contagion of semi-serendipity possible is an intricate ecosystem of "link love" – a via-chain of attribution that allows us to discover new sources through those we already know and trust.

A system for honoring the creative and intellectual labor of information discovery

While we have systems in place for literary citation, image attribution, and scientific reference, we don't yet have a system that codifies the attribution of discovery in curation as a currency of the information economy, a system that treats discovery as the creative labor that it is.

This is what The Curator's Code is – a system for honoring the creative and intellectual labor of information discovery by making attribution consistent and codified, the celebrated norm. It's an effort to make the rabbit hole open, fair, and ever-alluring.

(via http://curatorscode.org/)

Given I seem to have fallen into a curators role, I've been thinking for a while about writing up a "Curators Code of Conduit" so I want to take a close look at this...

The cool thing I guess is that I've been doing this, the "via" attribution, since I started blogging [looks like I started using it in 2004] as I'm a firm believer in giving people their due, attributing them and their work. Not sure I'm going to go with the whole symbol/unicode thing, but maybe... :)

(via Jason Haley - Interesting Finds: March 12, 2012)