MacBook, defective by design banner

Put the knife down and take a green herb, dude.

One feller's views on the state of everyday computer science & its application (and now, OTHER STUFF) who isn't rich enough to shell out for

FOR ENTERTAINMENT PURPOSES ONLY!!! Back-up your data and always wear white.
URLs I want to remember:
* Atari 2600 programming on your Mac
* joel on software (tip pt)
* Professional links: resume, github, paltry StackOverflow * Regular Expression Introduction (copy)
* The hex editor whose name I forget
* JSONLint to pretty-ify JSON
* Using CommonDialog in VB 6 * Free zip utils
* that hardware vendor review site I forget about is here * Regex Tester
* Read the bits about the zone * Find column in sql server db by name
* Giant ASCII Textifier in Stick Figures (in Ivrit) * Quick intro to Javascript
* Don't [over-]sweat "micro-optimization" * Parsing str's in VB6
* .ToString("yyyy-MM-dd HH:mm:ss.fff", CultureInfo.InvariantCulture); (src) * Break on a Lenovo T430: Fn+Alt+B
email if ya gotta, RSS if ya wanna RSS, ¢ & Δ if you're keypadless
Thursday, July 21, 2016

From today's randmo blog qua strawman:

Why I don't think you should use IQueryable outside of your repository.

I don't believe that you should return IQueryable for several reasons. First, it breaks unit testing capabilities. Half the point of compartmentalizing your data persistence logic into repositories is so that you can isolate and test that logic. If you're passing the buck up to the domain logic level then you're no longer able to test data persistence logic and domain logic by itself. In my opinion it completely breaks separation of concerns. You can't unit test a property of type IQueryable because you couldn't possibly account for all the logic possibilities that could be handed off from your domain logic. The person writing the domain logic is completely responsible for writing sound queries against the database! [emph mine -mfn]


Look, bad code can go anywhere. Code without unit tests can live anywhere, including your repositories.

If you don't pass back IQueryable, where do you do joins? In the repository? But why would a FooRepository know anything about Bars? You're mixing your domain objects.

So that join (and any complicated, multi-object type logic) belongs in the FooBarDomainService. And to do that correctly, you're almost certainly going to need to return IQueryables, otherwise you're doing dbms work in your middleware, and that's stupid.

And then you need to write tests for your services. Which logically equates to what Chev wanted to start. Maybe you make those services that deal with IQueryables internal classes. I'm fine with that. In fact, that's probably smart.

Take 2

Here's the continuation...

The second assumption it makes is that the data store will ALWAYS have to know how to properly implement IQueryable. If you ever try to re-factor your repository layer to use a different data storage technique then you will likely also have to re-factor your domain logic and/or write a new repository layer that exposes entity collections as IQueryable. If your new data store doesn't understand expression trees out of the box then you're in for a world of hurt.

  1. What is it with people thinking we're going to swap out data stores? It almost never happens. Honestly. And when it does, it rarely goes from, say, SQL Server to Mongo. Occasionally, sure, but that's the exception that proves the rule.
  2. This is exactly why I argue that all non-trivial reads should be written in SQL, not via an ORM. You're paying for your rdbms. Use it. (If you're not using an rdbms, using SQL obviously doesn't apply to you. ;^D)

Labels: , ,

posted by ruffin at 7/21/2016 03:37:00 PM
Monday, July 18, 2016

Why is Apple's incredibly cautious, extremely limited rollout of the Siri API for 3rd party apps for developers bad news?

It's simple:

Apple's limited Siri API hurts voice recognition in apps because no third party is going to provide developers with a more flexible one.

Alexa just gives you text to parse. This is perfect. Let me screw it up. It's my app. Apple, on the other hand, limits Siri to a few "Supported Domains and Intents".

currently supported Siri \

Wow, that limits voice recognition. I'm hopeful that this is just the beta, essentially, but if they continue to force all voice recognition into their own backend, and will only give you the results in some sort of logical flowchart, Alexa and Google are going to hand Apple its hat with digital assistants. I understand that this allows us to skip translation, but is that really that big a deal? Smart folk are internationalizing (there's a better word for that; sorry) their apps now, translating labels and other text throughout. I also get that Apple might do a better job with grammar, so that there are lots of ways to get across a command in natural speech rather than forcing a strange, app-specific grammar. I don't feel that's a big win.

If I have to speak to Overcast, my podcast manager, like, "Overcast, start playlist Sports" and can't say, "Hey, play sports on Overcast," that's fine by me.

Labels: , ,

posted by ruffin at 7/18/2016 10:09:00 AM
Monday, July 11, 2016

The Twitters told me today that Pokémon Go's Google account sign-in takes full access privileges, which is pretty obviously not good.

From Kotaku:

Update - 10:07pm: Niantic says it was a mistake that will be fixed soon. Here’s their statement to press:

We recently discovered that the Pokémon GO account creation process on iOS erroneously requests full access permission for the user’s Google account. ... Once we became aware of this error, we began working on a client-side fix to request permission for only basic Google profile information, in line with the data that we actually access. Google has verified that no other information has been received or accessed by Pokémon GO or Niantic. Google will soon reduce Pokémon GO’s permission to only the basic profile data that Pokémon GO needs, and users do not need to take any actions themselves.s

Let's look at that last line again...

Google will soon reduce Pokémon GO’s permission to only the basic profile data that Pokémon GO needs, and users do not need to take any actions themselves.

What does that mean, exactly? I mean, they do have full access, I guess. ;^)

Anyhow, my first and continued response to this is...

If only there was some way we could create fake, throwaway Google accounts with no personal data whatsoever to use for trivial purposes like this one.

le sigh

Update: So this is the "real" issue, and one I wondered about when I created a login with my [throwaway] Google account:

I didn't see the, "Pokémon GO is requesting these permissions" screen either. And that's the real issue with OAuth in any application that isn't a browser made, downloaded, and run from a trusted source: You can't tell for sure that you're not using an embedded browser, one where every keystroke is easily viewed by the app authors.

In fact, if someone was after your information, they'd almost do better (if you don't have two-factor security) to sniff your password as part of an OAuth workflow that asked for the appropriate level of permissions (ID and email only) to stop from raising the red flag we're seeing here.

Labels: ,

posted by ruffin at 7/11/2016 10:46:00 PM
Friday, July 08, 2016

I enjoy reading the Washington Post, but one thing I've noticed post-Bezos is how trite the articles in the section "The Post Recommends" are. They really are linkbaity, even if they link to articles on the Post. I mean, I can be reading The DC Sports Bog [sic] incognito, and the Post will recommend, "The sobering thing doctors do when they die."

Post recommendation on The Sports Bog

But I guess it's working. Today, I finally gave in and read an article that's often “recommended”, "The baffling reason many millennials don’t eat cereal". I’d already read The New York Times’ version, so might asd well see what the Post has to add. Basically, the answer appears to be that millennials don't want to clean the bowl.

But there is another thing happening, which should scare cereal makers — and, really, anyone who has a stake in this country's future — more: A large contingent of millennials are uninterested in breakfast cereal because eating it means using a bowl, and bowls don't clean themselves (or get tossed in the garbage). Bowls, kids these days groan, have to be cleaned.

Wow. I mean, I often eat cereal because all I have to clean is the bowl! It's not that difficult. It’s just milk. Rinse, wipe well, and leave it out for tomorrow morning.

Sad enough, right? But the real take home is the last sentence of the piece:

Maybe Soylent is the future after all.

And I was pretty sure I knew what Soyent is... Seems like I’d read an article on how popular the soy shake had become in place of meals in Silicon Valley. From today’s Wikipedia, it looks like I’m remembering correctly:

Soylent is a meal replacement beverage, advertised as a "staple meal", available in both liquid and powdered forms. Its creators state that Soylent meets all nutritional requirements for an average adult, but some critics claim otherwise. It was first created and tested by software engineer Rob Rhinehart as a self-experiment in nutrition. Subsequently, the powdered version of Soylent was developed into the first product line of the company Rosa Labs, who currently markets and sells the formulation.

What a weird product. You couldn’t engineer a better hipster food, which tells me that’s essentially what it is. I mean, look at these "use" images.

Soylent use images 8 July 2016

It’s essentially the equivalent of six slices of bread worth of calories. I can’t tell how many they expect you to drink to equal a meal, but I’m guessing one at $2.69. I guess that’s pretty cheap, compared to going out for lunch, but compared to a loaf of sandwich bread, well, even this bottle of calories isn’t insanely cheap. And there’s some waste, no matter what they’d like you to believe. It’s pretty ‘Murican, if you ask me. Folks pay a small premium for convenience and hipsterness, and somebody profits.

But that’s not ‘Murican enough. Take another look at this image, from Soyent’s site (oh, even more hipster. It’s hosted on heroku via fastly! Well done, Soyent):

insert alt text

Really? Mr. Skinny New Hat, Hipster Sunglasses, Hipster Facial Hair is dribbling Soyent all over his chin. Is he drinking anything? Not only do we not have time to eat, we have so freakin' much disposable income we can't possibly drink our meals respectfully. We have so little time to waste, unless it's time taken to be wasteful.

'Murica. Come on Soyent. Be classy.

Labels: ,

posted by ruffin at 7/08/2016 08:57:00 PM
Thursday, July 07, 2016

Much too "Seinfeld on reservation"-y.

See, if it was simple, like it was before, I'd be logged in now.

And it's really the simplifying that's the most important part of, um, simplifying.

ARGH. Fail.


Labels: , ,

posted by ruffin at 7/07/2016 12:22:00 AM
Wednesday, June 29, 2016

This page about Firefox claims:

Location-Aware Browsing is always opt-in in Firefox. No location information is ever sent without your permission. [emphasis mine, of course]

text quoted in page context

That's so not Scottish, it's crap.

In case you think I'm overstating, or screwed something up, here's my full Firefox history (full disclosure: I've erased about 12 pages between "Internet for people, not profit" and the Yahoo search for AAA that'd tell you what bank I use):

pretty simple firefox history -- intro, Mozilla, aaa search, bam

I can tell you, I haven't opted in to giving out my location everywhere in those pages.

And when we check about:config, it's turned on anyhow.

about.config in firefox says geo.enabled is true

Explain that, Mr. Mozilla Privacy is Job 1.

(In other news, AAA still uses WebObjects.)

EDIT: Run the EFF's Panopticlick page now. I always kinda wondered about this (if you get all my browser metadata, you'll kinda know who I am, won't you?), but it's scary to see it in practice.

Even worse is learning about this canvas fingerprinting, which is a bit of higher identifiable metadata I had no clue existed. /sigh

They know exactly who you are.

Labels: , , ,

posted by ruffin at 6/29/2016 10:27:00 PM
Tuesday, June 21, 2016

I stopped by the local Apple Store today to play around with the MacBook again, just to see if it seemed faster after the upgrade this year and if I could stand its crazy keyboard switches. I still think the keyboard would be fine, after some breaking in [of me], and it's fast enough, I guess. I just fooled around with ESPN, scrolling like mad and running videos. I understand Xamarin Studio wouldn't scream, but it seems okay, especially if I'm just using it for mobile dev, not office dev.

(Aside: Does the MacBook not have force click? I went over to a 13" MacBook Pro, and it worked easily, but the MacBook 12" didn't pop-up the previews for Safari links like the MacBook Pro. Maybe someone had turned it off?)

Anyhow, on the way out, I picked up a Plus to see if I really wanted a phone that size. Secretly, I think I do. The real estate would be wonderful, even if the size in my pocket and hand might not be, and I was pleasantly surprised to see that I could rotate the home screen to widescreen, something the SE doesn't do.

But after some playing, it seemed slooooow to me. Too slow, I thought, to blame on the larger screen and extra pixels it's pushing around. It's not super-easy to figure out which phone you're using, so I looked up the model number. Was a 6 Plus, not a 6S Plus.

I didn't realize I'd become so spoiled. I know I've said the SE feels "like all I got was a new 5S". That's not wrong, Walter, but wow, after a little playing around, I can now say with a little more certainty, it's a great new 5S.

The downside, of course, is that I bet I'll have pretty fierce iPhone 7 Plus envy once it comes out. Even if the rumors are true that it's the same design as the 6 & 6S, give or take, a large phone that's "even faster" than my SE might pull on my wallet more than I'd like. I told myself I'd use this SE for two or three years, after all...

Labels: , ,

posted by ruffin at 6/21/2016 05:12:00 PM

Support freedom
All posts can be accessed here:

Just the last year o' posts:

Powered by Blogger Curmudgeon Gamer badge