comments edit

Black Rock
City Ok, this is kind of a crazy idea, so as Ron Burgundy would say,

I wanna say something. I’m gonna put it out there; if you like it, you can take it, if you don’t, send it right back.

I have to admit, I am a bit jealous that there hasn’t been a Code Camp in the Los Angeles area AND that I cannot attend the Portland Portland Code Camp. It sounds like there will be some very interesting people attending and giving talks.

For the uninitiated, a Code Camp is a weekend gathering of geeks for the community by the community. Geeks from all over gather to hear other geeks (generally not big name speakers) talk about interesting code and tech. It is not Microsoft specific, though there seem to be a lot of .NET focused talks.

Now you might say I should quit my bellyaching (if you were inclined to use such dated phrases) and suggest that I start one in Los Angeles. That’s really a great proactive idea and I hope someone takes it up because I simply can’t. At least not this year because I have too much work and two mandatory trips I am taking. The only way I could help organize one is if I were to combine it with one of my trips.

So here’s where the crazy idea part comes in. The week of August 29 through September 5 (give or take a day), I’ll be out soaking in the ambiance of Black Rock City in the desert near Gerlach Nevada attending a quaint little festival known as Burning Man. Wouldn’t it just totally suit my agenda (and kill two birds with one stone) if I could drum up interest in a Code Camp in Black Rock City? I’m really not sure how many attendees are code jockeys and would be interested in this, but if we even had ten people, it’d be worthwhile. It wouldn’t be too hard to get it on the BRC calendar of events as perhaps a more informal version of Code Camp.

It’s too bad I didn’t have this idea before because I might have been able to get Chris Sells involved as that crazy cat went to Buring Man last year.

In any case, I read the Code Camp Manifesto and I do see one potential issue:

#2 Says that code camps are always free. Burning Man itself is not free to attend, but we could certainly make the code camp free within the context of Burning Man.

So what do you think of the idea? Do you think I’m smoking something, because I’m not. At least not right now. Or is this perhaps not a terrible idea? Thoughts? Are any of you even going? Maybe if Scoble puts the word out, we can see if there’s any interest.

This is just an idea I’m putting out there. I am making no commitments or guarantees.

[Listening to: GF - Burning Man (Gee Shock Remix) - Anthony Pappa - Nubreed 001 CD2 (4:58)]

comments edit

Scott Hanselman has the interesting tendency to run into the weirdest debugging problems.

When I worked at Solien, I had the same talent for uncovering strange bugs. My CTO at the time said I had the “Gift Finger” which is German for “Poison Finger”. My blessing (or curse) was the anti-Midas touch in software. Code that seemed to work just fine would suddenly collapse in a flying mess of runtime errors when I took a look at it.

Fortunately, I was as good at tracking down the root causes of bugs as I was in coaxing them out of hiding. In a similar vein, Scott describes a harrowing account of some in depth detective work he did to track down a particularly tricky bug. Reading his account felt like watching a good Columbo episode. He really does give it the pacing and tension of a good detective story.

That gave me an idea. Why not try to aggregate some great “Debugging Detective Stories”? Scott suggested the name “CSI:ASP Debugging”. I don’ know if such a thing would warrant a published book (or a TV pilot), but at the least, I could collect some on my blog here. So if you have a great story of debugging a particularly nasty bug, post it in the comments of this post or post it on your own blog and link to this one.

As for me, I don’ have any good debugging stories off the top of my head since, as an independent contractor, I no longer have coworkers to introduce bugs to the code. ;)

Yes, I am kidding.

comments edit

I just received the good news from one of my clients that they installed Subversion over the weekend. We’ve all been wrestling with using Microsoft Visual SourceCrapSafe over the VPN (and yes, we tried out SourceOffSite which helped) but the sheer number of problems we ran into was overwhelming.

I had suggested they either look at SourceGear Vault or Subversion. In the end, they went with Subversion which is fine by me. That’s just one less SCC Provider to deal with. Sweeeeet!

comments edit

Before I spend time writing my own, does anybody out there know of an ASP.NET custom control that can render a nice interface for specifying a connection string?

Honestly, I think a TextBox does a pretty fine job of it, but I have to assume there are better options for those who don’t have the various connection string formats memorized. Ideally it would allow the user to select whether they want to use a trusted or integrated security connection, and based on that selection provide the correct fields to fill out.

comments edit

London Blast By now you must have heard that there was a Terrorist attack in London in which at least 33 are dead and many more injured.

There are a lot of photos coming into Flickr. Take a look at the “Hot Tags” in the last 24 hours such as blasts, bombs and london to see pictures from the ground.

My thoughts and well wishes go out to those in London, especially to those affected, their families and their friends.

comments edit

Randy posts this summary list of tips from It’s a nice list to be sure, but I’ve always been partial to a big fat wad of cash.

  1. Visit - This one may seem obvious, but to support your favorite blogger, visit his (or her) site.
  2. Comment - When you visit, why not leave a comment?
  3. link - If you have a website or blog of your own, link to your favorite bloggers every now and then.
  4. Encourage - Encourage your favorite blogger every now and then.
  5. Prayer - This is the support bloggers receive that they may never know about.
  6. Clicking Advertisement -Randy: Click fraud? Not encouraged.
  7. Affiliates - Many bloggers have affiliate accounts with various companies. The most popular of these is Amazon.
  8. Products - Many bloggers offer products through their sites.
  9. Tip Jar - Many bloggers have what is known as a tip jar. These are the little buttons on their site that say “Donate,” “click to give” or something similar.

comments edit

Walt highlights the first reported case of prosecution for Wi-Fi theft.

I agree with Walter when he says that…

If I were the defendant’s lawyer, I would argue that (assuming its unencrypted) making a wireless network available to the public is tacit permission for others to use the network. With permission there is no unauthorized use, and no criminal activity.

Although sorry Walt, I’m not quite buying your alternative argument about “squatter rights” or “adverse possession”. A Wi-Fi network doesn’t suffer quite the scarcity as land (it’s orders of magnitude easier to create a new network than it is to create land).

Besides, no matter how long someone has been leeching off an unencrypted network, I feel the owner of the network always has to right to switch on encryption at any time. In a manner, it is similar to identity theft. I don’t care how long a thief has been using a victim’s identity, that thief should never have squatter’s rights or the right to attempt adverse possession on the identity.

comments edit

This caught my attention from Meta-Douglasp. From the home page…

It is well known that people don’t always ‘speak their minds’, and it is suspected that people don’t always ‘know their minds’. Understanding such divergences is important to scientific psychology.

This web site presents a method that demonstrates the conscious-unconscious divergences much more convincingly than has been possible with previous methods. This new method is called the Implicit Association Test, or IAT for short.

I completed the Asian American-European American IAT and was relieved with the following result:

Your data suggest little or no automatic ethnic association with American or Foreign

Considering that I’m hapa, I’d have some serious self hate issues if I automatically associated with one over the other. ;)

comments edit

I don’t know who these people are, but How To Rockstar just wrote up my blog with a very nice review (thanks guys, I see you got the check I sent).

Seriously though, when someone says something this glowing about my blog, you gotta wonder when they are going to hit me up for money. Here’s a flattering (almost sycophantic) snippet…

While most of the writing is tech-ish, it’s still damn-damn good. The opinions of this one man whose influence is so far-reaching as to be invisible are probably worth reading just to learn what everyone else is going to be thinking tomorrow. Or next year. Or five years from now. Or yesterday.

I’m happy to oblige. Five years from now, everyone will be thinking “Haacked? Nah, never heard of him.”. Oh, and also in five years, we’ll be remaking blogs rather than movies.

Dude, remember back in the day when we had Gizmodo. We’re going to do a remake, but instead of gadgets, it’s going to feature lizards. It’s going to be awesome.

Anyways, I can’t wait to tell our friends Tim and Laura who already call me and my wife “Rockers” as in “Rocker Phil”.

comments edit

Flag The United States is like your family, it’s got its problems and can seem dysfunctional at times, but you gotta love it, and it sure beats being in some of them other countries.

So a toast to July 4th, the day the British learned that outsourcing key operations to those whose goals don’t align with their own can lead to disastrous results.

Note: I am not inherently against outsourcing, and in fact am a big fan of it when it is strategic. However, too many businesses use it as a cover for their mismanagement. You also don’t outsource your key competencies and critical services. And when you do outsource, you get what you pay for, so make sure your partners goals align with your own. When the Hessians just want your money, they’re toast.

comments edit

Dr. Evil It’s an odd quirk of our taste for “round” numbers that we tend to celebrate milestones that are multiples of a power of ten. For example, a 10th anniversary is somehow more significant than a 6th anniversary. Likewise, a 100th post is more significant than a 73rd post.

Kim Il Jong This post reaches a different sort of milestone, it is my 666th post. Yes, this post bears with it the mark of the beast. I dedicate this post to pure eeeeevil.

Evil Calvin Not having a reputation evil, my first step is to gauge my current evil quotient via the “How evil are you?” website. Unfortunately I rated quite good on the Evil-o-meter. There was certainly work to do.

So chomped down on my Cuban cigar, fired up Internet Explorer (evil-o-meter rising) and navigated to the evil overload list. Using Powerpoint (+2 on the evil-o-meter) I copied the list verbatim (DMCA anyone?) and started committing them to memory.

After getting a bit bored, I spent a little time doing some stem cell research and even tried my hand at human cloning. I thought about having an abortion, but as I am male, had a tough time getting pregnant. So I changed tactics and bought an H2 and drove it into a nature preserve while smoking an illegal substance and drinking a forty.

At this point, I realized that to really get the evil-o-meter soaring, I should SPAM people. Not only should I create SPAM, I should write a web service to do so. I wrote one that returned an ADO.NET DataSet of email addresses and websites with comments enabled so that others could join in the SPAMination. Soon all the world would know about all the latest Texas Hold-Em websites.

Oh, did I mention that application is written with only one line of code? And there are no comments. And I used HTML Tables and NO CSS. It’s covered in Hungarian Notation. And I have promoted it as an example of “SOA”. And the application connects to the (non-normalized) database using the SA account without a password. I used inline sql without using parameterized queries. Yes, Satan himself is starting to get worried here. But then again, I personally didn’t write this code, I off-shored it to a sweatshop in China that employs overworked six year olds to hack out the code.

Evil Bert After all this hard work, I relaxed to a game of Dungeons & Dragons while watching a little sesame street to absorb the evil that is Bert. This led to an internal debate about which character is more evil, Barney or Bert?

Evil Barney After studying this mathematical proof of Barney’s evil and this essay, “Why is Barney Considered Evil”, I concluded that indeed, Barney is more evil.

I considered creating a Marketing website without an RSS feed, but not even I was ready to go that far.

After all that, I went back to retake the evil survey. It turns out that I may have done a bit too much research as the site declared that I wasn’t evil but clinically insane. Not bad for a day’s work. I wonder what post should I dedicate to insanity?

[Listening to: Thriller - Michael Jackson - HIStory, Past, Present And Future, Book 1 (Compilation) (Disc 1) (5:57)]

sql comments edit

I’m not sure if this is common knowledge, but you can place template parameters in your SQL scripts and evaluate them within query analyzer. I think I learned this one a long time ago from a former fantastic SysAdmin, turned DBA, turned Developer, Tyler.

Here’s an example of a short script that makes use of a template variable.

`SELECT * FROM <tableName, varchar(32), 'MyTable'>`

Paste that into SQL Query Analyzer and hit CTRL+SHIFT+M. A dialog to replace the template parameters will pop up like so

Replace Template Parameters

Just fill in the values and hit return and you’re ready to run the script.

The format for a template parameter is <parameterName, sql data type, default value>.

comments edit

In a previous post I mentioned a problem I was having with implementing RFC3229. Well I got that one fixed, but realized that I had another very subtle bug. One that is potentially encouraged by the examples in the spec.

Before I begin, please realize that the examples are not an implementation specification. They are simply examples of how one might implement this RFC. Having said that, many implementors will probably conform to the examples as I did.

At issue is that all the examples show an integer entity tag value. Presumably this would be the id of the feed item (or post) within your backend database. In Subtext, this value maps to an integer primary key field that is an auto-incrementing identity.

So suppose you have a blog an a reader with an RFC3229-compliant aggregator makes a request for your feed. It might look like

GET /Rss.aspx HTTP/1.1Host: haacked.comIf-None-Match: "100"A-IM: feed, gzip

The “100” represents the last feed item that the aggregator making the request saw. The server presumably does a lookup to return all feed items with an ID that is greater than this number, creates a feed with those items, and sends that to the client. Bandwidth is saved as the entire feed doesn’t need to be sent, just the items with an id greater than 100.

Now suppose you had posted five items since the aggregator last made a request. The response header might look like:

HTTP/1.1 226 IM UsedETag: "105"IM: feed, gzipDate: Thu, 30 Jun 2005 23:48:05 GMTCache-Control: no-store, im

Your server is telling the aggregator client, “Hey! The last item you are getting has an e-tag of 105. Make sure to send the value 105 in your next request.”

Well at least that’s how I implemented it in Subtext. The problem is that this implementation has a very subtle bug. Can you see the problem?

Since the table that stores blog entries has its id field as an identity, I am assured that a newer element has a higher id than an older element, so that’s not necessarily the problem. The problem is that Subtext (and I presume other blogging engines) allows the author to create a post that is not published.

So suppose a blogger create a post with an ID of 106 that isn’t published. This same blogger then creates and publishes a post with an ID of 107. The next request for the feed will get just item 107 and the server response will look like

HTTP/1.1 226 IM UsedETag: "107"IM: feed, gzipDate: Fri, 01 Jul 2005 01:15:03 GMTCache-Control: no-store, im

Now say that the blogger fixes up the oh so important post 106 and finally publishes it. The next request for the feed from that aggregator will look like

GET /Rss.aspx HTTP/1.1Host: haacked.comIf-None-Match: "107"A-IM: feed, gzip

Your server will send the aggregator all feed items with an id greater than 107, completely skipping the newly published item 106. This poor aggregator completely misses out on the beauty and sublime writing that was surely within post 106.

In order to rectify this situation, I need to add a DatePublished field to my database table and use that to as the entity tag and to determine which items an aggregator has and hasn’t seen. That will ensure that important posts aren’t ignored from RFC3229 compliant aggregators.

comments edit

Jaw Fragment From the title of his post, Dream Hangovers, I thought Robb was going to tell some story about another night of too much drinking and the painful consequences afterwards. Instead he talks about how realistic dreams can often influence your mood the following day.

A few nights ago I had a dream in which I kept biting down on something hard. I spat the foreign object into my hand and was surprised to find a molar. For some reason, losing my teeth is a typical nightmare for me when I’m anxious. However this time, it was much more intense than before.

After spitting out a few teeth, I noticed I was biting on something much larger that felt like a rock or a piece of plaster. I spit it out and it my hand was a gleaming pale chunk of my jaw. Another chunk came out and I rushed to the bathroom to look in the mirror. When I opened my mouth, my entire lower jaw caved in and blood started filled up my mouth and pouring into the sink along with white pieces of my jaw. It reminded me of a river full of floating icebergs. That’s when I woke up in a cold sweat breathing very hard, furtively checking all my teeth with my tongue.

After a few moments of abject terror, I calmed down and thanked my lucky stars that all my teeth were there.

comments edit

You kind of get the feeling that Keith Brown has a beef with soap exceptions when he writes that SoapException Sucks. I won’t rehash everything he says here, but the gist of his complaint is that when throwing an exception from within a web service, the exception gets wrapped by a SoapException. What’s so bad about that? As Keith relates, the Message property of the SoapException class intersperses your fault string with a load of other crap you really don’t care about. Also, the InnerException doesn’t get serialized into the SOAP fault packet, so it is always null on the client side.

A couple solutions proposed within his comments require putting a try/catch around the body of every method and construct a suitable SoapException by hand. This just didn’t sit well with me (neither did the burrito I just ate) as it seemed quite repetitive. I figured there had to be a better way. If only there were some way to inject code after a SOAP method is called and before the XML payload is delivered to the client. Fortunately there is. SOAP Extensions!

The solution I hacked together here is to build a custom SoapExtensionAttribute used to mark up a method. If that method throws an exception, the original exception information is serialized into the detail element of the soap exception.

The key here is to remember that SOAP is at its core simply XML text messages being sent back and forth between computers. A SoapExtension lets you peek under the hood and manipulate the actual messages going in and out.

There are three classes involved in this solution, SerializedExceptionExtensionAttribute, SerializedExceptionExtension and SoapOriginalException. I’ll briefly go over each one.

SerializedExceptionExtensionAttribute is a very simple Attribute class that inherits from SoapExtensionAttribute. When applied to a target, this attribute has a property that indicates what type of SoapExtension to use for that target.

SerializedExceptionExtension inherits from SoapExtension and for the most part looks like your typical MSDN example of a soap extension in which you override ChainStream, store the old stream in a member variable, and replace it with a new stream. For the sake of illustration, I will highlight a few methods that make this extension somewhat interesting (at least for me)…

public override void ProcessMessage(SoapMessage message)
    if(message.Stage == SoapMessageStage.AfterSerialize)
        _newStream.Position = 0;
        if(message.Exception != null && message.Exception.InnerException != null)
            CopyStream(_newStream, _oldStream);   
    else if(message.Stage == SoapMessageStage.BeforeDeserialize)
        CopyStream(_oldStream, _newStream);
        _newStream.Position = 0;

void InsertDetailIntoOldStream(Exception exception)
    XmlDocument doc = new XmlDocument();
    XmlNode detailNode = doc.SelectSingleNode("//detail");

        detailNode.InnerXml = GetXmlExceptionInformation(exception);
    catch(Exception exc)
        detailNode.InnerXml = exc.Message;

    XmlWriter writer = new XmlTextWriter(_oldStream, Encoding.UTF8);

In the method ProcessMessage, you can see that the code waits till after the method has been serialized to XML (represented by SoapMessageStage.AfterSerialize) and is ready to be sent back to the client. That’s where the exception detail is injected into the stream, assuming an exception did occur.

InsertDetailIntoOldStream finds the detail node within the serialized stream and inserts exception information into that node. In order to make this information useful to both non .NET clients and .NET clients, the exception information is formatted as XML. However, in one of the nodes of that XML, I serialize the exception using a BinaryFormatter. That way, a .NET client can gain access to the full original exception.

string GetXmlExceptionInformation(Exception exception)
    string format = "<Message>{0}</Message>"
        + "<Type>{1}</Type>"
        + "<StackTrace>{2}</StackTrace>"
        + "<Serialized>{3}</Serialized>";
    return string.Format(

string SerializeException(Exception exception)
    MemoryStream stream = new MemoryStream();
    IFormatter formatter = new  BinaryFormatter();
    formatter.Serialize(stream, exception);
    stream.Position = 0;
    return Convert.ToBase64String(stream.ToArray());

Security Note!, for a production system, you probably don’t want to serialize the original exception as it will contain a stack trace and could give out more information than you wish clients to the service to have. For debugging, however, this is quite useful.

Allow me to walk through how you can apply these classes in your own code. Below, I’ve written a method that simply throws an exception. You can see that I marked it with the SerializedExceptionExtension attribute.

[WebMethod, SerializedExceptionExtension]
public string ThrowNormalException()
    throw new ArgumentNullException("MyParameter", "Exception thrown for testing purposes");

Now on the client, I simply make a call to the web service within a try/catch clause. In the snippet below, you’ll notice that I wrap the thrown exception with the SoapOriginalException class. That class is a helpful wrapper that knows how to deserialize an exception serialized using this technique. The original exception is accessed via the InnerException property.

void CallService()
    TestService proxy = new TestService();
    catch(SoapException e)
        SoapOriginalException realException = new SoapOriginalException(e);

If you’d like to try this technique out yourself and provide a critique, download the source files here. There are certainly some enhancements that could be made to the code to make it even more useful. Let me know if you make improvements.

comments edit

Real Madrid Wohoo! The little lady and myself will be in attendance as we watch Zinedine Zidane, Beckham, Ronaldo, Owen, Roberto Carlos and the rest of Real Madrid completely overpower and dismantle the lackluster Galaxy when they play an exhibition game at the Home Depot Center in Carson.

It’ll be interesting to see if Landon Donovan can scrape together a worthy performance in the face of such talent and show that he’s ready for the world stage.

I remember when living in Madrid, Spain just how revered Real Madrid is. They are a storied team with a rich history and a fantastic roster this year. Of course, too much star power can sometimes be a detriment, as we learned with the lakers last year, and as we saw this year as second place Real Madrid were upstaged by Barcelona for the Spanish League title.

comments edit

Steven Clarke has an interesting post about the usability (or lack thereof) of the Factory Pattern.

In simple terms, the usability issue strikes when a developer knows she needs an instance of object Foo. So she tries to new one up like so…

Foo foo = new Foo();

Unfortunately Foo looks like this…

public class Foo


ÂÂÂÂprivate Foo() {}


Notice the private constructor? VS.NET’s intellisense dutifully tells her that she can’t create an instance of Foo in this way. So now how is she supposed to create her beloved Foo? The answer is that there’s probably a FooFactory laying around somewhere that’ll do just that for her. So now she has to go rooting around looking for that class, her rhythm and flow being disturbed in the process.

So is the answer to simply throw out the Factory pattern? Dear god no! This is one of those cases where perhaps the IDE could be a bit more helpful. Imagine if we could markup the class like so…

public class Foo


ÂÂÂÂ/// <summary>

ÂÂÂÂ/// Try using the FooFactory to create this class.

ÂÂÂÂ/// </summary>

ÂÂÂÂprivate Foo() {}


And that comment would show up when trying to directly create an instance of Foo. Wouldn’t that be wonderful? Or for you attribute lovers, maybe an attribute would be a better option.


public class Foo


ÂÂÂÂprivate Foo() {}


Either way, the goal is to give the forlorn developer some help via Intellisense. All that API creators need to do is to add a bit of information to their classes and voila! Intellisense to the rescue. You’ve rescued the usability of the factory pattern.

[Listening to: Victorious - Tiësto - Parade of the Athletes (4:38)]

comments edit

If you’re a fan of NPR and KCRW, make sure your voice is heard. The House will soon vote on budget cuts for public broadcasting and the issue is being painted as a liberal vs conservative battle.

I believe it is impossible for a person to be truly objective, but as far as news programs go, I think NPR does a great job of it. I think both sides of the political spectrum appreciate receiving news without the sensationalism and fear mongering so prevalent from its puerile cousin, television news. Here is the letter from KCRW in full…

Message from KCRW General Manager Ruth Seymour\ Dear KCRW Listener,

I am writing you about an unfolding crises in Congress with regard to public broadcasting. Proposed funding cuts now before the full House pose a serious threat to public radio and television – and to KCRW.

The proposed cut is 25% to KCRW’s CPB grant this October and next October as well. Moreover adding the proposed additional cuts to PBS childrens’ programs and station digital conversion – the total reduction adds up to a whopping 45%!

Facility funding, which provided oportunities for stations to modernize and extend their service has already been zeroed out. These are the grants that helped KCRW purchase it’s first modern transmitter in 1979 and launch NPR’s Morning Edition. Later they enabled KCRW to extend sevice to Ventura and the Antelope Valley.

If these cuts stand, KCRW may lose over $1,000,000 from its operating revenue. This would severely impact KCRW’s local programming and our ability to sustain NPR.

The Corporation for Public Broadcasting is the independent organization created by Congress to support public broadcasting and act as a heat shield against political interference. But now, ironically, the Corporation itself is providing the heat.

Chairman Ken Tomlinson has politicized matters by framing the issue of balance on news programs as liberal versus conservative. We vehemently object to this characterization which is intended to put public broadcasting on the defensive and influence program decisions.

  • We cherish our editorial independence and the political diversity of the audience we have attracted.
  • We believe in objective journalism, free from political constraints.
  • While we welcome constructive criticism, we reject partisan judgements masquerading as impartial analysis.

We can’t reverse the funding cuts by ourselves. We need your help.


Please register your opinion by contacting your Congressional Representative right away.

The full House votes next Thursday or Friday.

Find your Congressional Representative at:\


Ruth Seymour\ KCRW General Manager

Visit for additional information and background: