[Giagnocavo]Michael::Write() - Humour

Objects versus Closures - a koan

Fri, 19 Sep 2008 18:00:50 GMT

In a previous comment, someone mentioned the OO mindset ("mold" -- quite appropriate). I don't want to go into it much, but simply "quote for win" something from here http://people.csail.mit.edu/gregs/ll1-discuss-archive-html/msg03277.html. It's a nice take on things and I got a kick out of it:

"
The venerable master Qc Na was walking with his student, Anton. Hoping to
prompt the master into a discussion, Anton said "Master, I have heard that
objects are a very good thing - is this true?" Qc Na looked pityingly at
his student and replied, "Foolish pupil - objects are merely a poor man's
closures."

Chastised, Anton took his leave from his master and returned to his cell,
intent on studying closures. He carefully read the entire "Lambda: The
Ultimate..." series of papers and its cousins, and implemented a small
Scheme interpreter with a closure-based object system. He learned much, and
looked forward to informing his master of his progress.

On his next walk with Qc Na, Anton attempted to impress his master by
saying "Master, I have diligently studied the matter, and now understand
that objects are truly a poor man's closures." Qc Na responded by hitting
Anton with his stick, saying "When will you learn? Closures are a poor man's
object." At that moment, Anton became enlightened.

"

Reason #52 against Visual Basic (Nothing in Visual Basic)

Wed, 22 Aug 2007 14:49:34 GMT

What people do in their own time in the privacy of their homes is none of my business. However, when they mess with reading documentation, then it crosses the line and becomes annoying. How many times do VB developers need to be told that a null is "Nothing"? Consider this snippet from MSDN:

-------
The CreateUser method will return a null reference (Nothing in Visual Basic) if password is an empty string or a null reference (Nothing in Visual Basic), username is an empty string or a null reference (Nothing in Visual Basic) or contains a comma (,), passwordQuestion is not a null reference (Nothing in Visual Basic) and contains an empty string, or passwordAnswer is not a null reference (Nothing in Visual Basic) and contains an empty string.
-------

Five times in one paragraph! I know null type systems are annoying and lead to errors, but that seems a bit excessive. Seriously though, it'd make more sense to make VB developers learn a few words once, rather than having to mess up documentation just in case they get confused.

C# Frustration

Thu, 02 Aug 2007 19:39:10 GMT

C# with lambda syntax and extension methods (in lieu of compositional operators) gets us so far, but the syntax and compiler could use a bit of polish. I'll show some exact examples later, but meanwhile this picture sums up my feelings at the moment:

Edited to add: Inspired by http://xkcd.com/297/

Edited to add: Just to be clear, this isn't a compiler or IDE issue: it's a spec issue (AFAIK). The C# spec simply doesn't allow certain things (like type inference from a method group).

Outsourced Evolutionary Programming

Tue, 13 Mar 2007 17:51:08 GMT

My friend just dealt with an oursourced project. Yes, outsourced as in sending it to a place that charges a lot less money than, say, developers who actually know what they're doing.

One of their deliverables was a program that compressed an XML string into a gzip file. Should be a minor thing, right? The C#/.NET 2 code is less than 10 lines. Well, their first delivery produced files that contained the text "System.Byte[]". This was not accepted and they vowed to look into it in more as they were sure the code was correct.

Their next files were a bit larger and supposedly were really correct this time. But still, no zip program could read the data. Well, a quick look at the beginning of the file shows the bytes EF BB BF -- the UTF-8 BOM. The rest of the file was ASCII digits. Yes, they wrote the bytestream out as a UTF-8 interpretation.

If we define evolution as "the non-random survival of randomly mutating replicators", we can define their approach as "the non-random acceptance of randomly mutating programs."

A PETITION TO END THE ATROCITIES OF VISUAL BASIC

Sun, 13 Mar 2005 04:25:54 GMT

[OK, this was brought on after a night of fighting with the latest VS2005 “Made For Mort(tm)“ features in VS2005 and after hearing even more about the silly “VB Unmanaged 4Ever Petition“. Yes, I know, there are professional, intelligent, etc. VB programmers who signed. I also started programming in BASIC. And yes, I know this suggestion is as bad as the actual petition.]

Sign by leaving a comment.

A PETITION TO END THE ATROCITIES OF VISUAL BASIC

We would like to suggest a path for the future development of VB6 and similar apps to put an end to the crimes against the world committed by worshipers of Microsoft's product, Visual Basic. This path will help anyone who should be working with computers on a technical level.

OBJECTIVES

We ask that Microsoft stop catering to low-end, “Mort” developers, especially those who cling to past glories achieved through VB6.

1. Preservation of Assets
    Microsoft should not:
        - Force customers to uninstall Visual Basic 6
        - Push a patch out through Windows Update that disables the VB6 runtime
        - In any way, magically make VB6 stop working at the end of March, 2005

2. Discontinued support for Visual Basic
- Medical trials have shown strong correllation between Visual Basic usage and degration of the brain, notably the areas that deal with change and improvements.
- Microsoft should take responsibility and make its products harder to use to raise the level of entry.

3. Ease migration of deprecated developers

        - Provide “Career Days” where developers can learn about and get jobs in exciting industries, such as textiles and hospitality
        - Promote local support groups and 12-step programs
        - Sponsor emigrant visas
        ~~- Provide a VB6-to-C++ reverse engineer tool.~~

SUGGESTED APPROACH

We believe the best way to meet these objectives is to drop support for VB.NET after Visual Studio 2005 (Codename “Whidbey”). For brevity, we’ll call this “natural selection”.

To quell proponents of “VB.COM”, we suggest explaining that “VB.COM” and “VB.NET” are so completely unlike C# and C++ that it sounds like a bad joke. We also suggest that Visual Studio team members personally make disparaging comments about how silly this is. While personal attacks and racial slurs shouldn’t be used, general stereotypes such as “…people who think architecture means making a wrapper for MsgBox” are fine.

CONCLUSION

With VB.NET out of the picture, less “Morts” will use Visual Studio. Microsoft can then focus on designing a strong framework and toolset that doesn’t worry about people who won’t understand why System.Windows.Forms.MessageBox.Show doesn’t work “as it should” in an ASP.NET page.

Overall, we feel this will enable a better environment, and more robust software being created in the industry today.

What the "Classic VB Petition" really shows

Fri, 11 Mar 2005 04:53:14 GMT

http://classicvb.org/petition/

So, they're not only asking Microsoft to create a new version of old VB (i.e., not .NET), but they're also asking it to be integrated into the VS.NET v8+. Some have cited C#/C++ as an example of this.

HAHAHA! Man, if this doesn't show how clueless some VB programmers are, nothing does. I mean, seriously, come on! They actually expect MS to say “ok, sure we'll make VB6.5 v2005 and go away from managed code”? And they think that integrating VB6 right into VS.NET will be a piece of cake? This proves that many VB devs really are clueless when it comes to designing apps and think that there's some magical power that just makes everything work. The sad part of this is that some of these people are MVPs... I thought that MVPs generally had a relatively high knowledge level and wouldn't come up with silliness like this...

The REAL Visual Studio users

Sat, 26 Feb 2005 09:14:50 GMT

I got tired of seeing, smug, designer people used in advertising VS. So I decided to modify the “professionals” you see here: http://lab.msdn.microsoft.com/express/, to something that perhaps more accurately represents the user base of those products:

Edit: I didn't mean to pick on the Express line in particular actually. It's just that they had all these models lined up. I think of some of the images apply to ALL versions of the product... (like the first one? ;)).

Kids beware: 1337 speak for parents

Thu, 17 Feb 2005 18:28:14 GMT

On an MVP mailing list today, someone posted this link:

A parent's primer to computer slang
Understand how your kids communicate online to help protect them http://www.microsoft.com/athome/security/children/kidtalk.mspx

To which I replied:
... I just felt a disturbance in the force, as if millions of kiddies yelled out in embarrassment as their parents tried to talk leet to them...

M0M [133t!]: d00d, did j00 |-|4/\3 phun 4t sk00l t0d4yz? $c13nc3 is teh

r0x0rs, w00t! D4D 4nd I R g0ing 0ut ToNiGHT, g0nn4 sh0z /\/\y m4d

sk1llz. Th3r3's ph00d in da phridg3.

Son: I'm so embarrassed. Never talk that way again, please.

I'm surprised they didn't have some sample conversations to test your knowledge. They also left out "r00t".

Steve adds: And M$

Hmm, I wonder, maybe MS will start doing a whole series on slang? Maybe they're working on a paper like that right now? “What does it mean when your son says 'Her? The whole shool's had root access.'”

Developer Evangelism?

Mon, 14 Feb 2005 18:55:58 GMT

While visiting my parents' clinic in Guatemala two years ago, I decided to do a bit of developer evangelism. Perhaps I should go back to tell her WinFS was cut?

Saved! ASP.NET team decides not to screw us up!

Sat, 12 Feb 2005 09:21:52 GMT

Doing some work on a new site using Whidbey, and I came across this:
http://msdn.microsoft.com/asp.net/whidbey/beta2update.aspx#ASP.NET_2.0_Compilation_Model_Changes

YES!!! Whoever says MS doesn't listen is definately wrong. Quick recap: ASP.NET changed it's project system/compilation model to better suit people who think HTML is a programming language. Good ASP.NET developers pushed back... hard. The “Web Platform and Tools“ team nicely listened. Yey!

The blessed article is a bit terse, so I've provided common-language translations (sarcasm and jest ahead... it's just because I'm so relieved, no offense intended):

“In response to significant customer feedback...”.
Translation: “We spoke with professional developers, instead of just going after the “PHP is teh r0x0rs” group, and the “I know HTML and thus am a 'Web Developer'” group.“

”The goal is to improve the code-behind and code-separation experience and enable the partial class paradigm to be used to improve the code-behind experience while continuing to maintain a syntax and functionality that is very similar to ASP.NET 1.x.“
Translation: “We fixed the compilation model.”
Note: Wow, that's a really long sentence. And they even used the word “paradigm“. Wow.

“As a result, it makes upgrading of v1.x projects even easier and further reduces new ASP.NET 2.0 specific concepts.“
Translation: “Customers told us backwards compatability and migration was actually important.“
Minor correction: “upgrading of v1.x projects *possible* and further...“ (Yea, I had zero luck upgrading projects. Yet I could open VC++ 6 projects with VS2005 and compile and deploy to client systems with zero problems.)

“In short, this change enables developers to continue to pre-compile ASP.NET pages for significant performance gains while still being able to maintain the .aspx markup content separate from the binary.“
Translation: “Now things work like 1.1 again.“

Wow, this is really, really great news. I'm thrilled. Can't wait to get Beta 2, even if it means having to redo a nice amount of code.

Oh, BTW, they shortened the special directory (the Vile Code directory) prefix from “/Application_“ to “/app_“, and rightly canned “/Application_Assemblies“ (which was the “/bin“ replacement). Why “/Application_Assemblies“ was ever a good idea apart from consistency is beyond me...

Even so... something gives me the feeling that the compatability part of their team is somehow very much different from say, the Windows Shell team :).

New Horizons Engrish: Bistalk and comerse Server

Wed, 12 Jan 2005 20:20:24 GMT

A while back, we were looking for some training courses on BizTalk and Commerce Server. We emailed the local New Horizons training centre, asking for info. They offered us:

“Bistalk Server, y otra en comerse Server 2000.“

Bistalk? comerse Server? Oh joy. We responded asking for prices, and explaining the correct spelling. Their response:

Dear Mr. XXX
delay of its news, If has left it is possible that it can send its data to me of I telephone to be able to communicate with its person and power to me to have a direct contact but. until soon.

To this day, I'm not quite sure exactly what he meant.

Warning on a phone

Sat, 08 Jan 2005 01:21:15 GMT

You know you're gonna have a fun time trying to figure out configuration settings when the user manual for your phone start off with this:

Congratulations on your purchase of the product. Please read the manual carefully to ensure your phone work in best status.

Security and Notes:

◆ Don’t use it in chemical plant、gas station or near the exploder place.

I have to say, I was really disheartened when I read that. I was really looking forward to using my phone near the exploder place! I guess I'll have to find some equipment that IS safe to use in the exploder place.

Console.ContentType

Mon, 06 Dec 2004 02:21:38 GMT

I think this is a joke, but it looks like a somewhat serious question. If so, this guy is an idiot. And not just a common idiot, but a truly moronic person who shouldn't be allowed near a computer. Thank you, www.thedailywtf.com.

Interesting Nmap result

Wed, 01 Dec 2004 04:17:40 GMT

I just scanned my XP machine to ensure the firewall was working correctly. Nmap detected an interesting OS:

Running: IBM AIX 4.X, Microsoft Windows 2003/.NET
OS details: IBM AIX 4.3.2.0-4.3.3.0 on an IBM RS/*, Microsoft Windows Server 2003

Now THAT'S what I call integration.

BTW.... is it just me, or does Nmap really work much better under Linux? Especially when aborting a scan: Ctrl-C on Windows takes a while (same as with Telnet), while under Linux it exits immediately.

Flaime bait: A new exception in Whidbey for VB devs

Fri, 26 Nov 2004 20:58:05 GMT

http://weblogs.asp.net/wallym/archive/2004/11/25/270521.aspx

The coolest thing about this new Whidbey exception model is that the IDE actually throws exceptions *about your code* at design-time instead of runtime.

MySQL is the Visual Basic of the DB world

Tue, 16 Nov 2004 18:43:52 GMT

Today I was having a fun discussion about MySQL. A number of people were pointing how how bad MySQL is (one Anti-MS person said “It's worse than anything MS has made.”). One of the big problems with MySQL is how it handles datatypes. It doesn't. Pass it invalid data, and it silently “fixes” it (read corrupts) so that it works in whatever column you specified. This allows people to pass whatever they want as a date, for instance.

Now, those reading who've done any real work with DBs and applications are probably saying “uh oh” right now. If I declare something as int NOT NULL, I mean it. Don't take NULL and magically conver it into 0 or empty string. Don't turn my varchar into a DateTime of 0000-0-0. If I do a query that has invalid data, *something is wrong*. Throw an error. Let the developer know.

This went back and forth for a while, until someone responded angrily and said “You: I want errors. Me: F* you, I want it to work.” This is exactly like some VB developers are thinking when they do “On Error Resume Next”. What do you think? Should a DB work like VB and “On Error Resume Next”?

I say, lets take this one step further! Why should the filesystem give us errors? “rm -rf something”? Something isn't found? Well, just use the next item found, alphabetical order. That way, we can “just work” instead of giving back nasty error messages. Sigh.

Funny Engrish

Fri, 05 Nov 2004 17:48:34 GMT

I was looking for some lyrics today and ended up here: http://music.imbc.com/iMBCMusic/iMRefAllOfMusic.asp?ArtistID=3603

Seeing the MP3 button, I hit download. The next intermediate page had the title: “More Click Better Life”. Well, yea, I suppose they're right :)

Sign the receipt you keep?

Fri, 05 Nov 2004 15:28:48 GMT

Earlier this week, I paid the local security providers (guards who supposedly guard the neighbourhood). The next day the guy came with my receipt, so I told him to leave it in the mailbox. He said, “I can't do that. I need you to sign for it.” Not sure why they do this, but whatever. Best not to argue with the guys who walk around with shotguns, know where you live, and so on, right?

So I'm handed a sheet of paper with a bunch of names and numbers on it, and told to find my name. OK, there we go, #1088. He looks in his folder and finds receipt number #1088, and then has me sign it. Then, he gives me the receipt I just signed. So I ask him “Why do you have me sign this paper, if I'm going to keep it?” “Umm, well, we have you check your name off on this list, so that we know you signed the receipt.” Alright, I'll check my name off... crazy but whatever. Oh, what's this, my name's already checked off, as are most of the names on the list. “Ahh, well. You are normally supposed to check off your name.”

And this guy gets paid to walk around and do this? It just really makes me wonder what kind of thoughts go through some peoples' brains. I wish I could have a short glimpse into some of these minds and see how it works. I mean, do they feel a fog over their mind? Or is it like they just don't care? Or does it feel like I do when I think about anti-matter warp drives: I have some clue as to how it's supposed to work but really don't know much details and probably wouldn't understand them if I did?

Help out: Hold an intervention

Wed, 03 Nov 2004 20:50:15 GMT

OK, I hardly do any politics here, so here's my one shot, considering the US elections failed. What a bad omen for the new few years eh? Anyways, instead of just complaining, I think we (people of the Earth) should step in and help. A bunch of other countries should get together and hold and intervention for the USA. Just like a friend on cocaine (or something bad) -- you perhaps watch and warn the first time it's a problem, and after that you just get involved.

Other nations should just step in and say, “We're sorry. We love [some] of you. We can't let you continue to do this to yourselves.” And then we would put someone else more competent in charge. Maybe Tommy Chong. “It's only for your own good” is what we'd tell the states. Faced with a world-wide show of love and support they'd definately see their folly and agree, right? Maybe not, judging from the voting maps. If you look at the voting maps, Bush is very much skewed towards people with pitchforks and gun racks in their pickups, while non-Bush is skewed towards people with an IQ above 110. Then again, we'll probably see a few more soverign countries blown up anyways, so there's probably not much to lose.

OK, I'm done.

Massive XML abuse

Wed, 27 Oct 2004 05:22:11 GMT

OK, I've had it. Ever since XML came out, certain people have been misusing it all over the place for no reason at all. *XML IS JUST A FORMAT.* It's not magic. It's not cool. Use if it makes sense. However, it is actually a REAL format; adding < and > to a document doesn't make it XML. LinkPoint needs to learn this.

LinkPoint (owned by First Data) is a rather large company to process credit cards. You would think they'd have people who actually have some clue as to what they are doing when it comes to their programmatic interface eh? Check this code sample out:

protected> string ParseTag(string tag, string rsp)
{
StringBuilder sb = new StringBuilder(256);
sb.AppendFormat("<{0}>",tag);
int len = sb.Length;
int idxSt=-1,idxEnd=-1;
if( -1 == (idxSt = rsp.IndexOf(sb.ToString())))
{ return ""; }
idxSt += len;
sb.Remove(0,len);
sb.AppendFormat({0}>"",tag);
if( -1 == (idxEnd = rsp.IndexOf(sb.ToString(),idxSt)))
{ return ""; }
return rsp.Substring(idxSt,idxEnd-idxSt);
}

I'm not making this up. At first I started laughing. And continued. It's one way of processing XML, heh. I also love the use of a StringBuilder *for no reason*. They didn't even have the decency to think about Regular Expressions. (And what's up with that crazy formatting on the ifs??) Sigh.

The whole point of XML is to provide a standard way to process data on whatever platform you wish, eliminating the need for stupid code like that above. With XPath, all that junk comes down to about 3 lines of nice, neat code. So I continued to chuckle as I wrote my nice, elegant code.

Until it came to runtime. Apparently, some folks don't know that XML has *ONE ROOT ELEMENT*. Throwing a bunch of tags together doesn't make it a valid document. And invalid documents mean... yep, you guessed it: Errors from your XML parser. And without a working XML parser, you're back to manually handling it. So why even bother with “XML“ if you're not going to do it correctly? A simple name=value would work just fine...

BTW, this is the second vendor this week I've seen using invalid XML documents.

Quick update: The easiest solution in this case is to just do: theirXml = “<root>” + theirXml + “</root>”; // works like a charm.

Missing the point: 1,064-bit encryption

Mon, 25 Oct 2004 15:33:42 GMT

If you don't get Crypto-Gram, or don't subscribe to Bruce Schneier's blog, do so. Today he posted a little gem about a county buying voting machines, who is detailing their decision to use a certain vendor. One great reason: “Uses 1,064 bit encryption, not 128 which is less secure.” People actually trust these people to run their elections? On another note, they mention they can put the machines in junior high to encourage voting. From what I remember of the u.s. education system, isn't that up to about 8th or 9th grade? If you're 18 and still in junior high, there's probably more pressing issues than voting... or maybe those people who grow up and select voting machine vendors?

MySQL is really secure... or bad.

Fri, 15 Oct 2004 04:18:53 GMT

I chose MySQL to use as my database, since I was writing on Linux, in C, and it just seemed like the easiest path. Can someone please say “you were so wrong”? MySQL has to the worst DB engine out there. It doesn't (ok, just added) even have support for SUBQUERIES! Barely has support for multiple charsets. And... binary(20) is NOT a binary field 20 bytes long. It's a char(20). You can't execute multiple commands in a single query. It's embarrassing to open source really. I don't know who could argue that MySQL is competition for SQL Server or Oracle and keep a straight face. Check this list out: http://sql-info.de/mysql/gotchas.html (I really love the part about date handling.)

On the other hand, it's very secure. www.kalea.com.gt <-- No checking of user input whatsoever. (BTW, my little article about Kalea made me a top search result for Kalea Guatemala -- while their site doesn't even show up.) They take your querystring, concat it to their query, and off it goes. But guess what? Good luck trying to hack it. MySQL is so poor, doing SQL injection and achieving anything fun is nearly impossible. So much for adding prices to their site :). Oh wait, you can do a DoS by using the BENCHMARK expression and then encode/Sha1/etc.

So what am I going to do? Switch to SQL Server as soon as I get a release candidate done. I'm going to load Mono into my C app, and then transition into managed code and use some nice TDS libraries and have a good day with a database that actually works well. Had I done that to begin with, I'd be a few hours ahead of schedule instead of behind schedule...

MPAA/Security silliness strikes Miraflores mall

Sun, 10 Oct 2004 22:50:57 GMT

I went downtown to the newest mall built in Guatemala: Miraflores -- yet another example of a design that'd make anyone with any amount of architectural sense sick. Built by the bright people over at spectrum.com.gt. At any rate, being somewhat bored, I decided to watch a movie. The theatres in the new mall aren't that bad.

As I walk into the mall, I see a very interesting sign: No pets, guns, cameras or video cameras allowed. While I can understand the first two items (although, seeing a rabid Akita hunting people in a Gap would be amusing), what crackhead came up with the new [video] camera idea?

At the information desk, I verified that indeed, they did mean no cameras allowed. What possible premise? Security. Apparently taking photographs of public places is somehow a threat. So I pushed a bit more... “How exactly does this improve our security?” “Um... hmm... uh, I think there was a problem at another mall, so they're just doing it in case.” In other words: “no freaking clue”. I also asked if they check people for cell phones, since you could have a camera phone and covertly take pictures. She assured me they'd find people doing that and confiscate their phones.

Later on I find out that the cinema has a $500 reward (which is probably 2x the monthly salary of the people working at the cinema), for finding anyone recording the movies. At the beginning of movies, they play a stupid commercial about not to pirate movies, and compare it to stealing a car (again showing how spaced out the MPAA is). They actually have people with night-vision scoping the audience out during the entire showing.

Now, I'm aware that they do this in the states. The stupid part is that in the USA, movies come out before you can buy them on DVD, download DVD-rips (ok, not always), or rent them at your local movie rental store. Not so in Guatemala. The movie industry is quite backwards, and releases shows much later in different parts of the world (hence their retarded DVD region coding crap). Well, by the time a movie hits Guatemalan theatres *there is no market for screeners of that movie*!

I selected one movie to watch, but my sister told me they had rented it two weeks ago. Others I had seen in theatres in the USA or downloaded DVD-rips of months ago. Some were even at Blockbuster, less than 1km away. All of them are readily available by street vendors (in your choice of VCD or DVD). Yet they still find it necessary to go to extra lengths and “prohibit” cameras to stop this huge screener racket. Silliness. I'm sad to think that some of the population here might A) actually believe them B) not be offended that a company tries to take away their freedom to carry a camera around.

In the sake of prosperity for the country, I'm planning some fun with these people:
1: Photograph and chart the entire mall.
2: Post pictures and schematics here. [For added bonus, mark up the schematics with writing in a script they don't understand.]
3: Distribute flyers at the mall with a URL; email Spectrum.
4: Enjoy the response.
And:
1: Get some empty rolls of toilet paper or other cardboard items.
2: Add a red LED to these items.
3: Distribute at the theatre.
4: Watch employees go nutty thinking they're going to get $50,000 in reward money.
5: Have even more fun when I refuse to surrender my cardboard box.

Just need to find the time...

The red X of suckiness

Sun, 03 Oct 2004 18:25:00 GMT

I opened Windows Media Player 10 (which STILL doesn't have a shuffle feature that works) and saw this:

Not sure which service corresponds to the red X, but all of them suck (CinemaNow being the worst piece of crap “service” I've ever seen -- and they want you to pay for it!), so it's all.

On a related note, does anyone know to remove that part of WMP and put something useful there?

Kalea: We don't prices on our site because they might change

Sun, 03 Oct 2004 01:01:47 GMT

Kalea is a furniture store in Guatemala that pretends to be more upscale and “cool”. Some of their items are pretty nice, others are just marked up 300% for no reason. At any rate, for a while, they had no functional website (just an “under construction” page). Well, I recently checked their site (www.kalea.com.gt), and was joyed to find out that, alas, they have a product listing. Yay! Now I could see if there is anything new or good to buy without driving downtime and wasting time in the store. Was I wrong.

First, the product gallery consists of one crappy photo of the product. Second, the description (in all caps for no apparent reason), consists of one short line, such as “Wooden console. Metal legs. Polished wood finish.” This, coupled with the crappy pictures, ensures you have no idea what the product is. I've looked at tables and I have no clue if they are small two-foot night stands or great hall dining tables. Silly. But even so, I could probably get some clue if they had a product I was interested, and then go down to the store to inspect and buy. Not quite.

Kalea has decided NOT to put prices on their site. Instead, they expect you to “request a quote” for every item you might be interested in. Now, their prices range from $30 - $1500 (or more) for furniture, and sometimes their prices are just outright crazy (say, their rugs, which are 3 times more expensive than the exact same rug in a store across the street). Thus, knowning the price becomes even more critical. “Hey, that looks like a nice light. Oh wait, $300 for a lamp? Forget it.” Also, before sending a quote, they ask you to fill in a form full of your info (rather than just an email address). So, I wrote them “Why the hell are there no prices”? Here's their response (they responded in English):

”Thanks for writing. The registration is needed so we can have your real information. Our website is intended for information only, this is a e-business site and not e-commerce site. If you can see, the cart is used to make a quote (Cotización), we will receive the list of products that you are interested on, and in a short time we will send you an email with the quote. We are using our site as a catalogue of products, they can be at sale, promotion, or not in store (but we can export them for you), so the prices may vary, and that is why we don´t post them.”

Don't you love that last line? I guess they've never heard of databases that have the UPDATE command, or perhaps that you can actually edit data. Also amusing is the phrase “this is a e-business site and not e-commerce site“, as if I'm supposed to say “Oh, I'm sorry; now I understand.“ Sigh.

Sarcasm Chicken

Sat, 14 Aug 2004 06:35:52 GMT

Does anyone else play the game of “sarcasm chicken“? It goes something like this:

Alice: Well, user's are still opening virus attachments.

Bob: Let's install better anti-virus software on all client machines.
Alice: Well, still, it's not enough. Maybe all attachments need to scanned at the server first.

Bob: Hmm, maybe we should have virus-scanning at the ethernet layer, you know, stop it before it gets into the computer, right at the switch.

Alice: Yea, even better, we could also have a heuristical scanner inside the TCP/IP stack.

Bob: Well, true, but attachments also have to be saved. So maybe the file system could make all new data written unaccessible to the user until an admin approves it or until it's virus scanned.

Alice: Could be, but if the OS gets attacked... what about having it at the disk level? That way we'd have hardware support, and that's a lot harder to hack.

Bob: Hardware support? That's a good idea, but we'd have to buy new hardware.

Alice: Hmm, maybe we can patch the BIOS to.... <g>

Bob: <g>... I was gonna ask if you were serious...

Has this ever happened to you? It starts as a joke, and you keep it up a bit, and then you start to think the other person might actually be serious and well... This is a good outcome. It's no fun if you have to explain your “joke“, esp. on a public DL.

Most creative spam I've seen so far

Tue, 03 Aug 2004 15:17:24 GMT

I don't get a whole lot of spam on my primary account. The bit that I do is usually filtered out by Outlook 2003. However, one message got in, and I read it. It was for an adult matching service. What's so different is that they used ASCII (OK, HTML, since they used a font tag to make one part a different colour) art of a naked woman, instead of including a JPG. Spam on a budget?

HTMLartWoman.html (1.31 KB)

AV makers are lame, but this takes the cake!

Sun, 18 Jul 2004 17:47:01 GMT

I got this press release forwarded to me via an MVP mailing list. I couldn't stop laughing! It's from a software vendor (Airscanner.com) who makes AntiVirus products for Windows CE devices: Smartphones, Pocket PCs, etc. They're proudly announcing the first virus for WinCE, amidst so much FUD, it's funny! What's funny? Take a look:

1: They paint WinCE as the last hope and salvation of Microsoft.
“The Windows Mobile operating system is heir apparent to the Microsoft dynasty. Microsoft knows the desktop and server OS market is saturated. There is no room for growth. And even as we speak, Linux erodes its market share. How can Microsoft save itself?”
”Heir apparent”? I see... nope, no more shipments of WinXP or 2003 server will be going out, that's for sure. In the future, everyone works on tiny devices with relatively small processing power and storage, running a miniature OS. Windows Embedded is never used because that'd make too much sense. Welcome to the alternate reality where Airscanner lives.

2: They make silly claims about how “insecure” WinCE is:
“But there is a problem. Security is the biggest threat to Microsoft's survival. With its Trustworthy Computing initiative splintering under the pressure of weekly vulnerabilities, Microsoft would surely protect its most favored offspring. Right?
Wrong. Microsoft left its golden child naked and shivering. Windows Mobile has almost no security architecture whatsoever. It is wide open to attackers;“

WinCE is used on portable devices like PocketPCs, Smartphones, and MP3 (excuse me, WMA) players. What “security measures” should it have? It's a single user device you keep in your pocket. “Wide open“ Yep, just like my toaster, blender, VCR and DVD player are “wide open” for attackers. However, they do quickly go on to lavish praise on WinCE (since they're trying to make money off of it).

3: “Unfortunately, Windows CE was designed without security. Worse, handheld devices are now the easiest backdoor into a corporate network. “
Come again? Raise your hand the last time your Windows CE devices executed code under your domain account, on a domain computer. I don't see any hands. Raise your hand the last time your WinCE device executed ANY code on a corporate machine. Still no hands? WinCE adds no more risk to a corp network than already exists. Just more FUD.

4: Their terrorizing virus doesn't do anything. It prompts the user, “Can I spread?” And then it proceeds to “infect” files. They play this as a “proof of concept”. Ok, what exactly does it do? Because it sounds very much like a program *that writes to the disk*! That's it folks. It writes to files on your devices memory. If you're wondering what's scary, don't ask me. I guess the idea is to say “Basic IO works in WinCE! Run for your lives, arrg!” They portray this as a proof of concept. Well, Microsoft has these proofs of concepts around for a while. They're called Build Verification Tests.

5: The virus writer (which I'm guessing was paid for by Airscanner) writes:
“This is proof of concept code. Also, i wanted to make avers happy.The situation where Pocket PC antiviruses detect only EICAR file had to end …”
He WANTS to make the AV companies happy. I see. So, some guy takes his time to write a virus that doesn't do anything malicious, and only spreads on demand, and mails it right to the AV companies, *just to make them happy*? OK...

Even better, apparently there are only two things their software checks for. This means that anyone can write an AV in about an hour. And they want $29 for this product. Well, I guess if they sold 5 copies, that'd work out to $145/hour for them, so that's not that bad, eh?

6: The people from this company apparently can't write a simple algorithm.
“If the file has been infected, it will be marked with the word “atar” at the offset 0x11C. This is used during the infection process to see if the file was already infected. Without this check, the virus would keep re-infecting files over and over until the device ran out of memory.“
Mind you, this is the AV company, not the virus writer. They apparently believe the only way the only way to prevent an infinite loop on a set of items is to modify each item, “otherwise it'd run out of memory.” Are they truly saying there's no other way to do this? Sure sounds like it.

7: Even though it's low risk, they wanna play up the potential:
“Note, however, that in the lab we were able to easily bypass these protection checks by making small changes to the virus binary. There is nothing to prevent malicious users from doing the same and repackaging this malware as a Trojan.“

Repackaging it as a Trojan? Excuse me? The virus doesn't DO anything. Maybe they meant “by rewriting everything“ instead of “making small changes to the virus binary“. Anyways, these things *don't spread*. Even if they tried to make it spread, it'd be very hard. The reason is because you don't usually copy EXEs around from one mobile device to another. You usually have a installer or host management system that handles this for you. If I want to give you a game, say DiamondMine for PPC, I don't copy files from my PPC to yours. I give you the DiamondMine installer, which runs on your Windows XP machine and that installs the game on your device.

For it to really spread, maybe it could email itself around. Of course, the steps would be: Get the email. Rename attachment (since EXE files are usually blocked). Copy to PocketPC device (since Pocket Outlook doesn't download attachments by default). Run file. You might as well just call the user and say something startling, causing him to drop the PocketPC. It'd do more damage that way.

Users beware: Desperate companies will make up whatever garbage they can to scare you into buying fake security products. Save your money and buy yourself a soft pretzel instead.

News flash: Terrorists sell pirate DVDs

Mon, 12 Jul 2004 14:41:46 GMT

According to the film companies in the UK, terrorists sell pirate DVDs to raise funds. So, forget all the benefits that I mentioned the other day, now, buying a DVD off the street means supporting terrorism. That really does it explain it all, eh? Pirates are painted as evil vile villains, and terrorists also fit that bill, so why not connect 'em? I'm just surprised it took someone so long to come find the link. I wonder how long it'll be until we learn Saddam has stockpiles of counterfeit DVDs, just waiting to flood the market and make the economy collapse... The industry makes it quite clear that there are more people than just terrorists (no, really?) who are pirates.

My favourite quote from the article was “By purchasing pirated DVDs, many consumers are unwittingly helping to fund hardcore criminals with links to people trafficking, drugs, guns and money laundering” -- wow. I'd hate to think what people who sell pirated copies of SQL Server do!

They also make a lame attack at the quality of pirated wares, saying “They were rubbish, they were shaky, out of focus, camerawork was bad, they had muffled sound”. Well, sir, it looks like you bought a SCREENER, something no decent pirate would sell. Oh wait, they're evil, vile criminals. So I suppose the moral of the story is: Don't buy unprofessional pirated DVDs 'cause they suck. Find a pirate who knows what they're doing, and in the process, stop funding terrorism.

D&D Items do exist: I just read a "Tome of Stupidity -1"

Sun, 11 Jul 2004 20:14:29 GMT

For those of you who played D&D (here's a funny video to see what it's like), you might recall that there were magical tomes that could increase or decrease your abilities, just by reading them. Of course that's impossible in real life since we'd need powerful magic... right? Well, as I have unfortunately learned, no. A while ago, I had to maintain someone else's app. I believe in the process of reading this app's code, I have lost a few IQ points. Let's take a look, shall we?*

All the code in this app uses horrible variable names. In a 250 line block of code (a single method -- the writers must have thought there to be huge drawbacks to using methods), the first line starts off by declaring the variables. A sample looks this:

dim objconn,objrs,strDatabase,mysql,mysql1,sqlstring,rstemp,dbConn1,objrs1,query

This is a truncated line. They actually declare about double that much. Regardless on how you feel about declaring everything at the top of a file, this is bad. They don't use these variables at the same time. For instance, they'll open objrs, do something, and then close it, then open rstemp and repeat. There aren't actually two objects in use at once. They just declared extra variables for fun. Or maybe they thought they had to give the variables a rest. I don't know. And I don't think they did either. Of course, it's better than using no variable names at all.

They have a process to read values from a comma-delimited file. So, one line at a time, they use VB's split function, storing the result in a variable named “split“. So far so good. Then they proceed to use constants for the next 100 lines to refer to different fields, giving way to wonderful code as so:

if split(6) = “true“ then
objrs1.open “SELECT * FROM Table WHERE Field1 = “ & split(2) & “ Field2 = '“ & split(9) & “'“
split(4) = objrs1(“SomeField“)

At a few places in the app, a field is selected from the DB for absolutely no reason:

someId = Request.QueryString(“someId“)
rs.Open “SELECT SomeId FROM Orders WHERE SomeId = “ & someId, objConn1
someId = rs(“SomeId“)

That's right. They select a single field (an int), constraining it to the current value of their var, and then set the var to the same value. Maybe there's something special in SQL that I'm not aware of. To their credit, there's actually a check for rs.Eof first (omitted for clarity of stupidity).

Here's a brilliant idea for performance: Don't use SQL's COUNT. In quite a few places, they'll execute a semi-complex query that returns, on average, 10,000 rows. But why bother with SELECT COUNT, when we have SELECT *?

The entire app is built like this. The people who wrote this should have their text editors confiscated.

* Some variable names have been renamed to protect the innoce-- mentally challenged.

Programs aren't people!

Tue, 15 Jun 2004 04:28:48 GMT

Attention to all devs who think they are writing “friendly” programs by using a personal voice: stop. I just got this in my inbox:

Subject: failure notice
Hi. This is the qmail-send program at somesite.com. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out.
<emailATdomain.com> Sorry, I couldn't find any host by that name. (#4.1.2) I'm not going to try again; this message has been in the queue too long.

Makes me think my server needs therapy. I had to suppress the desire to hit reply and say “Oh don't worry, it's ok. I'll try sending the message again later.”

This isn't a friendly Office Assistent, it's a mailer daemon. Yet the devs just couldn't resist making it have feelings. I wonder if it crossed their minds to throw in a dice-roll to determine if the program is feeling sorry, or just annoyed that it couldn't deliver the message. Perhaps sometimes it could be apathetic.

The real problem though is that you have to read and parse emotional English to get the simple error out of this message. Notice that it's not a “friendly” message where common problems and resolutions are suggested, it's just an apologetic technical message. What's wrong with <some descriptive text> followed by: “Error #4.1.2: Host not found. Fatal error, delivery failed.”?

Business Untelligence: Supply and Duhmand

Mon, 01 Mar 2004 14:29:43 GMT

Since I'm about to leave Guatemala after living here for over six years, I thought I'd jot down some experiences as to remember them. I'm not making this up.

At a store, my father asked for some soap. He was told that they currently did not have any, and that they wouldn't for two weeks. My father suggested that if they were selling so much soap, perhaps they'd order more. The storekeep smiled and said “Well actually, we never sell soap for the second half of the month. Our records show that we only sell soap for the first two weeks and then none for the rest of the month. So, we only buy for the first two weeks.”

I went to buy a microwave at the biggest Sony distributor in the country. In the front of the store they had a very interesting microwave with some really advanced features. I asked how much it was, and was told that I couldn't buy it, since they didn't have any. When I pointed out to the salesperson that they did, in fact, have one, and it was right there, he said “That's our display unit. If we sold that, we wouldn't be able to show it to other customers.”

Chinese Hangman in .NET

Wed, 11 Feb 2004 16:01:40 GMT

As I was driving home this morning, I was thinking about localization issues for different situations. I realised that it must be really hard to have certain word games, like hangman, in some Asian languages like Chinese or Korean (shouldn't be a problem in Japanese, so long you stick to the alphabets). So, without further ado, I sat down and wrote a very simple Chinese Hangman game.

There is only one word because I'm lazy and wrote this in 20 minutes and didn't feel like putting a real word library in. Maybe for v1.1. “Chinese” is somewhat misleading. In fact, I used Korean to get the characters, since I suck at the Chinese IMEs, and didn't feel like using my digitizer.

Since it's written in .NET, you can play online, just by clicking here (32K)!

Update: Some of my slower friends have given me feedback that this game is hard, since you have to guess the exact word. That's the point. The game is just a joke. That's all. Don't actually expect to play it (although it is fully functional!).