Posts Tagged ‘Rant’

The problem with MSDN gallery Q and A

As many of you know I have written a few extensions for Visual Studio. The most popular by far are “Solution Explorer Tools” and “Code alignment”. Each only a few downloads short of reaching 6500 downloads.

I get a few queries and comments about these extensions, but the MSDN’s Q and A section has a major problem in it.

For some reason it has decided that you don’t need new lines. and just replaces them with a single space. Now on some forums, this might be understandable. You want comments kept short, and you don’t want them to take up screens so why not? But this is a Q and A for developers. Developers asking and answering questions about an extension to visual studio. It’s quite often they want to enter code.

So what does that mean? Well let’s say in my comment I wrote…

var foo = "Hello World";
for (int i = 0; i < 10; i++)
    Console.WriteLine(foo + i);

when I submit it, it would become

var foo = "Hello World"; for (int i = 0; i < 10; i++) Console.WriteLine(foo + i);

And that’s just for a simple case, many of the times I’ve seen this happen the result itself wraps over 10 lines. It’s ugly and unreadable.

MSDN didn’t use to act this way, it respected new lines but then they changed it for some unknown reason. On a side note it has also never respected multiple spaces and I’ve had to replace spaces with ` to make the formatting appear correct – pretty crummy for a developer Q and A.

It’s especially annoying for my code alignment extension. The extension aligns characters across lines, so when people post suggestions they post multiple lines – which gets swallowed up by this bug.

It’s ironic that for my extension that encourages good formatting of code, it has a the Q and A section which doesn’t allow any formatting.

I hope Microsoft fixes this problem soon. I can’t be the only person who is annoyed by this.

Third party authentication

I’m a huge fan of things such as OpenID and Gmail Accounts. Instead of having to deal with creating a new username and password for every website I want to comment on I just need the one. It’s safer, faster & less annoying.

However, yesterday I came across an abuse of this process, one which, unless the authenticators find a solution for could destroy all confidence in this system. I wanted to post a comment to cnet, a site that’s been around as long as I’ve been using the internet, but they required an account to comment.

I was glad though that I saw they allowed sign in through Google, Yahoo or Facebook (no plain OpenId option). So I clicked the Google button and the following screen popped up.

image

So to sign into the website to COMMENT, I was required to give them access to all my google contacts – email addresses, phone numbers, actual addresses of my friends! Wow! That’s about the most evil thing I’ve ever heard.

Now in cnet’s defence, there might have been a legitimate use for this information in another part of their site – which I didn’t want to use. And although I’m not an expert in google accounts, I’ve never seen “Optional Permissions” where the site says, I require this, and if you want giving me this other information you can do more.

And even if Optional Permissions exist and cnet refused to use them, why should they have the power? Google could force certain information, like Google contacts, to be optional. And to protect further from people who deny on their side if you don’t give them that data, Google could have a “Fake it” option. I would think that not knowing if the data was accurate would be a good  deterrent against requesting such data unless it actually did benefit the end user.

UPDATE:

The cnet team got in touch with me, informing me that this has now been changed (you can read their response in the comments)

It’s great that cnet was willing to fix this so quickly, but I think the fact that Google lets this be possible is a huge problem. To share your details with a site is one thing, to share other people’s details is another. Google needs to change this so the danger is absolutely clear and to make sure no site can force a user to give away this data.

Website hacking

Just before Easter last month, I was watching Everton vs Manchester United with a mate when I got a tweet from Dave Brotherstone from the Notepad++ community. He informed me that my website was hacked. (Luckily the language I used at that point was appropriate when watching a football match) I can’t thank Dave enough cause it wasn’t for another week until my host informed me of it.

I admit I wasn’t the best at backing up the website. Which is strange for me considering for most things I have strong backup plans – one of my favourite things about the PSP was it stored saved games on a memory stick, so it was easy to backup.

However, my limited backups were enough to bring the site backup without any data loss.

What annoyed me most was how meaningless the hacker was. It seems like he (or she) simply wanted to say, “I hacked you! Ha ha!”

Now sure that’s better than, “I’m trying to steal your identity” but why do it? You don’t get any gain out of it, It annoys me, there’s no benefit to anyone.

Return top

INFORMATION

The occasionally interesting thoughts & insights of a software developer