Use the tools Bill gave us!

I've been looking at ASP.Net authorisation techniques over the last few days, and am now absolutely kicking myself that I didn't look at them when I first started ASP.Net development 3 years ago.

It turns out that .Net framework V2 gives you lots of tools to do this for you, and that they are ridiculously easy to use.

The System.Web.Security namespace contains a few extremely useful tools, and (combined with some Googling) it is very easy to set password complexity, access to folders and all manner of other things that you would expect an Authentication method to provide.

This namespace has two extremely useful classes in it;

• Membership
• Roles

Membership allows you to perform user operations, like adding, deleting updating and validating.

Roles allows you to create/delete roles, and add/remove users to/from them. This is mostly using shared methods and a built in and automatically configured database. I.e. you don't have to think about it!

The main problem I now face is how best to resturcture the application so that style sheets work properly, as well as links to images, screens etc. This would have been laid out a lot differently had I known about ASP.Net Forms authentication when I started building the application!

Deep Thought

"You can't paint over a shadow."

Which is something I never thought I'd realise.

It is deeper than meer stupidity, though. Consider the Shadow.

It doesn't disappear at night. It takes over the world, except for pathetic
little pools thrown by streetlights. It doesn't hide in darkened roomw, it takes
them over.

Also, more profoundly, if there is a shadow of something, you will never be able to cover it up. It'll always be there, right in front of you.

The shadow isn't underneath things. It's always on top.

Of course, this came about due to sheer stupidity, and me trying to paint over a shadow, and then not having a radio to distract me while finishing the job.

Solitude is a dangerouse thing.

QR Barcoding

Recently discovered QR barcoding. It's very cool, and I can even see practical uses for it, but more about that later.

QR codes are 2D bar codes that can store tons of information for their size, and can be read by software readily available for mobile phones as free downloads.

I've added my business card to this blog as an image which can be read directly from the screen.

It contains all sorts of details, and was created using the free generator from Zebra Crossing (zxing.com), which offers a few different configurations.

As far as practical uses are concerned, if (like me) you send a text to let your wife know you're heading home, you can create the SMS QR code with the appropriate message and stick it to the dashboard. You can then simply scan and send it... job done! It may pay to have 2 or 3 of these printed ("heading home", "traffic busy", or "stopped for chips" spring to mind...) and sending these will then take around a second each.

Just don't get them mixed up.

I may push to get this printed on the back of my next bacth of business cards. I do work in the technology industry, so it makes sense to use what I can.

Twitter, Facebook and being connected to the world

Twitter, Facebook, LinkedIn and all that social networking thing ahas largely passed me by for the last few months. I'm aware of them, as a System Administrator I'm aware of the risks they pose as information leak points, and in a supervisory role I'm aware of how time sapping they can be.

I've also realised jsut how good they can be for building your network of friends.

So last week I opened a Facebook account (after growing up from Bebo, which is missing a number of features which Facebook has) and now hae almost 50 connections.

I started a Twitter account, and am following a number of streams as diverse as Stephen Fry and Microsoft. I also have followers. That doesn't make me the Messiah, but I'm working on it. (The beard is coming along nicely, and I could do with a haircut.)

With these new found links I've discovered guys I was at school with doing the same job as me, and doing complimentary things like marketing, sales and people management, as well as accountants. Even roses have thorns... ;-)

I wish I'd done this a few months ago, however... it may have meant I got more help for my imminent house move!

I thought I taw a pooty cat... tweet!

It would seem that someone has decided to break Twitter. All this on the day I start using it.

Nice one guys.

This is the kind of thing that kind of puts me off using these services.

Never mind.

File sharer fined for sharing music

An American student has been fined $675,000 for sharing just 30 songs. (http://news.bbc.co.uk/1/hi/technology/8177285.stm)

It seems to me that the recording Industry has been too slow to react to these things. The internet has been in a growing number of homes for the last 20 years, and file sharing available since the mid 90's. How come it's taken the recording industry this long to do anything about file sharing?

The porn industry has driven secure payment processing (and digital rights management to a lesser extent) for a vast chunk of this time, and has done it all to protect their customers. Those on the moral high ground of music have done pretty much nothing, other than chase people for money where they have simply copied music form one format and made it available to others.

There was no copyright system to get round for this guy, other than a piece of paper which he didn't necessarily even have.

I accept that Sony tried to protect their rights, but were knocked rejected by the consumer. Installing software that affects your whole system is basically malicious code, and that's why it was rejected.

This also looks like an excessive fine for someone sharing just 30 songs - others have shared far higher numbers of tracks but have not been caught - and this was not done for profit.

Joel Tenenbaum, I hope you win your appeal.

Especially since the price of on-line music has been excessive until the arrival of itunes. I remember being given the option to buy music to listen to on my PC for £2 per track, despite this being the price of CDs in Woolworths at the time. This with basically nothing to show - and minimal distribution costs for the product. And most of the secure payment development had been done by the porn industry!

In my opinion the fine should be costs plus restitution to the affected parties. I.e. Mr Tenenbaum has to pay $0.79 per download from his shared files to the record companies. Maybe a fine on top of that.

If someone copies music and then sells it on, then this is totally different. Yes, throw the book at them. Cease their ill gotten gains and fine them, but not for simply sharing music with like minded fans.

Sometimes I go crazy.

Hayseed Dixie have the right idea. They actively encourage bootlegging of their gigs and actually giving hints on recording their gigs on their website. Check it out. They just want to be famous!

Some times, time flies...

Sometimes the sky is green and sea is black. Things have been a bit crazy this last few weeks, hence the lack of updates.

We've been working hard on application deployments and completing the dev cycle for our Business Metric Dashboard. This obviously includes bashing thing in the test environment, validating the deployment pack and generally working my nuts off until the drop dead date for deployment. At this point it's out of our hands, as we need to wait for customer feedback.

I've just finished installing a flue in our server room so we can run the air conditioning 24/7, and just completed another development cycle for a data import tool. We're now in the process of trying to get it to build in our TeamCity environment, but we're getting strange issues with that at the moment. I'm going to try swearing at it shortly, so at least I'll feel better.

Next week may be quiet, but as ever, when there's nothing planned, there's usually more to do. I'm sure I'll find plenty to do!

As ever, priorities have changed. The FastCGI and Python thing isn't going to happen. Instead I have to try and remotely solve an issue on a customer site with IIS setup... and I'm convinced it's a firewall issue that we can't solve.

I've found a few resources for the issue, and I've tried a few things off the top of my head to try and fix this, but it just ain't happpening yet.

I'm pretty sure we'll have a solution to the problem today, but it's annoying. We're getting access to a site over a VPN connection, but not from the local network, unless we turn authentication off. If we do that, the application stops working.

Anyone know anything about how to go about solving this?

Python on IIS and FastCGI

Looks like I might be trying to do the impossible. Again!

I'm about to try and build a web server on Windows 2003 technology, and use this to host ASP and ASP.Net applications, using multiple frameworks, and without upsetting sharepoint.

I will also be attempting to set up a Python server running FastCGI.

There is no reason why it won't work, other than setting up the application we want to use may not work. I may need to tweak lots of bits before I can get the application running.

So, if anyone has experience of setting up a Python scripted web application designed for Linux using FastCGI on a Windows IIS server, let me know!

Once I have succeeded in this, I will update the world, and may even include a set of instructions on the configuration of the web server.

Similarly, if anyone can find instructions, then let me know!

Microsoft, IE and competition

http://news.bbc.co.uk/1/hi/technology/8096701.stm

The article relates to Microsoft not shipping IE with Windows 7.

That’s fantastic news – it’s good to see Microsoft are opening up the market to allow other providers a chance to install their software.

One question… how will Joe User find and install a browser?

Midweek Madness

Ah, Wednesday!



The day where traditionally shops close for the afternoon and schoolchildren run out of sugar at around 2 o'clock. The Post Offices are closed and nobody can get a loaf or a pint of milk. Ah, the good old days!



I've just spent a chunk of the last couple of hours helping a colleague try to work out how to send a file from Nigeria to Norwich. As it turns out, it was a fairly simple thing that was missing to make this program work, but we got there. I've also spent a substantial chunk of the day trying to work out how to get the prices of electricity in Belgium in 2012 into a database. (Much easier than it sounds!)



The problem I have now is that I can't get a pint of milk or a loaf to get me through the rest of the day!



Still... almost time to go home.

RRAS Connections

And for my next trick...

I will attempt to connect to the internet using an existing connection and a big shiny router.

Sounds easy, straightforward, simple and all that, but it may not be. I've had a few looks at this in the past, and it seems reasonable and all that, but it's just not so simple.

The problem is that the router is connected to the internet and has 6 public facing IP addresses. The internal side has a single IP address, and I need to connect to it using a specific IP address from a firewall.

Still with me?

Good.

I then have to share this connection with our network on a separate network definition. This is where I start to swear under my breath and utter oathes about Bill Gates AND Linus Torvalds.

My First port of call is Google, closely followed by Serverfault.com and trying to work out the questions to ask before I can recognise the answers I get.

I intended originally to use Windows RRAS (Routing and Remote Access Services) but am starting to realise they may not be the best solution. I am now considering a 'Nix based software firewall solution, but I have no experience with this OS other than playing with the web intrerfaces of other routers.

I could always get funky and build something from scratch, but that may be substantially less fun than I think it might be!

In the meantime, we'll keep browsing the web through our ADSL connection!

Incoming Calls from a Bank

Over the past few weeks I've had a couple of calls from HBOS credit cards. They call up and ask me to give them my postcode and year of birth for security reasons. That's information I could probably get off the internet, or certainly at a library, so it's not hugely secure. Other things like my first school, mothers maiden name etc. aren't much better.

When they've asked me to provide them with the details I've simply answered "No, you tell me what you think it is, and I'll confirm it." They're obviously not going to do this, but why should I risk a scam, right? Maybe it seems a bit far fetched, but I now feel vindicated.

This article appearred on the BBC news website today, and made me feel all smug inside. I now feel justified in giving the people who call me when I'm eating my dinner a harder time than they probably deserved, but it just goes to show that you really can't be too careful.

Useful Technology

I installed a new car stereo yesterday, and after a bit of tweaking (apparently ISO connections are not quite standard) fired it up and made a phone call on it.

That's not quite as barking mad as it sounds, as the stereo also has bluetooth connectivity, allowing me to play music from my phone through the car stereo, and also to make hands free phone calls. The unit has been obsolete since 2007, but the technology still works, and as it's built to a standard, this probably won't change for a wee while yet.

As I said earlier, however, the ISO standard hasn't quite been implemented on the stereo. There are 2 +ve power supplies - one permanent for the clock and storing settings, the other is switched from the ignition, and is used to power the stereo. For the last few Sony stereos I've fitted I've had to swap these round on the harness. There are the only 2 wires with Bullet connectors, so simply swapping them round works a treat. Testing them was another matter, however. Peugeot in their wisdom allow the stereo to stay active for about 5 minutes after the ignition is switched off. This means that you set everythin up, switch the ignition off and the stereo stays active. A few minutes later it switches off and goes silent - at this point you've lost your settings.

When the wiring is correct, the stereo switches off after a few minutes and then beeps to get you to take the face off. Your settings are safe.

All the same, I'm happy with it. It sounds good and the handsfree works, and you can use the remote control for the stereo to work the treack navigation on the MP3 player on my phone.

That's integrated technology!

Infrastructure Projects

I've just had a look at the ongoing infrastructure projects within the company, and while none are officially marked as projects, they are all needing to be looked at with reasonable priority.

There are basically 3 projects of varying size and complexity, with differing priority and impact;

• Connectivity and infrastructure set up, including DHCP, DNS and RRAS settings, and getting our fibre link up and running properly
• Update and document our business continuity process. I need to look long and hard at this, and need to work out a strategy and test plan for this. We then need to test it and update the process as required. We also need to look at our security software. Last year we didn't give ourselves enough time to evaluate alternatives to our current software
• Virtualisation and consolidation of our existing hardware. We have a handful of physical servers at the moment, and a few more server instances. We need to look at the virtualisation method, software and hardware and work out how to back this up

At the moment I'm primarily working as a software engineer, and am struggling to find time to work on these fairly large projects. The most critical project is the business continuity project, but the highest priority is the connectivity project. (I also need to work out how we can keep ourselves covered in the event that we have to move office in a hurry as part of business continuity.)

The virtualisation project needs an evaluation of various hypervisors and how we can migrate from MS Virtual Server to whatever else we choose to use.

I guess there's a lot to be getting on with, and not a huge amount of time to do it in.

Hopefully I'll be handing over the infrastructure work at some point over the next few months, so would like to keep everything nice and documented, maybe with a strategy document and certainly with specific projects outlined and able to be planned going forward.

All sorts of new things

Yesterday my sister gave birth to a baby boy, 7lbs 14 oz. Both are doing well, and I'll hopefully get a chance to go see them all soon. Maybe over the summer, but we'll need to wait and see.

I also got given some sponsored apparel for the keelboat yesterday. Mark (who owns the Haggis-N-Neeps business) supplied the crew with a set of Henri lloyd TP1 jackets embroidered with the sail number and his website.

Mark, thank you very much!

Scottish Series

Hi, I'm back. What did I miss?

I've just spent the last 4 days racing a Sonar keel boat around the water off Tarbert Loch Fyne, in conditions ranging from no wind to near gale force conditions (one of the boats in a fleet to the south of us recorded 45knots on their wind instrument, but I'm not sure we got all of that.)

We had rather a lot of water come into the boat, including one wave big enough to set off an automatic lifejacket, and managed to get some good boat speed at times as well.

As it turns out, while I can do foredeck duties, it's not clever for me to put my 110Kg on the bow of a 23ft boat in 25 knots of wind. The skipper tells me it's difficult to steer when I do that!

All in all, however, it was fun. We also enjoyed a 2nd place overall, and won the last race.

Full results for sports boat fleet 2 are available here.

Meanwhile, back at work, very little has happened. Well, I'll soon change that!

Expenses

I just heard on the news that an MP claimed £30000 for gardening, including £1645 for a duck Island. I feel bad about claiming for petrol that I'm entitled to, and most definitely wouldn't get reimbursed for my mortgage.

I'm thinking of standing at the next election (as an independant) purely on the grounds that I will give a reasoned answer to any question assuming it doesn't compromise security, be open and be honest.

2 questions, though;

• How much is the deposit?
• Would anyone vote for me?

Anyway, I'm away for the weekend in 2 hours, so I guess I should start packing!

Dumb Ads

The BNP have recently unveiled their latest poster campaign with a picture of a Spitfire on it, entitled the new Battle of Britain. It's aimed at sending Eastern Europeans back to their own countries.

Problem is the Spitfire is from a Polish squadron.

Tells you a lot.

Build me a Server

I spent about half an hour bilding a Server yesterday. Everything installed nicely. I installed the drivers, installed Virtual Server then checked the disk size.

2GB.

Bugger. This morning I shall be building a server, installing the drivers and Virtual Server. I HAVE checked the disk space this time, and it's much bigger.

The trouble with building the 2nd server (a Windows 2000 box) is that the network drivers are hard to come by. Dell's support software doesn't work properly in IE5, which is what ships with Windows Server 2000. This means I can't get the drivers. "Download them" I hear you say.

I can't... I've no network connections.

Gaarrgghh!

Hello World

Hello, this is my first post on my new blog. Unusally, I am taking a couple of days off later this week.

This blog will contain some tales of software development, some of sailing, and maybe some personal rants.

If anyone reads this and takes offense at anything I say, then by all means, get in touch. I will not blog anything I wouldn't say to your face. That way, you know where you are!

Cheers.