Yearly Archives: 2005

You are browsing the site archives by year.

School Security:Blaim the kids & send them to jail

So now you can now send kids to prison and charge them with felonies when your security is so lax that they can waltz in. Here’s the long story.

Here’s the short story.

A school handed out Apple iBooks to 600 students in a school. These laptops had various “security” features on them to keep them from accessing parts of the internet, or installing anything. They also had monitoring software that allowed a school administrator to see what was being viewed on the student’s laptop. I appologize that I don’t know if the software was custom made or if it was a known package. In any case, the password used to bypass these features was foolishly taped to the back of the laptops.

Using this password, the kids bypassed the software so they could download iChat to talk to each other. They also reportedly turned the tables on their school by monitoring the administrator’s desktops instead of the other way around.

This is typical childhood behavior. Kids are currious and given the opportunity to explore, they are going to do so. Given a challenge that they “cannot do x”, they will do x, y and z to prove you wrong. As the kids pointed out, and I oddly enough agree with the kids for once — the punishment doesn’t fit the crime. I’ll go one step further to say the punishment doesn’t fit the right people. Those involved with the “security” of these systems need to be shot. We’ve had examples of disobience to simple rules that date back to Adam and Eve and a simple piece of fruit. What makes you think that history will somehow change itself and kids will simply obey an order? If they are curious, and you leave the door open enough to fit their fingers through, they will find a way in.

In my mind, the correct response to this would be to give them a slap on the wrist for the disobedience, put the kids in some sort of programming course , nurture their natural abilities, sack the programmers who wrote the systems to begin with, and charge the kids with designing a better system. To me, that’s education!

Posted in: politics / Tagged: ,

Charleston Code Camp: Saturday September 17th

OK guys and gals. Some pretty big names are rolling into Charleston on Saturday, September 17th to present, free of charge, all those fancy topics we love to yap about so much. This is Charleston’s first code camp. Chris Williams tells me that enrollment is low. What would it take to persuade a few more folks to take a nice weekend trip to a college/beach town, watch some cool technology in a demonstration and go have a few drinks?

Check out the sessions and the speakers. If you don’t find anything you are interested in, come anyway and enjoy the beach with your fellow geeks! Please register quickly!

Posted in: events / Tagged: , ,

Escape From Yesterworld!

Since I ended up on the INETA Community Launch Team, I guess I should start promoting a few things about Visual Studio .NET 2005 and SQL Server 2005. After all, it can’t ALL be about JAXASS (Javascript And XML Accessing Services Simply) , can it? Let me start by pointing you to this new tidbit from Microsoft. Its an awesome play on some well known comic movies of the past called Escape From Yesterworld. Prepare to spend a little time there, but be prepared to laugh int he process. Someone sunk a LOT of time into this promotion video/site, so the least you can do is click on the main page and check it out.

Posted in: technical / Tagged: ,

Does standardizing technology stifle creativity?

I’ve been talking with a few people recently about COmega, C# 3.0, C# 4.0 and the like. On top of that, I try to get my hands on anything “new” that I can well before it becomes of interest to the general public. I keep getting asked why I like to sit on the razors edge (or at least pretend to). I usually tell them its because its the only way that I can continue to remain creative in this field. The rest of this post articulates my rationale behind this idea.


I’m definitely a child of the PC computing industry. I’ve grown up around computers. I’ve seen one innovation after another. I have to say the most amazing times in my programming life have been spent hunched over a computer all night hacking out a new way to solve a problem. Even later in my professional career, during the “high-tech late 90’s” I had a blast playing with xml data islands before example one hit the list server (wow, does anyone remember learning new concepts on list servers? yikes I feel old). Whatever the case, what was interesting was that everyone was learning something new because everyone was solving technology problems on their own; sometimes for better and sometimes for worse. But every programmer had to learn to be creative to solve problems.


In recent years, the big push is to standardize technologies at the earliest possible moment — locking most programmers into one way to solve a problem. Failing to follow the standard usually lands a host of glaring architect eyes on you. You can bet if you do come up with a new way to do something, someone is already trying to create a standard to the contrary; again, most times for the better and sometimes not. Sometimes those standards, at least initially, fall far short of being a good solution for more than a handful of people (i.e. WSE). But as more people jump on board, those standards morph into something more usable by others (i.e WS-* added to WSE-n). Sooner or later, design-time components are emassed by third-party companies like a bad mildew stain around these standards. We are all sort-of stuck using those tools and those standards until Microsoft decides to devour that component industry and write their own wrappers around the standard.


There are only a handful of people who then have any say on the standard and the self-proclaimed “right way” to do things. Sure, these standards do let us focus more on solving the business problems instead of technology problems, but who wants to do that? We can sit back in our spare time and “play” with our own solutions, but when you get back to work in the morning, its back to WSE-2, RSS, AJAX, and other various paterns and practices.


I do understand the benefits, so don’t get me wrong. I’m so much happier to have a tool generate my WSDL , at least from a starting point, than for me to do it myself. I do get to look at some other cool technologies because I can look past some of those questions that the standards answer for us. However, with all the real benefits that standardizing brings to us, there are times when I miss having the freedom to innovate on my own without looking how everyone else does it first.


That is the treaty that the business folks have signed with us geeks — we get to play with their expensive toys and data centers but only if they get to make us “more productive” with standards bodies.

Posted in: technical / Tagged: ,

The house of pain is in effect ya’ll

I’m still sitting here with my back in agony but working on some very cool projects. As you’ll notice my post count has dropped each month, slowly but surely. I hope you don’t hold that too much against me. Forgive the dorky analogy, but I have too many threads executing in my life right now and not enough time slices in the day to handle everything and blogging without reaching my saturation point — the point where context switching takes up more time than is effective to execute my processes. Unfortunately, I’m running under more of a cooperative model and these project schedules don’t neccessarily play nice-nice with one another. Between work at TiBA, projects for Microsoft, book writing, investigating features of CO and SXM, learning some lower-level programming to keep up with the Jones’, putting together a new presentation for Code Camp in Charleston, and presentations for multiple guild meetings (October, November, December), posting a few answers here and there on the forums, I don’t have much time to myself. Blogging, therefore has had its thread priority set to below normal.

Speaking of cooperative threading, I’m proud to say that my recent eBay addiction landed me a brand-spanking new copy of Windows 3.1, MS-DOS 6.2 and a MS-DOS 6.22 upgrade (no Windows 3.11 upgrade yet). These copies are sealed and even still have a part number sticker on them from the large computer manufacturer these were sold by (OEM). They will go in my museum of artifacts. I am having a bit of buyer’s remorse though. I’ve spent too much money on useless things like my ATARI 800XL which I fully expect to be here a couple of days after the July 4th holiday. This too was a brand new system (appears new and unused).

Anyway, enough babbling for the night.

Posted in: personal / Tagged:

Sleepless in Greenville

For two weeks solid, I’ve been stuck in some sort of zombie mode. I’ve been unable to sleep for more than an hour at a time, or not at all some nights. I have had some major back pain in the past week and a half too so that may have something to do with it. But as I sit her ein my computer nook at my baren apartment, I find myself wide awake but unable to concentrate enough to do anything constructive. I try doing my work and I cannot. I try taking a couple unisome and laying in bed, instead I feel like I’m on some sort of acid trip. The type of sleep that unisome attempts to induce is something very strange to me. Its like the drugs are trying to “trick” me into falling asleep. It may sound slightly crazy, but I’ve somehow conditioned myself to get wide awake when I feel I’m being tricked. So taking unisome just makes me feel very strange, but even more awake. I’m not anxious about anything. I’m not taking on more or less work than I usually do. I’m just, awake and in pain from my back.

I’ve tried everying I can think of and its getting worse. Does anyone else get this way?

Posted in: personal / Tagged:

Throw-away projects in .NET

There are tons of new features in Whidbey. Enough so that I feel that the learning curve going from 1.1 to 2.0 can be easily 50% that of the effort going from to 2.0 (if not more). You can spend your time learning generics and predicates and partial classes and reliability contracts for threading and , well, you name it. However, sometimes its the little features that mean so much. VS.NET 2005 provides a little known feature that allows you to create projects, run them, test them, etc. However, unlike you might be currently used to, when you close the project, you can make the whole thing go away. In other words, you can open VS.NET to test a theory, run the project, do your debugging, and then dump the project so it isn’t wasting file space of virus scanner time. To impliment this feature, go to Tools | Options to display the options dialog. Under this dialog, choose the Projects and Solutions tree node.Uncheck this “save new projects when created” checkbox. Apply the changes.


Now, when you close VS.NET with an open/active project, it will ask you if you want to save it. If you click no, the folders are complete gone. Isn’t that awesome!?


Well, I liked it anyway.

Posted in: technical / Tagged: ,

Atari 800XL – Old school fun

The other day, I posted an article about not having any gadgets to play with anymore.  So as I was sitting here debating what to buy, I started searching ebay and somehow came across an old Atari 800XL – Still in the box! This was the first computer I ever owned. My parents gave mine away several years and I haven’t been the same since. I wrote some of my first text-based games in 5th grade on that computer. In any case, I purchased the Atari and won it at a very hefty sum for what it was. I then went a little nuts and bought the assembler editor for it, Atari BASIC (my old programming language), and a few other extras. In case you are wondering, yes, those cartridges will fit into an Atari 2600. They wont do much though in the game console. I have to see if I can get a 1010 casette drive or a 1050 disk drive. I wouldn’t mind the 1030 printer either. I started surfing for some information on how to program these things, because its been 20 years since I’ve seen them. Low and behold, I hit the jackpot at www.atariarchives.org. This site is unbelievable. Tons of books on Atari programming online at no charge! They even had one of the books I had as a kid: Atari Player-Missle Graphics in BASIC. I don’t remember what the other book was, but I’ll continue digging when I’m more coherant. 
This is great stuff to play with, particularly if you are trying to learn the internals of a computer and how to program at machine, assembler, or high level language levels. Because this is an 8 bit primitive system, its much easier to learn how to manipulate the machine to do what you want. You can then scale that knowledge out to 16, 32 or 64 bit systems. I cannot wait to get this item shipped to me, and I’m dying to get it on my desk at work. 
So maybe this isn’t the high-tech I imagined myself buying as a first swat against the scurge of gadgetlessness, but it sure is going to be a very nice one for me. I promise to buy something more meaningful soon.

Posted in: technical / Tagged: ,

Overrides vs Shadows keywords in VB.NET

When most folks come from a VB 6 background (and only VB6) they tend not to quite grasp object oriented programming right off the bat. Its one of the reasons why inheritance topics are fairly common on the Visual Basic .NET forums and newsgroups. Today was no different. I woke up and browsed the MSDN forums to find another such question. The user was asking what the difference between an Overridable method being overriden with the “Overrides” keyword, or an ordinary method being overriden by the “Shadows” keyword.

I decided to write a quick article about this and post it for future reference.

First off, lets define the similarities between these two keywords. Both Shadows and Overrides define a means to decorate our methods so we can redefine the functionality provided by a base class. So if I create a BaseClass, and then create a SubClass that inherits from BaseClass, its possible that I might want to redefine how the base and sub classes behave and interact with one another. While I can use either of these keywords, they are completely different in their orientation.

Let’s jump right into it by writing ourselves a base class. This class will have two methods — one that has an overridable method, and one that uses an ordinary method.

' BaseClass impliments an overridable and ordinary method
Public Class BaseClass
  Public Overridable Sub OverridableSub()
    Console.WriteLine(" BaseClass.OverridableSub() called")
  End Sub
  Public Sub OrdinarySub()
    Console.WriteLine(" BaseClass.OrdinarySub() called")
  End Sub
End Class

When you see the overridable keyword in a piece of Visual Basic code, it is an indicator that the designer of this class intended or expected that this class would be Subclassed (overridden) at some point and that “OverridableSub” was a likely candidate for functionality redefnition. You can also deduce that the designer didn’t intend for OrdinarySub to be overriden.

For a bit of advanced education, lets look at the IL produced by these methods.First off, the OrdinarySub looks like any other subroutine we’ve seen in IL before.

.method public instance void OrdinarySub() cil managed

We have a public instance method. Look what happens, however, with our OverridableSub method signature.

.method public newslot virtual instance void OverridableSub() cil managed

Notice we have two additional method characteristics added : virtual and newslot. The virtual characteristic should be familiar to most C# developers. It indicates that the item can be overridden. With that definition, it should now be obvious to VB.NET developers that this means the method has the Overridable modifier. The second characteristic is newslot which indicates that the method will always get a new slot on the object’s vtable. We’ll get into this more later.

So if we want to test our BaseClass, we might write a piece of code something like this in our Main method:

Module Module1
    Sub Main()
        ' Create an instance of the base class and call it directly
        Console.WriteLine("+ Calling BaseClass Methods")
        Console.WriteLine("--------------------------------------------------")
        Dim bc As New BaseClass
        bc.OverridableSub()
        bc.OrdinarySub()
        Console.ReadLine()
    End Sub
End Module

And of course executing this code we would get our exepcted results as follows:

+ Calling BaseClass Methods
--------------------------------------------------
   BaseClass.OverridableSub() called
   BaseClass.OrdinarySub() called
As you'll notice it states that we executed both of our methods against the BaseClass instance. Sounds great, now let's say we now want to create a class that inherits from BaseClass:

' SubClass impliments an overriden BaseClass with overrides and shadows modifiers
Public Class SubClass
    Inherits BaseClass

    Public Overrides Sub OverridableSub()
        Console.WriteLine("   SubClass.OverridableSub() called")
    End Sub
    Public Shadows Sub OrdinarySub()
        Console.WriteLine("   SubClass.OrdinarySub() called")
    End Sub
End Class

To be able to override both of these methods, and stop the compiler from barking at us, we needed to use the overrides keyword on our OverridableSub and the Shadows keyword on our OrdinarySub. This is obviously because of the way we have implemented these methods in the base class. Shadows is a fairly appropriate word because what we are doing is putting the original method (OrdinarySub) in the proverbial shadow of our new method. Our new method stands over top of the old method and executes any time we call against a direct instance of SubClass. Let’s exand our Main method to execute both our SubClass and our BaseClass to see what the difference is: 

Module Module1
    Sub Main()
        ' Create an instance of the base class and call it directly
        Console.WriteLine("+ Calling BaseClass Methods")
        Console.WriteLine("--------------------------------------------------")
        Dim bc As New BaseClass
        bc.OverridableSub()
        bc.OrdinarySub()
        Console.WriteLine()

        ' Create an instance of the sub class and call it directly
        Console.WriteLine("+ Calling SubClass Methods ")
        Console.WriteLine("--------------------------------------------------")
        Dim sc As New SubClass
        sc.OverridableSub()
        sc.OrdinarySub()
        Console.WriteLine()
        Console.ReadLine()
    End Sub
End Module

It follows that because we’ve overridden both of our methods our output would look as follows:

+ Calling BaseClass Methods
--------------------------------------------------
   BaseClass.OverridableSub() called
   BaseClass.OrdinarySub() called

+ Calling SubClass Methods
--------------------------------------------------
   SubClass.OverridableSub() called
   SubClass.OrdinarySub() called

We now are executing code that executes against a BaseClass instance, and we can tell by the output that we are calling the base class methods. We are also executing code against a SubClass instance and we can tell that this is executing our new functionality because the method states its executing SubClass.OverridableSub() and SubClass.OrdinarySub(), not BaseClass.OverridableSub() and BaseClass.OrdinarySub().OK, so we still haven’t seen a difference. Both of these methods really accomplished the same thing didn’t they? We had a base class behavior and both methods overrode that behavior with our newly created methods, right? True enough, but lets look at the consequential differences when we pass our reference around in different ways. We can see example after example in the framework where a method will take a parameter as a general type, but it really expects us to pass in a more specific type. For instance, if a parameter is typed as an XmlNode, we can pass in XmlElements, XmlAttributes, XmlConfigurationElement etc. The list goes on. Why can we do this? Because generally speaking, if I’m an XmlElement, I am also an XmlNode. An XmlElement is a more specific implementation of an XmlNode, so while the XmlElement has more functionality, it still has the base functionality provided by its inherited type XmlNode. So what happens if we create methods that takes BaseClass as a parameter and we pass in an instance of a SubClass as follows?

' Calls the OverridableSub method of the instance passed to it
Public Sub CallOverridableSub(ByVal instance As BaseClass)
    instance.OverridableSub()
End Sub

' Calls the OrdinarySub method of the instance passed to it
Public Sub CallOrdinarySub(ByVal instance As BaseClass)
    instance.OrdinarySub()
End Sub

Notice that we have too methods that both take an instance of BaseClass, not the more specific SubClass. Additionally, we are calling the OverridableSub() method in one of these methods, and OrdinarySub() in the other. Let’s add more code to our Main method to execute these methods passing in an instance of a SubClass. The full code for our example should look like this:

Module Module1
    Sub Main()
        ' Create an instance of the base class and call it directly
        Console.WriteLine("+ Calling BaseClass Methods")
        Console.WriteLine("--------------------------------------------------")
        Dim bc As New BaseClass
        bc.OverridableSub()
        bc.OrdinarySub()
        Console.WriteLine()

        ' Create an instance of the sub class and call it directly
        Console.WriteLine("+ Calling SubClass Methods ")
        Console.WriteLine("--------------------------------------------------")
        Dim sc As New SubClass
        sc.OverridableSub()
        sc.OrdinarySub()
        Console.WriteLine()

        ' Pass the SubClass instance to a method passed as a BaseClass reference
        Console.WriteLine("+ Calling SubClass Methods passed as BaseClass")
        Console.WriteLine("--------------------------------------------------")
        CallOverridableSub(sc)
        CallOrdinarySub(sc)
        Console.WriteLine()
        Console.ReadLine()
    End Sub

    ' Calls the OverridableSub method of the instance passed to it
    Public Sub CallOverridableSub(ByVal instance As BaseClass)
        instance.OverridableSub()
    End Sub

    ' Calls the OrdinarySub method of the instance passed to it
    Public Sub CallOrdinarySub(ByVal instance As BaseClass)
        instance.OrdinarySub()
    End Sub
End Module


' BaseClass impliments an overridable and ordinary method
Public Class BaseClass
    Public Overridable Sub OverridableSub()
        Console.WriteLine("   BaseClass.OverridableSub() called")
    End Sub
    Public Sub OrdinarySub()
        Console.WriteLine("   BaseClass.OrdinarySub() called")
    End Sub
End Class

' SubClass impliments an overriden BaseClass with overrides and shadows modifiers
Public Class SubClass
    Inherits BaseClass

    Public Overrides Sub OverridableSub()
        Console.WriteLine("   SubClass.OverridableSub() called")
    End Sub
    Public Shadows Sub OrdinarySub()
        Console.WriteLine("   SubClass.OrdinarySub() called")
    End Sub
End Class

What happens when we execute our code now?

+ Calling BaseClass Methods
--------------------------------------------------
   BaseClass.OverridableSub() called
   BaseClass.OrdinarySub() called

+ Calling SubClass Methods
--------------------------------------------------
   SubClass.OverridableSub() called
   SubClass.OrdinarySub() called

+ Calling SubClass Methods passed as BaseClass
--------------------------------------------------
   SubClass.OverridableSub() called
   BaseClass.OrdinarySub() called

Notice that we are passing the same instance into both methods. Both methods are accepting “BaseClass”, not “SubClass” as a parameter. Our results are completely different. For our OverridableSub, our SubClass method is still called even though we passed this in as a BaseClass instance. However, for our OrdinarySub that used the Shadows modifier, we are getting results from our BaseClass. That is because of some fundamentals in Object Oriented programming. When we override behavior, its overriden no matter how we pass the class to a parameter (with some exceptions made during type casting). However, when we override using the Shadows modifier, our old functionality is only “lurking in the shadows” — not completely overriden. Remember this when trying to override functionality that wasn’t designed to be overriden as such. Your Shadows modifier may help you out when calling against your SubClass, but not when executing against a BaseClass instance.

Posted in: technical / Tagged: , , ,

SaveToby.com? Unbelievable!

I don’t know what’s funnier, that some guy made a website threatening to eat a “cute bunny rabbit” if he didn’t get $50,000 US before the 30th of this month, or that he’s made half of his goal so far in donations! As the folks at .NET Rocks mentioned, this has to be some psych major’s thesis project or something. I know this isn’t tech related, but lets turn this into a security related issue.

The biggest security threat still open today is social engineering. I first heard this term ages ago reading The Cookoo’s Egg (or some other related ‘hacker’ book). The concept is that you can use your whits, not just computer savy, to gain elevated priviledges. We have to do a better job at not falling for every little trick in the book. We have to be more alert. For instance, I received a bounced message in my inbox this morning. I do get a lot of these for several reasons and every now and again, I check them out if I get a lot of them. Looking at the message though, I could tell it wasn’t a real bounced message. It was a phishing scam. The reason why is that it pointed me to my domain with the opportunity to view the bounced message online. The link it pointed me to was using PHP and was in a subdirectory that didn’t exist on my hosting server (I run my own hosting business). This was rather clever, and I’m sure that a lot of these actually yield results.

So while SaveToby.com isn’t a security hole in itself, the concept of engineering a psychological scam on people is not. Be alert. Be vigilant. Be ready to watch a rabbit die now and again.

Posted in: personal / Tagged: ,