Alex Papadimoulis' .NET Blog

Hey, your own books are very low
on quality too.

> Yes, "MSDN Regional Director" is a prestigious
> title, but it certainly is no where near
> "Turing Award Recipient."

Do you really want to see Turing Laureates writing .NET guidelines and best practices?

Any "best practices" book, or indeed any set of guidelines, inevitably will include contentious points. So will have more than one "bad paragraph" in the eyes of some beholders. Therefore I think you're wrong (dogmatic of me I realize) to judge it on a "higher standard" than other books: if it didn't cover any contentious points it would be too bland.

And I wouldn't want a pragmatic book for beginner and intermediate developers to reference research like some academic treatise.

But you've intrigued me enough to want to see this book!

I read a first preview of this book (written in italian language) and on page 4 of introduction the authors write that the book is not for the inexperienced developer and i agree with them.
A best pratices book publishies the author's experiences (20+20 years in this case).
The reader have to choice what to do, for that he have to be at least a project leader.
I think the book can became a reference for a project, also if it contains some errors because is more quick and easy to adopt a standard (with some small errors) than create one on your own.
It's more easy to write a note to correct what you don't like.
May be you can think to write a similar book with less errors.
Well do it !
Some problem to find an editor ?
Balena and Dimauro had found the editor in about 1 minute (i read it in the introducton).
How many time do you need ?
What about your credibility ?
"such a book must be judged on a higher standard than others" you said.
What about the level of reviwer ?
How many enterprise projects did you managed ?
Hown may softwar engineers did you lead ?
Some times the suggestions contained in the book are not original, i understand don't use a primary keys that have meaning for the end user after my first project as DBA, but, of corse, not all did that job.

Maybe the differences stem from their priorities: "robustness, security, scalability, efficiency, usability, code reuse, extensibility, maintainability, interoperability, ease of development".

And in that regard, I'd agree that their priorities are pure unmitigated evil. :)

The priorities, IMO should be: maintainability, extensibility, ease of development, code reuse, and security.

Robustness is a factor of maintainability and extensibility in my mind. So it's a little out of place in this list I think. If it's truly extensible, then it should be easy to scale/tweak when the time comes, so performance is *never* a design goal for me. The flexibility in the design to accomodate possible performance tweaks (among other things) is. Ease of Development is a big plus, but it comes far behind a robust design unless it's throwaway code. The level of code reuse can be an indicator of good design I think, but an extreme devotion to it can lead the more fragility if you aren't diciplined. The DRY principle should only be applied to a feature level IMO. Once you start using code outside of it's intent just because it does what you want right now, you start leaning in the direction of static libraries and tight coupling. At least I do. Security is a process of review IMO. Some say you have to design with security in mind, but I don't believe in that. Security "solutions" are generally "fixes" to issues found in testing in my experience. Important for projects that need it, but many don't, and the difference between a hardend application, and one that isn't, doesn't have anything to do with the overall design IMO, more the implementation of a few choice interfaces to cross-boundry resources, and diligent testing.

I think that from the comments there's probably a lot of good in the book, and I'm looking forward to reading it, but I think that until your own priorities as a developer are solidified, this book could be very dangerous.

Disclaimer: My opinions are my own and that of the invisible little green men that beam them to me. :)

God Alex, how dare you review a book you read, applying what you know and your opinions to the material, and let people know what you think? Why would you ever do that? You deserve to be attacked from all angles for it. Hang your head in shame.

Man, you need to get laid and relax (I do too by the way, so I'm not criticizing). Good points, but take it easy. Just b/c Baleana and Dimauro use absolute terms/phrases like "always, never, don't, it is essential" doesn't mean there's not allot to learn within the pages of this book. (I wonder if the Italian version contains more nuanced terms? It is possible. Writing in one's own language is difficult enough) Regardless, while I haven't read much yet, the little I have contains much value and my copy of the book already has several dog-ears and underlines.

Personally, I bought it because they tell you "why" they make their recommendations, thereby arming with reading w/ more information to decide whether or not he or she wants to take any particular guideline to heart, determine if they're making a specious claim or are just plain making arbitrary recommendations.

For me, understanding the processes of their reasoning (whether specious or not) is an exercise that helps me learn more.

Thanks,
-Chris

Come on, Alex, you can do better than this!

In just a few days you carefully analyzed a 600-page book filled with technical tips, so I find it weird that you have overlook most of the points I made in my previous reply.

To remedy to your distraction, I am summarizing my objections in an easy-to-follow, numbered list of items. You can comment on each point, if you wish, or make it clear that you prefer to leave them unanswered.

[1] A MATTER OF ETHICS
I raised several doubts about your approach to reviewing. I proved that you carefully excerpted text by clipping important info in the surrounding paragraph; that you didn't mention that we provide explanations, exceptions, and even alternate rules; more in general, that you hid facts that would have made your criticisms weaker or completely void.

If you were a regular columnist of a technical magazine you'd be in trouble for adopting these practices. Therefore, please don't lecture us about how credibility should be measured.

I would expect that you'd address *these* points before anything else, because they are essential in (re)establishing your credentials as a reviewer. Instead, you raised the noise level by focusing on secondary details and tried to draw the attention away from this and other central points. Even worse, you insist in adopting the same unethical approach (see next points).

[2] THE TARGET AUDIENCE
In the original review you stated that the book advocates bad practices. After my reply, you somewhat redefined your criticism. In the new, milder version, most guidelines that were plain wrong have become correct in their substance, only they are dangerous in the hands of inexperienced developers. Let me quote a couple of sentences from your post:

"The book is targeted not towards the gurus and experts, but towards the beginner
and intermediate level developers....Yes, tuning and optimization is important,
but it is not an appropriate theme for a book with this target audience."

It's quite funny that *you* decide what the intended audience for this book is. Not the authors, not the publisher, just you! Wow!

Once again, let's your readers know that your criticism has no ground whatsoever. Here's a piece of text excerpted from the "Who should read this book" section in the introduction:
+-----------------------------------------------------------------------------------------
| IMPORTANT: One category of developers should *not* buy this book:
| This book is neither for beginner developers nor for developers who have
| never worked with the Microsoft .NET Framework.
+-----------------------------------------------------------------------------------------
Let us state it once again: This book doesn’t teach you the basics of the
.NET Framework, Visual Basic, and C#. Quite the opposite: we expect
that you have a good familiarity with these languages, with object-oriented
programming in general, and with the most important types in the .NET Framework.

Notice that the portion between dashed lines is enclosed in a box and is highlighted with a big icon. There's no way you can overlook this warning, yet there is no trace of it in neither of your posts. You should have acknowledged that we are crystal clear about the expected expertise level. We emphasized this concept to avoid unrealistic expectations from less experienced readers, even though it significantly narrows the potential market for the book.

The truth is, the book is targeted to developers who have enough experience to take all our recommendations with a grain of salt, understand what "right" and "wrong" mean in its context, and make the best use of all the low-level information we provide... including the max number of variables the JIT compiler can allocate in CPU registers (and not in "memory", as you incorrectly quoted).

But the key point here is: you *deliberately* omitted to mention this important disclaimer in the attempt to backup your claims. This is what I call cheating. It was a nice try, but it was cheating anyway.

[3] ANOTHER CASE OF DELIBERATE OMISSION
You say we recommend to "never catch the ThreadAbortException". For the benefit of your readers, here's the complete paragraph:

Don’t catch the following special .NET exceptions except for logging reasons:
OutOfMemoryException, StackOverflowException, ThreadAbortException,
and ExecutionEngineException. If you catch these exceptions, you should
always rethrow them.
WHY: After the .NET runtime throws one of these exceptions, the application is
usually in an unstable or undetermined state and it’s quite unlikely that you
can recover from these exceptions gracefully [continues...]

The actual recommendation isn't as rigid as you claim it to be and, more importantly, it clearly explains the risk deriving from ignoring the guideline. You fraudulently tweaked the actual text to prove your reasoning, but this shouldn't be a surprise by now. But in this specific case there is more.

I agree that the case you mention - i.e. catching ThreadAbortException as the only way to gracefully clean up and exit from a sleeping background thread using unmanaged resources - is rather frequent. Strictly speaking, however, to gracefully exit from a sleeping thread you need a *finally* block (not a catch block). The background thread typically performs its chores in a loop which in turn is contained in a try-finally block (not a try-catch block), so the clean up can occur regardless of whether the thread is exited by normal means or is aborted by another thread.

Our guideline suggests that you don't *catch* ThreadAbortException and in fact you rarely need to do it. If you do it, you should rethrow it because the application might be in an unstable state. I believe readers can conclude that the guideline is therefore correct, accurate, and informative. You can disagree, of course, but you should explain exactly why.

[4] THE PREMATURE OPTIMIZATION ISSUE
You repeatedly accuse us of promoting early optimization, but none of the examples you mention are real cases of early optimization. As a matter of fact, we never advocate early optimization anywhere in our book.

Let me explain this detail in the simplest terms, so that you can't pretend you don't understand my point. These are the examples you made:
a) "as" operator vs. "is" operator + casting
b) Return keyword vs. Exit Function keyword
c) VB-specific functions vs. .NET standard methods
d) ChrW vs. Chr function
e) String.CompareOrdinal vs. String.Compare (where applies)
f) inline <% ... %> expression vs. runat=server attribute

In all cases we have two equally robust and documented techniques, based on standard C#, VB, or .NET features. They are perfectly equivalent, except the one on the left is faster. Where is the problem with recommending the faster one? Where is the danger you mention, in the obvious attempt to scare your readers away from this book?

Oh boy, if you consider these techniques as examples of "unreadable code" or "premature optimization" then you obviously have a serious problem with writing real-world apps.

[5] MSDN OFFICIAL GUIDELINES
As I have already explained, all the guidelines you consider as extremely dangerous have appeared long ago in MSDN articles and are considered as official Microsoft .NET guidelines. For your convenience, let's list the similarities and differences between our book and those articles:

- both come from the same authoritative publisher (Microsoft)
- both use terms such as "guidelines" and "best practices", therefore they should target the same audience (at least according to your distorted criteria)
- MSDN articles are freely available on the Web, therefore they can reach and affect many more developers than our book.

With all these premises, you should explain why our book is so dangerous whereas these MSDN articles, which have a much greater disruptive potential, are not. I am sincerely eager to hear your explanation; until then, though, I can only conclude that your review was just an unfair and gratuitous case of personal attack.

-- Francesco

Let me expand on guideline priorities, in the attempt to address an issue that Sam raised.

We explain that we put robustness at the top of the list because a programming technique must never unexpectedly fail or deliver bogus results. It has little to do with neither maintainability nor extensibility, at least in our schema.

Here's a concrete example: never access a Windows Forms control from a different thread. Your .NET 1.1 code might appear to work during the debug phase, but sooner or later it is doomed to failure at the customer's site. (.NET 2.0 controls correctly throw if accessed from other threads.) Putting robustness at the top of our priority list ensures that we never suggest a technique that makes your code easier to write & maintain but that might fail under special or infrequent cases.

Another example: many techniques allow you to detect whether another application instance is already running, but some of them don't work well with the XP Fast Switching User feature. Using the wrong approach would therefore make your application malfunction in some cases, thus we recommend a technique that works well even if the end user enables the XP Fast Switching feature. I hope these two examples clarify what we exactly mean by robustness.

We placed security quite high in the list because we believe it can't be an afterthought in the .NET world. Here's one of the many reasons (hardly the most important): all method invocations are subject to Code Access Security and the .NET framework makes some of them fail when your code runs in a partially trusted environment. If you don't keep this security-related detail into account you might be forced to throw away a lot of code you already tested and debugged in case you (or your customer) later decide that your app should run in a partially trusted context.

That said, I am not claiming that our priority list is perfect. You can disagree with our priorities and with individual guidelines. Alas, we can't make everybody happy. I am just saying that we did our best to follow a set of well-defined criteria and made these criteria clear to our readers, so that they can always make an informed decision.

Did someone up there not realize that this is a *personal* blog full of *personal* opinions.

Congratulations Alex. I totally love http://www.thedailywtf.com, but today you're being gunned down (with Microsoft Press backing?) by book authors themselves for a personal review.

Cool!

Francesco,

Quick reply, since I don't know if this will ever be read by anyone being that it's a comment.

I really appreciate the personal replies. I do realize that my review was harsh, and I still do feel it was warranted. I have, however, reworded my original post on credibility.

Ethis:
I picked apart your book and looked for the detail. The examples I made I did not take out of context. The <%= %> thing you did not have a left and right way, you said "do your title like this." You offered no other way. And frankly, your way sucks.

Target Audience:
On the scale of Beginner, Intermediate, and Expert, your book is target more towards the first two. Beginners (especially to .NET) will look towards the best practices book.

ThreadAbortException:
THis was not an ommision to twist the trut. The quote from the docs does nothing to explain when you should (multi-threaded exiting) and shouldn't (response.redirecting) use the exception. It was on the whole useless.

Optimization:
It's the fact that you make it a high priority in your book that gets to me. When you speed is on the developers mind, it leads to crappy code. Plain and simple. This has been known for 30+ years now.

To Alex: take it easy ;) You're free to express your opinion. You don't even have to back up your statements. You think a book is bullshit - so it is... for you. The more you try to make Francesco to agree with anything you dislike, the more Fracesco will attack you. He wrote the book, he can and will pick lines in and out of context to make you feel miserable. He's right... for himself.

To Francesco: take it easy ;) If you wrote a good book (haven't read this one) you can bet you'll sell hundrends of thousands of copies. I really wound't care if I see one or two bad opinions about "Code Complete" (I'm in no way measuring your book agains it) if I see thousands of positive reviews from other readers. I'm going to buy it, read it, and then, if I see that it is indeed a good book, I'm *not going to bother* writing a reply to a guy who didn't like it. Maybe he's too experienced? Or dumb? Or drank too much coffee? What do I care if the book was good for me?

Take it easy and cheers,
Stoyan

Thanks for replying Francesco:

You explanation of what you mean by robustness makes a lot of sense now. Thanks for taking the time.

As far as security, I'd disagree if it's not a requirement, I don't think the impact on the code base should be that large with a well thought out design.

I'm still looking forward to picking up the book when I find the time. :)

Man, this author seems like a real dick.

^_^,Pretty Good!

>Believe me when I say your customer would
>prefer code that works to code that saves
>forty nanoseconds out three milliseconds.
>Yes, tuning and optimization is important,
>but it is not an appropriate theme for a book
>with this target audience.

Sorry, that's just moronic.
If one has a function that is called some million times per second, optimization *is* important. That's like decoding base64 in an application. If you decode some GBs data per minute (and that's it), you won't want the customer to pay for an extra server because your code is so god-damn slow.