movies, dotnet comments edit

Today’s my first day back at work (that is, actually at the office) since the winter storm fiasco last week and let me tell you how nice that is. I’m not very social at work or anything, but being in a place designated particularly for work is much better for focus, and hearing the other guys in the department doing their thing… well, it’s more social than sitting at home trying to get the cat to stop climbing my back.

First thing this morning I got here and there was a minor database-related crisis on one of our intranet servers, so that took most of my morning hashing that out. Stupid SharePoint Team Services…

I scheduled my last test for my Microsoft Certified Solutions Developer certification - “MS070-300: Analyzing Requirements and Defining Microsoft .NET Solution Architectures” - this coming Monday. I’m more uncomfortable with this test than I have been with others; they really are testing for “Software Engineering The Microsoft Way” and coming from a more real-world perspective, this inconsistent theoretical crap is really tough for me. I end up answering the questions the way you would in a real-world situation, but those answers end up being wrong because they’re not Microsoft answers.

A couple of friends of mine here at work have taken the test and they say it’s easy enough. Here’s hoping they’re right. In the meantime I’ll be studying my ass off.

I rented some movies this weekend and so far I’m not too impressed.

Charlie’s Angels: Full Throttle was iffy at best. Random plot interspersed with overdone effects scenes and implausible stunts that destroy your suspension of disbelief. My dad told me as much, but somehow I didn’t pay attention. Pass.

The Silencer, a low-budget movie about a hit man, was not only poorly acted but poorly written. In fact, I don’t know where one problem ended and the other began. Was it bad because the actors read lines like they were on cue cards? Or were the lines themselves so bad that it didn’t give the actors much to work with? Does it even matter? Pass.

I have another movie, The Art Of War, but I haven’t watched it yet. We shall see.

I should probably work at work, huh?

home comments edit

I’m rocking with the high speed Internet now, baby! Went down to the Comcast office and picked myself up a cable modem and driver kit, and now things move faster than fast. More human than human, friends.

I’m anticipating this will have a positive effect on my desire to do computer-related things at home (like update the blog, etc.) but will probably be not so great for my social skills.

At least Windows Update won’t take all night anymore.

personal comments edit

The ice looks like it’s starting to melt off, but I just watched a 4x4 spin all of its wheels trying to get through our parking lot. I saw that they started the bus running outside the apartment this afternoon, so some people must think it’s getting better.

I called Comcast to get my cable Internet service running but the account’s in Jenn’s name so I have to call back with her and have her either order it or authorize me on the account so I can order it. I think I’ll just have her put me on the account so I can call them whenever I want and get service or handle problems.

Regardless, it’s supposed to warm up this weekend so by Monday we won’t have the ice or snow anymore and I’ll be able to take my time setting up the high-speed Internet. That’s going to rock; I can hardly wait.

I thought I had mentioned it before, but searching back through my blog I don’t see where… Anyway, when I got my new computer, I hooked it up and all was well. For a while, though, my 21” monitor was having these odd brightness/contrast issues where it would be totally bright and hard to look at even with the brightness turned all the way down to 0. I noticed that I had my speakers parked kinda close to the monitor, so I moved them away and that seemed to fix things. Turns out, I think that was more of a coincidence than anything because it’s doing it again. I suppose the monitor has probably reached the end of its natural lifetime. I’ve had it for… uh… like 7 or 8 years now. I think I paid like $1000 for it at the time, though, so that averages out to almost $125/year for the thing. I’d like it to last longer. I guess I’ll ride it out until it’s so bright you just really can’t use it, then I’ll buy something new. I’ve got my eye on one of the LCD flat panel monitors - save me some desk space - but they’re so expensive. That’s something I’ll really have to think on.

web comments edit

I regularly read various IT-related newsletters published by Lockergnome. Normally I’d recommend them as a great place for both newbies and experienced folks alike to keep abreast of technology and trends.

Unfortunately, since they’ve changed their site and the way they generate their content, their editorial ability seems to be lacking. I just read the January 8 issue of the IT Professional newsletter and found an article someone submitted regarding computer and network security (SECURITY: Feasibility Of Standards).

The writer pretty much makes blanket statements about how cookies are bad and JavaScript is bad and Java is bad… and it irritates me that stuff like that gets published in a spot where newbies read it and then get the idea that security means being paranoid and disabling the technology rather than educating themselves.

I tried to write in to the author of the article, but his mail server seems to be down (or he provided a bad email address on his web site). So I wrote in to the content editor (or supposed content editor) of the newsletter.

Below is what I sent him: Just read Howie’s column on security in Lockergnome. For the most part I agree with everything he put forth - very good points on all but two topics: cookies and javascript. (I’d have sent this directly to Howie, but his mail serve seems to be down.)

So we’re on the same page, let me paste in what I read him as saying:

1) Is Your Browser Set To Allow Cookies? Why? Well, gee, if I go to this game site, they automatically plug in my username and password. Very nice. I hope you know better than to believe that cookies only do this! There ARE good cookies, and most of them are time savers. But most are either nothing special or downright miserable!

2) Is Javascript and/or Java enabled on your browser? Do you randomly surf the Web? Would you ever know if a script or java program was executing or implanting garbage on your PC?

Yeah, eventually. When you need to reboot and strange things start to happen!

The web has become a much more accessible platform for application development and delivery than it was even a few years ago. Being a web developer by trade for almost 8 years now (and an application developer for much longer than that), I’ve followed these developments with eagerness and anticipation of the next huge development to come around (and when it does, making use of it).

Unfortunately, what I’ve found is that there seem to be two types of people when it comes to the web being an application platform: the paranoid, who seem to sow fear, uncertainty, and doubt when it comes to the web; and the open-minded, who are probably a bit too liberal when it comes to how they work within the web. I’ll admit I tend toward the liberal side, and normally I let things like this slide by, but when someone makes pretty bold statements like this in a forum like Lockergnome that newbies trust, I have to take issue. Let’s look at each of the statements in turn.

Cookies:

Howie says that most cookies are “nothing special or downright miserable.” He also gives the impression (though it’s not directly said) that all the good cookies do is fill in your name on a form. I know that he, with the experience he claims on his PuterGeek site, is smarter than that, but the newbies out there reading your stuff don’t have a context like the more experienced folks. Cookies, in many cases nowadays, are what make web applications function - period. Due to the stateless nature of the web, many times you can’t write a robust application without assuming there be some sort of state maintenance. Can you get around that? Sometimes, using hidden form fields and so on. What about disconnected or mobile users? Gets more tricky.

He also makes the statement that he “hope [the reader] know[s] better than to believe cookies only” fill in forms. Sure they do. In the context of his statement, though, he makes it sound like they primarily have malicious abilities beyond the filling-in-of-forms. That’s a problem, especially when you start reaching audiences like less-than-educated network admins (like I had at a company I used to work for) who start filtering cookies out at the proxy level because they believe they’re huge security risks.

I guess my thoughts are when talking about security and cookies, it’s necessary to tell people that cookies may potentially be used to TRACK you, but they can’t siphon information out of your computer like your name or email address. They can’t steal anything that you didn’t provide in the first place. I still talk to users who think cookies can magically figure out your credit card information. Reading a statement like his, implying that cookies should probably be disabled entirely, only contributes to that mindset, and I think that’s not such a Good Thing.

Javascript:

This is another of those things where the newbie, I feel, is going to read this as “all Javascript or Java is bad.” There are actually many commercial web-based applications (Microsoft SharePoint Portal Server or Windows SharePoint Services are two I can think of off hand) that simply won’t function unless you have Javascript enabled. For the Windows-based users, that’s why there are “security zones” - so you can define who you trust and who you don’t, and what you trust each person to run on your computer. A blanket statement like you’ll only know if Java or Javascript is running “when you need to reboot and strange things start to happen” is a FUD statement if I’ve ever read one. Are there malicious script kiddies out there? Sure. Are there more constructive ways to warn people about configuring security on their browser? You bet.

I’m sorry if I seem to have run off at the virtual mouth here. I just find that, as I develop applications of my own and support both customers internal and external to my company, I run into people who call me up and complain that applications aren’t as “dynamic” or “functional” as they could be (or USED to be) and it always turns out they read an article like this and decided it was a great idea to disable scripting, cookies, and any other dynamic behaviors. I don’t think disabling the technology entirely is the key - I think it’s knowing who to trust and working accordingly. And that’s the point I feel was missing from the whole thing.

Thanks for your time, -T