Overall, though I learnt a great deal and a lot of fun at TechEd this year, I feel as though the event didn’t quite measure up against past years. Whether it was a lack of deeply technical content (this year there were just five 400 level sessions) or simply that there was less that was new, due to the effectiveness of the blogosphere in spreading information, I’m not entirely sure.
That said, even a TechEd that falls short of last years lofty standard can be a great deal of value. Here are some of my personal highlights.
Monday started with the keynote. Highlights included an awesome percussion performance and a kick-butt demonstration of Office Communication Server automatically transcribing a phone message into text.
SEC 309 “What’s new in Security in .Net 4.0” was an interesting overview of .NET 4.0 security. It seems that Microsoft has formally abandoned Code Access Security, which while effective was a royal pain to develop and configure. One surprise in the new framework was this: By default, .NET 4.0 applications are not subject to managed security policies. While I can see this as desirable from a developer perspective – reducing variance in runtime environments helps to reduce the number of potential issues – I’m pretty sure there will be a few disgruntled systems administrators wanting to know how to lock down their desktops.
WOX 308 “Building Awesome Business Centric Applications with .NET RIA Services” covered writing WPF & Silverlight applications for regular business use, one arena where flashy user interfaces are neither necessary nor appreciated. New to me was the copious use of value converters to hook things together in very flexible ways. Also innovative was the use of attributes to provide property metadata for validation – with the checks automatically being carried through for enforcement on the client side as well as the obligatory checks within the services.
DEV 302 “Get ready: What’s coming with .NET 4.0” was mostly a recap of information I’d already seen covered in various blogs and newsletters. What I hadn’t seen was the extent to which Code Contract support was being rolled in – new metadata is going to be included in .NET 4.0 assemblies to assist with both static and dynamic code analysis. Improvements to WPF, including better font rendering, Windows 7 support and more standard controls also looked worthwhile.
DAT209 ”Project Gemini: Self-Service Business Intelligence” was a surprise. I’ve seen plenty of attempts to provide “Self-Service Business Intelligence” in the past, and they’ve all fallen down on complexity or performance. For the first time it seems that this vision might just become a reality. It all depends on how much of the slickness of the demo was due to great choreography, and how much was due to great software. Looking forward to getting my hands on this one for real and trying it out.
SEC312 ”The Everything Developers Need to Know About Security Talk” was one of the best TechEd talks I’ve ever attended – both entertaining and useful. The clear lesson is that security is hard, and it’s not something you can bake in later without a lot of effort. Much better to be proactive, write security in, up front. One nice surprise was the recommendation to use tools like fxCop – it’s not that using fxCop will guarantee a secure application, but that fxCop traps and eliminates whole classes of vulnerability , allowing you to focus on combating other security issues. Key lesssons: Never trust data until you’ve validated it: “All Data is evil, until proven otherwise”. Constrain inputs to reasonable values. Reject anything that isn’t known to be safe. Sanitise what you have.
ARC301 ”Architectural considerations for creating Silverlight Applications” was more of a developer focussed session than an architectural one, with a focus on design patterns such as Model-View-ViewModel, Dependency Injection, Service Locator and so on. Good coverage of the concepts for those new to them, and a useful review for the rest of us.
DEV303 ”Building Applications with WPF” was highly informative, demonstrating how WPF is highly opinionated software – if you work with it, things come together quickly and easily; if you work against it, life is difficult. What’s now clear to me from this, and other WPF presentations, is that the technology has progressed to the point where standard database CRUD applications will be better off as WPF or Silverlight applications than as Windows Forms or old-style WebForms.
DEV205 ”A Tour of CodePlex” was a lighter weight, but interesting, tour of CodePlex and how it works. There are more resources available on CodePlex than I realised, especially for SharePoint developers, and I need to check out CodePlex more often when looking for a tool. Sara Ford, the presenter, gave the best definition of Agile development that I’ve heard yet: ”Agile development is being able to make a course correction every three weeks.”
As you can see from this brief overview, there was a lot to learn from TechEd 2009. Over the next few weeks, I’m going to review the PowerPoint slides of a few sessions I couldn’t attend in person, and learn some more. I’m fortunate that I was able to attend.