November 2004 - Posts
Valery Pryamikov has posted an excellent article titled "
On Evolution of Microsoft Perception of System Security". The article chronicles the changes in Microsoft over the years in how they have viewed security, or lack thereof, in their products, and have made a commitment to improve those products and respond swiftly to threats and exploits.
Jerry Bryant posted a great list of Microsoft IT Security Resources (current as of November, 2004) to his blog:
http://msmvps.com/secure/archive/2004/11/24/20647.aspx
[found by way of Anil John]
I found the book Head First Design Patterns by Eric Freeman, Elisabeth Freemen, Kathy Sierra, and Bert Bates a couple of days ago, ordered it, and received it last night. I have already read a couple of chapters and really like the format. The "Head First" series is something new from O'Reilly. This book, like the others in their series, is Java based, but it is easy enough to convert some of the code ideas and concepts into C# (in fact, I spent a few minutes this morning converting their Strategy Pattern sample from Java into C# -- a nice exercise to see what is similar and different between the two languages).
The Head First series and this book uses the latest research in neurobiology, cognitive science, and learning theory to present visually appealing content and repetition in order to achieve one goal: help the reader to learn and retain information as efficiently as possible. If you are new to patterns, you won't learn every pattern you see in the GoF book, but you will learn enough of what you need to get started developing and to prepare you for digging deeper in the other books. Most of all, this is a FUN book! See what a couple of notables have said about this book:
I received the book yesterday and I started to read it on the way home... and I couldn't stop, took it to the gym and I expect people must have seen me smile a lot while I was exercising and reading. This is tres "cool". It is fun but they cover a lot of ground and in particular they are right to the point.
-- Erich Gamma, IBM Distinguished Engineer, and coauthor of "Design Patterns: Elements of Reusable Object-Oriented Software"
I feel like a thousand pounds of books have just been lifted off my head.
-- Ward Cunningham, inventor of the Wiki and founder of the Hillside Group
These quotes are from the book and the authors' website: http://www.wickedlysmart.com.
I am not the only one talking about this as Rama also posted on this book a couple of days ago as well.
Again, this is an interesting and fun addition to the Patterns literature. Check it out for yourself, and let me know what you think.
Jon Udell has posted links to topics and his interview with Ward Cunningham and Jack Greenfield on Software Factories. I had a chance to check out the interview after I got home last night and it is definitely worth a listen. Ward, of course, is known for his work with Wiki and other early patterns and architecture work. Jack, plus others, published a great book on Software Factories you should also check out.
Update: Ernie Booth has a nice post pointing to the MSDN video by Jack and Keith Short on their Software Factories book. He also has some other useful links and update on his G# language specification.
I am getting really excited about our Patterns Group that is starting early next year. I have been looking at the various resources that are currently out there, and can't wait to start digging into these with the group.
Last night I enjoyed speaking to the Connecticut .NET Users Group in Farmington, CT (Microsoft offices). I spoke on of my favorite security topics: .NET Code Access Security. I have made the presentation and demo code available for download:
NETCodeAccessSecurity.pdf
NETCodeAccessSecurityCode.zip
It was great catching up with SB Chatterjee and Carl Franklin (co-leaders of the group) and Dan K. The group restarted last month, and it looks like they are doing well with a lot of interested developers.
One of the fun things I did as a review for last night's talk was to take a tour through Rotor code last weekend, in particular, the System.Security namespaces. I was tracing through code in the C# source all the way back to the C++ COMCodeAccessSecurityEngine code to see how the stack walk is implemented as well as how all the code access security modifiers are implemented. Interestingly, much of the code you see in Rotor for System.Security is exactly the same as what you see in the 1.1 and the latest 2.0 .NET Frameworks (as indicated by Reflector -- yes, Reflector self-updates to allow you to look at the latest 2.0 code as well). I have always said that Rotor is a great learning tool -- learn it, use it, live it. -)
Next for me is finishing the last of my slides and demo code for the Heartland Developers Conference next week in Des Moines, Iowa. That topic is on SQL Server 2005 Service Broker, another favorite of mine lately.
Hervey has posted information on the WSE 2.0 SP2 Pre-Release. You can download the update through these links:
Some good reads recently:
Part 2 of this series is out. Delve into the contract patterns that illustrate the behavioral specifications required to maintain smooth communications between service provider and service consumer.
Part 1 of the series can be found here. [via Anil John]
My friend Andrew Stopford has been investigating the current status of tools for doing Test Driven Development (TDD) and Extreme Programming (XP), including catching up on the latest information on Team System. Check out his most recent posts:
Code Coverage any success?
Tools affected by TS (Team System)
Catch all of his great Testing and Build System (RSS) posts.
If you do any TDD and/or XP, you owe yourself a look at Andrew's latest work.
As Andrew mentions, we have enjoyed following the CLR Team Tours this week on Channel 9:
Jason Zander - Tour of the .NET CLR team
http://channel9.msdn.com/ShowPost.aspx?PostID=29506
The .NET CLR Team Tour, Part II
http://channel9.msdn.com/ShowPost.aspx?PostID=29705
The .NET CLR Team Tour, Part III
http://channel9.msdn.com/ShowPost.aspx?PostID=29846
Of the various teams at Microsoft, if I was looking (I enjoy being independent and owning my own company), I would most like to be on the Indigo team (check out their tour as well), the CLR team, or one of the various Security teams. These teams look like great places to work!
Nothing new here, but Peter Drayton answered a question about the next version in one of the Rotor newsgroups:
The current version of Rotor is still 1.0 - mirrors the 1.0/1.1 CLR releases. The next version will be 2.0, matching the 2.0 CLR which is the foundation for VS2005 (codenamed Whidbey). It will be released after Whidbey goes RTM in 2005.
When I was at Win-Dev, Ernie and I (as well as Sam separately) asked Kit George about progress on Rotor. He confirmed that Peter is the one to watch for when it is available.
We (Sam, Ernie, Andrew, myself and many others) are very much looking forward to this!
More Posts
Next page »