The less friction you have to coding something, the more likely you are to complete it. Reducing friction is a common theme for me. It’s relevant to maintaining an app, and building your own app. I have known plenty of people who have an idea – plenty of coders, but few who actually do it. Why? Because of friction, which is mostly within your control and probably partly yourself. Reduce friction, and achieve.
blog comments powered by
I’m specifically choosing the title for search engine results because I can never find this information when I want it. For some reason not many .Net devs seem to know about it, and I always forget the code because I don’t often need it.
1: System.Diagnostics.Debugger.Launch()
This is very useful for debugging services, installers, and other situations when you can’t just start with the debugger.
blog comments powered by
If you’re a windows dev and use github for source control, you should set the autocrlf setting in git like described in this github article. I’m also setting the safecrlf setting, and hopefully those funky end of line characters I got going on will wiggle there way out. I wasn’t aware of this but probably should have thought of it, but git will add unix end of line characters to your files when you check them into a git repository. Just make sure everyone on the project has the autcrlf set to true, and everything will be fine. Use git bash and run these commands:
git config --global core.autocrlf false
git config --global core.safecrlf false
It’s easy to miss. I ended up adding those unix eof’s into the solution file and others for FluentMigrator. Justin Etheredge pointed out the problem and the fix. Hopefully it will all be cleared up soon. It doesn’t seem to prevent VS from opening and compiling, and even the build server continues to run.
UPDATE: I realized I was giving bad advice. You should set autocrlf to false not true.
-j
blog comments powered by
I try to learn and reflect on my code style regularly. I occurred to me the other day that my use of the var keyword could be better. I had started using var for every declaration in my c# code. It looked like this:
1: var elementList = new List<FieldElement>();
2:
3: var resourceKind = (new T()).ResourceKind;
4: var schema = GetSchema(connection, resourceKind);
5:
6: var complexTypeName = GetSingularTypeName(resourceKind);
That’s great and all but it’s not immediately clear what schema and complexTypeName variables are just by reading the code. I suggest using the specific type in declaration of those variables like this:
1: var elementList = new List<FieldElement>();
2:
3: var resourceKind = (new T()).ResourceKind;
4: XmlSchema schema = GetSchema(connection, resourceKind);
5:
6: string complexTypeName = GetSingularTypeName(resourceKind);
That’s better. As a matter of personal opinion, you might want to change the resourceKind declaration to this:
1: string resourceKind = (new T()).ResourceKind;
The T defined in this case so I know what type it is, but it might not be obvious to other people. Clarity is important for maintaining code. Don’t assume that because you know what you were thinking now that you will remember later. One oft repeated rule is to code as if the next guy to work with your code is a homicidal axe murder who knows where you live.
blog comments powered by
Extra Power
If you use a laptop as a main dev box, keep a second power cord in your laptop bag. That way all you have to do to hit the road is unplug it and slip it into you laptop bag. I typically keep my laptop bag ready to go, so the only thing I need to add before I leave is the laptop itself and, sometimes, the wireless mouse.
Ubuntu CD
I carry one in my laptop bag and have one in my home desk. I’ve saved files being lossed many times by booting Ubuntu, mounting the drive, and copying them to a USB drive.
TDD.Net
I write unit tests, and strive to use TDD all of the time. Running tests and getting the results is important. I find the Visual Studio test runner to be too slow. TestDriven.Net is my favorite test runner and VS add-in.
blog comments powered by
Domain expertise has a great value especially in development. In fact, it can be crucial for success. It also has a downside. When development becomes so engrained in the prevailing culture, it becomes easy to continue and even encourage bad habits.
Inevitably, a certain way of doing things will evolve during a product’s lifecycle. It becomes are part of the culture, and is learned and repeated by new developers on the project. In knowing a codebase, it is far too easy to think in the same manner. The path of least resistance is sometimes the only one you see, and even when it’s not you may not feel you have the time to change. The way its been done already is too deep to change in time for your next release.
Been there. Done that. Many times.
I advocate TDD for many reasons. Clarity, maintainability, and adaptability being among those. Sometimes I see code and have to wonder what in the world was the author thinking. Not just because of style or buggy-ness, but code that literally looked like it shouldn’t work. Plenty of times, seen uncommented code which was as clear as mud.
Avoiding the rut while becoming a master of the domain isn’t easy. Unit Testing is a good way to do it. You’ll learn while coding and develop clarity in the codebase. Additionally, you will be setting the stage for better habits and maintainability in the future.
Roy Osherove has a .Net Unit Testing book, which was just published. It would be a good way to learn more about Unit Testing. It’s on my reading list.
blog comments powered by
Authentication is the verification of who you are.
Authorization (aka permissions) is the definition of what you can do.
Itis a subtle difference with a
giant distinction and impact. I've seen alot of time and effort put into verifying who a user is, and that is agood thing. Too often, defining and checking what the user can do isoverlooked or not thought out very well. One of the teams for a projectI'm working on is currently collecting feedback on a uniformauthorization proposal. A good amount of thought was put into how to doit and provide a good user experience. The first thing I noticed aboutthe proposal was something that wasn't in it.
My childhood wasfull of danger, adventure, and romance. Young Indiana Jones storieswere based on my life. OK, not really. But my friends and I did buildforts in the woods near our homes. One of them even had a secretentrance. Sure, anyone could have forced their way in and dealt withthe poison ivy consequences later, but the entrance was definitely thebest way to enter. The one thing about it was once you were in, youcould do anything you wanted in there. Tear it apart, leave kindmessages, stuff like that. Once you found the door (authenticated), youhad the ability (authorization) to do whatever you wanted. That was notgood security, but we were just kids.
In many applications, youneed to restrict what a user can do with the application. Letting theuser do anything they want once they log in is not good security. Thisincludes hiding a url from a menu, and hoping they don't guess itthemselves. The application needs to check if they are allowed tobrowse to "/admin".
What was missing from the proposal Imentioned above is definition of how authorization is checked. In thiscase, it's outside the scope of that team. But it reminded me how oftenthat is overlooked. You need to check if the user is allowed to deletethis record, or send that invoice, etc. Another question is "where doyou check?" It depends on the constraints of the project.
A goodrule of thumb is "trust but verify". This has led me to the opinion ofchecking authority twice in a lot of cases, and auditing every action.Honestly, I don't double check every time. There are a lot of caseswhere it doesn't apply. For single user apps, that single user canperform any action the app provides (unless there is some core adminfeature set). Perhaps your app isn't multi-tiered, so dual tierchecks aren't necessary. If there's only one or two layers, then youdon't need to check authority twice.
Another thing that isworthwhile is auditing. That is to record who attempted to perform whataction and whether or not it was allowed. This gives you a securitytrail to identify security related bugs or threats. It's related tologging, and is a natural extension to your logging facility which youshould be using anyway
Perhaps I should lay out how and when toapply the dual check rule, but that's not really the point of thispost. The point is this: Don't forget that authentication is not thesame as authorization and you should carefully consider both.Otherwise, you could end up with a wrecked fort with nasty littlemessages written in red paint on the rocks from taunting foes.
/just sayin'
//if I
*ever* find out who that was...
-j
linkage:
http://www.duke.edu/~rob/kerberos/authvauth.html
blog comments powered by
A friend recently asked my advice on getting started in IT and how to learn more about it. Being the super generous, ever wise person that I am, I told him to take a flying leap.. just kidding.
It made me think because I wasn't sure how to advise him about figuring out what area of IT he might find most interesting. With current market conditions, jobs aren't jumping up and grabbing you but IT has remained better than others. It's probably not as easy for beginners although now is a good time to start learning. You can check monster.com, dice.com, or even craigslist.org to find IT job postings to see what is going on in the job market. BUT before you do that, you should have an idea of what IT field you are interested in, and the key terms to use in searching for that shiny, new IT job.
Pick your flavor
There are quite a few different areas within IT, and Ill name a few. Readers, feel free to comment on any I missed or add details you might give to a friend.
Hardware
If you like building and putting things together, this might be a good area for you. It's an engineering discipline, but is often combined with the resposiblities of purchasing and tracking assets.
Networking
This area involves the wiring and connection issues involved in computers talking to each other. It can be for office networks, or meeting communication needs of a high traffic website. It's often rolled up in a hardware position, but both could turn into a high end specialist.
Help Desk / Support
This is usually helping people solve their problems. Could be on the phone or in person, but you really need people skills and patience for this field. A few different paths for this might be internal help desk for a company, help desk for other companies, or contractor who supports local businesses.
Software Testing
If you like to mess around with programs and figure out how to break things, you'll probably do great and have fun in this area.
Software Development
It's what we do. It's mainly divided into two areas: Internet/websites, Installed programs (like Mircrosoft Word ot some other programs.) Problem solving is a must, but so is creativity.
Database Development or Management
The art of managing and manipulating data can be consider it's own special discipline; especially when it comes to dealing with very large or high volumne databases. It's not for everyone, and the only way to figure it out is to try it. Start learning programming and pick projects that use databases; that will introduce you to it. After that, you'd need to read topics specific to database development or management.
Project Management
Organizational skills. After that it's a mix of different things, and sometimes you might be asked to fill other roles (like Help Desk or hardware)
Product Analysis
This is making the business rules for software. People skills, creativity, and some knowledge of software will serve you well.
There's a variety of combinations and things are always changing. With so many different tools, languages, and technologies, I couldn't list nearly enough in a reasonable amount of space. Pick which area you like, then start learning about the specific technologies in that area.
It's important to be a good problem solver, be comfortable learning, and have good communication skills. After that, there's a lot to say for experience and determination.
Add your mix-ins
So how do you get started? Well a degree certainly helps and so do professional certifications, but I'd suggest trying some of these before committing. There are plenty of entry level tutorials online. Use a search engine to find them by searching for "tutorial " and your keyword like "website programming". If you're not already aware, there are many different programming languages so start with a common, object-oriented language if you are thinking of going into development. We use C# and Ruby a lot. Java is another good choice.
Even if you don't find a free course or podcast, you should look for an inexpensive introductory class. You don't want to commit a lot of money until you know what you are getting into. I recommend online sources because it is easier to fit into your schedule.
Once you've got a good idea what you are interested in, talk to friends if you know anyone in the industry. Try local user groups or online groups. AZGroups is a local .Net User group with friendly, helpful people. I use Google Groups quite a bit myself for discussing IT topics, and helping people find answers when I can. (Email me if you want suggestions for groups in the Phoenix area.)
If you are truly committed (and being committed to a mental health institution is a requirement for some IT jobs), then go get the training and basic skills you need. There's no reason to spend a lot either. Look at community colleges or certification programs. Being a good problem solver, learning fast, and communicating well is more important that a degree or certificate. Those just show your commitment and some presumptive, basic level of ability.
Lets roll
The next step is landing that first job. As with any job, networking helps a lot. Try LinkedIn.com, which is a professional social networking site. Go back to those friends and user groups you talked to. Check those jobs sites I listed above, and search for others. There are many more than the ones I listed. Even though I'm a seasoned professional, I've been known to go door-to-door in search of work. (There's a good story there which maybe I'll tell later.) You do what it takes, and it usually works out. Especially if you are passionate about your choice.
Blast off
After you've gotten some experience built up, you'll find it easier to pick where you want to go with it. Let's say you become a website programmer and you love cars. Perhaps you build a website focused on small track car racing and earn money selling ads. You'll love it and it pays the bills. Or maybe you land a programming job with an autoparts retailer, or something else related to your passion. Who knows. What I do know is things work out best when you stick to what you like; and the best ideas are ones you would love yourself. Passion is the key to happiness in any career, and is especially true in IT.
-j
blog comments powered by