Music Ears

Dare is thinking about getting an iPod. I have to admit, it looks pretty nice, and the customers are happy. Tommy Suriwong has a recommendation for headphones as well.

Bacardi Silver is a key ingredient of a proper Mai Tai. Hess’s site will turn you into a cocktail snob; I never realized how many places prepare their drinks wrong. Get the Levitz rug from IKEA, put”ralph myerz & the jack herren band” on the stereo, andget classic martinis going for the guests– instant pimp.

Speaking of IKEA, one day I will blog the story of how I mapped the inside of the local IKEA using graph paper and a digital camera (I no longer get lost when I shop there). Or maybe I will present an analysis of their pricing accuracy. And since we’re talking about IKEA, I wonder if anyone else likes “Queer Eye for the Straight Guy“? The obsessionwith hackneyed gay stereotypes is a bit silly, but itprovides comic devices, and the show is just too good. Compared to the show with the two British women who do makeovers, or “Trading Places”, the production quality of “Queer Eye” is much better, and so are the results the guys get. In an environment where “man TV” caters to the lowest common denominator and insulting stereotypes of “what men want”, it is cool to see a TV show for guys that is about more than trampoline-jumping cheerleaders and power tools. The ratings success of the show should prove that guys are just as vain as women, and it’s great to see a show that finally caters to that vanity. And it’s funny. The aforementioned British women can be sarcastic, but there is no comparison to these guys (especially the blonde guy — “there’s a hooker in Trenton who wants her shoes back”).


Lots of activity since the last post. Last weekend, my wife was presenting at MGB, so I was on babysitting duty. I took the occasion to break my liquid-food diet. Within a 48 hour period, I managed to eat: Jambalaya, Barbecued Shrimp, Bread Pudding, Catfish, Red Beans and Rice, Lobster Etouffe, Pralines, Beignets and a bunch of other stuff that I would never get in Seattle. I didn’t see any Microsoft people the whole time, until the flight back, when we ended up on a flight with about 50 other co-workers. The flight was delayed, screwing up the connection in Denver, so my wife and I had a very exciting time with gate agents and security that is sure to be remembered by everyone on the flight. We managed to outmaneuver the defective gate agent (Ed,a gate agent for Unitedin New Orleans) and even booked a contingency flight to Seattlefrom the airwhile flyinginto Denver, so we made in home OK, albeit a few hours late. We’ve each booked well over 100k miles on United, but will probably never fly United again. Now that American has better leg room, and Alaska has better times along the west coast, the only reason I have flown United recently is for Red Carpet Club. And by the time the plane arrived latein Denver, we only had 30 minutes in RCC (it closes at 8:45 PM), then had to sit in the terminal and wait anyway. Also, the Denver RCC doesn’t have a family waiting area the way SFO and Narita do — definitely not worth the hassle.

So I was back to the office for 4 days, long enough to make a fairly clean entry into our next development milestone. Tomorrow is the company picnic, and then I’m off to NJ for a week. I’ll be in Princeton, so NYC and Philly are both in easy striking distance. So many people I could be visiting, but we’ll see how my social calendar works out.


Physical illness makes me impatient and intolerant. Intellectually, I know that the holes in my jaw will heal, and that soon I’ll be back to my normal level of activity; but every second of diminished physical capacityincreases my general sense of malcontent. I never noticed how extremely computers and software suck, but now I am noticing everything that sucks about my computer. At least typing is safer than driving when I’m like this.


The Data Protection API (DPAPI) is a relatively unknown feature of Windows since Windows 2000. It’s an extremely simple API that can be used to safely encrypt passwords and such for storage in a config file. GotDotnet has a code sample component for calling DPAPI from .NET.

Now, DPAPI is fine for storing passwords on a server (if you don’t want to go all-out and install Kerberos or Active Directory, that is), but you still need a way to communicate between a client and server if you want to check passwords in an n-tier architecture. One common way to do this in web apps is to just send the password from client to server in the clear, and then encrypt the whole channel using SSL. The other common way, which does not require the channel to be encrypted, is to use a challenge-reponse digest, such as “HTTP Digest Authentication“. Here is a code sample that performs HTTP Digest Authentication from an ASP.NET page.


Harmonyland looks like a fun place to take the kids.

After trying for weeks, I finally found a machine that lets me connect to GotDotNet Workspaces Source Control. The secret? Just use a machine that doesn’t have version 2.0 of .NET frameworks installed. That should have been obvious.

I’m off work tomorrow and Wednesday. At 7AM, I go under general anasthesia and all four of my wisdom teeth come out. I’ve been under general anasthesia once before, and the aftermath was quite pleasant. For two days, my short and medium-term memory was shot, and my brain was running at an idling 70%. In a world with nitrous oxide, hydrocodone, and general anasthesia, one almost looks forward to dental visits.

On the other hand, the pain for the past week has been rather bad, and a weeklong diet of Ensure has left me fiending for solid foods. But I found a creative way to cope, improving my skills via the recipes on Robert Hess’s site. HisMai Tai, Margarita, and Cosmopolitanrecipes are my favorite. I think Hess gets kickbacks from Cointreau and the Lime growers’ association.

More Missing Future

Eric Kidd has summarized some of the responses provoked by his piece on ‘Missing Future’.

The response that I wish I had written comes from Alex Hoffman, who says “focus away from technology, platforms and the development community, to real world end-users and their requirements” and “Come to realize that the software industry is dominated NOT by companies like Microsoft or the open source movement. That’s a developer-centric view of the industry.”

That is exactly right! This is also the same general point I was trying to get across in my own “Mr. Safe” post earlier. We in the software industry are waaay too guilty of this self-indulgence where we think that the world cares about our politics, platforms, and gratuitous layers of abstraction. In the end, the only thing that matters is whether an end user gets real-life value from your code. It’s a hard lesson for CS grads, and one that many never learn. Developers often get hung up on details like “what language should I use?”, or “should I use message-oriented or service-oriented architecture?” Some CS grads get jobs where they can focus on those details exclusively and can ignore the fact that these details are just a means to a much more important end. But for most people, that stuffdoesn’t provide real value. Here are some examples of stuff that provides real value:

  • You run a chain that sells groceries. You are alerted that a batch of meat has been recalled by the meat processor due to contamination. You need to contact as many people as possible from the 5,000 people who have purchased meat from that batch and alert them. It could save lives. Most large chains have this capability today, and have used it. It’s real value, and worth the investment. And the guy paying for it doesn’t care what language, OS, or database you use as long as it works.
  • You are a manufacturer with dependencies on a few hundred suppliers. At any moment in time, your company has outstanding accounts payable for thousands of orders. You have contracts with each supplier that stipulate discount/penalty schedules based on payment within 30, 60, or 90 days. The longer you delay paying, the more time the money can collect interest in your company’s accounts, so you want to pay as late as possible within the window where interest gains outweigh penalties. Scheduling payments precisely can make millions of dollars in net benefit to your company based on interest gains and reduced penalties, and can let you have better control when liquidity is urgent. This is something that almost all large companies do, and is extremely valuable. Again, the guy paying for it could care less what language it’s written in, as long as it works.

Of course, it is true that some architectures, platformsand languages are better than others for certain tasks. And the choice of architecture can have serious implications down the road. But my point is that a focus on these things is seriously lacking in perspective. In the overall scheme of things, the value is created and the money flows because you have satisfied a real-world need, NOTbecause you have made a “better” platform. You can make lots of people happy and solve lots of real-world problems without having a very good platform, but you can go broke even with the “best” platform if you are NOT making real people happy and solving real-world problems. And as far as I can tell, real-world problems that could benefit from software are infinite.

MSFT in the News

Lots of news about the new compensation plan at MSFT. The fact that employees will no longer get stock options is less interesting than the news that MSFT plans to hand out stock awards just as broadly as options were handed out (in other words, to most employees). I think that most employees will prefer this arrangement.

I tend to agree with the underlying assumption that “options are a really strange way to compensate people”. Stock options in an industry with reality-altering P/E ratios like tech had (and still has to some degree)have always been essentially like lottery tickets (or more cynically, like shares in a now-imploded ponzi scheme). Perhaps I have less angst than others about the portion of my options that are underwater, since I had never convinced myself that options were anything other than a useful hedging tool for money managers and a speculative gamble for everyone else (a view which I feel is well-supported by economic texts but seemingly equally well-ignored by people who hold options, as many interesting lunch conversations attest).

In any case, there is nothing wrong with handing out lottery tickets at review time. But I think that most MSFT employees would now rather have something more predictable. Besides the fact that many employees had(IMO) unrealistic expectations about their options, the demographics have changed. I don’t have hard numbers, but the norm has shifted undeniably from single to married and married to married with young kids. In other words, the risk-tolerance has gone down.


Seattle PI talks about blogs at MSFT. I think it is a well-done article, and captures the issues accurately.