..to anthropomorphize toys.

The scene of the room full of viciously abused toys, all quietly sobbing while reminiscing the days when their owners cared about them and treated them well, is far too common in Christmas movies.

Do kids need this guilt? Do they really need to ascribe higher meaning to what are, in actuality, pieces of fabric, apple cores and recycled Chinese newspapers?

It's just a throwaway toy! Use it and abuse it, and toss it in the garbage with extreme prejudice!

Geez.

I convince my children to care for their toys by factually, and truthfully, informing them that a broken toy = a garbaged toy = one less toy to play with (not that such exhortations achieve much with a preschooler and a toddler, but at least they're a captive audience). I don't try to sucker them into thinking the toy feels pain, or cries at their misuse.

While I signed up for the original Monad public beta, I never really gave it more than a cursory look: It seemed really incomplete and unpolished. It also irked me somewhat that Microsoft couldn't just embrace one of the existing scripting languages -- say python or perl -- even if they were invented elsewhere, but had to go and invent something new (although I've grudgingly come to appreciate their reasoning).

In mid-October it came out in release form, having been renamed PowerShell.

I've finally got a chance to try to incorporate it, and thus far it looks very nice. While this isn't something that you're going to build a product upon, good automation scripts are instrumental in good development practices, eliminating inefficiency, and the morale-suckage that goes along with repetitive, manual tasks, but more importantly eliminating the inevitable error when people are given such tasks.

It's well worth a close look for automation scripts on the Windows platform. Certainly beats .bat.

Reading through the documentation, however, the following gave me a good chuckle.

One major advantage of using objects is that it makes it much easier to pipeline command, that is, to pass the output of one command to another command as input...

...Windows PowerShell provides a new interactive model that is based on objects, rather than text...

...In the following example, the result of an IpConfig command is passed to a Findstr command. The pipeline operator (|) sends the result of the command on its left to the command on its right. In Microsoft® Windows® PowerShell, you don't need to manipulate strings or calculate data offsets...

PS> ipconfig | findstr "Address"

Ah...good stuff.

Of course in that case the vaunted example isn't using objects (well I suppose the result is a set of string objects, but the example makes no use of them, and completely fails to convince as to the difference), it's just using the stdout of ipconfig, and that command of course works in a classic cmd.exe (or even command.com) session.

Of course some people are surprized that Windows has any command line functionality. In the examples for PureJPEG

I spent much of Wednesday in Pearson Airport's decrepit (but soon to be demolished in the staggeringly expensive upgrade of the entire airport) Terminal 2, wondering what the deal was with our flight that was supposed to be boarding.

The help desk sat vacant -- as it had for hours -- and the nearest information board was literally about 1300 feet down a walkway towards the terminal hub. I'd made this walk several times (for epic adventures such as the "going to buy a bottle of water, because the change machine down here is broken and I didn't dare try bringing change through airport security because I have enough junk to worry about already" journey) and it was really starting to get old.

There was approximately one (1) dual-outlet power gangplate in the entire facility -- which I managed to win from a gaggle of nervous-eyed crackberry users, all of us desperately fighting for the ability to siphon some precious electrons (I like to call it "invisible oil") into our drained batteries.

Yet despite this seeming hostility towards the accoutrements of modern life, the facility is surprizingly equipped with ubiquitous, free wireless.

The wireless allowed me to make a secure VPN connection elsewhere (I wouldn't trust anything over an unencrypted channel on public wireless), actually making use of the time to get some work done. It really is empowering checking code out of and into Team Foundation Services, doing database changes, and then rolling out deployments, all from some random chair in some random airport.

It also allowed me to visit Air Canada's website to check on the status of the flight.

Whoops, maybe not. Looks like there was some sort of java error on their middleware (which I know because they strangely feed the entire error stack to end users, rather than having a more professionally refined default error page). This stayed this way for as long as I bothered to continue checking, and made the website completely useless for this task when I actually needed it.

Coming back on Thursday, a late night had me crunched for time, so I wanted to check the schedule for New Jersey Transit's train to Newark Airport from New York's Penn Station. Just needed to know when I needed to catch one -- I'd never been on it before, and had no idea what the frequency was -- and how long it'd take.

No dice.

The online train schedule information system was down. Just had to hoof it and hope. Luckily there was one in the station, ready to go. Maybe there's always one queued, but I wouldn't know it from their information system.

Today I wanted to order a gift from the Future Shop's website. After a detailed error message, it then flipped to a message proclaiming that they were doing "routine maintenance".

Then there are the amateurish downtimes that have occurred on some of the large meme sites, when moves or upgrades that should be seamless end up causing hours of outages. I'm a huge fan of Flickr, but even their recent moves were far more disruptive than they should have been (though they certainly have much more of a justification -- namely petabytes of pictures on a top tier website -- than some jokers running a "lists of links" type website).

These are hardly isolated incidents, and I'm not trying to pick on particular organizations. It just happens to be the most recent frustrating demonstration that the web isn't where it should be, and far too many teams consider reliability to be much less of a concern than it rightly should be.

I've been doing software for long enough to know that few systems are foolproof, and that sometimes eventualities conspire against the best laid plans of the most considerate, skillful world class teams, but these sorts of should-be-exception situations are happening with increasing frequency.

Despite all of the improvements in computer science, and the advances in the platforms that we're developing against, the net direction seems to be downwards, with reliability apparently coming after all else.

This isn't a good trend.

QuickNotes

Office 2007 is quite nice, though from my experience it's a little bit unstable. Between Word crashing while attempting to use the blog editing functionality, and Excel crashing at the oddest of times (the same experience being had on two completely different make and model of machines, with very different software stacks and few commonalities), it seems to be a fairly regular occurence. Finally the blog functionality in Word just stopped working altogether. On the bright side the document recovery is extremely capable, and I've never lost even a keystroke of typing, as it seems to be keeping a realtime backup going.

A bit of a ruckus has arisen over the purported breach of security at the groupthink site Reddit.

It seems that the Reddit folks were storing the user's passwords in plaintext, so a recent data loss or integrity compromise of some sort has them warning users to change their password just in case their backup tape -- if that story is right -- gets in the hand of the desperate-for-high-karma-Reddit-accounts drug cartels.

Many are calling this a blatant mistake on the part of the Reddit crew, declaring that password's should never be stored in plaintext. The Reddit crew and defenders have stated that the plaintext passwords are used to allow them to email the password to the user, which is a tenuous argument but I suppose they went for the KISS model (which is pretty much the modus operendi of Reddit. They recently rolled out a CAPTCHA implementation that is laughably vulnerable out of the gate, but it is the simplest implementation possible).

What is most disturbing to me, however, are the declarations that this is much more of a problem than Reddit alone. People are crying foul because they believe that their bank accounts, email accounts, and other online accounts are vulnerable now that the Reddit user database might be in the wild.

NEVER USE THE SAME PASSWORD ON MULTIPLE SITES.

At worst share passwords among throw-away type sites like Reddit. Never share passwords between sites that actually matter.

Let's say that Reddit actually did hash the password -- debatable if it's necessary for that site, and I have advocated advanced techniques for doing this before -- why in the world would you trust the folks at Reddit with this secret (all the hashing in the world does nothing if the people who are doing the hashing have nefarious motives)? Why would you trust the people who man their data centers, or the people who share machines with them or handle their backup tapes or provide their internet services?

There is no credible reason why a shared password in the hands of Reddit alone -- even if they cross-their-heart promised to hash it --should give comfort to someone who reuse the same password on sites of value. That is absolute insanity, and it is a very dangerous practice.

It's far more disturbing to me that people worry about more than their Reddit account in this situation.

If you must "reuse" passwords, use one of the many utilities available to hash your name or email address with the target site domain on the client side, (for that particular one -- note that it's just one of hundreds available -- you can use their website, Firefox or IE 6 or 7 extensions) actually generating a unique password for each site while only having to remember one password on your end. There are many clever implementations, but the one linked here, for instance, allows you to preface passwords with @@ and it automatically does client-side, site-specific hashing, meaning that your shared secret isn't dangerously shared with the people at random internet sites.

I frequently go scrounging around for niche development tools/libraries to solve one-off needs, and it's frightening how ubiquitous fake, 3D-rendered product box images are in the software tool industry.

These rectangular parallelepiped (aka "box") renderings generally feature some gangly, oversized text, coupled with awkward, gaudy graphics.

Further investigation has revealed that there's a whole industry of "3d box rendering" software vendors, all promising to pump up your sales if you put one of these travesties on your product page.

What's the point of these fake product box renderings? Why do so many ISVs insist upon leading their product page with them?

"It makes our product more real! Like something physical that you could hold in your hands."

No it doesn't. It makes it less real.

Seeing a clearly bogus box that no one would ever spend actual money printing doesn't fool anyone. Worse, it gives off the putrid stench of deception, implying that there's a real shelf-clogging box when many of these products provide nothing of the sort, most being e-delivery or at most a CD shipping in a flat pack.

It begins a relationship of mistrust.

"But Microsoft does it! Microsoft=successful, therefore it must be a good practice"

Apart from the weak (and admittedly strawman) rationalization, not only has Microsoft mostly abandoned the "picture of the box" graphics on their product pages, where they did use it they used the professionally produced graphics they printed on the real box -- the real box that you probably also saw at Circuit City or Future Shop or wherever.

The product page graphic made reference to real life. It didn't spin some fiction.

We as an industry need to stop this image on cuboid violence. If you must decorate a product page, it's less of a crime to use some of the standard "beautiful people looking happy" pictures, though even that should be avoided.

In some previous entries I described my skepticism of Riya -- a supposedly extraordinary new image recognition technology that could amazingly discern between twins, among a plethora of other amazing features (such as discerning the specifics of highly obscured, stylized text). The "blogosphere" went nuts, with a lot of believers hoping they'd catch the leading wave of this amazing new innovation, leading the trend.

Lots of predictions were made about Google or Yahoo paying hundreds of millions for this revolution.

Looks like Riya is now a handbag finder.

Nonetheless, today I see a featured Slashdot story declaring the privacy invasion that an amazing new facial recognition will potentially bring. One again it's a "coming soon" technology that's going to revolutionize the image analysis market.

[EDIT: Remarkably, without even the slightest ounce of proof of any real world value, this "technology" has been featured on many of the largest news sites. Now that's P.R. that's worth its pay]

Of course this one is very cleverly marketed: If they simply said "We're going to introduce something amazing sometime next year!" most would rightly dismiss it as vapourware, waiting for actual proof. Instead it's introduced under the "what is this going to do to privacy?", a distracting question that lets lazy technology writers run with it without actually researching the validity of the underlying promises.

Will there ever come a time when people are just a little bit more skeptical of this sort of thing?

QuickNotes

Visual Studio 2005 SP1 was released last Thursday. The computationally demanding 442MB installer runs for hours, so set aside some time before you start.

1. [INDEX OUT OF BOUNDS EXCEPTION]
2. [INDEX OUT OF BOUNDS EXCEPTION]
3. [INDEX OUT OF BOUNDS EXCEPTION]
4. [INDEX OUT OF BOUNDS EXCEPTION]
5. [INDEX OUT OF BOUNDS EXCEPTION]
6. [INDEX OUT OF BOUNDS EXCEPTION]
7. [INDEX OUT OF BOUNDS EXCEPTION]
8. [INDEX OUT OF BOUNDS EXCEPTION]
9. [INDEX OUT OF BOUNDS EXCEPTION]
10. [INDEX OUT OF BOUNDS EXCEPTION]