Inflection Research

September 3, 2008

Google’s Browser, a Realistic Perspective

Filed under: Architecture, Investing, Programming, Technology, Web Platform — semanticzen @ 2:08 am

From the blogesphere to the traditional news media everyone seems ecstatic about Google’s new browser, Chrome. Some are even proclaiming that it will overtake Windows and be the next major operating system. When so many smart people fall over themselves to hype a product still in development I tend to try to view things from the other side. For the Chrome browser there are a lot of important questions that no one seems to be asking. Like what special capabilities is Google bringing to the crowded browser market?

Open Standards

Everyone is proclaiming how great this will be that we will have an open source browser. The thing is, there is already a great open source browser; Mozilla’s Firefox. It is debatable how much is gained from open sourcing the browser’s code. What is important is, how will this browser support open standards? Since so many websites were not initially implemented to fully support the W3C Standards (the international organization that defines the internet’s standards) will Chrome be able to correctly render 99% of websites, as claimed, while also fully supporting open standards?

Innovator’s Dilemma

Balancing support for innovation and new standards with support for legacy applications and standards is a monumental task that should not be taken lightly. Legacy support is what gives Microsoft Windows its monopoly, but it also acts as a yoke on innovation. Microsoft has a better operating system than Vista; they just cannot figure out how to roll it out.

Microsoft’s Internet Explorer is in a similar boat. It has been estimated that over 50% of IE’s code base is error handling and “seamless” handling of poorly written website code. This code was very useful in the late 1990s and early 2000s when nascent programmers were still figuring out how to write relatively static web applications. Now that web applications are much more dynamic this code bloat is a performance drag affecting many of the more complex Web 2.0 style applications.

In a classical example of an innovator’s dilemma Microsoft invented the key technology behind Web 2.0 applications, but IE is still a laggard due to the legacy yolk. A key factor of Firefox’s success, and its dramatically better performance, is they took the time to clean up their legacy code base. IE 8 is making steps towards better support for W3C Standards and better
performance while supporting a migration path for enterprises. In many respects following how Microsoft balances these objectives is more important than following Chrome’s progress. Although I imagine the press will instead follow Chrome’s progress.

Where is the Innovation

What new, innovative features does this Google browser have? So far it appears they have just implemented functionality currently in the existing browsers. As for new functionality like video we already have platforms like Flash and Silverlight that are pretty good and improving.

Mozilla’s recently released Firefox 3.0 has a much better optimized JavaScript engine and IE 8 will as well. So far Chrome’s JavaScript engine appears to only be 13% faster than Firefox 3.0. Users do not notice 13% improvements. When Chrome goes live it will probably also be competing with IE 8.0 and IE 8’s performance improvement.

Overtaking Microsoft

Internet Explorer (IE) is a relatively crappy browser that has easily over 50% market share. As some claim, this isn’t solely because most people can assume a user has IE. It is because many websites still work better in IE; and many, probably most, of these websites are inside firewalls. Applications built for only a few hundred users or less.

The key to overtaking Microsoft’s browser isn’t to build a cooler browser. Apple, Mozilla, and Opera have done that. The key to overtaking IE is to making a compelling ROI argument to enterprises to abandon IE for a different primary browser.

Enterprise Strategy

Unless Apple makes a big push into the enterprise or Red Hat consolidates the many Linux splinters Microsoft’s desktop dominance will probably last another decade; even with corporations not upgrading to Vista. On a side note it would be interesting if Apple purchased Sun, spun-off its hardware business (while it still has some value), and made a big push into the enterprise. Thin clients offer an alternative, but Windows and its partner Citrix are currently positioned relatively well. However, that is for another article. So for now browser makers are still playing in Microsoft’s playground.

For the majority of websites it is not cost effective to build and test the website in multiple browsers. Project teams focus on one or two core browsers and make a best effort for the others. This is especially true for corporations building websites only intended for a limited number of users. As a result many corporations choose the browser with

  • The largest market share.
  • The one they have built applications on for years.
  • The one they know how best to manage. For support reasons companies need to manage how and when core software upgrades are presented to users.

Active Directory

At any large or mid-size company any internal website can know who you are (and probably does) if you are using Internet Explorer because of its tight integration with Active Directory. This allows easy implementation for single sign-on across company or even inter-companies’ web applications. To gain critical enterprise adoption the existing browsers need better support for Active Directory and how to manage it.

Offensive or Defensive

Few people have mentioned that Chrome may actually be a defensive move by Google to protect their search engine turf. I regularly use iGoogle and Google Maps, but I haven’t actually gone to Google.com to perform a search in at least a year. I perform all my searching in the browser. Of course, I primarily use Google, but I find myself using other website’s like Wikipedia, Ask, and Dictionary.com more often; and my switching costs are basically nil. In fact, I’ve even started using Live Maps because of its far better international support (Live vs. Google).

Five years ago I remember wondering why someone would use a search engine other than Google because it was at least twice as good as competitors. While completely subjective I think Google is now only marginally better. I have a dozen search engines configured in my browsers and I’m always one click away from not using Google. Now I wonder why people are so reliant on Google. It is getting easier to use other search engines and Google is growing up and becoming a little
closer to being evil.

Laissez-Faire Mess

Google is well renowned for encouraging engineers to spend 20% of their time pursuing individual projects. This has created a great environment where ideas bubble up. However, some initiatives require top down strategy. Creating a browser platform serving a multi-sided market is such an initiative.

Fortune called Google’s management style a “laissez-faire mess“. The questionable strategy and rollout of the Google browser may validate that endorsement. In fact, one could go so far as to say that Google’s laissez-faire strategy resembles one of its competitor’s peanut butter strategy.

Google still has yet to prove that massive hiring into a laissez-faire environment can fuel innovation. In fact Apple, perhaps the most innovative company this decade, takes the opposite approach by keeping its core design teams small and focused. I am still questioning the special capabilities of Google’s Android and now we have Chrome. For comparison, I can critique specific features of the iPhone, such as the battery (which Apple will eventually fix like they did with the iPod), but the special capabilities of the iPhone are crystal clear to any observer.

Current Market State

As an advantage of losing Browser World War I Mozilla was able to free itself of its legacy code and become the performance leader; just as Web 2.0 applications began taking off. Microsoft finally seems motivated to accelerate many legacy applications migration path allowing it to offer better support for standards and increased performance. Although it is apparent that IE 8.0’s performance will still trail Firefox 3. Safari will be relegated to the smaller yet growing Apple user base with little enterprise support. Opera is a good browser that doesn’t offer a compelling enough reason to switch (sounds similar to Google’s Chrome).

Currently Firefox has a real chance to become the number one browser in Europe, but its market share (and growing importance) may be hurt by the splintering browser market due to Safari and now Chrome.

So What Has Changed

I’ll download Chrome and test it out, but I’m not excited to build a new website and have to test it in an additional browser. That is the problem that Google has to address. Not just for the hundreds of thousands of websites on the internet, but especially for the hundreds of thousands of web sites not on the internet (at least not without a username and password).

If Chrome was built by someone other than Google we probably wouldn’t be hearing about it. I am excited that one day enterprises will be building websites on a browser much better than IE 7, but that will take a vendor who understands enterprises and has a relevant platform strategy. I haven’t heard such a strategy from Google. For the near future it is most likely that vendor will be Microsoft and now less likely to be Mozilla. I imagine the IE and Firefox teams will wake up tomorrow looking over their shoulder at each other not Chrome.

Chrome’s biggest impact may be a weakening of Google’s support of Firefox. Google has been the biggest sponsor for Firefox. If this support (technical or financial) diminishes due to Chrome than the biggest beneficiary of Chrome may indeed by Microsoft. Let’s hope not. The browser market needs a strong number two to compel the market leader to innovate. However, the internet will not benefit from a splintered browser market requiring programmers to support numerous browsers. Like any platform market, the browser market will trend toward a monopoly or duopoly market. Let’s hope it’s a duopoly.

So What Is Next

Maybe Google will announce tight integration for Chrome with Android or some amazing new Semantic Web style feature. However, I’ll bet the next major disruptive innovation in this area will come from Apple or one of the new companies created by ex-Googlers.

Disclaimer: I own no stock in Google, Microsoft, or Apple.

June 2, 2008

Web Application Standards

Filed under: Programming, Web Platform — semanticzen @ 1:42 am

It is important that mid-size to large enterprises build applications consistently. When a company has hundreds of applications to maintain it is important to re-use solutions. These re-usable solutions include common code such as an enterprise library or consistent design patterns. An enterprise library should include an application block as well as re-usable web services, business objects, and controls.

By re-using solutions programmers can seamlessly move from maintaining one application to another; and more junior programmers can learn and maintain complex applications much easier. Application standards are never static, but evolve over time. So it is important to revisit them regularly. With technology, in time practically everything changes (even design patterns evolve over time).

It is important to use best practices to re-use patterns and practices that experience has shown to be most effective. However, best practices are not a pretext preventing creative solutions to new business problems. Best practices exist to handle the repeatable problems so project development teams can focus on application specific issues. Best practices should never inhibit creativity.

It is wise to ensure best practices are followed through periodic code reviews. However, no one likes code reviews. Not the person getting reviewed and not the reviewer. So it is advisable to focus on what is important and not be nitpicky when it comes to performing a code review. Time permitting it is better to sit down with the programmer and go through and discuss the code together.

Good rules help keep the quality of programs high while not being so restrictive to inhibit creative problem solving. Below are the ASP.Net web application standards I have compiled.

 

 “Good architecture is necessary to give programs enough structure to be able to grow large without collapsing into a puddle of confusion”

-Douglas Crockford, Creator of JSON

 

Application Goals

I.    Usability

  • About the user experience including user interface design plus application flow, availability, and performance
  • Efficiently fulfill the business requirements
  • The user interface should be simply self-explanatory

II.    Maintainability

  • The vast majority of an application’s life is spent in the maintenance phase; it is critical that the application’s maintenance s as simple as possible
  • A good application is flexible because it is object-based and event driven enabling it to be straightforwardly extended and tested

III.   Time to Market

  • The waterfall method of building applications is dead; application features should be released early and often, increasing user feedback and minimizing scope creep

 

 

Goals for these Standards

  1. Consistently implement best practices
  2. Use and contribute to the company’s enterprise library
  3. Build high performance applications while minimizing complexity

 

 

Goals of Software Architecture*

  1. How to best partition a system
  2. How components identify and communicate with each other
  3. How information is communicated
  4. How elements of a system can evolve independently

*From Roy Thomas Fielding’s (Chairman of the Apache Foundation) doctoral dissertation about web application architecture

 

 

Prerequisites

I.    Project Kickoff Prerequisites

  1. You have read and understand the web application principles (this document)
  2. You have worked with an architect to create a high-level object design for the application

II.    Code Review Prerequisites

  1. You have generated a Visual Studio 2005 class diagram
  2. You have run the Visual Studio 2005 code analysis
  3. Review the Web Application Standard’s Code Review Checklist (below)

 

 

Code Review Checklist

Your code review will fail and your application will not move to production if you do not follow these standards.  If you have any questions or concerns do not hesitate to discuss them with an architect.

I.    Application Setup & Straightforward Code

  • Does your project use the page and project defaults?
  • Is your code straightforward and as simple as possible?

II.    Object Oriented Design

  • Is your application a group of objects or an incomprehensible mess of code?
  • Is your .Net code, HTML, JavaScript, XML, XSLT, CSS, etc. in separate files?
  • Did you copy and paste any code? (Bad!)
  • Did you re-use code?  How?

III.    Enterprise Library

  • Are you using the enterprise library’s objects, web services, and controls whenever possible?
  • Are you using the standard UI framework, which should contain the only default styles in your application?
  • Did your application contribute code and functionality to the enterprise library?

IV.    Best Practices

  • How are you managing state?
  • Are you caching common data?
  • Is the code documented and understandable?

V.    Application Optimization

  • Did you optimize the frequent code paths?
  • Did you run the Visual Studio 2005 Code Analysis?
  • Did you run a search to find code that shouldn’t exist and code that should exist?

 

 

Best Practices

I.        Application Setup

The programmer should review this list before an architect performs a code review

A      Page & Project Defaults

  1. Turn off view state, unless it is required: <%@Page EnableViewState=”true”%>
  2. Your application should have a default file so your users can just go to http://intranet/{your application name}.  They should not have to go to a home page like http://intranet/{your application name}/ASPX/MainFiles/MyCrypticStartPage.aspx
  3. Every page much enforce page level security by checking the user against an Active Directory group
    1. In test you must use the “_test” suffix for every group name
    2. In development, give all developers and CA’s access to your application by putting the ESSTEST active directory roles Internet Developers and Consulting Analysts in your application’s most junior role
  4. A project should not contain code or files that are not used, source control should be used to archive old code
  5. A web form’s code behind should only contain code that directly manipulates web controls or the HttpContext
    1. Additional logic must go in a separate object
    2. Do not pass business objects the HttpContext object (or other child HTTP objects)
  6. All new applications must request a new id to access the database

B       Straightforward Code

Good code is self explanatory.  Use the Xml documentation capabilities built into Visual Studio (hint: VB uses ”’ and C# uses ///)

  • Comments
    • Explain the code; do not repeat it; good code (readable names and straightforward organization) is self-explanatory 80 – 90% of the time
      • Do not provide obvious commentary such as “executing stored procedure” or “loading XML document

      • For code that is specific to one application only document assumptions or difficult algorithms
      • For API code provide extensive documentation and possibly some examples
    • For .Net code add Intellisense documentation on complicated or re-usable functions, properties, classes, etc
    • Courteous Commenting
      • Use end-line comments only on variable declaration lines (end-line comments are comments that follow code on a single line)
      • Do not create formatted blocks of asterisks that surround comments
      • Begin the comment text with an uppercase letter and end the comment with a period
    • Organize large classes with #Region and provide a brief description of the region
  • Formatting Code
    • Use empty lines to segment code where appropriate
    • Remove old, unused code
  • Document
    • Outline and describe any new common web services, controls, or objects that can be shared
  • Naming Conventions
    • Follow the naming convention rules enforced in the Visual Studio 2005 Code Analysis
    • Prefix private global variables with “m_” (like m_WebServicePath) à minimize their use
    • Use descriptive variable names
  • Avoid hard coding
    • Connection string or server specific configuration settings should be in the machine.config and prefixed with the application name
    • Other application specific configuration should go in the web.config

C       Straightforward UI

  • The application should have rules
    • If the user can do something on one screen she should be able to do it on similar screens
    • The user should be able to quickly understand what they can and cannot do (and why)
  • In a workflow, make the steps obvious or explicitly define them upfront

 II.    Object Oriented Design

An application is a grouping of objects, services, events, and processes.  It is important to encapsulate each piece and expose it through an easily understandable interface.  This enables code re-use and allows for easier maintenance as the code can be learned or replaced in discrete slices.

 A      Basic OO Guidelines

Encapsulate functionality into logical objects.  In the web paradigm, inheritance is depreciated; encapsulation is easily the most important OO fundamental.

  • The class that manipulates the user interface should contain no business logic
  • A method should only perform 1 task
    • Avoid long methods (over 50 lines is too long, 20 lines is a good rule of thumb)
    • Avoid methods with more than five arguments (encapsulate additional data in xml or a struct)
  • Don’t repeat the same code in your application or across applications
  • Objects should be loosely coupled

B       Distinct Application Layers

Encapsulate the distinct application layers (business, data, and presentation). 

  1. The user interface should not include business logic.  Do not put application logic in JavaScript.  If necessary, call a web service to calculate business logic.
  2. When possible use metadata when processing business rules.  It is much simpler to update the metadata in a database or configuration file than modify code.
  3. It is still important to place the processing close to the resources it needs.  If performing bulk updates (updating hundreds or thousands of rows) it probably makes sense to put that logic in the database as perhaps a stored procedure or SSIS package rather than putting in an application server.
  4. Avoid putting client-side presentation (HTML, CSS, etc) or behavior (JavaScript) in server side code.
  • Put content in ASPX, ASCX, HTM, or XML files
  • Put logic in .VB or .CS files
  • Put data in the database or XML
  • Put scripts in separate JavaScript files
  • Use CSS files to style HTM, use XSL to style XML 

C      Code re-use

  1. Watch out for a copy and paste mentality.  Copy and paste is not code re-use, it is code duplication
    1. If you find yourself copying and pasting, wrap this functionality into a re-usable object, control, or web service
  2. Ensure you are not writing code that is already available in another component or in the .NET framework
  3. Organize and encapsulate all code into objects or structs
  4. Look for repetitive code that could be written as a common function or object
  5. Do not hard-code values; if necessary create a constant or readonly variable, or encapsulate related parameters or variables in a struct

 D      Questions

  1. Are you encapsulating functionality within a discrete object or resource?
    1. Avoid complex object graphs which are harder to maintain and create more work for the garbage collector.
    2. Do not reference short-lived objects within long-lived objects.
  2. Are your methods encapsulated?
    1. Are you using external variables not passed into the method?
    2. Limit or preferably eliminate the use of global variables.
    3. Are your methods too long?
  3. How are you grouping and exposing functionality?
    1. Are your object, method, property, and variable names intuitive?
    2. Are you adhering to a namespace hierarchy?
    3. Are the objects, methods, properties, and services easily discoverable?
    4. Are you using inheritance to group similar objects?
    5. Are you using the correct scope (public, friend, protected, private) for objects, functions, fields, etc
    6. Are your objects and resources available through an easily discoverable and understandable interface or web service?
  4. Class design:
    1. Are you using a constructor to set class level variables? 
    2. Are you using a destructor or finalizer to clean up expensive resources?
    3. Are you properly declaring access modifiers for your methods, properties, fields, and structures?
  5. Are you overusing a certain technology?
    1. Performance problems may arise by using a good technology in the wrong situation.

 III.    Enterprise Library

 A       Use an Application Block

This component is an application block and it must be used when:

  • Connect to the database
  • Error Handling & Logging
  • Send output or communicating with people or other applications: E-mail, FTP, HTTP posts, etc
  • Impersonation
  • To lookup values in Active Directory

*You should have documentation available for re-usable code such as your application block and re-usable business objects and web services.  The below information includes some basic functionality you will want to include in your common objects and services.

  1. Data Layer
    1. When connecting to SQL Server use these methods
  2. Error handling
    1. Code that is prone to fail (e.g. database calls, etc.) should be wrapped within a Try…Catch…Finally block; to provide maximum debug information.  
    2. Only catch errors (and not re-throw) if you have explicit handling. 
    3. Avoid defining custom exceptions.
  3. Logging and Tracing
    1. It may be beneficial to have custom error logs for every .NET application.
    2. Enabling a trace will allow the developers to debug production problems.
  4. Authentication, Authorization, and Active Directory
    1. Unless some other requirement dictates a custom authentication and authorization mechanism, AD should be implemented.
    2. In a case where Active Directory is not used, ensure that confidential information is encrypted.

 B       Use a Common Theme

  1. This theme must be every application’s default theme
  2. You will need to install it locally on your machine in:
    1. c:\winDOWS\microsoft.NET\Framework\v2.0.50727\ASP.NETClientFiles\Themes
    2. c:\Inetpub\wwwroot\aspnet_client\system_web\2_0_50727\Themes
    3. Reference the theme in your web.config:  <system.web> <pages
      theme=YourTheme> </system.web>
    4. Do not use an App_Theme folder in your project
  3. If you need to override the standard theme on your page create your CSS file so it references a specific className or id, so by default your page will use the standard theme except where you specifically dictate it not to

    *It is often a good strategy to not implement your common UI framework through an ASP.Net theme, but instead through a common CSS file and a shared directory of JavaScript, images, and HTML files. This provides the flexibility of implementing your UI framework across different web application technologies and different ASP.Net versions.

 C      Use Common Web Objects & Services

  1. Use to log errors or debug information to a central repository
    1. There is a UI to view this logged information
    2. Can setup yourself to receive alerts based on what information is logged
  2. Can track website usage
  3. Can call a long running stored procedure through a generic web service
  4. Or add new common functionality
    1. Use when a method or stored procedure may be valuable to expose to other application as a web service
    2. If Xml is the input or output of the web service please provide an xml schema
      1. Regardless, it is a good idea to use a schema in the design process.
      2. From a security standpoint it is a good idea to use a schema for validating input

 IV.    .Net Best Practices

 A      Web Paradigm

  1. Make sure your application supports the back and forward button
  2. Use meaningful URL’s
  3. Ensure your application has a useful default page
  4. When possible build stateless web pages

B       Caching

  1. Consider caching drop downs or other data that seldom changes
  2. If data can be used by multiple requests and is not user specific it is a good idea to consider caching
  3. Before using a cached object, verify that the object is in the cache and if not allow easy recreation of the object

C      Session Management

  1. Encourage stateless development when possible
  2. Do not use the session object
  3. Disable view state except when it is required

 D      Controls

  1. Ensure that the developer uses the right control in the right situation
  2. If the same set of controls is being reused between pages, a user control may be more appropriate
  3. Scrutinize the size of the view state, and make suggestions about enabling or disabling this attribute per control

 E       SQL Transactions

  1. If a transaction encompasses only updates to a single database, perform the transaction on the SQL Server in T-SQL
  2. If a transaction is spread across multiple data sources or involves something that does not inherently support transactions, the transaction should be performed by ADO.NET

F       Data Retrieval

  1. Use the Data class found in the company’s application block
  2. Use disconnected recordsets, via the DataTableReader, DataTable, DataSet, XML, or JSON
  3. When you do not need a recordset returned use ExecuteNonQuery or ExecuteScalar and use output parameters
  4. Rather than make several database roundtrips, return multiple result sets from a single stored procedure

 G      Data Binding

  1. The DataBinder.Eval method uses reflection to evaluate the arguments that are passed in and to return the result
  • If you have a table that has 100 rows and 10 columns, you call DataBinder.Eval 1,000 times, if you use DataBinder.Eval on each column; your choice to use DataBinder.Eval is multiplied 1,000 times in this scenario
  • Limiting the use of DataBinder.Eval during data binding operations significantly improves page performance
  • Consider either explicitly casting or using the ItemDataBound event as an alternative

 H      Web Services

  1. Consider using the OneWay attribute on Web methods or remote object methods if you do not need a response
  2. If consuming a long running web service or don’t need a response consider calling the web service asynchronously
  3. Use the company’s standard namespace:  http://www.YourCompany.com
  4. For web services consumed by multiple clients always provide a method description
  5. For communicating with the web server from the client’s browser through remote scripting calls use Ajax ASP.NET

I         Connection Pooling

  1. Verify that all connections are opened just in time and that all connections are closed as early as possible
  2. Whenever a connection is being opened ensure that the connection will be closed through the use of a finally clause or the Using statement 

J        Grids

  1. For updateable grids that can be IE specific use DHTML data binding for browser independent updateable grids use the GridView control
  2. If the information is read only use a repeater or GridView control 

K      Memory Management

  1. Employ the Using statement when using objects that need to be disposed of quickly
  2. If your object opens external resources implement a Dispose method to close the external resources

L       Asynchronous Pages

  1. Useful when more than 1 database call or long running processes are required
  2. Allows better thread management for the web server
  3. Increases throughput because requests it reduces the amount of time pages must wait to be processed
  4. Speeds up request queue speeding up response times and avoiding 503 “Server Unavailable” errors
  5. Benefits requests that don’t perform lengthy I/O operations and can get in and out of the pipeline quickly

V.    Application Optimization

A      Optimize the frequent code paths

Following the 80/20 rule, 20% of an application’s code typically accounts for 80% of a project’s execution.   When reviewing a project it is important to focus on these frequent code paths, a few examples of potentially long running processes are

  1. Loops
  2. Use of outside resources (DB, I/O, etc)
  3. Type and string management
  4. When possible avoid late binding (use of Object type)
  5. Destroy objects as soon as you no longer need them
  6. Efficiently use Data binding

B       Visual Studio 2005 Code Analysis

Run the Code Analysis on the solution and fix any glaring problems.  Some warnings can be ignored, but many are important to address

C      Other Suggestions

  1. Set reasonable timeouts on SqlCommand objects, web pages, web services, etc
    1. Also, ensure a web page does not timeout before a web service or SqlCommand times out.
  2. Search for potential problem code
    1. Error Handling: On Error
    2. Data Access: ‘SELECT ‘, ‘UDPATE ‘, ‘DELETE ‘, or ‘INSERT ‘
    3. ASP.Net: Response.Write, HttpContext.Items
    4. State Management: Session, Shared (Static) Properties
    5. Miscellaneous: Int16
  3. Search for a few phrases that should exist in your code; if it does not exist ask why
    1. Error Handling: Catch, Throw, Exception
    2. Code/Resource Cleanup: Finally, Using, Dispose, Close, set to Nothing
    3. String Manipulation: StringBuilder, Format, AppendFormat
    4. ASP.Net: Cache
    5. State Management: Cache, Application
    6. Object Oriented: Interface, Abstract, Friend / Internal, Protected, Private

    For more information checkout: http://codebetter.com/blogs/karlseguin/archive/2006/05/18/144881.aspx

 
 

“Everything should be made as simple as possible, but not simpler”

-Albert Einstein

May 18, 2008

Interviewing Programmers (part 2)

Filed under: Architecture, Programming, Web Platform — Tags: , , , , , , , , , , — semanticzen @ 10:25 pm

In the last post I outlined our criteria for evaluating programmers and architects, and how surprisingly difficult it is to find good candidates. Since the telecom and .com bubble burst in 2000 it appears many top notch people are choosing non-IT career paths. Below I outline the base set of questions that we ask in an interview. We cater interviews individually for each candidate so we can best understand their ability. While we are trying to fill a specific position we have a large enough IT staff to modify positions around candidate’s talents.

Also, if you ask the same question over and over again recruiters pick up on that and prepare candidates for specific questions. So we only use the below list as a reference point. Most of the questions we ask are not on the list below, but they may be related. When listening to the candidate it is not good to be thinking of the next question. We alleviate this by having two architects in every face-to-face interview which is based more on problem solving / case study style questions than do you know / can you explain style questions. In the one-on-one phone screens we do this list is helpful as a reference point to sharpen our focus on listening.

As a company focused on building web applications using Microsoft’s .Net / SQL Server platform are questions of course are focused on those domain areas.

Why be an Architect or Programmer?

  1. Do you understand what the position is that you are interviewing for? Or what type of position are you looking for?
  2. What about this position do you find most appealing and what if anything concerns you?
  3. Right now what would be your ideal job?
  4. What are your strengths and weaknesses?

Communication

  1. When a co-worker is wrong about a work issue, what is the best way to discuss the issue with him or her?
  2. Describe a decision you made that was unpopular and how you handled implementing it?
  3. Tell me about a situation where you worked effectively under pressure?
  4. What makes someone a good programmer?

Technical Questions

  • We often ask the candidate what technology the feel most comfortable with and start with that technology or ask them to walk through a brief overview of their recent experience and begin with a technology the indicated they have used extensively
  • If the interviewee gets stuck on a question we often ask them how they would go about figuring this out (what steps would you take?).

All Programmers

  1. Describe the difference between a thread and a process? Process vs AppDomain?
  2. What is a Windows Service and how does its lifecycle differ from a “standard” EXE?
  3. How many processes can listen on a single TCP/IP port and why?

Component Development

COM

  1. What is the purpose of COM? Why was it needed and what problems did it solve?
  2. Describe the .Net architecture?
  3. What does regasm do? Difference between regsvr32?
  4. What is DCOM? How do you create a DCOM object in VB6? How do you create a DCOM object in .Net?
  5. Explain Object Context.
  6. What are types of compatibility are available in VB6?
  7. Does VB6 support multiple inheritance? What about .Net?

.Net Framework

  1. Explain the use of virtual, sealed, override, and abstract
  2. How does the garbage collector in the .NET CLR manage object lifetime? What is the difference between Finalize() and Dispose()?
  3. How does impersonation work?
  4. What is the difference between
    1. Delegates and events?
    2. Class and structure?
    3. Protected and internal
    4. Shadowing and override
    5. ArrayList and Hashtable
    6. Optimistic and pessimistic locking
  5. How do you enable and disable connection pooling?
  6. How do you implement Database Transaction Coordinator in .Net?
  7. Describe an example where you used
    1. A struct?
    2. Overloaded a constructor?
    3. Overloaded a method?

ASP.Net Development

High-level

  1. What ways can you get HTML content from a website at runtime?
  2. What happens when an ASPX page is requested from a browser? What about ASMX?
  3. How do you measure performance of an ASP.Net application?
  4. What code should be placed in the code behind? What should not?
  5. What different ways can you test an ASP.Net application?
  6. What are some of the best ways to optimize an ASP.Net application
  7. What is the MVC pattern?
  8. When should you use a web service and when should you use the GAC?
  9. Provide an example of a custom HttpHandler and a .Net implementation of an HttpHandler?
  10. Benefits and limitations of: Viewstate, Query Strings, Cookies, Hidden fields

Web Services & JavaScript

  1. In JavaScript how do you use xmlhttp posts?
  2. How do we do asynchronous processing using Ajax?
  3. What are the benefits and limitations of Ajax?
  4. How pass parameters to a web service from JavaScript?
  5. Explain what the Scriptmanager control does in Ajax?
  6. What is JSON? How does it compare to XML (advantages and disadvantages?)
  7. What is the difference between XML Web Services using ASMX and .NET Remoting using SOAP? What is the difference between ASMX and WCF?
  8. How do you expose a web service to 3rd party companies?
  9. What are the steps to consume a web service exposed over the internet by another company?
  10. How do you secure a web service?

Events

  1. What are events? Do they have return types?
  2. How do you connect multiple events to a single event handler in ASP.NET web pages?
  3. How do you determine which web server control raised an event?
  4. How do you dynamically bind event handlers at run-time in ASP.NET web pages?

SQL Server Development

  1. Explain normalization? What type of normalization is best for what type of application?
  2. What is fill factor?
  3. What are the different transaction levels?
  4. What are the different types of locks? What is lock escalation? What are some of the locking hints?
  5. How do you determine when to add or remove a non-clustered index?
  6. How do you optimize a stored procedure?
  7. When have you used a temporary table in a stored procedure?
  8. If I execute an insert statement on a table with a trigger on it and the trigger fails, what happens to my insert statement?
  9. Provide an example of when you would decide to write a user defined function in T-SQL?
  10. Describe a good time to use a WHILE loop.
  11. Describe a good level of normalization in a transactional database.
    1. We are looking for an explanation, not an answer like “3rd normal form” and clarify the question if necessary
  12. Can you describe a time when you needed to use a transaction?

Other

Here we let the candidate pick from the below choices and ask a few questions in that domain.

  1. SQL Reporting Services
  2. BizTalk
  3. SharePoint
  4. LDAP or Active Directory
  5. Windows Script Host & PowerShell

Architecture

  1. What new technology have you learned or used recently that allowed you to solve problems easier or differently?
  2. Good architecture is necessary to give programs enough structure to be able to grow large without collapsing into a puddle of confusion. What are some of the key tenets of application design?
  3. Describe {interviewer selects from choices below} architecture, when is it useful, and why? Or have the candidate critique one of these types of architecture.
    1. Event Driven
    2. Object Oriented
    3. Services Oriented
  4. What is the difference between SOA and OO?
  5. What are the most important aspects of object oriented programming?
  6. What technology are you most interested in?
    1. What are you doing with it?
    2. What problems will it help better solve
  7. What is scaffolding
  8. What is object-relational mapping
  9. What code should not be placed inside an object?
  10. What is the difference between a framework, an application, a platform, , and a service?
  11. What is UML? What are advantages of using UML?
    1. How many types of diagrams are there in UML?
    2. What is the sequence of UML diagrams in a project?
    3. Give a brief explanation of all the Elements in activity diagrams?
    4. Describe the various components in a sequence diagram?
    5. Explain the different elements of a Use Case?
  12. Why are design patterns useful? What are the three categories of design patterns?

Case Study Questions

TBD, we typically craft these shortly before the interview; often based on recent challenges we have solved

  1. It isn’t necessarily critical that they find the optimal solution, it is critical that they
    1. Show good listening skills
    2. Ask good follow-up questions
    3. Demonstrate good problem solving skills

Problem Solving

  1. Describe one of the most difficult problems you have had to solve and how you solved it?
    1. Looking back how would you handle it now?
  2. What steps do perform when learning a new technology? What was the last technology you learned (and why)?
  3. Determine if is a quick thinker –> ask a couple off the wall questions

Motivation

  1. What are you going to do over the next 6 months to make yourself a better programmer?
    1. Is their answer quantifiable / measurable?
    2. Some example answers: read good code (find how?), read books, follow blog(s), contribute to open source project, etc
  2. Give an example of a goal you reached and tell me how you achieved it?
  3. What is it that most motivates you?
  4. What accomplishment are you most proud of?
  5. Why did you leave your last job?
  6. What are you looking for at this point in your career and why?
  7. Where do you see yourself in five years?

May 17, 2008

Interviewing Programmers & Architects

Filed under: Programming, Web Platform — Tags: , , , — semanticzen @ 9:21 pm

Over the last three years I have been responsible for hiring technical people for part or all of our company. Due to turnover and new positions we are almost always hiring. I’m consistently amazed at the poor quality of candidates in the marketplace. We use technical recruiters and don’t interview most of the candidates the recruiters submit. Yet we still only make an offer to less than 10% of the candidates we interview; fortunately the vast majority of candidates accept the offer.

We build web applications to manage the operations of transportation and logistics companies. While there are challenges the solutions we build are far from rocket science. Most of these applications are simple CRUD (create, read, update, delete) apps where the general premise of the application is a search box (or initial report to drill down from) a resultant grid to view and/or update; and potentially the ability to drill down to more granular levels where the CRUD pattern is repeated.

Most of the people we hire are ASP.Net and SQL Server programmers. Most of the candidates cannot explain how to read the value from a simple text box after the page has been posted back without using view state. Many say it cannot be done; to which I usually respond “How did web apps work before .Net was created?”…at that point I typically get a lengthy silence. Stated another way I use various questions to ensure the candidate understand the request/response, stateless nature of web applications and most candidates don’t understand this paradigm.

The basics seem to be lost on most programmers (or the ones looking for jobs). Many programmers just know how to drag and drop controls onto an ASPX page in Visual Studio and how to set the properties of those controls. The problem is when issues arise, optimization is required, or unique features are requested these programmers are of little usefulness. The problem doesn’t seem isolated to web programmers as many database programmers, with years of experience, cannot explain the difference between a clustered and non-clustered index.

Most candidates show little intellectual curiosity which is especially demonstrated when we ask basic problem solving or case study questions. Now I realize my company is no Google and doesn’t get many Google quality candidates, but the knowledge and expertise candidates’ exhibit has not improved in five years. If anything it appears to have generally declined. This is surprising considering web development innovation has stabilized after rapid progress until roughly 2002 – 2003. While browsers and networks have improved the major web application technologies and architectures (such as AJAX, JSON, CSS, REST, SOA, etc) have existed for over five years. Since 2002 -2003 much of the progress appears to be on the infrastructure side, but that is another discussion.

Interviewing and finding good people is always difficult, but it in the IT world it is as difficult as it has ever been. Below I’ve outlined the criteria we use to evaluate candidates. It is evenly split between straightforward technical abilities and behavior/aptitude skills. While interviewing will always be subjective it is good to quantify the process as much as possible.

Criteria

Ability (0-5)

Comments

Interviewed By
SQL Server

  

Understands DML and query optimization, how SQL Server physically stores the data, how to perform database design and data modeling

{Interviewers Name}
Web Development

  

Primarily covers understanding of the .Net Framework and object oriented design, also include: ADO, COM+, etc

   
Component Development

  

Primarily covers understanding of the web paradigm specifically ASP.Net and web technologies like: JavaScript, sessions, cookies, HTTP, XML, web services, IIS, DHTML, etc

   
Problem Solving

  

Can apply one’s knowledge to efficiently solve problems and when needed can broaden knowledge by quickly learn needed technical and non-technical information. Given a high level problem can this person find an optimal solution?

Candidate Name
Attitude

  

Displays strong desire to learn, motivation to take the initiative to learn what is need to solve problems, demonstrates a great work ethic and good team work

{Candidate Name}
Communication

  

Is a good listener engaging in feedback and asking follow-up questions as needed. Can clearly communicate ideas to technical and non-technical people

  
Other

  

This is an optional field to add comments or add “bonus” points for a unique ability or experience that this candidate offers

Interview Type
Interview Result

0.0

  

Phone /

Face-to-Face
Suggested Project Type

{Comments about what type of project and/or team this candidate would be a good fit for}

 

We rate a candidate’s ability on a scale of 0 to 5; with 5 being the best. For junior level candidates we are looking for someone with good problem solving, attitude and communication skills and minimal technical skills. Mid-Level and senior candidates must also possess a certain level of technical skills. Our conclusion of a candidate’s experience level is based on the ratings we assign to each category.  Only a senior programmer is required to have a specified level of understanding of the three technology domains we identify. 

Our opinion is that a certain level of the softer skills (problem solving, attitude, and communication) is required at every level.  The main difference between junior-level and mid-level is technical experience.  The main difference between mid-level and senior-level is technical experience and problem solving ability.

Ultimately we look for a person with the required aptitude who has a good attitude. If someone has built a strong expertise in one area (such as ASP.Net or T-SQL) than they will be able to build expertise in the other technologies we use. I’ve discussed the problem of finding good technical people with friends in other companies and they appear to be having the same problem. I wonder how widespread an issue this is and how much it will affect IT organizations structure in the near future.

April 14, 2008

Using VS 2005 for classic ASP 3.0 Projects

Filed under: Web Platform — Tags: , — semanticzen @ 5:29 am

I was organizing some of my notes and papers today (a laborious task) and came across this document I created a couple years ago. At the time we had recently hired several junior developers and also ran into some serious FrontPage extension issues on our web development testing server.

If you don’t know about FrontPage server extension you are better off. Basically the geniuses at Microsoft thought FTP wasn’t good enough for them so they invented something that wasn’t nearly as good. The developers who maintained classic ASP applications (we are mostly a .Net shop, but off course still have several applications on ASP 3.0) used FrontPage server extensions to connect Virtual Interdev to IIS.

After spending some time troubleshooting the issue I asked the obvious question of why where people still programming this way. I created this step by step guide to help people migrate from Visual Interdev (part of Visual Studio 6.0) to Visual Studio 2005. It is targeted at very junior developers and classic ASP programmers who aren’t familiar with IIS or AD. I haven’t seen anything on the internet that walks the user through this step by step so maybe someone will find this helpful.

Step 1: Install IIS

  • Install IIS
  • Setup ASP.net
    • Run from command prompt: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis –ir
    • For information purposes here is info on aspnet_regiis
  • Re-boot machine
  • If you are running IIS 6.0, In the IIS Manager, go to the “Web Service Extensions” folder (in the left pane menu under your local computer)
    • Enable
      • Active Server Pages
      • ASP.Net v1.1.4322
      • ASP.Net v2.0.50727
      • Server Side Includes
  • Setup helpful error messages in IIS. This will allow you to see the actual programming error and stack trace when a page throws an error. You can find the instructions to do this here.

Step 2: Setup a Virtual Directory

  • Create a windows directory under C:\Inetpub\wwwroot, I created
  • Open up IIS Manager (can be found in Administrator Tools)
  1. Click on your machines name
  2. Click on the Web Sites folder
  3. Right-click on the Default Web Site
  4. Select New à Virtual Directory
    1. You’ll see the Virtual Directory Creation Wizard, click Next
    2. Create an Alias, click Next
    3. Browse to the windows directory you just created, click Next
    4. Make sure the Read and Run Scripts boxes are both checked, click Next
    5. Click Finish
  5. You will want to setup windows authentication for this virtual directory if your application authenticates the users against Active Directory

Step 3: Create ASP 3.0 File Template in Visual Studio 2005

Step 4: Setup ASP 3.0 Solution in Visual Studio 2005

  • Open up VS 2005
  • From the Menu bar go to: File –> Open Website
    • If you do not see this option
      • Make sure you can use the Visual Source Safe (VSS) explorer to open the development VSS server
      • In VS 2005, go to: Tools à Options (make sure the checkbox Show all settings is checked) à Source Control and select Visual Source Safe from the drop down box
  • In the Open Website Wizard
    • Choose “Source Control”
    • Select the VSS directory where the project resides
    • Select the virtual directory on your local machine that you setup in step 2

Step 5: Setup Application’s Active Directory Groups on Your Machine

  • It first might help to take a look at the Active Directory groups for your application. To view the Active Directory group structure (this is not necessary)
  1. go to: Administrator Tools, choose Active Directory Users and Computers
  2. in the left hand menu pane right click on Active Directory Users and Computers and click connect to domain
  3. in the popup type “{domain name}” and click Ok
  4. in the left hand menu pane expand the menus
  • If you do not see “Active Directory Users and Computers” in Administrator Tools you may want to install the Active Directory Admin Pack. (again this is not necessary)
  • Add the Active Directory groups your application uses to your local machine
    • You can do this by adding them manually (you’ll have to log off and log onto your machine afterwards)

Step 6: Setup Common Components used by ASP 3.0 Applications

  • Install other components your application may use.
    • You may find it helpful to search for “CreateObject” in your application

Your application might be trying to use a version of the MSXML object that is not on your machine. You can download this object from the Microsoft website here. Before installing this object you may want to verify that it is the same version as the one your application is trying to use.

Blog at WordPress.com.