0 comments suggest edit

Thanks to the help of the very talented Joel Bernarte, I have a nice new look to the site. He created the logo you see at top. I then spent a bunch of time trying to modify the layout and Css to do the logo justice.

If you’re viewing this in an aggregator, you’ll actually have to take a second outside of the aggregator to look at my site haacked.com using that antiquated piece of technology that used to rule your life called a Web Browser (which might just be integrated in your aggregator). Thanks. Now back to the new technology that’s ruling your life…

0 comments suggest edit

See, this is exactly the type of comment spam I’m hoping to avoid.

Harrrrrr… shoulder of pork and ham!!! $4 dollars at the quickie-mart! I am a prince from Niger, please give me the keys to your Mercedes Benz. I love men who aren’t afraid to blog!

Only in this case, I’m afraid I know this guy.


By the way, the ASP.NET Resource Kit has a free version of the SAX human verification component. That ought to help combat automated spam.

0 comments suggest edit

Another option is to simply remove the web interface for comments and only allow comments via the Comment API.

I have a hunch that most of the comment spam comes from people who stumble on my site via the web. Most people who post via the CommentAPI are using an aggregator and are thus subscribed to my site, or were referred by another subscriber.

UPDATE: I may be confusing Comment Spam with Comment Graffiti. As far as I can tell, I do not have any comments from any automated sources, nor comments advertising products on my site. The “spam” I have seems to merely be comments by random people who occasionally write offensive comments.

0 comments suggest edit

In an email to Ian Griffiths I mentioned that I wished he had a comments section because some of his posts are so intriguing I have to reply. ;) His reply relayed a common angst regarding enabling comments on a blog, comment spam

Looking around, I see this is a common problem as evidenced by the following posts by Roy Osherove who wants to turn comments off, Chris Anderson who threatens to turn them off, and John Lam who did turn them off.

This is disheartening because comments can be a vital part of a blog encouraging lively and insightful conversation. But then again, not if your constantly getting these type of comments

Noticed on a dirty white van, letters made by hand: \ “I Wish My Wife Was As Dirty As This.” \ Underneath, different style: \ “She Is!”

Funny? Maybe. But off-topic. Unlike the garden variety email spam, the bulk of comment spam tends not to be automated. If it were, it’d be plenty easy to stop by requiring users to type in some text they see in an image.

Rather, much of the smelly meat is due to the fact Google is bringing droves and droves of visitors to blogs as bloggers all link to each other. Some of these unwashed masses decide to leave their mark on your site.

As John Lam pointed out, simple IP filtering isn’t enough. I’ve been thinking alot about how to leverage network effects to reduce comment spam. For example, in general I’ll trust people who have subscribed to my blog to make comments, and if they’ve been subscribed a while, I’ll trust those that subscribe to theirs.

I can imagine adding features to blogging back-ends such as .TEXT or DasBlog whereby trust relationships can be built by using something similar to the TrackBack API. Suppose I subscribe to your blog and you try to make a comment on my site. Since my blog knows that I am subscribed to yours (this will require aggregator integration), it automatically lets you comment. It then can go one step further. Perhaps it will ask you, “Any changes to your whitelist since we last exchanged data?”. We can then exchange whitelist info. Certain spam engines work in this manner.

The big problem with this approach is that identity is a tough nut to crack without requiring that commenters create a login and password and building in some sort of verification system.

0 comments suggest edit

I’m trying out this sweet plug-in for the Windows version of iTunes. After installing this plug-in, you can click on the musical notes at the bottom of w.Bloggar and it will insert information about the currently playing song wherever your cursor is located. This page lists plugins for Winamp versions 2,3, and 5 as well as iTunes (the one I’m using).

Now you’ll all get to experience (from time to time) my awesome music collection. ;)

[Listening to: Nude Tempo One - 16 - Release - Miguel Migs - Nude Tempo One (3:26)]

0 comments suggest edit

I received a lot of comments (a lot for me) on my post entitled “The Difficulties of Language Design”.

I wanted to follow up on one interesting comment by a reader named Jocelyn:

“Language changes shouldn’t break existing code…“Well, yes or: \ \

  • obsolete features (like the lock keyword) could be flagged\
  • tools could be developped to update existing source code\
  • the language could be versionned:\ #version 1.1\ #version 2.0\

That’s why I qualified my statement with “…Too Much.”. There are certainly cases where you have to take the plunge and risk breaking existing code. The things she mentioned are certainly great ways to mitigate the impact of changes, but they aren’t enough.

I think the real difficulty is when you slightly change the behavior of a language feature such as a keyword. This change won’t show up when you recompile your code because you aren’t marking the feature as obsolete. Likewise, it can be quite hard for code analysis tools to check to see if the semantics of your code relies on the old behavior (though in some cases this might be possible) and would have problems with the new behavior. The best it could do is flag the keyword and say “Hey! The behavior of this keyword has changed.” This might be helpful in some cases, but imagine if the behavior of the lock statement changed slightly. That’s a lot of places you’re going to have to check by hand.

The end result is that you recompile your code using the newer language and everything looks hunky dory. But days, maybe weeks, later you find a subtle problem with your code that is difficult to track down. In the end, it may be the end result of a chain of events that started at the point where your code relied on a certain behavior of the language and that behavior changed. The point here is that the error might not occur at the point where you rely on the faulty behavior, but somewhere down the line.

I’m not advocating that the behavior of language features should never change, especially if the behavior is wrong to begin with. I’m merely pointing out the risks and hazards of doing so. It’s a heavy cost and the benefit sure as hell better be worth it. I think this is why you see so few breaking changes.

0 comments suggest edit

Congo MapApparently I’m not the only one who’s been contacted by the son of the late Democratic Republic of Congo President Laurent Desire Kabila. I’ve also been contacted by several other members of royalty or political dissidents who are fleeing the Congo.

Each of these people need MY help in transferring insane amounts of money. I’m talking barrels and barrels of cashola. Apparently, nearly everyone I know has been contacted by someone from the Congo wishing to transfer money. Congo must be a very very rich country. These guys are smuggling enough cash to make Bill Gates look homeless.

0 comments suggest edit

Found this out in the blogosphere:

Apparently, Time has obtained an internal pentagon emailthat links Dick Cheney directly to the no-bid contract that Haliburton received for rebuilding Iraq’s oil infrastructure. Sadly, people most likely won’t hear about this, and it will die with all the other smoking guns that practically scream out and demand some independent investigation into this administration. Clinton got one for getting a hummer from an intern, but the current administration, flagrantly flaunting its corruption, slips by over and over again. [via the ever-great, wish-he-blogged-more Marc Goodner] \

This weblog is brought to you by the color Orange and the sesame street character, Bert.

[Via Corey’s Ramblings]

0 comments suggest edit

Unreal Tournament 2004 Cover I have a confession to make. While at Tech-Ed, I did some bad things. Please look upon me not with a judging eye, but try to have a forgiving stance.

While at Tech-Ed, I missed several sessions I had planned to attend…in order to…*gasp* play Unreal Tournament 2004.

I know. I know. I’m supposed to be at Tech-Ed to learn the latest and greatest Microsoft technologies, not to waste my time manning the guns on a Leviathan, or sniping suckers with the lightning gun. But I just couldn’t help it! My boys (and girls, but mostly boys) out there needed me! I couldn’t just ditch my team as the other team was encroaching on the main base now could I? What did you expect me to do in the face of such temptation as a setup consisting of 32 networked AMD 64 bit servers with flat panel displays?

In any case, I’ve checked myself into Dennis Fong Clinic for 1st person shooter addicts. I’ll get the help I need at the DFC. Hmmm… DFC… Sounds like a new weapon in UT… Wonder how I get that…

0 comments suggest edit

San FranciscoMy car hates me. Or it should. Last week I made two round trips to SD. Last Friday night, I returned from SD, and Akumi and I left the following Saturday morning to drive up to San Francisco. I used to love road trips, but after all the hours of sitting on my ass in my car this weekend, I’m done for the time being (or at least for two weeks since we’re going camping).

The highlight of the trip was the outstanding weather in San Francisco. Mark Twain supposedly once said “The coldest winter I ever spent was a summer in San Francisco.” Well, too bad he wasn’t there this past weekend. It was absolutely gorgeous up there. Even nicer than LA and SD. We laid out like cats in the sun by a fountain in a park with a view of the SFMOMA. I forget the name. We met up with Laura and had dinner at R&G Lounge. That was some of the best Chinese food I’ve had in a long while. It even met up to Laura’s standards. Surprising coming from a place with such a droll name.

That evening we had drinks in The View, an aptly named bar on the top of the Marriot. The View that caught my attention was the view of the tab. Damn them drinks are expensive!

The next day, we spent with friends of Tim and Laura, Eric and Jenny, who have a cute chubby baby boy named Peter. Peter is an innovator. He claps by moving his hands vertically up and down slapping the top of one hand with the bottom of the other.

SF had its own Carnival going on which was pure craziness. The floats were fun to watch, but walking through the crowd got very tight and annoying.

Checked out the POP! art show at the SFMOMA. It was a bit disappointing as the size of the collection was really small and they didn’t have enough Warhols or Lichtensteins for my wife’s taste.

0 comments suggest edit

So we’re going to keep the Media Center PC since we won’t be able to get enough to buy a Tablet PC if we sold it and since we can get a lot of use from it. I have a lot more to write about Tech-Ed and my fabulous weekend in San Francisco. Stay tuned.

0 comments suggest edit

Last night I attended the Microsoft Office System party at the Hard Rock Cafe. The “Unauthorized Rolling Stones” were playing and the crowd was into it. I was primarily there for the food at first, but after a few free drinks, I was having a jolly good time talking to people. Even met a techie from Juneau, Alaska. Though I live in L.A., I still claim Anchorage since my family still lives there. So it was nice to bond with another Alaskan. Especially as I didn’t figure the Alaskan government would be using .NET.

In any case, I stuck out the party till the end and was rightly rewarded for it. I won the grand prize of the raffle which was a 3GHZ HP Media Center PC. It’s one of them TIVO like systems with 160 GB hard-drive, ATI Radeon 9200 (I think), TV and Radio Tuner, etc… I hear the next version of the Media Center operating system will support HDTV.

The funny part is that at the time, I was bummed I didn’t win second place which was a Tablet PC. I even went up to the guy who won it and offerred a trade, but he wasn’t having it. Especially considering I had to carry this big honking box to my car. ;)

Thanks Microsoft!

0 comments suggest edit

The best part of Tech-Ed 2004 is how Microsoft puts us developers in touch with the people who are creating the languages and tools we use. They’ve accomplished this in two ways.

First, with the Rio system (nothing to do with Duran Duran). This system allows you to search for attendees (who’ve registered in the system) by name or interests and request a meeting with them. This is the debut of the system and I don’t believe it’s being well utilized by attendees. This is great for me as most everyone I’ve wanted to talk to has been available and I’ve had a chance to meet members of the C# team such as Eric Gunnerson (PM for the C# compiler) and Anders Hejlsberg (a Distinguished Engineer at Microsoft and chief designer of Delphi and the C# language). Unfortunately Steve Ballmer was not in the system.

Second, by having Microsoft employees hang around the cabana areas (replete with comfortable couches), it’s easy to walk up to the devs who are building the next generation of tools I use (such as Anson Horton and Cyrus Najmabadi) and ask, “So whatcha got?”

If there’s one thing I’ve taken away from my various discussions about language design is that language design is hard. This may be obvious to you, but it’s not obvious to everyone. Look in any unmoderated newsgroup about programming language and you’ll hear plenty of “Java sucks!” or “C# stinks” (perhaps even more colorful than that). A lot of people carry a one language fits all mentality when in reality, each language has a purpose and target in mind.

There are three reasons that come to mind to explain the difficulty of language design:

  • Language changes shouldn’t break existing code…too much.
  • Total language purity is unattainable, but we try anyway.
  • Language design must take into consideration human behavior.

Language changes shouldn’t break existing code…too much\ This is one of the more difficult issues when designing a language. How do you update the language without breaking thousands if not millions of lines of code out in the wild. Even small changes that seemingly should cause no problems can break code. Well hopefully you have legions and legions of regression tests, but they can only go so far. This remains a difficult challenge.

Total language purity is unattainable, but we try anyway \ Let’s face it, if we’re not seeking the ideal pure perfect design, why are we in the business. It’s a natural tendency. However, a good designer realizes that total purity is unattainable. It’s a simple fact: real world pressures are factors in language design. These guys have to ship and deadlines will affect which features they keep or don’t keep. More subtly, sometimes the order in which a feature is designed affects the language design.

I asked Eric Gunnerson whether they’ve considered adding a timeout syntax to the lock statement ala Ian Griffiths’ TimedLock structure. He in turn asked me, would creating this new syntax have any more clarity than using the TimedLock structure? Ummm… I guess not since we can already do this in a clean and concise manner. Right. So why add syntax. Not only that, the TimedLock demonstrates what the C# team had in mind with the using statement. It wasn’t intended just for cleanup, but for situations just like this.

Naturally, if this were the case, why even have the lock statement, as the using statement makes it unnecessary. It turns out, the lock statement was introduced long before they introduced the using statement when creating the language. At that point it wouldn’t make sense to refactor the lock statement out of the language as it was likely used all over the place and would introduce a major breaking change (see the first reason why language design is hard). Wow, you mean real world issues such as timing will affect the purity of language design? Indeed, total purity is an illusion.

Language design must take into consideration human behavior\ Another reason language design is hard is that it must take into account human behavior. Just as we have usability testing for GUI applications, usability testing for APIs and languages are also important.

Take the “throws” statement in Java when declaring a method. This statement is followed by the type of exception (or exceptions) that the method may throw. When calling this method, the developer must catch and handle every exception declared by the throws clause. From a purity standpoint, this is beautiful. If a method could throw this exception, certainly the developer should be forced to do something about it. But now let’s examine the behavior of real developers in the field. They just want to call this method to get the work done and handle the exceptional cases later (or in a method up the call stack). However, the code won’t compile until they catch each exception. So what do they typically do? They catch(Exception e) and forget about it. No more compiler errors, but if they never return, they’ve lost a lot of valuable information about the exception.

Some will argue that we shouldn’t pander to developers with bad habits like this and teach them to do the right thing. But this isn’t necessarily a case of developer ignorance. The physics of software development states that developers naturally take the path of least resistance i.e. we’re lazy. We have to ship software. We don’t have time to do everything in the most pure fashion. The language has to work for us, not against us. We absolutely have to pander (to a degree) to lazy programmers because they’re creating the software that’s running our cars, flight control, etc… Figure out why developers don’t perform a best practice and learn how to make the best practice the path of least resistance. That should be a focus of language design. It’s not always possible. Sometimes we just have to admit that software development is hard. I certainly don’t want developers to be lazy about security. But whenever possible, I want to make writing secure code, the path of least resistance.

0 comments suggest edit

My good buddy makes the following comment on my last post:

I have a suspicion that TechEd might just be a massive re-education project, sponsored by Gates, attempting to grow an army for the violent overthrow of the domestic government.

Now that you’ve spoken the truth, you must be punished. You are hereby forced to use Windows ME for the rest of your life!

Sorry, nothing that insidious is happening here. Ballmer’s keynote focused on Microsoft’s mission for IT which is to help IT “Do More With Less”. Sadly, IT is already doing more with less. Less people. Less resources. Less moral. More hours.

For me, the most interesting announcement made was about Visual Studio.NET Team edition which will attempt to improve the software development lifecycle. This product integrates unit testing, deployment configuration (via Whitehorse), collaboration and workflow management, improved source control with the IDE. Yes, they are improving sourcesafe.

As for overthrowing the government, Ballmer did mention that Oracle is now a VSIP (Visual Studio Integration Partner). Larry Ellison partnering with Microsoft on any level? Either they’ve tied Larry up and locked him away, or there’s something brewing here…

0 comments suggest edit

It’s probably too early to tell, but Don Box and Doug Purdy gave what I bet will be the most interesting talk I will hear at Tech-Ed. This was the opening talk for the Connected Systems track which focuses on that hot TLA, SOA (Service Oriented Architecture).

The implications of The Program is that we are constantly adding code to it while it still runs, but we can’t reboot it. We can take parts of it offline and replace parts, but there are parts (and decisions) within The Program that we may have to live with forever.

One of the big revelations they had was that “There is only one program and it is still being written.” This has pretty profound implications when you think of it. I can attest to this statement as I recently worked on porting Fortran code running on a microcomputer to Fortran 90 code (big upgrade!) that was to run on a modern Intel server. The front end was being replaced by an ASP.NET site that emulated the console currently in use. The ASP.NET site communicates with the Fortran via memory mapped files.

“Choice is an Illusion” Darwin is the system admin for The Program. You can’t change the program, you only have control over a small sliver of it. Your goal is to make your neighborhood better. This addresses the initiatives in the industry to create grand unification architectures. The physicists are still looking for a Grand Unifying Theory, but for software architects, it’s time to give that up. We’re not all going to run on a JVM. There will be no language to rule them all. We’ve tried DCOM, CORBA, etc…

In any case, this keyboard is not ergo so I’m going to have to stop typing and let you research this one on your own. Till next time, over and out.

0 comments suggest edit

I have a new personal record time for the drive from Los Angeles to San Diego.  I believe I made it in 1.5 hours.  It was a harrowing drive, but I made it safely and already received some free code generation software.  Now to find some food and watch the Alias finale.

0 comments suggest edit

DubyaAccording to a new report, the Bush Administration has taken its strong support for outsourcing further than previously thought – opting to move key political operations offshore. India’s Hindustan Times reports that, during a 14 month period from 2002 to 2003 when the Republican Party was playing up patriotism, its fund-raising and vote-seeking campaign was performed in part by two call centers located in India….