>devblog_

A brilliant idea codes from Google’s “Official Google Webmaster Central Blog“. If your site gets hacked you might not notice it until it’s to late. And it can be a lot of work to check your site each day.

So Google suggests to use Google Alerts to scan your site on a regular base for common malware terms by searching for something like “site:example.com viagra OR casino OR porn OR ringtones”.

It’s not a 100% solution but I’d say it’s pretty good and quick to set up.

I’ve just installed the latest update for GoogleEarth. And what I experienced is almost a top 10 list on how to make a terrible installer. So by observing Google and doing the oposite you can actually learn something.

• The “Download” button on the Google website doesn’t work all browsers
• You don’t download GoogleEarth. You’re downloading a program that loads the rest. But the don’t tell you up front.
• They don’t tell you how much will effectively be downloaded
• You can’t choose the installation folder
• You’re not told how long the download or installation will take.
• You won’t see a progress bar for the installation. Just a useless animation
• You’re not able to cancel the installation

Useless animation and no chance to quit

And the worst:

• Google installs a background process running all the time without asking for permission or telling you about it. That fits my personal definition of “potentially unwanted software”.

Removing GoogleUpdaterService.exe

To get rid of the “GoogleUpdaterService.exe” simply kill the process and delete it from “C:\Programme\Google\Common\Google Updater\”

Experts from more than 30 cyber security organizations have published a list of the 25 most dangerous programming errors.  Among then the famous “SQL injection” and other only slighty less famous ones.

Although every programmer should know most of these, it’s still a good summary and a nice reminder on how to code.

Here’s the list.

…to update the (C) year on your website. See my old post for details.

I just moved my website to another web hosting provider. Here’s what I learned and what tricks you can use to minimize downtime and other problems.

For a smooth transition two things are vital:

1. You *need* an second domain. One that points to the same data, but won’t hurt you if it’s down for a few days.
2. You *need* a web provider that allows you to configure things as soon as you initiated the transfer.

With the help of the second domain you can test the transfer without haste, because customers won’t notice. Set up the new server and take your time to test everything. Keep in mind that scripts may behave differently, because of:

• Different software versions (of Perl, PHP, MySql, etc.)
• Different settings for sending automated mails
• Different handling for protected directories
• Different handling of write-access for temporary local files for scripts

Don’t forget to test subdomains and invisible features (like automated updates for your customers). If everything’s working, make some preparations against problems

• Set up a hint on your contact page that there may be temporary problems
• Check the e-mail on your website. If possible change it to an address on some other server (or to the second to domain) to make sure it’s always accessible.
• Create a hidden page that only exists on the new server. This allows you to check if the transfer was done.

If you’re ready start the transfer. Immediately start configuring your new hosting account and set up the domain’s root folder and create the required e-mail addresses.
Okay, time to relax, wait and check the site every now and then. However, then transfer times for domains can very a lot, for example:

• Some TLDs transfer much faster than others (e.g. .de is faster than .com)
• If you start transferring multiple domains at the same time, they may arrive quite differently (many hours in fact)
• Different nameservers update at different times. Maybe the domain isn’t transferred for you – but for your customers it already is.

I hope this helps you a bit to get a smooth transition to your new server. 😉

It’s a nice feature for your software if your customer can minimize it as an icon to the system tray. From our “minimize to tray” program I learned a few things about. Here’s a rundown of the basic and not-so-basic tricks.

1. You can add / modify / remove a tray icon with Shell_NotifyIcon. You can specify a callback message (for example WM_USER) to react to left/right clicks on the icon. To hide your program when minimized simply use ShowWindow.
2. To minimize to the tray when your user click the minimize button, handle the WM_NCLBUTTONDOWN message and watch for the HitTest HTMINBUTTON (or HTCLOSE if you want to override the X-button).
3. If you want to prevent Windows from hiding the icon, make a tiny chnge to the icon every now and then. (Do this only if you have good reason!)
4. You can use DrawAnimatedRects for a minmize animation. Use FindWindow(“Shell_TrayWnd”, …) to find the location (= target reactangle for the animation)
5. If the windows explorer crashes, the tray icons are gone and your user can’t get your application back. To detect this, use Shell_NotifyIcon(NIM_MODIFY, … every now and then and check the return value. If the function fails, then your icon is gone and you have to add in again.
6. Don’t forget to remove the tray icon if your program closes while being minimized.

I was recently contacted by fellow software developer Michael Bauer, who called my attention to a certain website. That site is an affiliate of mine and I thought that it was my best affiliate.

A deeper look however showed that the website placed the usual affiliate cookie not just on the pages displaying my software, but on all. Each and every page that I visited (it’s a big site), had the cookie-setting-code. And not just for me, but for a number of other software vendors, too. The cookies expire in half a year.

In other words: Every person that visits any page of that website, would bring the website owner a provision if the visitor should decide to buy any software from any of the listed vendors within the next 6 month.

Previously I had thought, because of the sales, that this was my best affiliate. Now however, I have my doubts how many sales he *really* generated and for how many he just got the money.

Is this okay?

I don’t think so. Is this a violation of the terms or even illegal behavior? Well, so far Share-it (who handles the affiliate system) says that this okay and that I’m free to terminate my cooperation with the affiliate.

I’m no expert (even though I’m probably involuntarily on the road to become one, sigh) on this topics but on this seems similar to Cookie-Stuffing, so I won’t give up so easily on this and post updates on this.

But untill then, if you have an affiliate program, you should check your affiliates’ websites, especially those that you think are your best ones.

Some years ago I wrote a computer game that had a really nice effect for displaying the menus. It looked really cool, but it took several seconds until the menu text was displayed properly. Since I knew the menus by heart, I clicked even before it was readable and could navigate the menus efficiently. I didn’t even notice that there was a problem until I’d shown the program to friend and he’d explained to me what I was doing.

I had gotten used to it and didn’t see the problem any more.

And I think that this is a common problem when you’re developing a program. In the end you know it so well, that you’re not noticing any more when anything isn’t solved properly. This applies mostly to the user interface, but it can also apply to programming and performance. The best way for this is to have somebody elso use the program and just sit next to him. Don’t explain. Just watch. You’ll be surprised…

However, sometimes there’s an easier way.

Currently I’m developing a new software and I noticed that there is a short time span before you get used to a bad solution. I noticed several times that I clicked at the wrong location, that I thought a dialog wasn’t easy to understand or that it would be great if the user could do this or that here (for example drag a file into the dialog instead of entering the path). For my new software (for a change) I try to note these thoughts and improve the program right away, hopefully creating a better first version.

So, if you’re creating a new software, notice your own problems and thoughts. And fix things before you get used to it.

Vista is known to be “special” in some aspects. What’s perhaps not so well-known is that it doesn’t like anything called “Demo”. In fact, it will show an increased warning level for any installation file that has “_demo” in the filename.

A signed installer name “test_demo.exe” will generate a red warning. If you rename it to “test_trial.exe”, you’ll only get a yellow warning. Don’t ask me why, I got no idea (please contact me if YOU have). But I don’t call my demo “demo” any more…

Some customers are afraid of buying online. Afraid that your company isn’t real. And a 3-year old copyright notice at the bottom of the page won’t raise their spirits. So do yourself a favor and keep it up to date. And while you’re at it, insert a time period like “Copyright (c) 2003-2008” to show how long you’re already in business.

If you’re lazy (just like me, I admit it), automate that with a tiny piece of PHP:

Copyright &copy; 2003-<?php print date("Y")?>

To make sure you’re always “alive and kicking”… 😉