Scott Hanselman

DevDays 2004, Portland, OR Reminder

March 3, '04 Comments [0] Posted in Speaking
Sponsored By

A reminder, I'm speaking at DevDays Portland this year, doing the 4th Web session, "Developing Secure Web Applications - Examining an End-To-End, Hack-Resilient Application"

I'll be taking apart Microsoft's OpenHack application.  Should be a blast, please do check it out, it's a fantastic value at only $99.  It's a security focused agenda this year, which is a refreshing change.  All of the DevDays talks across the country are including more 3rd party speakers, and Portland is no different.  We've got a star-studded (well, neither studs nor stars, but still) line up. 

If you're in Portland, bring your development team.  I'll hang out and chat with y'all 'til it's dark!

 

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Clemens got Slashdotted, site not quite holding up?

March 2, '04 Comments [3] Posted in ASP.NET | DasBlog
Sponsored By

Looks like Clemens got slashdotted.  Funny, I submitted the link to his letter, and was rejected.  I wonder how many people did the same before Hemos submitted it himself. 

Looks like Clemens site isn't holding up as well as mine did.  I'm getting timeouts from his ISA server:

10061 - Connection refused
Internet Security and Acceleration Server

I can't tell if dasBlog having trouble under the load, or if it's just a bandwidth/hardware thing.  I run my site at ORCSWeb (highly recommended) and I didn't even notice the slashdotting from a performance point of view.   I think that dasBlog scales just fine for 99% of folks needs. 

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

What to think about before getting your eyes lasered (LASIK)

March 1, '04 Comments [4] Posted in Musings
Sponsored By

I've received a bunch of emails congratulating me on getting my eyes lasered.  I've also got a lot asking questions about the results and my philosophy around the process.  This post was actually going to go out as the 4th email response, but here is it as a post instead.

Yep, I was a -9.25, that's like 20/1600.  Now (3 weeks later) I'm actually "officially" 20/20 in both eyes, but IMHO the right has some glare at night.  I'd say I'd like to be 20/10 or 20/15, but it's never effortless, is it? I'll let you know how it settles in a few months.  :) 

I will say, it's CRYSTAL CLEAR in the day time, but at night there are some "Comet Tails" on things like LEDs and there are areas of extra high contrast, like looking at a TV in the pitch black.  I have been researching this for years. Make sure to have a WaveFront 3d Topology on your eyes, and that the guy who does the surgery has done at least 10,000.  My guy has done 21,000 and had 7 problems.  If they won't get stats, don't bother with them, IMHO.

I'd totally do it again, but I'll give you these warnings:

  • ASSUME you will need a 2nd surgery to get it perfect. Just assume that.  If you don't, good for you, but best to expect the worst.
  • Know that your eyes will LITERALLY change from day to day, and sometimes from hour to hour as they heal.
  • TAKE the percoset after the surgery, from 3 hours to 6 hours afterwards you will experience a great deal of pain like hot sand in your eyes.  Best if you sleep through it and miss the whole thing.
  • ASSUME you will need to wear glasses for reading and driving.  (see above ;) )  
  • ASSUME you will get to 20/40, where you can go to the mall and walk around, but might not be able to read subtitles at a foreign film.  (same reason)
  • YOU WILL have visual artifacts around lights at night and in low light situations, small auras and comets.  I can still drive at night, but sometimes it's irritating.
  • It takes 6 months to REALLY know how your eyes will end up. 
  • When you are > 40, you WILL need reading glasses.  LASIK has zero to do with presbyopia.
  • If you are hyper-detail oriented and you'd regret it if you didn't see 100% perfectly, don't bother.

Overall, I'm very happy with the results, and it was $3K (total) worth spending.  Plus, I'm going to deduct the whole thing.  If you do happen to go to my guy to get your eyes lasered, be sure to tell them I sent you.

The other thing that's interesting, is that while everyone says that you'll wake up and revel in the fact you can see the alarm clock, that hasn't struck me as interesting.  What's REALLY amazing is being able to see the shower drain and your feet.  20 years of glasses and I've never actually seen water go down the shower drain.  After my first shower with new eyes I had to clean the bathroom. 

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Moving ViewState to the Session Object and more Wrongheadedness

February 28, '04 Comments [5] Posted in ASP.NET | ViewState
Sponsored By

Some folks didn't agree with my recent comments on ViewState.  That's cool, it's good to disagree.  The truth is no doubt somewhere in the middle.  My conclusion, and your take away should be this:

  • ASP.NET sucks exponentially LESS than any previous Web development technology
  • ViewState can be used for evil, but if you understand it, it can be VERY useful
  • ASP.NET is so powerful that it can enable you to be an incredibly bad programmer FASTER THAN EVER.  Don't program by coincidence. 
  • Know the bytes that leave your web server and what they are for.  Look inside the Viewstate with either Web-based Paul Wilson's ViewState Decoder, or Fritz Onion's Win-Form ViewStateDecoder.
  • Buy Fritz's book.  Seriously.

Now, that being said, I've also seen lots of talk on the 'Net about overridding default behavior and storing ViewState to another location, like the Session object.

Sadly, I saw lots of code on the USENET like this (Here's a VB.NET Example, but the language is an implementaton detail):

Public Class PageViewStateSession
    Inherits System.Web.UI.Page
  Protected Overrides Function LoadPageStateFromPersistenceMedium() As Object
    Return Session("ViewState")
  End Function
  Protected Overrides Sub SavePageStateToPersistenceMedium(ByVal viewState As Object)
    Session("ViewState") = viewState
    RegisterHiddenField("__VIEWSTATE", "")
  End Sub
End Class

What's wrong with this?  Apparently not enough to keep it off the 'Net, but enough for me to remind you:

Scott's Rule of Programming - Rule# 0x3eA
Just because code is on the Internet doesn't mean you should cut and paste it into your production system.  Do you chew gum you find on the street?  Give code you find on the 'NET the same amount of attention you'd give advice scrawled on a public bathroom wall.

What's wrong with the code?  Well, it uses the SAME KEY to store the ViewState in the Session object, forgetting that ACTUAL ViewState stays with the page 'instance.'  To use an anology you can relate to, just pick a random variable in any application you wrote and slap the keyword static on it.  Think it will work?  If it does, I wonder how long it will? 

If you store ViewState in the Session object in this way, you are assuming the user will access only one page at a time, and you may confused other pages in their attempt to load values from Bogus ViewState.  More importantly, what happens if the user opens new browser window, and starts accessing DIFFERENT pages but sharing the same session.  Well, you get the idea.

Some folks got around this by adding the requested page to the ViewState key:

Session[this.Request.Path + "-VIEWSTATE"] = ViewState;

But remember that the actual code in ASP.NET (more or less, via Reflector) does this:

text1 = this._requestValueCollection["__VIEWSTATE"];

It pulls the ViewState from the request NameValueCollection (including the Form collection, etc).  Each 'instance' of a page has it's own ViewState.   Then in OnFormRender, they:

writer.Write("__VIEWSTATE");
writer.Write("" value="");
this._formatter.Serialize(writer, this._viewStateToPersist);

So the question of the day is, how to move ViewState in to the Session Object (conveniently ignoring the additional memory consumption and the fact that the objects you store in the session will not expire, eh?), but still allow a user to have TWO browser windows up acting on the same page at the same time?  You'd need to store a unique index key in a Hidden Field to act as a lookup into the Session object rather than using the name of the page.

Here's the only even-close-to-clever example I could find via Google, and it has a LOT of limitations and a LOT of moving parts, and may have some threading problems. (Remember the bathroom wall!)

Even More Conclusion

Seems to me that this is a lot of work to do to save a fer bytes when someone could just:

  • Learn what needs ViewState and what doesn't and use it selectively.  It's NOT required for 90% of things, and you can usually get it down to a very small size.
  • Spend less time writing wrongheaded plumbing code to replace ViewState, and instead learn how to use it effectively and efficiently.  Read that last sentence again.
  • If you're that worried, use HttpCompression (seriously, if you're not using Http Compression, what's your excuse?)

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.