I’m Terrified Right Now

Derick Bailey:

“I want this horrible, sick feeling because it means I care about what I’m doing. It means I understand that I can really screw this up, and I really don’t want to. It means I care enough to make sure I have every detail right… This gut-wrenching sick feeling that I have right now, means I am growing in some new way and doing something new and potentially amazing … and potentially terrifying and horrible, too.”

The Reward For Good Work

Derick Bailey:

For me, my work and my reputation are tied together. I’m not known for social graces, being easy to work with, or having the best bed-side manner when helping others. But I am known for quality work, for pushing others to do better, and for clearing a path on which others can travel. Sometimes my technical ability makes up for my lack of empathy.

My experience exactly. I would add that as my reputation grows, I find that I get more interesting work.

SSIS – Global replace for all columns using a script component

This saved me a bunch of time—thanks, Waheed!

Waheed Rous

Sometimes while in the data flow you need to apply the same function on all the columns in the data flow or all columns have a specific data type, for example:

  1. Remove all commas and new lines from text columns before exporting them to a CSV file.
  2. Replace text “Null” with Null value when loading data from an excel file that has nulls as text in it.
  3. Check for each column if has a null value and replace it with a default value based on the data type.
  4. Convert all strings to upper or lower case. etc…

The easiest way to do this is to add a script component then use the approach below, here i’m converting all strings to upper case.

few notes about the code above:

  • i’m skipping all columns with name ends with “_isnull” as these columns just to indicate if the original column has a null…

View original post 46 more words

Markdown Test

I just had a terrible thought: what if WordPress lets you post in Markdown but converts it immediately to HTML and doesn’t preserve the original Markdown source. That would be a terrible shame. I’ll find out in a minute…

Oh, good—it does preserve the Markdown source. What a relief!

Write (More) Effortlessly With Markdown

I’m so happy they finally added Markdown to wordpress.com!!! Now we need it (natively) in the self-hosted (.org) version…

The WordPress.com Blog

Markdown has arrived on WordPress.com! Some of you may respond with “Finally!” Others might be asking, “what’s that?” Markdown is a quick way to add formatted text without writing out any HTML.

Let’s take a closer look. Here is an example of how Markdown looks while editing a post:

Markdown Example in the Text Editor

This is how that same example looks in the Reddle theme after it’s converted to HTML:

Markdown Example shown in the Reddle theme

Writing with Markdown

Markdown lets you compose links, lists, and other styles using regular characters and punctuation marks. If you want a quick, easy way to write and edit rich text without having to take your hands off the keyboard or learn a lot of complicated codes and shortcuts, then Markdown might be right for you.

For example, to emphasize a word, you just wrap it with an asterisk on both ends, like this: *emphasized*. When your writing is published, it will instead look like this:

View original post 285 more words

Connection: Wiretap Laws

I’m experimenting with a new kind of post, where I simply make a connection between two or more ideas, usually with little or no commentary. Here’s the first one:

Ed Felten, yesterday: CALEA II: Risks of wiretap modifications to endpoints

Today I joined a group of twenty computer scientists in issuing a report criticizing an FBI plan to require makers of secure communication tools to redesign their systems to make wiretapping easy. We argue that the plan would endanger the security of U.S. users and the competitiveness of U.S. companies, without making it much harder for criminals to evade wiretaps.

Me, in 2010: Internet Wiretap Bill Misses the Mark

So if this bill becomes law, it will accomplish precisely the opposite of its stated purpose. The government will still be powerless to eavesdrop on criminal and terrorist communications. Meanwhile, the good, honest citizen will be rendered powerless as well.

Better Questions

Organizational culture emerges from the process of answering questions. The answers aren’t necessarily articulated explicitly, but they’re expressed in the decisions people make, the way people treat each other, and in so many other ways. Organizational leaders may be unconsciously undermining the very culture they’re trying to create, but they can’t change it until they start asking the right questions. Continue reading “Better Questions”

Time Limits on Browser Plugins?

When Steve Gibson talked on Security Now 398 about how few users’ Java plugins are actually up-to-date, this question hit me:

Should browser plug-ins have built-in expiration dates?

The problem with having all of these old Java versions running around is that attacks always get better. How much more sophisticated are the attacks of today than the attacks of just one year ago? Why, then, should anyone think a free browser plugin released today—even if it’s secure by today’s standards—will stand up to the attacks of one year from now?

Fix the ecosystem…

Of course, vendors need to continue to do their best to write secure code in the first place, and release timely updates to fix errors that do make it into the wild. We also need to work on the ecosystem to make it easy for users to stay current—figure out what Apple is doing right, what Android is doing wrong, and how to apply those lessons to the browser plugin market. (I’m not just picking on Java—I’m thinking of Adobe Flash and Reader, too.) I’m not sure how to get end users to care about keeping these plugins up-to-date, but the problem deserves attention. Obviously, the major plugins now auto-update, which will help, but it’s not foolproof (I’m envisioning malware that intercepts update checks to keep vulnerable plugins in-the-wild longer).

…and build in a time limit

What I’m proposing is that vendors build in an expiration date as a safety net, so if a user tries to run a 12-month-old plugin (which won’t happen if auto-update is working and the vendor is still maintaining the product), it displays an expiration message and instructions for how to get a new version. Obviously this doesn’t solve our current problems, but it should be part of a strategy to make sure we’re not still in the same boat a few years from now.

New Project: Backbone Reference App

Today I released a JavaScript reference application, built on Backbone, Marionette, and RequireJS.

I’ve learned a lot over the past several weeks, and at times the learning curve was steep, partly because I couldn’t find a good reference application that I could learn from. To-Do apps are the classic example, but they’re too trivial to demonstrate how to architect a larger application. I’m hoping this resource will help fill that gap.

I’m still learning this stuff and am certainly no expert, but I’m happy to share what I’ve learned.

Lessons in Bug Hunting

Yesterday’s lesson in bug hunting: don’t assume you’re an idiot. I spent a few days trying to figure out why my success callback wasn’t being called. It had been working before I updated to jQuery 1.9.0, and I didn’t think I had changed anything. After much head scratching I found out that jQuery 1.9.0 introduced an Ajax() bug where HTTP status 204 is considered an error. A fix is in the jQuery master branch and will be in jQuery 1.9.1.

Today’s lesson in bug hunting: don’t assume you’re not an idiot. I spent hours yesterday and this morning trying to get Mousetrap.js working. I triple-checked my code against Craig’s documentation, verified the library was loading in the browser, etc. It should have worked. But I set a breakpoint on the line that was throwing the error and there was simply no Mousetrap in the global namespace. Having ruled out an error on my part, in desparation I opened mousetrap.js, hoping to find the bug in there. Instead I found… nothing. Yep, something had gone wrong when I downloaded it, and the file was completely empty.

Bottom line: keep in mind that everyone makes mistakes.