Over these past few months, one of my favorite tools has been ILSpy.

I’ve always had fun trying to reverse engineer applications and figure out how they work, but ILSpy simplifies that quite a bit — at least for .NET applications and libraries.

Since I like investing the effort up-front, so I can be lazier later on, I wrote a simple utility to make using ILSpy even easier for myself. Given a target directory, it drills down into it in order to find all of the .NET-based assemblies. To do that, it attempts a call to System.Reflection.AssemblyName.GetAssemblyName and checks to see if it returns anything. If it does, ILSpy is likely able to decompile the compiled IL code to its more readable (to me) .NET source, so it gets added to my list. Anything else is ignored. This lets me quickly see EXEs or DLLs that are of interest. From there, I can just double-click on the the entry to open it up in ILSpy. Easy-Peasy.

With assemblies not written in .NET, I generally stick to using Strings or maybe some really basic debugger stuff. Those tend to be less useful to me, though, since I’m still pretty weak on the assembly language side of things.

If you haven’t played with a decompiler before, I definitely recommend it. It’s amazing what you can find out, even about commercial applications.

It definitely has opened my eyes to the importance of obfuscation. While it won’t necessarily do a whole lot for someone who is determined to reverse engineer your code, it will at least provide enough of an obstacle to deter the more casual and curious users, like myself ;)

A few months ago, I received an invite to keybase.io. I wasn’t sure what to think of it at first. I mean, what’s wrong with using one of the existing directories?

Since I began using it, though, I’m actually kind of diggin’ it. I like the way they handle their ‘social proofs’, too.

Exchanging encrypted messages with others is quite easy and convenient now. Definitely check it out.

You can find my profile at keybase.io/jinx

I’ve been programming almost as early as I can remember… I grew up coding in BASICA, GW-Basic, and pretty much any language that I could get my hands on for free. By middle school, I had written my own war-dialer to locate nearby BBS systems — for, you know… educational usage only ;) Some of my favorite memories were on an old AT with no hard drive and a 5.25″ floppy. There, I’d try to reverse engineer and then modify games I had, to bypass piracy protection (generally asking for special codes that came with the original game manuals) or modify how the game works.

Even before I learned how to use a computer, I would constantly take apart household appliances (causing much frustration for my parents, I’m sure). My earliest invention that I can remember making was a remote-controlled night-light. When I wanted to use the bathroom at night, I would flip a toggle switch by the bed and a light by the doorway would turn on, illuminating my path. Granted, I could’ve just cleaned up all of my toys, clothes, and stuff on the floor so I wouldn’t need the light, but where’s the fun in that?

I guess if I had to pick one motivation, it is the desire to understand how things work and make them do what I want…

It’s helped me become a bit of a development generalist. Before the term ‘DevOps’ had even been coined, I was working with the admin team. Before ‘agile’, I was prototyping and working with users to come up with the solution they wanted. I just love creating and improving on things.

I feel like that desire is something that is seriously lacking in today’s corporate world.

I’ve met so many other developers who have impressive-sounding degrees and certifications, use the latest technologies, and follow a rigid set of processes and procedures… and while some of them are great friends of mine and are certainly capable of accomplishing most business tasks, they seem to lack the ‘developer mindset’. Or maybe it’s the ‘hacker mindset’. They sort of go hand-in-hand for me, I guess.

To make an overly-simple comparison… You can’t become an ‘artist’ just by memorizing proper painting techniques and having all of the finest-quality brushes and paints. The same holds true for software developers.

Personally, I don’t believe in the concept of the ‘x10 developer’ — that so-called rockstar developer who is capable of producing truly great and innovative work. I prefer to think of that as just a plain ‘ol developer. Unfortunately, more common to see in companies is the ‘1/10th developer’.

Not all people are cut out to be developers. It isn’t that one is necessarily better than the other. It just kind of annoys me that both groups get lumped together when it comes to pay, hiring, etc.

It’s a difficult thing to quantify on paper (or blog). It’s even harder to relay to recruiters, perspective employers, etc. That’s why I pretty much only rely on word-of-mouth when it comes to working somewhere. People who have worked with me know what I’m bringing to the table. It’s more than just the buzzword-bingo filling up a resume.

I’m a developer. It’s part of who I am. It isn’t just my hobby, job, or career.

That’s what motivates me.

What about you…?

I was recently having a discussion with a friend of mine about SQL Server indexes. As someone who takes great pleasure in optimizing the heck out of previously-sluggish queries, I love indexes. At least for an OLTP environment, the initial performance hit caused by indexes during a record’s creation/modification rarely seems noticeable, but the benefit you can get later on when pulling data can be quite impressive.

In this post, I’m included a script I’ve gotten quite a bit of mileage out of. Hopefully it’ll help others as well.

 

 

 
SELECT
migs.avg_total_user_cost * (migs.avg_user_impact / 100.0) * (migs.user_seeks + migs.user_scans) AS improvement_measure,
'CREATE INDEX [IX_' + CONVERT (varchar, mig.index_group_handle) + '_' + CONVERT (varchar, mid.index_handle)
+ '_' + LEFT (PARSENAME(mid.statement, 1), 32) + ']'
+ ' ON ' + mid.statement
+ ' (' + ISNULL (mid.equality_columns,'')
+ CASE WHEN mid.equality_columns IS NOT NULL AND mid.inequality_columns IS NOT NULL THEN ',' ELSE '' END
+ ISNULL (mid.inequality_columns, '')
+ ')'
+ ISNULL (' INCLUDE (' + mid.included_columns + ')', '') AS create_index_statement,
migs.*, mid.database_id, mid.[object_id]
FROM sys.dm_db_missing_index_groups mig
INNER JOIN sys.dm_db_missing_index_group_stats migs ON migs.group_handle = mig.index_group_handle
INNER JOIN sys.dm_db_missing_index_details mid ON mig.index_handle = mid.index_handle
WHERE
migs.avg_total_user_cost * (migs.avg_user_impact / 100.0) * (migs.user_seeks + migs.user_scans) > 10
ORDER BY 1 DESC

 

 

The field on the left, called “improvement_measure”, is largely just a hand-wavy value without a unit of measure. The cost and impact used in its calculation are numbers from the optimizer. The important thing to remember is that the larger the number, the more helpful that index would have been.

Some basic common sense needs to be applied with the results, though. On one of the systems I’ve used it on, it constantly suggests an index that I know for a fact already exists. Also, there might be indexes suggested that — once created — remove the need for some of the other indexes.

Still, though, it’s a very handy script to speed up the identification of indexes needing created. If you have suggestions for tweaks to this code, please let me know in the comments.

Recruiters can be really frustrating. That is as true now as it was back in 2006. I don’t mind getting called, emailed, or messaged on social media by recruiters, but they really need to up their game if they want me to take them seriously.

Even when not actively looking for a job, I like to keep up with the job market in the area. I’ve been able to find companies that seem interesting. And through those companies, I’ve been able to network with and meet some pretty awesome developers.

I really despise the ‘spray-and-pray’ method recruiters use.

If a recruiter truly wants to build a relationship with me, they need to show that they ‘get’ me. When sending a posting or telling me about a potential job opportunity, just a one-liner is fine. I don’t want a long-winded and buzzword-filled description that was approved by an HR department somewhere. I want to see something like:

• “The company was breached recently and want you to help improve the security practice of their development team”
• “They saw you are in the top 10% on StackOverflow for SQL and this will give you the ability to work with a guy who is in the top 5%”
• “The company was outside of your commute range, but the pay is excellent and they are open to working from home a day or two a week after your initial probation period”
• “The software they make is used heavily in the [entomology/forensics/robotics/etc] field and it seems like something you would have fun working on”
• “You can bring your dog to work and not only do they know what the Joel Test is, but they score a 12 on it”

If you are a recruiter that understands what I’m looking for and is willing to put in the effort, well, now you’ve got my interest. You don’t need to wine-and-dine me. But show that you’re willing to earn your commission and I’ll work hard to show your clients that you’ve got access to quality talent.

I make it very easy for people to get to know me and what I tend to look for in companies.

The majority of my experience is with VB.NET front-ends and SQL Server back-ends. I’ve done a few smaller projects in C# and have very limited experience on the ASP.NET development side. I’m not opposed to taking on a C# or ASP.NET position — I’m just not coding in that on a day-to-day basis like I am VB.NET, so there would likely be a bit of an adjustment period needed.

I prefer in-house development, rather than developing in external client environments. Unlike a lot of developers that constantly want to start fresh with their own design, I generally enjoy building upon existing systems. I’ve got plenty of experience building everything from the ground up, too, though.

Any company that I’d work for really needs to be able to capture my interest. Most of my prior employment has been in the healthcare field, but I’m also open to software shops, security companies, etc. There doesn’t need to be a large development team, but I would like to have at least a couple other good developers to work with. Small-to-medium companies would be ideal. Somewhere large enough for a competitive salary but small enough for minimal red tape.

Travel time is important to me. If Google Maps says it’s more than an hour commute between the location and where I live, it probably won’t work out unless telecommuting is an option a day or two a week.

Lastly, I have zero interest in contract-only or contract-to-hire. I am only interested in full-time permanent positions.

I’m pretty much an open-book, folks. If you are a recruiter and want to build up your connections, feel free to contact me. Even when I’m not actively looking, I’ll at least listen to what’s out there and might know someone who would be a great fit. But if you don’t want to put in any effort into the communications, well, you’re going into my Spam folder :)