The harvesting of the SSL server code took about an hour in all. It was simply a case of shuffling some code around, ripping it out of a project and into the library and then adjusting the original server and the POP3 server to suit. So, I now have a POP3 server on 110 and 995; and Outlook even lets me know that my server certificate is bogus… I guess I need a real message store now…
I had a bit of spare time today so I finished the POP3 server integration. It went nice and smoothly and I tested the result with telnet and Outlook. During the Outlook testing I noticed the ’this server requires a secure connection (SSL)’ checkbox. I hadn’t been aware that there was a standard port (995) for accessing a POP3 server over SSL. My server currently only supports port 110 for unencrypted transport but I’ve got code that can turn my server into an SSL enabled server… Looks like it’s time to harvest that into The Server Framework.
Joe Bork explains why he now tells people he works on Word as a way of connecting with something people understand. I found that people seemed to understand what I did if I compared Word to a Moss Bros suit and then explained that I was a Savile Row tailor.
In fact, I didn’t even come up with the analogy, one of the previously non-comprehending non-techies did. It was a family (Miche’s, not mine) Sunday lunch at The Social and I was trying to explain how, since I’m a programmer, I don’t necessarily just know how to fix all manner of miscellaneous computer setup problems and how that was more a support role… Blank looks all around.
Windows update should let you flag updates as things you dont want. You should be able to add some text if you want; so it can remind you why you didnt want it, and say to it “don’t show me this one again unless I ask…”.
There’s an interesting discussion going on on the ACCU’s mailing list at present. It’s about the value of comments in code. This is one of those topics that comes around every so often and this time I decided to dive in with some controversial suggestions.
The discussion started with someone saying how they’ve just had a code review where the reviewer insisted on adding the following comment:
// Checks the name length void CheckNameLength() This moved into a discussion about block comments in headers and my position was that as soon as any of them start to get out of date the value of any of them starts to diminish.
I’m looking at adding SSPI security to the socket server code for a client; first stop is MDSN and the samples section. Although I can understand why the MSDN samples are generally just ‘here’s the API, this is the order you call things in, run along now’, I think it would be nice if they were better; especially since I often find pieces of pretty much untouched MSDN sample code deep within client’s applications… I guess it’s not really something for Microsoft and the MSDN team to provide though… Pity.
I’m spelunking around in some code for a client looking for a nasty bug that’s hard to reproduce. The code is less than ideal… It’s the kind of code that’s been put together by what I refer to as ‘Frankenstein programming’; lots of unrelated bits and pieces have been collected from various places and stuck together to make something that looks about right. Unfortunately we’re at the point where we need a vast amount of power to give this thing life, and I for one don’t see a thunder storm on the horizon…
Krzysztof Kowalczyk on Alan Cooper on software business…
“Alan Cooper argues in this article that a way to win in the software business is not by cutting costs of production (i.e. number of programmers and their salaries) but by investing more in creating good software (i.e. hiring more programmers).”
My emphasis; I don’t think that’s what Alan’s suggesting.
Updated 3rd May 2023 to fix broken links
Alan says: “You must invest more time and money on the research, thinking, planning, and design to make your product better suited to your customer’s needs.
Just yesterday, I had a discussion with the CTO of a current client. He’s a 20 year industry veteran and he was wondering why Microsoft hadn’t stopped in their tracks and underwent some massive code reviews to get rid of the problem for once and for all.ChristophDotNet
Because it’s a very hard problem? How many lines of old code have you and the CTO personally reviewed and decided were completely bug free?
I had just sold management in the company I am clienting for on the ability of W2K3 to avoid these, with the line that during the Windows Security Push, all 9,000+ Windows developers stopped and poured over essentially every line of Windows code remove these kinds of situations and make W2K3 the most secure OS. Now two of these in the last month. To say that this has stopped a massive redeployment is an understatement.
