comments edit

So now that I have a second Windows box (and third computer in the house), I’m soliciting recommendations for good synchronization software. Ideally I’d like something where I could configure which directories and files get synchronized and it happens seamlessly any time the Tablet connects to the home network.

comments edit

Using NDoc I’ve generated an update version of the CHM code documentation for RSS Bandit. As you’ll see (if you take a look) this documentation is by no means complete. Many of the public methods need better documentation. Also, there are no Namespace summaries yet. I plan to spend some time adding these summaries and some higher level API documentation.

This documentation is intended for interested developers and is meant to supplement the existing documentation at the RSS Bandit documentation website.

Included in the documentation are three main components: RSSBandit.exe, NewsComponents.dll, and RSSBandit.UnitTests.dll.

RSSBandit.exe is the main application code. The documentation here covers all the Forms in use etc.

NewsComponents.dll contains all the classes used to fetch and parse RSS feeds as well as NNTP. Much of core logic is contained in this assembly.

RssBandit.UnitTest.dll I included the documentation of this assembly so that you can read what unit tests we currently have (and thus infer the many we are missing). The great thing about unit tests is that many of them are demonstrations of how to use the API (when correctly written which I can’t yet vouch for my own) ;)

comments edit

Toshiba Portege M205 Wohoo! And it is a thing of beauty. Unfortunately I’ve been crazy busy lately so I don’t have any pictures so you’ll have to settle for this stock photo.

Acquiring a new computer is a laborious affair. Step one is to download and install Windows SP2 and all other critical updates etc… Second is to install RSS Bandit Then its the process of installing all the rest of the software, tools, and tweaks I’ve grown reliant on.

I’d like to backup all my photos and music on there, but that wouldn’t leave me much room for anything else. I’ll have to carefully cull a selection of music worthy to carry around.

Anybody have software recommendations for the Tablet PC? In what ways do you use it differently than you do a laptop in your day to day operations?

UPDATE: I forgot to mention, it’s a Toshiba Portege M205 with 60GB hard drive, 512MB RAM, and 1.5? MHZ Intel Celeron.

comments edit

Parade of the
AthletesWhen the Olympics occurred, one of my favorite DJs spun for the opening ceremonies. Unfortunately I missed it, but I had heard good buzz about his performance. Now he’s come out with a CD called “Parade of the Athletes”. I have a feeling that if you liked the music he played for the Olympics, you’ll like this cd.

comments edit

I received an email in response to my post How To Avoid ClearText Passwords With UsernameToken that asks the following question:

…Thus if a hacker steals the hashed password from your database, he will be able to write an application that gives the hash to WSE and he will authenticate successfully - which is exactly what we are trying to avoid by storing the hashed passwords in the first place. \ \ …\ \ The bottom line: this approach won’t really solve the real problem - if I steal the hash from the database, I will be able to uthenticate successfully. I’d love this to work the way you describe but as a security-conscious developer I’m still losing sleep.

Although this is a true scenario, the author makes an assumption that is false. The purpose of storing a hashed password is NOT to stop a hacker who obtains the hash from being able to authenticate as that user.

Think of it this way, if I’m a hacker and I am able to compromise your user database and obtain a user’s hashed password, why would I ever try to authenticate as that user? Since I already have my grubby hands in the cookie jar, I might as well grab all the data directly from your compromised database.

Rather, the purpose of hashing a password with a salt value is to provide security to the user of the system that rogue employees of the company and hackers who compromise the database cannot use my password to log into other sites I frequent.

Ideally your database isn’t compromised very often, otherwise you have bigger problems than whether or not passwords are hashed.

That’s why a security minded developer doesn’t stop at hashing passwords. Code security is never enough and is only a small part of the equation. The IT staff have to make sure the database itself is secure and not likely to be compromised. Staff with access to the system must be trained to deal with social engineering attacks. What good is a hashed password if I can call up tech support and get any information I need by posing as an executive?

So to the author of this email, I suggest you don’t lose sleep over the hashed password scenario. As a security conscious developer, you have a huge number of other attack scenarios to lose sleep over. ;-)

comments edit

I picked up Twiggy from the vet after work and she’s been such a trooper. Check out the sassy hot pink cast that’s bigger than she is.

Twiggy with her cast \ I’m ready to whack some fools with this thing.

We took her for a really short walk so she could do her thing outside and she looked so sad limping along like a tiny little gimp. However, when I tried to take a video of her walking, she decided to show some pride(avi 1.07 MB).

comments edit

Twiggy Twiggy was at a newly opened small dog park when a group of other small dogs suddenly ganged up on her. Of course they couldn’t catch her because she’s a speed demon, but she must have caught her foot in a grate on the ground (extremely bad idea for a small dog park to have a grate on the ground) and broke her leg just above her ankle.

She’s at the vet now and is doing fine. If you have a pet that you care for, I recommend getting pet insurance. I hear it’s not too expensive and could save you a pretty dime in a situation like this. We were planning to purchase it but just hadn’t gotten around to it. Now we have a significant vet bill to pay.

Hopefully we can pick her up today or tomorrow.

code, tdd comments edit

One of the holy grails for unit testing is to get 100% code coverage from your tests. However, you can’t sit back and smoke a cigar when you reach that point and assume your code is invulnerable. Code coverage just is not enough.

One obvious reason is that Code Coverage cannot help you find errors of omission. That is, even if you had 100% code coverage from your tests, if you forget to implement a feature (and a test for that feature), then you’re shit out of luck.

However, apart from errors of omission, there’s the case presented here. Imagine you have the following simple class (I’m sure your real world class is much more complicated and interesting, but bear with me).

using System;
using System.Collections;

public class MyClass
{
    Dictionary<string, int> _values = new Dictionary<string, int>();

    public MyClass()
    {
        _values.Add("keyOne", "1");
        _values.Add("keyTwo", "7");
        _values.Add("keyThree", "10");

        // ...
    }

    public int SumIt(string[] keys)
    {
        int total = 0;
        
		foreach(string key in keys)
        {
            total += _values[key];
            _values[key] = total;

            //Maybe we do some other
            //interesting things here.
        }

        return total;
    }
}

Now imagine you test this class with the following NUnit fixture.

using System;
using XUnit;

public class MyClassTest
{
    [Fact]
    public void TestSumIt()
    {
        var mine = new MyClass();
        string[] keys = {"keyOne", "keyTwo"};
        Assert.Equal(8, mine.SumIt(keys));
    }
}

Voila! 100% code coverage. But does this satisfy the little QA tester inside? I would hope not and suggest that it shouldn’t. Code coverage is worthy goal, but often unnattainable in large systems (hence the need for prioritization) and doesn’t provide all the benefits it would seem.

To handle situations like this, unit tests need to go beyond concentrating on code coverage and also consider data coverage. Of course, that’s not always practical. In the above example, if I only have 10 keys, testing the possible permutations of SumIt becomes a huge burden. Often the best you can do is to test a small sample and the boundary cases.

comments edit

Colin shows how to configure CopySourceAsHtml for any source file that VS.NET provides syntax highlighting. In my case, I’ve mapped the shortcut CTRL+C CTRL+S to the Copy command and CTRL+C CTRL+N to CopyNow command.

<?xml version=”1.0” encoding=”utf-8” ?>

<root>

    <wow id=”1”>This is neat</wow>

</root>

<%@ Page language=”c#” Codebehind=”WebForm1.aspx.cs” AutoEventWireup=”false” Inherits=”EmailIntegrationWeb.WebForm1” %>

<!DOCTYPE HTML PUBLIC “-//W3C//DTD HTML 4.0 Transitional//EN” >

 

<html>

  <head>

    <title>WebForm1</title>

    <meta name=”GENERATOR” Content=”Microsoft Visual Studio .NET 7.1”>

    <meta name=”CODE_LANGUAGE” Content=”C#”>

    <meta name=vs_defaultClientScript content=”JavaScript”>

    <meta name=vs_targetSchema content=”http://schemas.microsoft.com/intellisense/ie5”>

  </head>

  <body MS_POSITIONING=”GridLayout”>

   

    <form id=”Form1” method=”post” runat=”server”>

 

     </form>

   

  </body>

</html>

comments edit

My main man Colin is on fire with his latest version of CopySourceAsHtml add-in.

As this utility catches on, I think you’ll see a huge proportion of .NET bloggers using it to post source code snippets on their blogs. It now uses VS.NET’s own syntax highlighting to highlight the code. Thus whatever settings you have in VS.NET are used by the add-in. It’s also much more configurable with word-wrapping, ability to add extra styling options, etc… Here’s a couple of snippets as a demonstration.

According to the example’s on Colin’s site, it even works with aspx and css files. Unfortunately, that’s not working for me right now as I don’t see the context menu on those pages.

Nice job Colin!

    9 ///

   10 /// This just rocks my world!

   11 ///

   12 public class HtmlSourceTest

   13 {

   14     public void ThisMethodKicksButt()

   15     {

   16         //Yep. It does.

   17         Console.Write(“Hello World”);

   18     }

   19 }

///

/// This just rocks my world!

///

public class HtmlSourceTest

{

    public void ThisMethodKicksButt()

    {

        //Yep. It does.

        Console.Write(“Hello World”);

    }

}

comments edit

There is now a plug-in to use BlogJet to blog items from RSS Bandit. I haven’t tested it yet, but if the plug-in doesn’t do anything specific to RSS Bandit, it should be usable by any aggregator that supports the IBlogExtension interface. Want to write your own plug-in? Read my guide here.

Finally, I did it – a plugin to integrate RSS Bandit and BlogJet. If you’re using RSS Bandit to read feeds and BlogJet to post to your blog, this plugin is a must-have. It adds a new item to Bandit’s right-click menu – “BlogJet This!”. Click it and it will lanch BlogJet with the content of selected item.

Installation instructions and download.

[Via BlogJet weblog]

comments edit

When building an installer for a Windows Service in VS.NET 2003, conspicuously missing is the ability to specify a description for the service that is displayed in the Services applet.

I’ve written a base installer class that inherits from System.Configuration.Install.Installer for this purpose, but I’ll just present to you the source listings for the methods to add and remove a service description.

Check it out here. I hope you find it useful.

comments edit

So after much deliberation, I’ve decided on the M205 with a 60GB hard-drive, 512MB Ram, and a DVD-CD ROM drive etc… etc..

This is my first laptop ever so I’m pretty excited. Anyone have recommendations on synchronization software etc?

Thanks to people like Scott and Iggy for their input.

comments edit

Soccer Ball Today the soccer team I started playing with had their last game of the season. This was only my second game with them and we were playing the first place team in the league. This team was much slower than our last opponent and not as skillful, but were known for playing very dirty.

Fortunately on this day, the ref ran a tight ship and a nice game of soccer ensued. At least nice for the other team who proceeded to pound us for five goals to our two. We started off strong, but with no subs to speak of, the second half found us weary and unable to keep up.

The highlight for me was putting the ball in the back of the net in my second game with this team. The play involved flicking the ball over the defender and taking a shot off the bounce. They invited me to join them when the season starts in January. Hopefully by then I’ll have some fitness to contribute.

comments edit

Ali Gif you’ve watched da show yous probably ave wondered, ow can i attract da wicked bitches dig dat awesome omeboy? da secret is to learn to bang dig im? well in da house’s your chance to learns da ons and out of ali g-speak. respek!

In English, that translates to…

If you’ve watched the show you probably have wondered, how can I attract the lovely ladies like that awesome homeboy? The secret is to learn to speak like him? Well here’s your chance to learns the ins and out of Ali G-speak. Respek!

Check it out, the Ali G translator.