Chris Szurgot's Blog

Since .Text wouldn't let me post the comment, I'll just update my blog with a comment.

Regarding Matthew Reynolds code to get the desktop area there's a better way than even that.

SystemInformation.WorkingArea

It gets the area of the primary monitor, minus the start bar. And it only gets the primary monitor.

(I think the .NET team needs to use this function to “Center Screen” on windows forms, because the current one will center on whatever monitor the mouse is on)

Update: It seems this post looked fine in the editor, but messed up in the feed, so violated blog etiquiette. I've correct the formatting so it should show up correctly.

One of the commands I used most in Windows is the “start” command from the command prompt. It allows you to do several quick things, like

"start ." - Opens up the current directory in an explorer window
"start DIR" - Opens up the specified directory an an explorer window
"start FILE" - Opens up the specified file in the appropriate handler
"start /WAIT EXE" - Executes the given exe and waits for it to complete. (Great for scripting GUIs)

Needless to say, combined with Commond Completion in the console, this is a quick way to zip around the system.

But, it's got an interesting feature. If the first non-switch argument is quoted, that becomes the title of the new command prompt that is opened. The problem comes in that if there are spaces in the filename, the string is quoted, so you get a new command prompt instead of whatever you wanted. My guess is this is a backwards compatability issue, that's just been there forever. A quick batch file that just puts a ““ in the command line gets around it, so no big deal.

Anyway, great command if you use the command line and didn't know about it.

Spam, I must admit, is utterly fascinating.While it is truely annoying, it's amazing to see the lengths that people will go to in order to get around spam filters, and catch peoples attention. Misleading subject lines (we all know that one), misspelled workds. common words, with spaces or * or other characters in them. Special chars to replace common letters (1 for l, @ for a, and so on...), spam about not getting any more spam ( I love that one) I mean we all know the deal. Why anyone would think a misspelled or poorly written letter would sell products is beyond me. Is anybody actually making money off of spam? Or is it the same myth that chain letters use, the somebody got rich off the letter, but theoretically, by the time you send it out, you haven't made any money at all, but spent quite a lot, even though the letter states you're living fat of the land... <grin>

I keep getting mail that says “%RND_UC_CHAR[2-8]” in the subject line, like some script failed to process the header  before it went out. Professionaly done, I must say.

Anyway, the one I like the best, I think, is the Nigeria scam. The letter I got reads something like this:

<excerpt>

</excerpt>

It reads like those old Mad Libs we used to do as kids, you know, you'd ask friends for “adjective”, “verb”, “noun”, and then when it was all done, you'd have some amusing story... So here is this boilerplate spam that people just fill in the blanks, and send it out, not worrying about capiltalization, spelling, grammer, and what you get is a rather amusing scam letter, with about the same content. <grin>

Ah well, hopefully I'll be able to find something that can stop me from having to deal with all this spam. I use SpamBayes for Outlook, but I still have to sift through 40-50 emails a day as suspects (and this is after using it for about 3 months)

Here's a .NET security wish list item, and it's even in keeping with good coding practice of never showing error messages with too much information.

When a program/assembly can't execute because of security restrictions (hosted in the internet zone, and permissions aren't set on the client), there should be a standard dialog box that pops up, saying that security restrictions prohibit this control from running (much like Active X does now) *and* also some information about how to contact the vendor.

We have an application that uses Interop for dumping files, and the clients who can access it, are more than willing to give us the permissions, but the only way to get a good security dialog was to wrap the control up in another control that can catch the security exception.

I'm working with “large” datasets, (25000+ records, and a table with about 50 fields) and I'm finding the whole process to be unweildy. The memory to serialize and deserialize a dataset of that size is phenomenal, and the time it takes to merge into my working dataset on the client size is rather long.

Does anyone know of any tricks to work with DataSets of this size, or would it be worthwhile to examine other methods? I'm seriously considering using an Access Database with a form just because it's more efficient at dealing with larger data sets.

Reading “Writing Secure Code” has brought back memories of the worst security situation I've ever seen. This unnamed company would've been a great training video for how not to do things. (All of the issues have since been fixed, but it was a long hard road)

First, almost all database access used the SA account, with no password. Ouch! Second, several applications needed to run, not only as administrator, but as the network administrator. Talk about violating least priveledge. Third, even though the apps required 24/7 uptime, they were written as console apps, so the machines had to be logged in all the time and no screen saver was set. (The weren't witten as services, because that would “put them at the machine level, and be a security risk“) Umm, ok? These apps were resource intensive, so each one had it's own machine, which meant many machines running as admin. And to add insult to injury, the server room door was often left open because there was no cooling system, and it overheated things. I don't even want to talk about the code itself.

As I said, over time, all of these issues were corrected, (SA password added, the apps given a more secure login, programs set to run as a regular user, and rebuilt as services, and a AC added to the server room) but it was a long hard road, and I always think of it when looking at security as how not to do things.

Haven't blogged in a while 'cause I couldn't get my password to work, and had a heck of a time getting it reset.( Hopefully, I can remember all the things that I've thought about in the interim that I wanted to pass on.)

I know this'll get lost in all the hellos and new bloggers <grin>