MS Security Summit

News in from Chuck Sterling about the security summit:

Security Interchange bought to you by Microsoft.

Maybe you’re a seasoned techie or developer. Maybe you’re just wanting to know and understand more. The Security Interchange provides an informal format for you to get your questions answered. Leading Microsoft security experts *Steve Riley, **Jesper Johansson, Jamie Sharp, Michael Kleef, Andrew Coates, Graham Elliot, Rocky Heckman and Dave Glover are touring Australia for the Microsoft Security Summit Workshops and want to help you understand a bit more about the products you use daily – and to help you understand some of the solutions to today’s business problems.


Developer Track Panel Topics

IT Pro Track Panel Topics


Privacy, Security, and Compliance: What you need to know NOW!


Building and Managing a resilient Active Directory Infrastructure 


Protect your Applications: Strategies that Can be Applied to Applications

Building Identity Provisioning Solutions


Application Development Principles and Best Practices

Threat Mitigation

Creating Reliable and Robust Applications with Visual Studio 2005 and SQL Server 2005

Building an Agile Infrastructure to Support Secure Mobility



Speaker Panel

Dave Glover, Andrew Coates, Rocky Heckman and Graham Elliot.


Michael Kleef, Jeff Alexander, *Steve Riley, **Jesper Johansson and Jamie and Sharp

Dates Cities and registration links 

  1. 09 Mar Canberra
  2. 07 Mar Sydney  
  3. 01 Mar Brisbane
  4. 13 Mar Perth     
  5. 06 Mar Melbourne
  6. 27 Feb Adelaide 


*Steve Riley will be doing only:

27 Feb: Adelaide

01 Mar: Brisbane

06 Mar: Melbourne

07 Mar: Sydney

**Jesper Johansson will be doing only:

09 Mar: Canberra

13 Mar: Perth


Code Camp Oz 2005 – Request for speakers

It’s time to get the speakers and presentations lined up for CodeCampOz – Return to Wagga. If you are keen to present this year, please send an email to with details. The main categories of presentations we’re after is listed below but if you have anything that you think others would love that doesn’t quite fit these, let us know anyway.


1. Developer productivity (particularly TFS, unit testing, source code management, agile or other development methodologies, mobility)

2. Server application development (particularly SQL Server, Biztalk, Sharepoint)

3. The business of software development (particularly consulting advice, project management, accreditation, certification)

4. Futures (particularly WPF, WCF, WWF, Sparkle, Expression series tools, IIS 7, Vista)


There are a couple of important notes:


1. As this is a free event, speakers (and all attendees) need to arrange their own transport and accomodation.

2. As we may try to record this event for those who can’t make it, speakers need to be ok for their sessions to be recorded.

3. Sessions must fit in a 55 minute window. Sessions are scheduled at 1 hour intervals. Please make sure you are succinct in what you are presenting.




Greg & Mitch

USB Powered Coffee

Note to self: When you unplug the USB connector from your iPod and it’s still connected to your notebook, don’t just idly toss it across the desk. It might land in your coffee cup which might still have coffee in it. That might cause your notebook to start telling you that the device attached to the USB seems to be malfunctioning and try as it might, not be able to make sense of what’s at the end of the cable. You might also be glad you purchased a serious notebook with a serious power supply (Inspiron 9100) that every one keeps telling you is like some sort of power station. Well, this *might* happen 🙁

This also reminded me of Raymond Chen’s great post a while back: about odd things on the end of your cable.

Primary Keys and GUIDs

This morning, we’ve been having a discussion on the Aus Dot Net mailing list about Primary Keys and GUIDs.

Rocky asked my thoughts on this. Greg Linwood made a good post on it and my thoughts were pretty much in line with his.

However, I also place significant value on the ability for the GUID values to be generated in a middle-tier. The removal of the need for a database traversal can in many cases be very beneficial to performance.

But, you sure don’t want a clustered primary key that’s a GUID. The advice on what makes a good clustering key has changed over the years.

Many people would remember the days when the SQL Server recommendation was for wide-duplicated values (like names) used in range queries. That was because the product didn’t have row-locking and they were specifically trying to avoid “hot-spots” caused by identity-style columns, where everyone was trying to insert on the same page at the same time.

Since row-locking has been in the product, such a “hot-spot” is now a good thing as it means the page that’s being worked on will very likely already be in memory. So, currently, the performance preference is small and monotonically increasing clustering keys. Identity columns work well for that.  (See Kim Tripp’s sessions on indexing from PASS if you have access to them).

However, the more I head into distributed systems territory, the keener I am on GUIDs. Identity columns tend to be more of a single-server solution, unless you implement some form of dispenser proc and that usually slows things down quite a bit.

There was discussion on providing a new data type in SQL Server 2k5 that would have been a monotically increasing GUID. It appears to have got the bullet but I wouldn’t doubt it might reappear soon. They’d sure have to be pretty careful with that sort of algorithm.

Others have implemented variations on this, like Jimmy Nilsson’s oft-quoted article:

where he talks about the cost of GUIDs as primary keys and proposes a variation he calls a COMB. Worth reading.

If disk space usage is a big concern for you, the extra 8 or 12 bytes per row might concern you. I’m much less concerned about that or its overhead in processing than I used to be. I usually find bigger problems in the data model that will have bigger impacts than that 🙂

If space doesn’t concern you so much, another approach that I’ve seen used successfully to speed join performance when using GUIDs in foreign key references is to have a hash value (of the GUID) generated as a persisted calculated column and then joins are done using both the hash and the GUID. In most cases, the optimiser does most of the join work on just the hash value.

But then the queries look odd to me.

SQL Down Under Show 10 – Graeme Simsion – Data Modelling

Just realised I posted everywhere but here about show 10 of the SQL Down Under podcast being available. It features Graeme Simsion discussing Data Modelling.

Another recent addition to the site are direct iPodder (or Juice) and iTunes links for those that want to subscribe to the shows and not have to remember to download them. Interestingly, the volume of iTunes traffic is growing rapidly. If, however, you just want to pull the shows down onto your hard drive, you’ll probably like Juice.