Office 2010 – The Movie

Especially the teaser is fun to watch. http://www.office2010themovie.com/

Saturday, July 11, 2009 3:27:41 PM (Pacific SA Standard Time, UTC-04:00)      Comments [0]  

Power failure and no Internet

Sometimes the <censored> hits the fan, and guess what happens? The whole city was blacked-out. For about an hour we sat in the dark, without any electricity. But the real fun began when the power came back…

I got my server and VMs back up and running but no Internet. Try to call my ISP (TelSur) and once I selected “Apollo technico para Internet” (Internet Helpdesk) nobody answer. So I called a friend of mine, Guido, who told me he has the same issue.

I guess they have their hands full. It would be nice if they inform the people that call with a simple message like: “There’s a service disruption in Valdivia…”

Of course, now you read this message, Internet is back up again, else I couldn’t post it on my blog :)

Monday, June 29, 2009 12:23:38 AM (Pacific SA Standard Time, UTC-04:00)      Comments [0]  

Using DNS as an authentication mechanism

Sometimes you need a construct for verifying a domain name ownership before you allow specific actions to be done to that domain. An example could be to send a bunch of mail to a specific domain. This will never be considered spam when you’re the owner of that domain, but it will be considered spam if that isn’t the case.

To validate domain ownership, you can check WhoIs records, ask for some proof of ownership, etc. But all these methods require human intervention. IRIS (Internet Registry Information System) isn’t done yet and won’t be globally available for the next few years, and we all probably have seen once the output of a WhoIs server. Try to parse that with a generic RegEx, no way in hell. So how do you automatically check if someone is really an owner of a domain?

Let’s just assume an owner has the power to change DNS records, anyone else hasn’t. SPF works that way, and I don’t think any sysadmin is going to give up those passwords easily. (It could compromise a lot!) So how about if you simply put a TXT record in DNS which has some custom format, like: “myapp:accountIdOfTheCustomer”. Guess what? This can be checked with a simple DNS query :)

The customer must logon to “myapp” and once it has done so, domain names can be checked against the account ID of that customer, so once you’ve got that in place, there’s no need to do any handwork. Requirement here is that the customer is in charge of their own DNS, but that should be the case most of the time. Since the customer doesn’t want to give anyone else access, they won’t put anyone else’s account number there… And you can put some salt in there if it’s needed…

Friday, June 26, 2009 7:18:24 PM (Pacific SA Standard Time, UTC-04:00)      Comments [0]  

Problems with EFS and developing software

EFS (Encrypting File System) is a great Microsoft solution to keep a secret a real secret, and to safeguard source files from (accidental) leaking when for example a notebook is stolen. The problem with writing software is that during testing, most of the stuff you create need to be accessed by processes that do not have access to your EFS key. Let me clarify…

Let’s say you are building a web site which you host in IIS. IIS runs in is own account and does not have access to your EFS key. You build your project, this creates a bin folder and a few DLLs within that folder. But guess what? The BIN folder is encrypted, and so are the DLL outputs. When running with a service in your local account, that’s not a problem. But when IIS tries to access those files, it will get a access denied exception because it can’t decrypt the DLL file. (Or any ASPX files for that matter.) This generally means that encrypting content files which need to be accessed by other services (running in their own process with their own account) is a bad idea. EFS will block access to these services. It becomes even more fun when COM+ DLLs are in play, etc.

The only solution is to do full hard drive encryption using BitLocker, it is not possible to do this any other way. Sure you can try to configure every account with keys, etc, or try to prevent the output binaries from being encrypted, but all this will become rather a management nightmare at the end. The reason that full hard drive encryption works, is that the main difference is that every account that is active on your system will have access to the files, in stead of your own account as the only account.

Friday, June 26, 2009 7:08:23 PM (Pacific SA Standard Time, UTC-04:00)      Comments [0]  

The Windows 7 madness has begun

Windows 7 is now available for pre-order…

I’ve been running Windows 7 RC for a while and I must say, it’s the best version of Windows I’ve seen, and I’ve seen them all. (All the way from 1.0)

If you’re living in one of the countries that the upgrade offer is valid for, you should consider getting your copy. If you haven’t switched to Vista yet, you might as well get Vista and a free upgrade to Windows 7 will be available once it is released. For the European community: Wait for the “E” edition, and sorry, no upgrade from Vista to Windows 7 E, only “Wipe & Load” migration is available. You may thank the European Union for that.

Partners will get Windows 7 at the end of July (at RTM date), and this means that I’ll be running Windows 7 RTM probably within a month… and since I’m in Chile, I don’t need the “E” version… You may get jealous now

What I like about Windows 7?

• Windows Virtual PC with XP Mode,
• Seamless integration of apps within Virtual PC
• Windows Virtual PC using hardware virtualization
• OK, besides Virtual PC:
• Document libraries (which is a huge benefit for me)
• The new superbar
• And a lot more…

At the moment I have Windows 2008 on my workstation because I use Hyper-V as a virtualization platform and I have some features in IIS which aren’t available in Windows Vista. (Like the BITS server extensions.)

Windows Server 2008 R2 will also be released within the same timeframe. There’s a lot of improvements in this version of Windows Server, actually so much I’m surprised they simply call it an R2 version. What I like most is .Net for Server Core, which allows .Net to be run on a Core installation and allows you to create Windows Services or ASP.Net websites which now can run on Core.

Friday, June 26, 2009 10:14:16 AM (Pacific SA Standard Time, UTC-04:00)      Comments [0]  

Installing SP2 on my server

When you want to install SP2 on a server, you need to make sure you’ve got enough space on your system partition. When I started with my server a couple of years ago, 20Gb for Windows 2003 was more than enough, but these days with Windows Server 2008, it isn’t. So I’m now having a server that has been upgraded a few times over the years, and has a system partition with too less space to install the latest service pack. That’s a bummer, and this blog post tells the story on how we recovered from this situation.

The server is a Dell PowerEdge 1900, 6x250 GB SATA2 HDDs, a Perc (PowerEdge RAID Controller), 8GB RAM, 2 Quad-code processors, etc. It even has a floppy drive :) I thought, because of the RAID controller, the hard disks are not reachable when starting the machine from a simple setup DVD. Luckily, Dell has a nice website which allowed me to find the drivers I needed. But once I started the server from the Windows DVD I was pleasantly surprised that Windows actually has drivers built in. Nevertheless, it never hurts to come prepared. But first things first.

It’s not possible to extend a system partition when you’re using it, nor is it possible to extend a partition when you don’t have the space free next to the partition. My system partition was the first 20GB block on my RAID10 volume, after that came a 450GB partition that was 80% full with fixed-size VHD files. I also had 1 RAID1 volume of 250 GB, about half full and a external disk that was about half full. Since I needed to delete the 450 GB partition, but I didn’t want to lose the data on it, I needed to move around some stuff. I started out by clearing out the 250 GB RAID1 volume. I moved 4 VMs to the external disk and the last one to the 450GB partition. Now I had 2 250GB disks empty, time to break the mirror.

Once that was done, I had 2 250 GB disks empty to hold my data. I moved the VMs to the other disk (using the export feature of Hyper-V) and after this (about 5 hours later in total) I had everything moved over so I could delete the partition. Restarted the machine from the DVD, select “Repair" and opened up a command prompt.

Diskpart is the new fdisk, and I’m glad that tool is here. With a few simple commands I deleted the 450GB partition, extended the system partition with 20 GB extra (and the file system also of course), and after this restarted the machine. Now I had a system partition which was 20GB bigger :)

I’ve installed SP2 without a problem, put the remaining space of the disk in a new partition and I’m now moving everything back into place. The system partition has now plenty of space to survive an upgrade to Windows Server 2008 R2, which will be here at the end of July. It was a lot of work, but it was worth it.

Sunday, June 21, 2009 12:58:34 PM (Pacific SA Standard Time, UTC-04:00)      Comments [0]  

One of those nice messages…

Although this message is 100% correct, it isn’t very appropriate when I press Ctrl-F5 (=Start without debugging) in Visual Studio. Since I want to start the app without debugging, but want to wait for a request, there’s nothing to start when this concerns a web application. Still, I wanted to start without debugging, so there should be nothing to debug in the fist place?

Ah well, Wednesday morning I guess…

Wednesday, June 17, 2009 8:49:00 AM (Pacific SA Standard Time, UTC-04:00)      Comments [0]  

Sewer troubles

Our sewer is at it again. One big mess, and the exit pipe completely broken. Before you say: “Yuck”, we noticed the problem before the toilets stopped working. (Luckily!)

A few months ago, we had a problem that our sewer was clogged up, and it was clogged up pretty badly. They used (like usual) high pressure to remove the obstruction, but since then, the ground on the outside of our sewer pit started to sink slowly…

We didn’t notice this until a few weeks ago, when the Esso came here to fill up our Diesel tank for the heater. (We heat our house and the water on Diesel.) Since the Diesel tanker uses a hose of more than 30 meters which goes all the way to the back of our house from the street, we need to walk over that same spot that the sewer pit is at… and guess what? That is when I noticed the ground started to cave in. I took a step and I was standing up to my knees in the ground. (They joked about that, because they said I was simply too heavy) but I thought to myself, this can’t be good.

Last Saturday I was taking my usual shower and I noticed that the toilet was making a funny bubbling sound. Now I knew that the air coming from the toilet was coming straight out of the sewer, making place for the water I was putting in. So I asked Tatiana (my wife) to check with the water company (Aguadecima) to let them do the usual unclogging.

Today we called them, and they came. My suspicion was right. The sewer pit was almost filled up to the top, the pipe to the street is broken and they will replace it this week. That’s going to be some digging, but at least we have some space in the pit that can be filled now, because they were able to once-again remove some obstruction that was causing this mess.

And the nicest part? All of this is done for free! They react quick, and don’t charge a dime. If the problem lies between the pit and the house, it’s our problem. From the pit to the street, including the pit itself, is the problem of the county. This is needless to say, they respond quickly. Once they start digging, I’ll shoot some pictures :)

Monday, June 15, 2009 5:26:50 PM (Pacific SA Standard Time, UTC-04:00)      Comments [0]  Chilean Adventures

Opera and the anti-trust case

First of all, this is my blog where I vent my own opinion. I’m not impartial, nor am I a judge, jury, or anything else on that kind. Having said that, if you don’t agree with me, that’s fine. If you do, that also fine. :)

The anti-trust case was started by Opera simply because they lack the market share and are now trying to get a competitive edge by letting their browser be included in the world’s most popular operating system. The question that this will raise: “Is this fair?”

Microsoft worked hard on Windows 7, Internet Explorer 8, and all other software that goes with it. (Media player, Media center, etc.) They invested millions into these products. Anyone who’s willing to buy this will have a secure, reliable, piece of software and once a bug is discovered which compromises security even the slightest, everything is done to plug the hole as soon as possible.

If I install any well-known Linux distribution on my PC, does it come with a browser? Sure it does. Does it come with Internet Explorer? Of course not. Embedding closed-source apps into a open-source OS would cause a small revolution here and there, but besides that, Microsoft does not allow it. Their licensing agreement does not allow you to simply install their browser on any other platform than the ones they say it may be installed on. Even several Windows versions do not meet this criteria. For example: Windows 200, Windows 9x/Me and Windows NT can only be used with IE6 and lower. IE7 and higher are not working on those operating systems.

So there’s no competition for Internet Explorer between Windows and Linux. Since there is an Opera version for Mac OS X, Linux, FreeBSD, Solaris, QNX, OS/2 and what-have-you even BeOS, they should have plenty of market share to go on, right?

But this still doesn’t answer the question: “Is this fair?”

Microsoft is willing to strip-out it’s browser of Windows for the European market, the so-called “E” edition. That means: deliver Windows without any browser. How you’re going to get a browser if you don’t have a browser? The consumers will be hard-hit with this, and OEMs will be eventually making the choice to install the browser for the customer, which is (you guessed it) probably Internet Explorer anyway. This will lead to higher costs and even frustration on the end-user’s behalf. Not a good thing. It’s even worst, because the “E” Edition will be the only edition that will be available in the European market.

Does this help Opera? Or will it help other browsers, like Chrome, FireFox, etc? Guess 3 times. The average home user doesn’t give a damn which browser they use, as long as it works. Businesses care about 3 things though: “Can it be managed?”, “Does it work with the solutions I use?” and “Is it safe?”

All browsers claim to be “the safest”, “the fastest”, and so on, and Opera is no exception in this case. Clearly this is where Apple has a lot to learn, since Safari seems to be the easiest browser to hack yet. But this is besides the point of this article. Fact of the matter is, most business applications were historically built for Internet Explorer. I can remember the phrase “IE Only” like it was told yesterday. These days web standards become better implemented and the differences between browsers gets less and less, but still, there are differences.

Most businesses will not change easily from IE6 to IE7, or from IE7 even to IE8. But they certainly won’t change that easy from IE to FireFox or … Opera? I can hear the manager saying: “But isn’t that that lady on TV?” Businesses will simply say: “I have better use for my time” and will not give it any more thought.

Home users? They will stay with what they find best working for their daily activities. If that means Internet Explorer, they might as well stick with it.

But this still doesn’t answer the question: “Is this fair?”

OK. Now back to the real heart of the issue. IS THIS FAIR? To force Microsoft to include Opera into Windows 7. No it is NOT. Several reasons:

Windows is Microsoft’s property, they decide what they want to do with it. If they want to include someone else’s products, fine, if not, then not. It should be their decision, not anyone else’s.

Including other company’s software in your own products can have huge implications. If a security leak is detected in Opera, who must fix it? Opera? Microsoft? You would say “Opera of course”, but wasn’t Microsoft who delivered that browser in the first place? This leads to confusion, problems and ultimately a bad reputation.

Internet Explorer is also Microsoft’s property. Why may they not include it in Windows for free? Ah, but the EU says, you’re charging for this in the Windows license fee. So even if they do, make it worst. Pay the same price and get less for your money. I can bet that Windows will not be any cheaper.

My conclusion is that Opera kind of ruined it for everyone in Europe. They started out to gain market share, and they probably made the end-user experience a lot more problematic and will probably not gain much in the end. That together with people now paying more for the same machine for the extra work that’s involved.

Way to go Opera!

Monday, June 15, 2009 2:51:27 PM (Pacific SA Standard Time, UTC-04:00)      Comments [0]  Opinions

Oh dear…

Does that mean I need to Twitter more often? ;)

Sunday, June 14, 2009 6:52:33 PM (Pacific SA Standard Time, UTC-04:00)      Comments [0]  

Silverlight 3 in the making

I haven’t blinked… yet, and there’s a new Silverlight version. After listening to Hanselminutes I notice that Microsoft is trying to start with out-of-the browser cross-platform applications, which is Silverlight 3. The beta you can download here: http://silverlight.net/getstarted/silverlight3/default.aspx Silverlight 3 will be integrated into Blend 3, which is also a free beta download.

I guess this will be the answer to Adobe AIR (or Adobe Integrated Runtime). Air uses Flex and Flash, HTML, JScript and AJAX, Silverlight 3 uses a mini CLR, JScript and XAML.

I’m by no means a Silverlight expert, nor AIR for that matter, so I guess this means that I’ll have something more to study. First WPF though…

Friday, June 12, 2009 11:04:06 AM (Pacific SA Standard Time, UTC-04:00)      Comments [0]  

Mail wasn’t working…

I had just solved a nasty error, which was a interesting chain of events. My mail wasn’t delivered to the Netherlands, and the mail wasn’t coming in. Upon checking what was going wrong, I got a DNS error.

Checking the DNS server, it said: “Can’t bind to IP address X on interface Y”. Taking out netstat to see who was listening on port 53 (the default DNS port), I found that this was only the DNS server… strange… restarted the server, same problem.

Time to check the IP configuration, guess what? The static IP address assigned to this machine was a duplicate. After some server hunting, I found the offender, which has a different IP address now. Restarted the DNS server for a second time, and the mail started coming in.

Thursday, June 11, 2009 10:22:44 AM (Pacific SA Standard Time, UTC-04:00)      Comments [0]  

Visual Studio 2010 Beta 1 – First thoughts

I’ve been using Visual Studio 2010 for a few days now and I must say, I’m impressed. The version I’ve been using is the Team Suite version, Beta 1. I really like the multi monitor support as well as the possibility to zoom in on text and the fact that Visual Studio is now built using WPF makes Visual Studio 2010 a complete new experience. It is notably slower than the 2008 version though, it doesn’t feel as snappy as what 2008 did. With 2010 you get a new .Net Framework, but I’m not going into new features of .Net 4.0 in this post. In stead I’ll concentrate on the IDE. Some random thoughts:

• The code editor has improved a lot, as has Intellisense. Documents can be dragged out of the main window and be put anywhere, even full-screen on a different monitor. You can zoom in- and out of text, park the cursor onto a variable/member and see where it is referenced, refactoring is improved and you can toggle Intellisense between standard mode and consume-first mode.
• ClickOnce has changed a bit, and a some UI options have been taken away, especially in the partial trust area. There are still ways around this though, but it means a bit more hand-work. For the rest, not much noticeable in this part, if I forgot something, please let me know.
• The icons used in the UI are still the same as the last version, I guess they had their hands full rewriting the IDE. (And there are a LOT of icons in Visual Studio!) This doesn’t bother me though, functionality I think is way more important.
• No project templates for Office 2003… Options have been taken out as well… I guess that was to be expected since Office 2003 is out of mainstream support, but I’m a bit sad about it since some of my projects still use Office 2003 integration.  Maybe there’s a way around this, I have no clue.
• F# Made it into Visual Studio. IronPyton and IronRuby haven’t? Probably an add-on
• New UML Modelling project, no idea how to use it though :)

Except all of this, extensibility and the new Team Foundation Server is there. Team build uses Workflow Foundation, and gated check-ins, so on that part we’ll probably see more improvement as well.

All in all, a fine release.

Wednesday, June 10, 2009 5:40:03 PM (Pacific SA Standard Time, UTC-04:00)      Comments [0]