Dennis Forbes on Software and Technology   Subscribe to RSS


About the Author
Dennis Forbes is a Toronto-based software architect. While focused primarily on the .NET and SQL Server worlds, Dennis frequently ventures outside of this comfort zone into game development and image processing. He has been published in several industry magazines, has been quoted in the Wall Street Journal and has been interviewed by NPR.

He is a vice president and lead software architect at an innovative New York City hedge fund back-office services firm.

Dennis has been working on solutions for the financial, telecommunications, and power generation markets for over 13 years.


Recent Entries
Jun 26 - Web Workers and You - A Faster, More Powerful JavaScript World
Jun 25 - The Remarkable Complexity of Modern Web Browsers
Jun 19 - The Internet is a Series of Tubes and You Don't Have a Dedicated Connection
Apr 20 - The Upside of Cameras Everywhere and The Case of Victoria Stafford
Mar 21 - SSDs and JavaScript Speedups: Deeply Disruptive Advances
Mar 20 - Building a Green, Low Cost, Good Performance Home File Server
Jan 13 - The Unlikely Success of Plenty of Fish
Jan 13 - Coding Horror Strikes Again
Jan 10 - HTML Purity - Does it matter?
Jan 10 - Microsoft the Patron Saint of Firefox?


The Feed Bag
Jun 12 - Defending Mono
Jun 11 - Cryptographic Right Answers
Jun 09 - 100Gbps Ethernet
Apr 22 - vSphere 4 and the Cloud
Apr 20 - Interesting MapReduce/DBMS Paper
Apr 20 - Oracle Buys Sun
Mar 21 - Understanding SSD
Mar 20 - Enterprise SSD Use
Mar 07 - Extreme Programming Explained
Feb 03 - RDP carrying more than primitives? Nice.
Feb 02 - Microsoft releases another Firefox add-in
Jan 27 - An official gDrive?
Jan 24 - A Microsoft rep's desperation
Jan 23 - Even Microsoft Has No Faith in PC Gaming
Jan 23 - So...is it a RIM Blackberry or a Trademark Misuse?
Jan 22 - Google Beats Estimates
Jan 22 - Microsoft's Quarterly Filing
Jan 22 - Microsoft has a "bad" quarter, will cut 5000
Jan 22 - Raises Amidst Worries
Jan 22 - WCF Security Guide
Jan 21 - Microsoft cuts imminent?
Jan 20 - Fiat takes 35% stake in Chrysler
Jan 20 - Online sales cut to save costs (?!?)
Jan 18 - Where the Wii Shines
Jan 15 - So wrong it's not even worth starting
Jan 15 - A Pancreas Erases Billions
Jan 15 - Microsoft considers cutbacks
Jan 13 - Tips for New Dads
Jan 13 - CWE/SANS Top 25 Most Dangerous Programming Errors
Jan 13 - Meh...I'll read this tomorrow
Jan 13 - Is that because RIM is Canadian?
Jan 12 - Buy Microsoft products to save cash?
Jan 12 - Ex. Trolling for links and hits
Jan 11 - Answer: No
Jan 11 - The Thing about Goals
Jan 11 - If you want the Chrome 2 Previews
Jan 11 - The Git DVCS
Jan 10 - Validate Your HTML
Jan 10 - Embed Gecko (Firefox) in .NET apps
Jan 10 - Google's new favicon
Jan 10 - Open source video editing
Jan 10 - Using C# to target the iPhone and Wii
Jan 08 - SanDisk's upcoming SSD is a game changer
Jan 08 - CueCat Part II
Jan 08 - Intel revenue plummets
Jan 07 - Why login attempt lockouts are important
Jan 07 - Early applause for Windows 7
Jan 07 - Saved by the march of technology
Jan 07 - SOA is dead? Long live SOA!
Jan 06 - Toronto's skyline from 43km away
Jan 06 - A good recipe for project disaster
Jan 06 - This project is still ongoing?
Jan 06 - F# to ship as part of Visual Studio 2010
Jan 06 - No Market for Start-Ups
Jan 06 - Apple Dips on Lackluster Macworld
Jan 06 - End of Wall Street: What Happens Next (Video)
Jan 06 - Dr.Dobb's Journal Decamps From The Magazine Industry

 
Thursday, November 17 2005
Computer Security Day
Carving at Lowville Park

I've been running as a non-privileged user (e.g. not an administrator account) for a while now, reducing the security risks of day to day computing. This was spurred on by the rising prevalence of root-kits, which are even being unleashed on an unknowing public by respected corporations

While this is simply a well-known good practice, it is remarkable how many ridiculous little irritants one runs into trying to do this: Even widely used applications like winamp fail to run as a non-admin without security tweaks, and of course you can't even open the system tray calendar without customizing your user rights. Thus far I've been very impressed by the behaviour of Visual Studio 2005 and friends, which seem to do a great job of living within the constrained permissions. I have to su every now and then to do some administrative tasks, but the threat window is vastly reduced.

Of course we all know that this is simply a good practice (and I would have done it far earlier if not for some demanding development tools), just as a number of other standard but sadly ignored security precautions should be the norm. On this theme, earlier today I was wondering if there was a "Computer Security Day" - A day when people could be gently reminded to take computer security initiatives (such as not running as administrator) to make the computing world better for everyone: While it might seem like it's only for individual gain, we all gain when there aren't millions of zombie computers at the bidding of hackers and spammers.

Turns out that there already is such a day. It's actually coming up in just a couple of weeks, as it occurs every November 30th. Which brings me to my real comment - scheduling such a largely business-related event to occur on a specific calendar day is ridiculous, and of course almost 30% of the time that's going to fall on a weekend. It seems only logical that it should have been the 3rd Tuesday of November, or whatever.

  Software Development 
Comments  Permalink
Thursday, November 17 2005
Globally Unique Usernames - User Email Addresses

I needed to post a support question to Electronic Arts support today (long story), and like many sites they force you to create an account.

Fine. So first things first I have to create a user account, and it's asking for a username.

dforbes...sorry that account name is already taken
dwforbes...sorry that account name is already taken
dennisforbes...sorry that account name is already taken
denniswforbes...sorry that account name is already taken
dennis.forbes...ILLEGAL CHARACTERS!
dennis_forbes...ILLEGAL CHARACTERS!
forbesdennis...sorry that account name is already taken
RRR...sorry that account name is already taken
blah...sorry that account name is already taken
blah999...sorry that account name is already taken
RRRRRRR999...taken

I'm not kidding. It was actually proposing ridiculous available alternatives for each, so I didn't have to keep trying, but at this point I was just punching in random strings to see how huge and polluted their database really is. It's big, and it's polluted.

These sorts of user accounts irritate me because I already have a globally unique account - my email address. No one else, in the whole wide world, has the same email address as I do. Furthermore I don't have to remember whatever oddball account you've forced me to take through arbitrary and site-unique username restrictions: Just use an email address and you can allow whatever is allowed in the RFC (it's all documented there for you), and when I get there I'll know what my username is. Why it's my email address! You're forcing me to enter it elsewhere to validate the account anyways, so you might as well go all the way with it.

  Software Development 
Comments  Permalink
Thursday, November 17 2005
Riya - Facial Recognition

I wrote about Riya previously, expressing a bit of skepticism about the technology. I should temper that by saying that I've never used it, and the most I've heard about it are some cursory micro-reviews, but my skepticism is based on the history of facial- and scene- recognition technology, and the barriers this product has supposedly overcome: Facial recognition, like character and voice recognition, has to be accurate enough that it is more beneficial than detrimental (e.g. nuisance false positives, and detrimental false negatives), and historically the latter is far more prevalent. Sure we'll get there, but it's just surprizing that a company could go from the primitive stage that we're at today to such an advanced stage, all in just one step.

Anyways, today I happened to look at my to see that there has been an explosion of Riya postings - Google, or so the story goes, has put a $40 or $60 million dollar offer to buy Riya. If you follow the blogs around you'll discover the big circular authority that is prevalent in these sorts of "blog scoops", with A attributing his source to B, but B hilariously points to A as the authority. Remarkable stuff. Like the technology itself, it could very well be true...but I certainly would take it with a mountain-sized grain of salt.

Indeed, if Riya is as capable as we've been told, I'd say that $60 million would be grossly undervaluing the IP - This would make a photo service stand head, shoulders, and torso above its competition, and I'd be looking for a number more like $400-$500 million. Seriously.

  Software Development 
Comments  Permalink
Earlier EntriesLater Entries

Dennis Forbes