# Thursday, December 07, 2006

In Barcelona, I was on the panel for the Barcelona Girl Geek Dinner. Now, lest anyone be under the illusion that these panels are carefully peer-selected and reviewed, that there's some committee somewhere finding the cream of modern geekhood -- well maybe that was how the others were chosen but for me, I was hanging out in the speaker room when Sarah, who I'd only just met, asked me if I'd do it and I said yes.

I had a lovely time at the panel and we all spoke about our experiences, advice to newbies, how nice it is not being "the only one in the room" from time to time, and so on. I was sitting with Catherine and Cyra, two of my fellow panelists, and Charles Torre of Channel 9 was with us, and we talked over dinner and wine the way in my experience geeky women always do -- a fast paced mix of very technical shoptalk and personal getting-to-know-each other material. (I learned a lot from Cyra and wish we had had more time together.) When the event ended, the four of us walked together across the street to the speaker hotel, but it was such a short walk and we weren't finished talking. Someone expressed an interest in dessert, and we decided to see what the lobby bar had to offer. We kept on talking, and at one point Catherine and I were trying to convince Charles that "the compiler is your friend" -- that strong typing and early binding have big advantages. Charles kept saying "I can't believe I'm not filming this" until eventually he picked up the camera and started to film. He asked us questions he knew we cared strongly about and off we went.

The resulting video is now on Channel 9. It seems to kind of start in the middle because, well, we started in the middle. I suspect it's the only video on Channel 9 featuring gestures with a glass of Scotch. It's one of the very few that doesn't feature exclusively Microsoft employees, so I am honoured to see it there. Those of you who have heard my line "I stay up late over too much red wine arguing about deterministic destruction" can now see that in action. We don't introduce ourselves till the very end, so if you need to know who's who, download the whole thing, skip to the end, then go back to the beginning and watch us.


Thursday, December 07, 2006 10:51:37 AM (Eastern Standard Time, UTC-05:00)  #    
# Wednesday, December 06, 2006

Man, I've been making software for a long time. I first came across Fred Brooks' essay No Silver Bullet: Essence and Accidents of Software Engineering when the mail (you remember, the physical mail) brought me the magazine (you remember physical magazines) and it was the cover story. Apparently that was the April 1987 issue which is bringing us perilously close to the twenty year mark. (And if I needed to, I could get my hands on that copy within minutes... in fact I'm sure I've held it within the last year or two.) And now people are talking about it again. Larry O'Brien has a long post with links to some other posts of his own and by Wesner Moise. He also captures what I consider to be the essential quote from the essay:

I believe the hard part of building software to be the specification, design, and testing of this conceptual construct, not the labor of representing it and testing the fidelity of the representation. We still make syntax errors, to be sure; but they are fuzz compared with the conceptual errors in most systems.

The thesis is that software development gets easier or faster or more accurate only by degrees: you cannot adopt structured programming or object oriented programming or aspect oriented programming or functional programming or agile techniques or anything and expect to be ten times faster or a hundred times faster, no matter what people tell you:

There is no single development, in either technology or in management technique, that by itself promises even one order-of-magnitude improvement in productivity, in reliability, in simplicity.

It was true then and it is true now. And it will still be true when my kids are as old and grey as I am becoming. Worth reading and rereading, and not waiting twenty years between rereads. Oh and by the way, this is the same Fred Brooks who invented the heavens-I-wish-it-wasn't-true rule: Adding more people to a late project makes it later. That's from 1975 and you can't escape it either.

OK, there is one way you can achieve an order of magnitude improvement in productivity: hire the right people. The good ones are ten times as fast as the OK ones, and infinitely faster than the none-of-their-code-ever-ships ones. But that's not a technology or a management technique, so it doesn't count for our purposes.


Wednesday, December 06, 2006 8:10:13 PM (Eastern Standard Time, UTC-05:00)  #    
# Tuesday, December 05, 2006

Here's another neat way to search in Visual Studio. Press Ctrl-i to get into incremental search mode, and start typing:

Typing e finds the first e in the file. Keep going and find the next instance of your letter pair:

It keeps going as long as you want:

By the way the binoculars/arrows cursor reminds you what you're doing. Until you press Escape, you can also do Ctrl-i again to just go to the next one, Shift-Ctrl-i to go backwards, and Backspace to take a letter off your search string.

Fun, eh? I may like search in Visual Studio too much ... I routinely use the Find in Files to search folders of stuff that isn't anywhere close to code. Of course I don't have to do that on my Vista machines, where search is nice and fast.


Tuesday, December 05, 2006 7:42:29 PM (Eastern Standard Time, UTC-05:00)  #    
# Monday, December 04, 2006

My recent post of a joke about a priest and a politician highlights a privacy issue: sometimes any sufficiently specific information can become identifying information. If the priest had referred to "one of the first confessions" instead of "my very first confession" nobody would have learned anything when the late-arriving politician told the crowd he was the very first to give confession to the then-new priest. Similarly when a CIA operative was identified in the USA, at one point the person who identified her took refuge in pointing out he hadn't named her, hadn't said "X Y is an operative", but instead had named her husband, "A B is married to an operative." Of course that was equivalent to naming her.

Similarly, when you're worrying about privacy in an application, it's not as simple as naming some fields you shouldn't include in the system. That's a good first step, for sure: why does this application have a field for Social Insurance Number, what do we use it for? Why do we need to keep it after that? But it's not the whole story. For example, we may need everyone's home phone numbers, but do we need them on the main screen or would it be better to make people click to see the more private information. Can we use role based security to show private information only to managers? This takes some thought.

Microsoft is offering a 49 page Privacy Guidelines whitepaper you may find helpful. The introduction says:

The purpose of this document is to propose a baseline for establishing this higher bar.  It offers guidance for creating notice and consent experiences, providing sufficient data security, maintaining data integrity, offering customer access, and supplying controls when developing software products and Web sites.  These guidelines are based on the core concepts of the Organisation for Economic Co-operation and Development (OECD) Fair Information Practices and privacy laws such as the EU Data Protection Directive, the U.S. Children’s Online Privacy Protection Act of 1998 (COPPA), and the U.S. Computer Fraud and Abuse Act (as amended 1994 and 1996).  In the interest of developing a common set of industry best practices for privacy, we invite the community and other interested parties to participate in an open dialogue. 

It discusses categories of information, retention, consent, notice, and a few things that are web-specific like cookies. A good place to start your thought process.


Monday, December 04, 2006 3:16:45 PM (Eastern Standard Time, UTC-05:00)  #    
# Sunday, December 03, 2006

Technology Review has an interview with the father of C++. Some notable quotes:

  • There has to be languages for those experts to use--and C++ is one of those languages.
  • I want elegant and efficient code. Sometimes I get it. These dichotomies (between efficiency versus correctness, efficiency versus programmer time, efficiency versus high-level, et cetera.) are bogus.
  • There are just two kinds of languages: the ones everybody complains about and the ones nobody uses.
  • The main reason for C++'s success is simply that it meets its limited design aims: it can express a huge range of ideas directly and efficiently. C++ was not designed to do just one thing really well or to prevent people doing things considered "bad." Instead, I concentrated on generality and performance.

Read the whole thing!


Sunday, December 03, 2006 3:03:02 PM (Eastern Standard Time, UTC-05:00)  #    
# Saturday, December 02, 2006

UAC got you all confused? Do you think the best thing to do is turn it off? Maybe this article on TechNet will help a little. It's quite long, and not entirely developer focused, but it's a good place to start understanding what UAC is for and why it would be best not to turn it off.


Saturday, December 02, 2006 8:26:32 AM (Eastern Standard Time, UTC-05:00)  #    
# Friday, December 01, 2006

From Beyond Code, this made me smile:

Sorry for the delay
A priest was being honored at his retirement dinner after 25 years in the parish. A leading local politician and member of the congregation was chosen to make the presentation and give a little speech at the dinner. He was delayed, so the priest decided to say his own few words while they waited.

"I got my first impression of the parish from the first confession I heard here. I thought I had been assigned to a terrible place. The very first person who entered my confessional told me he had stolen a television set and, when questioned by the police, was able to lie his way out of it. He had stolen money from his parents, embezzled from his employer, had an affair with his boss's wife and taken illegal drugs. I was appalled. But as the days went on I knew that my people were not all like that and I had, indeed, come to a fine parish full of good and loving people.".....

Just as the priest finished his talk, the politician arrived full of apologies at being late. He immediately began to make the presentation and gave his talk. "I'll never forget the first day our parish priest arrived," said the politician. "In fact, I had the honor of being the first one to go to him in confession."

Moral: Being late can be (very) costly.


Friday, December 01, 2006 8:13:25 AM (Eastern Standard Time, UTC-05:00)  #    
# Thursday, November 30, 2006

Like Dilbert, this list of top 20 excuses developers give to testers is only funny because it's true. I'll tell you that the answer listed as #1 there is banned in our offices -- and we have quite a bit of process in place to make sure deployments are complete, for just that reason. Personally, I find #8 the funniest - and again, only because I have in fact heard it... mostly from former employees :-). Number one winner in the comments: Billy Hollis - "We're not shipping your machine."


Thursday, November 30, 2006 9:02:24 AM (Eastern Standard Time, UTC-05:00)  #    
# Wednesday, November 29, 2006

To follow up on my post about pinning pointers, let me ask one of those tricky questions that someone asked me. If I have an array of things, how do I pin the whole thing? If I ask for a pinning pointer based on element #3 of the array, can I use pointer arithmetic from that pinned pointer to reach elements #4 through #11? Do I have to pin each element one at a time?

The answer is that pinning any element of an array pins the whole array, and that once you have a pinned pointer to one element of the array you can do the usual pointer things. This includes not only incrementing it to move through the array, but if it's a char* you can pass it to things that expect strings and those things will never know the difference. Here's an example from MSDN:

array<Byte>^ arr = gcnew array<Byte>(4);
arr[0] = 'C';
arr[1] = '+';
arr[2] = '+';
arr[3] = '\0';
pin_ptr<Byte> p = &arr[1];   // entire array is now pinned
unsigned char * cp = p;
printf_s("%s\n", cp); // bytes pointed at by cp will not move during call

This sample prints out ++.


Wednesday, November 29, 2006 8:42:29 AM (Eastern Standard Time, UTC-05:00)  #