Archive for 'Development'

Microsoft, You Have Made Vista Hard to Develop For!

Posted on May 5, 2008, under Development, Operating Systems, Software.

I have learned to like, even love some things about Vista. That is not to say I think it’s perfect. It’s far from perfect. It’s unfortunate that it took Microsoft this long to implement some of the great features, and they still did not have enough time to implement things well; which is what makes Vista suck in it’s own right. It’s incomplete, it’s buggy, things were not thought through or over thought.

The one thing Microsoft had going for it, was it gave developers tools to make applications for its operating systems. Microsoft did not alienate past versions, something Apple is not afraid of. All this, and more, contributes to why it is largely adopted by businesses, and why you can find an application for just about anything you need on Windows. I am afraid that Microsoft has lost sight of this with Vista.

Vista is not easy to develop for. We are extremely behind with the release of NetGrid Studio, and the outstanding issues are Vista related. User Access Control is not only a nightmare for users, but for developers as well. You have to use specific API’s to "elevate" an application whenever you need to do something that could cause harm, like accessing certain parts of the registry. Which means you have to make a specific build for Vista, and make it seamless to the end user so they do not have to download a "made for Vista" version.

Apple got it right, granted they are built off of Linux and arguably do not have as much of a security problem because they are not as widely adopted; but non-the-less they got it right. Something as monumental and important as security with an Operating System should have been priority #1 for Microsoft making it easy for users and developers. I have not enjoyed making sure our applications are compatible with Vista. And do not even get me started on the ridiculous process you need to take in order to get your application certified "Vista Ready". The whole thing just was not thought out an implemented correctly.

I am a Windows user, and as much as I praise the things Microsoft has done I am hard on them as well. They should have split the Windows division from their online, Office, and IE teams like they did when making the XBox 360. Cut out the noise, and make a better product.

2 Comments



G-Archiver Is a Scam, Don’t Blame Shareware

Posted on March 10, 2008, under Development, Software, Tools and Services.

Originating from Jeff Attwood’s blog, Coding Horror about G-Archiver being a scam. The application, meant to backup your GMail account apparently emails your username and password to the developers GMail account. You can read more about it at Coding Horror, a great blog I and many follow, but what struck me was the backlash on shareware. It hit me a little personal, being a developer myself and relying on paid software to make a living. And honestly if anyone would have taken two minutes to take a look at the companies site, it would have rubbed them the wrong way and they probably would not have installed the software. Take a minute and research the company, just as you would before you purchase something.

This kind of lash out really rubs me the wrong way, for several reasons:

1) Yes, there are spyware ridden shareware applications out there, just as there is bad everywhere there is good.

2) As a company sometime you do not even list the application on the shareware site yourself, an affiliate does.

3) We have become a society expecting everything free; from ad blockers, movies and music pirating, everyone is looking for the free tool for them to use and in turn make money off with whatever they do for a living.

I am no angel, so please do not take this the wrong way. I am simply saying that there are software developers out there that put a lot of time, money, resources, etc, into making good software. Your purchasing the software helps the development of future versions with better features that make your life easier and more productive.

The same thing can be said about web sites that you turn over a username and password to. The majority of people use the same username and password for most all of their needs. You do not know what, if any, encryption or data storage methods these web sites are using. What kind of security they have on their servers. If any employee can get into the database and look up a username and password. This type of stuff can happen with web sites, you just do not know about it because you can not reverse engineer the source code on the server.

Don’t blacklist everything just because there is one bad egg.

2 Comments



Eliminating the Need for Common Desktop Apps

Posted on March 6, 2008, under Adobe AIR, Browsers, Development, Software, Tools and Services, Windows.

As a desktop software developer, it is hard to admit that I have enjoyed moving my common applications to web services. Like many these days, I am not tied to just one computer. A desktop, laptop, and computer at work are just some. I eliminated the need for Outlook, as I use Google Apps for all of my mail, calendar, and most documents. The convenience of having access to your data from anywhere is huge. However, when I am at the desktop I want to use some of my web services like a desktop app.

prismFor example Meebo. I have been using Meebo for my IM needs for some time, I love it. However having a full screen browser open all the time kind of sucks. There is a project called mebone written in Adobe Air, however it looks like it has since been abandoned. I ran into a version restriction of Air, an annoyance I have highlighted before about Air. I am not going to go and install a beta version of Air just to run a specific Air application.

I ran across a link to Prism, a project from the Mozilla folks. At it’s current state, Prism is little more than an isolated Firefox browser. You can install any URL as a "Web App" and run it stand alone. The road map looks really good for the project, and I can’t wait to see what comes. There is a lot of potential there. I like Prism for several reasons. The main reason is it allows me to run my mail, calendar, docs in a stand alone quick to launch browser that acts like a desktop application. This works great for Meebo, and my mail.

There are some applications that I personally would never see feasible to use as an online service. Photoshop, podcatchers, backup software, are some on my list.  But the connection from the desktop to web services via applications like Prism are priceless.

No Comments



How To Add a System Tray Icon For TortoiseSVN

Posted on February 27, 2008, under Development, How To, Software, Tools and Services.

tortoisesvn TortoiseSVN is arguably the best SVN client for Windows, my favorite for sure. The only negative aspect he program comes with is that TSVNCache.exe becomes very large in memory over time. This process keeps a cached state of your folders under source code control.

There is a way of putting an icon in the system tray which allows you to gracefully exit this app from time to time, not allowing it to get that large. This trick is documented in the hidden registry features of TortoiseSVN.

Fairly simple if you know your way around the registry. All you have to do is create a DWORD value under "HKCU\Software\TortoiseSVN\CacheTrayIcon" and set it to 1.

Presto! A System tray icon.

No Comments

Adobe’s AIR: The Good Comes With Bad

Posted on February 25, 2008, under Adobe AIR, Development, Software, Tools and Services.

AIR One my favorite morning reads, ReadWriteWeb has a great article about Adobe’s AIR technology. For those not familiar, AIR stands for Adobe Integrated Runtime, and is a cross platform, code once run everywhere, light weight platform for applications. It holds a lot of advantages over other similar platforms. It’s two strong points in my eyes are: 1) it’s sexy looking, which is always a plus for end users. 2) It is easy to program in, especially for those who have worked with other Adobe products and technologies.

However my first experience with AIR was similar to some of my frustrations with .NET desktop applications. I was on the beta program for Pownce, which is written completely in AIR on the desktop side. I went and downloaded AIR, and naturally got the latest version from Adobe. Went to install the Pownce application and it said I needed an older version of AIR, immediately I was derailed. This happens more often than not with these "platforms", developers compile to a certain version of the platform and managing more than one version is a nightmare. Additionally, the last thing you want for a potential customer or user of your product is one more step before they can use your application; especially if that step is going to download another version of .NET or AIR. It’s the main reason I do not code in .NET for BlueCrestStudios.

I understand that with AIR it is just getting it’s official start out of Adobe labs, so it may not hold much weight here, we will see in the future. I hope that Adobe learns from others mistakes and makes the platform backwards compatible, easily distributable within AIR applications, and able to have more than one version installed if developers are going to be compiling against a certain version.

All in all, I think it has great potential, and will definitely be working it into future projects.

No Comments

Web Developer Tools Round Up

Posted on September 24, 2007, under Browsers, Development, Tools and Services, Web Design, WordPress.

I recently had to wipe a computer and get it up from scratch. In the process I realized that there are a series of tools I can not live without. This process also helped me realize how many tools I rely on and make a web developer’s life so much easier. Here is the run down of my “must have” tools.

Have any “must have tools” not on my list.

4 Comments

Let’s Block Firefox, That’s a Great Idea!

Posted on September 11, 2007, under Browsers, Development, Tools and Services.

So Chris Soghoian today is reporting that there is a face off between the makers of Adblock Plus, the very popular Firefox extension, and an “obscure” web designer Danny Carlton. Danny was unable to pick out which visitors were using the Adblock Plus Firefox extention, so he just decided to go ahead and block Firefox all together. He even has an anti Adblock Plus campaign going on. If you try to go to his blog in Firefox you instead go here. This kind of blanket decision reminds me so much of the decisions that are happening with DRM, and net neutrality. Let’s take a look at why this is a horrible idea:

  • Not every Firefox user is an Ad Blocker. So now you are not only forbidding uses to your site, you are also pissing them off.
  • You are a web designer, you are suppose to be following and promoting standards. What does this say to your customers?
  • You are forcing users to use a less secure browser just to view your site.
  • If you are really worried about losing revenue, combat it in other ways:
    • Make a membership fee
    • Put all of your images and CSS at the root domain. So if they block www.domain.com with Adblock Plus they will block everything and then it’s their own choice to block your site.

The list goes on, but I really do not feel like getting involved I was just shocked to hear that this a practice that is being promoted with his campaign. My Dad always said “Doors and Windows are to protect you from honest people.” Does that means we should start creating houses that are just cubes? Seriously! Software piracy is huge amongst the Windows shareware community. Should I just forbid people from installing my application on Windows?

It’s an age old lesson: You are going to spend more time and money than it is worth trying to beat the bad guys, and in turn you are only going to piss off and drive away your customers. And at the end of the day… it’s all about the customers.

1 Comment

Microsoft Codenames, and the Experimental Operating System Singularity

Posted on August 22, 2007, under Development, Software.

Wikipedia is great tool, contributors have compiled a very in depth list of codenames from Microsoft’s products over the years. This list dates back to Thunder, or Visual Basic 1.0. Or even earlier Janus, or Windows 3.1.

Scrolling through the list I came across the experimental operating system Singularity, that I have never heard of before. From Wikipedia…

Experimental operating system based on the Microsoft .NET platform, using software-based type safety as a replacement for hardware-based memory protection.

Channel 9 has some videos with the developers and researchers of this project.

  • Singularity: A research OS written in C#, Channel 9 video and blog, Redmond, WA, August 23, 2005.
  • Singularity Revisited, Channel 9 video and blog, Redmond, WA, December 13, 2005.
  • Singularity III: Revenge of the SIP, Channel 9 video and blog, Redmond, WA, September 1, 2006.
  • Singularity IV: Return of the UI, Channel 9 video and blog, Redmond, WA, September 1, 2006.

1 Comment

Thoughts about PHP after the Facebook Source Code Leak

Posted on August 15, 2007, under Development, How To, Networking, Security, Tools and Services, Web Hosting.

So by now, you already know that Facebook source code was leaked due to a mis configured server. And if you didn’t already know Facebook is written in PHP, a language that is compiled when it’s executed. So there are some questions that come to at least my mind about this situation.

First, what does this mean for Facebooks’ reputation? It is in a legal dispute over whether or not Mark Zuckerberg, the sites founder, stole source code from fellow university students. Even though the source code of any popular and profitable company is valuable. It is arguably not nearly as valuable as the data that goes along with that source code. This is the case with Facebook, who has millions of users and personal information in databases. But how can someone get access to the databases just by having the source code, you ask? Well with PHP it’s not so difficult. In most cases there is a configuration file that has all of the database information you need.

So how could have Facebook, and others prevent this sort of this sort of thing from happening? Here are a couple ideas:

  1. Put your configuration file where it can not be executed directly. For example, not in your “httpdocs” folder anywhere. In this situation Facebooks’ servers were mis configured so the PHP code was not rendering but instead showing itself. This means if the configuration file was under the “httpdocs” folder somewhere, presto! Access to the database. (Obviously firewalls and things like that might stand in the way).
  2. Obfuscate your PHP code. Yes this might slow down the processing of your PHP code by milliseconds, but it really would have helped in any situation like this where the possibly of PHP being show is present. Some obfuscation tools will also optimize the code, so it might make up for any processing time gained by obfuscating.
  3. Sandbox environments, and pulling production boxes out of rotation. Not sure what Facebook’s server setup is, but sandbox environments might have caught this server misconfiguration before it made it to production. Additionally if you have any sort of mirrored servers (a company like Facebook is bound to have something along these lines), you probably have your servers behind a load balancer. When you push code to production you need to pull these servers out of rotation (meaning not available for outside access). You can then test these servers individually before putting them back into production with the new code. Tedious? Yes, but worth it for not having a PR nightmare like your source code leaked. Additionally there are lots of tactics you can employ to make this process semi-automated and not as tedious.

These are obviously just some of many tips you can deploy to keep this from happening to you. Most large companies like Facebook will have similar processing in place, but the key is to always follow protocol… no shortcuts not matter what time crunch you are under. One slip and your source code is all over the Internet… might even be worse.

No Comments

Fake Steve Jobs, Not so Fake Anymore

Posted on August 6, 2007, under Development.

I don’t usually like to blog about things that are in the news, mostly because I can’t story justice and I can not imagine anyone caring about my two cents. However this morning I found out that the Fake Steve Jobs was unmasked after 14 months by a New York Times reporter. I have followed the Fake Steve Jobs blog for just about its whole existence, and it has been very enjoyable.

As stated in his post about being unmasked, Daniel Lyons says his is on vacation at the moment and will return “badder than ever”. What that means? I am not really sure of, but I hope he continues the blog; it’s funny and a really good read. I am kind upset on how many parties were racing to ruin a good thing, and judging by the comments on Brad Stone’s posting, where he revealed the truth, many are upset as well.

2 Comments

« Older Entries