It began as such a happy day - off to the big, climate-controlled, hulk of a technology center.  The monitors glared my code at me.  Linkin Park and Enya whispered sweet nothings to me via my MDR-NC5's.  My fan purred quietly blowing air at my head.  Life couldn't be better...

A few hours later and I'm weeping for the loss of my office fridge.  It was a noble box.  It preserved my bagels, my cream cheese, my Symphony bars...even my lemonade.  Now, it's banished without a socket in which to plug itself in.  Farewell, my fridge.

At work yesterday, we discussed adopting a new (to our team) development practice.  Rather than focus on the issue itself, I want to focus on one argument.  The argument is this - we must all do it to get any benefit from it.

I disagreed with that in the meeting, and I think that upon re-evaluation I still disagree.  I think that there are many developer gimmicks (that's probably the wrong word) that benefit from a whole hog approach.  TDD, defense in depth, principle of least privilege, documentation, etc. are all better if they are consistently applied throughout a product.  Does this imply that such practices are of no value unless universally applied?  I argue no.

Let's look at defense in depth.  Defense in depth is a term that has gained popularity since Bill Gates' Trustworthy Computing initiative was announced back in 2002.  In brief, it is the idea that you should have many lines of defense.  If someone gets through your firewall, they still face your anti-virus software.  If they pass by the AV software, they still can't do too much damage if you aren't running as an administrator.  Etc.

Does defense in depth work better if each layer is doing its best to prevent malicious code from penetrating?  Yes.  Does DID fail if the programmers on one layer were slackers?  No.  Even if the application author (let's say of a web site), didn't validate inputs that doesn't mean all is lost.  There is still the input validation of the ASP.NET v1.1 runtime.  There is still IIS running in an underprivileged account.  There are still parameterized queries / stored procedures to guard against SQL injection.  There is still the stored procs (or anyone else in the data access layer or business logic layer) doing their own parameter validation.  In short, the whole does not fall apart even if one part does.

I just realized that DID is too easy an example, because it fits perfectly with my argument.  That is, its argument and mine are the same.  Still, if we just looked at input validation (and not as part of a DID strategy), we'd see that if the presentation layer slacks off in validating, then the other layers can still pick up the slack doing their own validation.  If we looked at testing procedures, we could say that just because one part is tested more than some other part doesn't mean that we should not test at all.  As my mission president used to say, “A little something is better than a big nothing.”

I've been playing (no pun intended) with the Windows Media Player 10 beta for a while now.  I just had a happy moment that needs sharing.  One of my biggest beefs with WMP in the past is that you can't have two instances of it going at the same time.  This becomes a problem when you're in the midst of listening to some audio book (one track is more than an hour long), and you click on a link to hear a 30 second music clip...suddenly you've lost your place in the book.  Ugh.

WMP 10 now has a “Previous” feature to solve this.  At any time, you can click Previous (if you're in standard mode (non skin, non task bar tool bar mode), it's the same as the back button you'd hit for going back one track in a playlist) to return to your previous track.  It'll begin playing as if you had just hit Pause then Play.

One other really annoying bug from WMP 7 - 9 is the “hide my form title bar, unless you mouse over me, in which case I'll reappear even though you told me you didn't want to see me” bug.  In WMP 10, when you tell the title bar (which includes the form border) to disappear, it does.  Period.  You can get it back if you want it, but it won't come back until you tell it to.  Thanks WMP 10, for finally obeying the user.

Generally, it has more fit and finish than previous versions.  Kudos to the Windows Media team for the enhancements and for releasing a pretty stable beta.  I think this is the only beta of a WMP version (other than perhaps the refreshes of 9) that has been stable.

What do you do when somebody looks you in the eye and says, "Would you like to be a [Microsoft] MVP?" ?  I know what I'd do...get a bewildered look on my face and wonder what was seen in me that I didn't see in myself.

I've heard for some time that one's greatest strengths can also be his greatest weaknesses.  That has never had much meaning to me.  I suppose this is in part due to my evaluation of the word strength.  My first thought is invariably physical strength, though I realize this isn't the only area in which one might be strong.  When was the last time that I looked at a person, who was physically strong, and thought, “hmm, what a weakling!”?  Never.

One of my greatest strengths, arguably, is that I'm a smart guy.  Another strength is passion.  If I go to the trouble of committing myself to a thing, I'm more than likely passionate about it.  The passion and the knowledge, however, have gotten me into trouble more than once.

Twice today, I jumped into a conversation to add commentary on Visio and on Virtual PC.  Now, it so happens that I've read about and have used both of these products, so I wasn't speaking from a position of ignorance.  However, in hindsight, I think it would have been a better idea to say nothing at all.  Was it really necessary to correct my manager and our network admin?  Probably not.  Was I right?  Well, I think so.  In fact, after doing a bit more research, I'm more sure that I was right than I was when I jumped into the conversations.

Chomp, chomp, says my strength (or was that my pride?) as it takes bite after bite out of my common sense.  It is true that I do a good deal to stay current on all sorts of Microsoft related technology issues.  It is true that I'm skeptical of the stuff that I read, listen to, or watch in my pursuit of staying current on Microsoft related technology issues.  As such, I credit myself with being pretty knowledgeable and accurate about a good deal of stuff.  Want to know when IE 5 had its second public beta?  I believe it was late '98 / early '99.  How 'bout beta one of Visual Studio .NET 2002?  Fall '00.  What does Anders Heijlsberg think of virtual methods?  C#'s methods are non virtual by default for a reason...

Of course, this know-it-all behavior isn't always a bad thing.  I think that more than once it has landed me a job.  (Perhaps this is because if I don't know what I'm talking about, I try not to talk.)  However, I'm quite annoyed with myself that I have to have things just so.  This makes me a great software tester, and arguably a good software designer, but it can make communicating with me a not always pleasant experience.  Perhaps the next strength I acquire will be the ability to keep silent.

I was just beginning another rant, errr response, to a post of one of my classmates, when I thought that I had chosen the wrong forum in which to vent.  I'm not sure that my blog is the correct forum either, but at least my blog is about me, and only those interested in what I have to say will read it.

The setting is this - I'm currently enrolled in University of Phoenix's Bachelor of Science in Information Technology undergraduate degree program.  My current class is DBMS 380.  It's a class, which UoP calls upper division, but which I find very lacking.  One of my chief annoyances is the text book.

Our text is Database Design for Mere Mortals by Michael J. Hernandez.  It is my opinion that the author should spend less time trying to convince the reader that he's a smart guy and more time actually teaching the “mere mortals” how to design databases well.  Among the things that annoy me are these:

• The author spent far too long on a rant about the difference between data and information.  Considering the majority of those in the industry use these terms interchangeably, I thought the author's pedantry was unneeded.
• The author, while saying that redundant data should be avoided, uses very redundant writing style.  Here's an example from Chapter 5 - If you work for a small organization that employs only a handful of people, or if you are only creating a database for yourself, you'll conduct "self-interviews." In other words, you'll still conduct the interviews described in this book, but you will act as the interviewer and the interviewee. You will be the one who provides the answers to the questions.  Does the author really need to explain three different ways what self-interview means?
  
  Here's another example from Chapter 6 - Typically, [a paper based] database  contains inconsistent data, erroneous data, duplicate data, redundant data, incomplete entries, and data that should have been purged from the database long ago.  Hmm, I thought that “redundant" and “duplicate" meant pretty much the same thing.
• The author has a bit too much faith in his writing.  From Chapter 6 - Unfortunately, sometimes the people who created [legacy] databases didn't completely understand the concept of a relational database. (After you have read this book, you won't fall into that group.)  I wish that all it took to obtain a complete understanding of a relational database was to read a single 480 page book.  Methinks the author has slightly (OK, extremely) exaggerated the utility of his book.

Another student responded that the text was for mere mortals.  The assumption, it seemed, was that the book was for mere mortals and not for me.  Here's what I had to say to that, but which I didn't feel I should post there.

Not sure how I've presented myself, but let me dispel a myth that just might be gaining popularity...I'm a mere mortal too!  : - )

 

What bugs me is this - when I look at a person who presents himself as an authority on a subject, and I see what he seemingly presents as a finished product, I expect high quality.  I expect consistency.  If he is proud and high minded, then I expect his work (the text, the code, the musical composition, or whatever) to be of such stellar workmanship that I'm compelled to say, "wow, he's proud with good reason."

 

What I feel from this author is this - look at me, I'm a smart guy, but I'm going to condescend to your lowly level to impart a morsel of my great knowledge to you.  This sentiment, and granted it could be entirely imagined on my part, annoys me.  When an author puffs himself up, the reader's time is wasted by the author's indulgence.  When an author presents his ideas as the only way to do a thing, he insults the reader's ability to find a better way of doing things.  When an author is so picky on very unimportant things, he sets the stage for the reader to expect a work of great quality and polish.  I see the author doing each of these things, yet I fail to see the quality or the polish.  In fact, I fail to see the logical justification for many of the author's assertions.

 

As a defense of myself, let me state that I'm very critical by nature.  This is one reason, in my opinion, that I'm a good software tester, designer, and developer.  I very often challenge widely held assumptions.  I offer new solutions that seem outlandish, but that quite often, at least in part, are part of the final solution.  Also, and perhaps most important, I'm at least as critical of my own work as I am of the work of another.  If anyone can produce a logical and well reasoned response which contradicts any of my assertions, I'll gladly change my mind and learn from him.  Then again, at least as far as UoP is concerned, I've never presented what I call my best work.  Instead, I've done a decent job (and one that I expect will get me an A).

I've been carded.  I realize this is an experience that many other people have likely had, but it is new to me.  Yesterday, I took a trip to a liquor store with a business associate.  Upon reaching the cash register, I was informed that I needed to show ID, so my shopping companion could purchase his wine.

26 year old me has never had a drink but has been carded.  I love life's little ironies.