User Interface Failure, Succeeding

It’s not everyday an application interface is designed to purposefully confuse people.  It mostly just kinda happens.  There isn’t any malicious intent involved.  However, I’ve had it with Adobe and Google. 

First off, let me say that I am very disappointed in Adobe for keeping Shockwave alive.  Merge it with Flash.  Keep it down to one browser plug-in, jeez.

Second, shame on both companies for purposefully designing a confusing interface.  I visited a site recently that had a Shockwave applet.  I wanted to see it, so I installed the plug-in.  Boom, up pops this window:


I read it as this: “Hey, you just started the installation of a plug-in.  Click next to continue.”  Whereas it actually said “installing plug-in.  To install another plug-in you didn’t ask for, click next.”  The insidiousness is in the form of a little checkbox that asks if you want the toolbar.  The problem is that the checkbox looks like its part of the feature list, so naturally you just click next to continue installing the original plug-in.

It’s a nicely designed form.  It conveys information perfectly.  Except the information tricks you.  It’s very malware-y.  I would expect such a thing from Adobe; they are starting to really annoy me.  But Google has always had the mantra of “do no evil”.  I called phooey on that long ago, and this is a perfect example of their hypocrisy.  I realize they play a very minor role in this situation, but they really should have rules about how people agree to install their software.

I spent a good chunk of my morning yesterday listening to someone complain about how Microsoft installs the .NET remote app installer plug-in into Firefox, and how inappropriate that is.  In my opinion, this is way worse.  Microsoft just did it.  This is explicitly malicious.  They go out of their way to confuse you so they can say “hey, you agreed to install it.”  Phooey, indeed.


Resources for Students who Hate School

I hated school.  Technically, I’m still enrolled in college.  Bachelors of Business Management.  Blech.  I figured at least with business, I would learn something useful later in life.  I chose against Comp. Sci. for a few reasons.  One being that I know a couple PhD’s that know nothing about building applications in the real world.

In Comp. Sci., you learn how to build data structures, and how to make Mandelbrot Set’s process faster.  In business, you learn why people buy stuff.  Or more appropriately, you learn how to get people to buy your stuff.

Seeing as I learned (taught myself?) about things like linked-lists and pointers while in grade 10-ish, and wrote/re-wrote/re-re-wrote Mandelbrot Set builders as a final project in grade 11, I think I can safely say I would be bored as all hell in University.  Not to mention all the theory.  Comp. Sci. is all about theory.  Maybe 10% is actually coding.  F-that.

Business is inherently hands-on.

I like hands-on.  It’s tangible.

The only problem I had was finding resources.  My programming teachers were pretty cool, and were always willing to help me on algorithms that confused me, as well as extra-curricular programs when something just wasn’t jiving.  But I had cool teachers.  Not everyone is as lucky as I was.  And with the teachers, they weren’t thinking in C# or ASP.NET everyday like I tended to do.  Trying to ask them why something trivial like

<asp:TextBox ID="txtUsername">

didn’t compile was kinda painful.  I usually got a response along the lines of “what’s the colon for?”.  I always felt funny trying to explain the quasi-xml structure of ASP.NET to teachers.  This left me in a lame position of needing to find help.  Forums are great, but separating the wheat from the chaff is a waste of time.  Enter (4 years late, mind you) and you get answers quickly.  I like it.  I use it all the time.  I’d like to think that those who are willing to look for resources will find the site fairly easily.  However, there is another site out there that not too many people know about.  It’s the Microsoft Student Experience site.  Yeah yeah, brain wash them early.  I drank the kool-aid early.

Part of the website is dedicated to the DreamSpark program.  Free, fully-licensed Microsoft products.  Nuff said.


The other half of the site is dedicated to students.  Good thing, given the name.  Not just students studying software development either.  All students.  It provides tangible resources for students.  Stories, tutorials, and templates look to be the main content.  It’s all surprisingly good stuff too.  It ranges from school studies to general life, to post-school life.


These resources may help those students who are struggling with school – at any level.  There are students out there with lots of potential.  Let’s not see it go to waste.

Reminder! Windows 7 Beta Expiration

Reposted without* permission from the Canadian IT Pro blog.

Windows 7 UltimateI just wanted to post a reminder that the Windows 7 Beta is set to expire on July 1st, 2009.  What does that mean?  Well it isn’t going to explode, eat your data or lock you out.  What is going to happen is that the PC will force you to reboot every two hours.  But have no fear there is a way to fix this, simply install the Windows 7 Release Candidate which you can still download.

While an upgrade isn’t supported, and I strongly recommend a clean install, you can find a workaround that will allow you to do an in place upgrade.

Grab the Release Candidate here!


* I never asked.  I doubt they will care.  Correct me if I am wrong, Rodney! 

Techdays 2009 &amp;ndash; VIP Pricing

As budgets get tighter, Tech·Days is the perfect way to get the Tech·Ed experience without the travel expense, with two days of skill-strengthening education to help you position yourself for success by:

  • Learning the technology—with a customizable agenda from over forty sessions across five technical tracks on both current technologies and new products, like Windows® 7 and Microsoft® Exchange 2010;
  • Connecting with Experts and Peers—with Birds-of-a-Feather lunches and the new Windows 7 Zone, you'll have lots of opportunities to share your ideas with those who know the products best; and
  • Apply what you learn—with a Learning Kit packed with products and resources so you can continue to grow your skills long after the event has finished.

Technologies discussed: Windows 7 Operating System, Windows Server® 2008 R2 operating system, Visual Studio® 2008 development system, Silverlight™ browser plug-in, Exchange 2010, Security/Management, and more.

If you want the VIP Discount use the promo code TD09Partner.

City Date Venue
SEPTEMBER 14-15 Vancouver Convention Centre
SEPTEMBER 29-30 Metro Toronto Convention Centre
NOVEMBER 2-3 World Trade & Convention Centre
NOVEMBER 17-18 Calgary Stampede
DECEMBER 2-3 Mont-Royal Centre
DECEMBER 9-10 Hampton Inn & Convention Centre
DECEMBER 15-16 Winnipeg Convention Centre

Early Bird: $299, Regular Price: $599

There is a good chance I will be presenting at one (or more) of these locations, so keep an eye out.  In the event that I don’t, I will definitely be enjoying the Toronto stop of the tour.  In either case, I will be there ready to learn, with a pocket-full of business cards.

Oh, and I’ll be leaving with a box/bag/shopping cart* of swag.

*Metaphorical shopping cart.  They are going to give away lots of awesome stuff.

Bing Search Provider

Seems it automatically updates itself in IE.



Security, Architecture, and Common Sense

Good enough is sometimes not good enough.  I’ve been doing a lot of thinking lately (well, I’m always thinking), and security has been an issue that has come up a lot.  Frankly, I’m a two-bit software developer.  I know my code isn’t the best, nor the most secure.  I use strong passwords, encrypt my sensitive data, and try to limit access to the applications for those who need to use it.

In theory this works.  Problem is, it’s a lame theory.  There are so many unknown factors that have to be taken into account.  Often times they aren’t.

When I go to build an application I spend time designing it and architecting it.  This is usually the case for most developers.  What I’ve noticed though, is that I don’t spend time securing it.  I can’t.

Imagine building a house.  You put locks on the doors, bars on the windows, and someone breaks in.  Why?  Because someone left the key in the door.  You can’t build against that.  You just can’t.

You can follow the Security Development Lifecycle, which I recommend to each every single developer I meet.  There are tons of resources available.  But it can only go so far.  It’s designed more for being part of the iterative processes, not the architecture.  Or at least, that’s how most people interpret it.


My last post talked about Single Sign-On (SSO).  It’s a great sellable feature for any product.  What most people don’t realize though is the inherent security benefit to it.  With it, that means one less password to remember, one less password that could get intercepted, one less password to change every month.  This is a fundamental architectural issue.  But at the same time, it’s common sense.

What is sometimes the simplest idea, is usually the correct solution

What the hell does that mean?  It means keep it simple.  Security is simple.  Keep data from prying eyes, and keep it from getting lost.  This is common sense.

Security is not difficult to comprehend.  It becomes difficult when academics get involved.  Spouting theories and methodologies scares people into thinking security is extremely difficult to implement.  It’s not!

Follow the Data

Understanding the flow of data is crucial in properly architecting an application.  It’s crucial in properly securing an application as well.  SSO is a perfect example of this.

The SSO feature in Office SharePoint Server 2007 maps user credentials to back-end data systems. Using SSO, you can access data from server computers and services that are external to Office SharePoint Server 2007. From within Office SharePoint Server 2007 Web Parts, you can view, create, and change this data. The SSO feature ensures that:

  • User credentials are managed securely.

  • User permission levels that are configured on the external data source are enforced.

It makes perfect sense.  It’s simple when you think about, and it affects every subsystem of SharePoint.  Make security a feature.

Single Sign-On

Is it just me, or is Microsoft the only vendor out there that gives you SSO in all their products, free?  Novell requires you buy their add-on product.  Oracle has nothing relevant.  Never gonna happen on any Linux distro out of the box.  Too many variables.

The integration alone is reason enough to use Microsoft products.  Is it just me, or do people choose to go anti-Microsoft out of spite?

Just a thought.

Exchange 2010 Beta

A couple days ago Daniel Shapiro offered 10 people Virtual Servers hosted by Rack Force.  I jumped on the offer, as I’ve been wanting to migrate this website to it’s own privately hosted server.  It really came down to never having the time to test out hosts, so this was a perfect opportunity.  Shortly thereafter I found out Exchange 2010 hit beta, and I wanted to run it through it’s paces.

After installing Active Directory, I installed the beta, which went really smooth.  Given that it went smooth, I decided to update the DNS MX records for to point to this server.

One thing I didn’t realize is you have to set up Receive Connectors and Send Connectors.  The wording is kinda misleading, so I ended up setting my first Send Connector to only route mail going to from  Not so useful.  The Receive connector was the same way.  However, this is all similar to Exchange 2007.

Now some pictures:

image Outlook Web Access

image Exchange Management Console


 IIS Manager Hosting Outlook Web Access


Consultation to Salary &amp;ndash; Theoretical Head Banging Meets the Real World

A few weeks ago, six or so, I was offered a position as a Software Developer for the Woodbine Entertainment Group.  The position looked appealing so I accepted the job offer.  I am in a probationary period for the next four months and a bit.  Anything I say can be grounds for firing me.  Never liked that part about non-contract jobs.  Ah well.

Woodbine is an interesting company.  I knew very little about it until I got word of the job.  Seems I was the only one in Canada who didn’t know the company.  My grandmother, who moved to California 50 years ago, knew about the company.  Even used to bet there – well, the Woodbine Race Track, before it moved.  It has an interesting history.

It is migrating to be a Microsoft shop, from a more Novell focused infrastructure.  We are working towards standardizing on .NET for our custom applications.

The one thing that caught my eye with Woodbine is that the company is the technology leader for Horse Racing.  Not just in Canada, but throughout the world.  Our services can let you place a bet live, on a track in Australia, and see results immediately.  Can you imagine the infrastructure required for such a feat?  It’s sweet!  The business-people behind this are really keen on letting technology do it’s thing, so we can make money.  Lots of money.  See our Annual Reports on that.  Check back for latest numbers.

Now, some of you may have noticed that our Corporate Portal is written in what looks to be Classic ASP.  For all intensive purposes, it is. shows the portal went live in 2001, and had a major rebuild in 2003.  Since then incremental changes have taken place, most of which have been built using ASP.NET.  We are working on the new portal.  All I can say at the moment is: it’s going to be awesome.  So awesome that a new word will need to created to contain all of its awesomeness.  HorsePlayer Interactive is pretty amazing, but I’d like to think this new site will be just that much more awesomer.  Yes, I said awesomer.

As for the nature of this site, it won’t change.  I’ll still post my thoughts and experiences.  I might need to change stories a little to protect the innocent, but it’s all in good fun.  I may be forced to post details of how horse racing actually works, because I’m still not sure I get all the facets of it.  In time.

More to follow.

Microsoft and the Antitrust Browser...A Decade in the Making

It seems just like yesterday that some government was telling Microsoft that the bundling of Internet Explorer with Windows was unbecoming of an industry leader, because it screwed other web browsers out of market share.

The European Union has made a decision stating Microsoft cannot bundle Internet Explorer with Windows anymore, if they want to sell in any European countries.  This decision was the result of Opera Software ASA, the people behind the Opera browser.  The complaints are two-fold.

  1. Market share is nearly seized completely by IE because it comes preinstalled with Windows, which is the dominant operating system.
  2. Because the majority of browsers are IE, websites need to conform to IE’s html rendering which is “non-standard”.

I’d agree with the first statement, but I find it bogus.  Regardless of whether or not IE has dominant market share, you still need a browser.  How would you get your hands on the installation files for the new browser?  Certainly not by downloading it from the internet…  You can get the software from the store.  Not likely.  That just means one more piece of software to worry about.  You can have the browser company mail it to you.  Is Firefox a company?  Do they have offices?  Seriously?  WTF?  Oooh, or maybe Microsoft can have a basic version of a web browser, that all it does is go to one specific site.  The site then has a list of all available web browsers on the market, which you can then download.  I’m actually at a loss to say for once.

With regards to the second point, Internet Explorer certainly does not have a great track record for sticking to HTML standards.  But I have to say Firefox, Opera, Safari, etc, don’t conform either.  None of them conform to the HTML standards completely.  With that being said, Internet Explorer 8 is supposed to be ACID 2 compliant, meaning it is compliant at least as much as everyone else.  In other words, it shows the face:


I’m going to keep an eye out for news from the EU, because I suspect they will overturn the ruling in some way or another.  Some people say Internet Explorer is only to be used to download Firefox.  Now that it’s not there, how the hell do you plan on downloading Firefox, eh?