DISQUS

Wow – great location. Are you hiring? :)

I’ve used Bloglines for a long time now and it’s gotten steadily better. I tried Outlook 2007 but there really isn’t any future in a desktop reader IMO. A few days ago I tried Google Reader and you’re right - it really has few competitors. I just wonder when the advertising will start to appear – they seem to have reserved the screen space already.

Hey that’s a great shot! I remember standing on that very spot. Brings back memories...

I thought I’d mention that there are two fundamental problems with using a general purpose random number generator (RNG) – regardless of language or platform. The first is scale. If you’re relying on an even distribution in a server context with concurrent users then you’re out of luck with the .NET Framework’s Random class and most other general purpose implementations. This also applies to other applications that rely heavily on random numbers for statistics or game play for example. The second issue is security. Any use of an RNG is a prime target for attack as they can easily be foiled to produce the same number. This is a problem when random numbers are used for passwords, establishing session keys, etc. What you need is a cryptographic RNG. For managed code you can rely on the RNGCryptoServiceProvider class. Does Ruby provide something comparable?

Exactly. I think that’s what I was trying to say. :)

The main reason certain characters aren’t allowed in user names is to allow parsing – either for subtext searching or for breaking a user name into parts (e.g. principal and authority). I wrote briefly about handling Windows credentials in 2004 (http://weblogs.asp.net/kennykerr/archive/2004/0...). Another common reason is to allow user names to be used in file system paths for example in the user profile directory path. Of course if you’re building a custom authentication system backed by a database there’s no reason to limit characters or length. Limiting length is also not very useful. If you have relatively few users (hundreds) then you’re not going to save much space or time with short user names. If you have relatively high numbers of users (thousands or millions) then you’re going to force users to create silly user names like paul1234. The main limitation is ensuring that the user name can be used as an indexed key in a database but then the limitation even for Unicode usernames would still be as high as 400 characters depending on the database engine.

Congrats – I see you use the same inspiring PowerPoint template as I do. By the way, your blog doesn’t render properly in the browser that pioneered Ajax. ;)