Apparently now is the beginning of a prime period during which we'll be able to best see the International Space Station as it races across the sky. If you haven't ever taken the time to step out and watch the sky to see this before, you should do so - Realizing that there are people up there on that thing is really pretty mind-boggling when you think about what it takes to make something like the space station happen and work.

SPACE.COM: During the next couple of weeks, North Americans will have many opportunities to see the International Space Station, due chiefly to a seasonal circumstance. From now through the beginning of July, nights are shortest and the time that a satellite in a low-Earth-orbit (like the space station) can remain illuminated by the Sun can extend throughout the night, a situation that can never be attained during other times of the year.

You can find out when you can see the station at any of several web sites, including:

• NASA's J-Pass (http://science.nasa.gov/Realtime/JPass/)
• NASA's SkyWatch (http://spaceflight.nasa.gov/realdata/sightings/)

Here are a few links to SkyWatch data for cities people who know me are likely to be in. If yours is not listed, check out the full city list.

• Portland, Oregon
• Los Alamos, New Mexico
• Farmington, New Mexico
• San Francisco Bay Area, California

We interrupt this serious blogging effort to bring you something completely irrelevant.

You know it had to happen. Remember the Star Wars Kid? Of course you do. Seen Kill Bill? Of course you have. Maybe you even bought the t-shirt. Well, here you go:

http://content.collegehumor.com/media/movies/killbill.wmv

Enjoy.

German police arrested the 18-year-old author of the Sasser virus. Apparently he also confessed to authoring other viruses, including NetSky.

Which is good. But not amazing. For the most part, the bad guys eventually get caught.

What amazes me is the fact that so many companies and government agencies were actually shut down by the Sasser worm. A friend of mine who works for a government agency called me tonight to tell me that last week the city, county and related agencies where he works were shut down by the worm.

My response: “WHAT?!?!?!!?!?” The departments that were shut down in my friend's account of the situation included public safety departments and a fire/police dispatch center among others... No small potatoes when you consider how critical it is that things just need to work. Maybe someone needs to lose his or her job.

Good vs. Bad, or “Dude, that's pretty extreme.”

I'm serious - this one was so easy to avoid, there's simply no excuse for having a problem. I can think of one only reason any company or agency would be affected, and come to think of it, it's a problem rampant the world over.

Sadly, some IT professionals aren't - well - they're just not very professional.

So, here's an important message for companies and agencies employing lazy IT staff: If they don't prevent the outbreaks, they're not doing their jobs. The mark of a good IT crew is not that they respond to a virus outbreak and make everyone feel good that they're able to disinfect computers and (hopefully) go to tape backups to restore ruined data. The good IT crew is not the one that tells you it will take two to three days to recover, and then “delivers” in one day.

So what, then, makes for a good IT crew? And how do you know if you have one? It's very simple: While everyone else is freaking out about viruses and other threats, your company is still operating and you're not really too concerned, because your company just doesn't ever have many network security issues. Besides, if there was going to be a problem, you would have heard about it from the IT crew by now. In other words, things just work, problems are prevented, work doesn't stop, and you don't have to worry. That's what a good IT crew does for you.

An Ounce of Prevention Is Worth Big $$$

Believe it or not, I'm not supposed to be an exterminator. My job is to make sure the virus outbreak never happens in the first place, and the people who work in my department share in that responsibility. Ultimately, I am the one responsible (and held accountable) for network and data integrity when it comes to viruses and intrusions, but we all take a significant amount of pride in making sure problems never get a chance to occur.

What many may not realize is that it's actually pretty easy to do. In fact, it's a lot less work to prevent the problems than it is to react to them after they occur. Keeping a problem from happening is akin to preventing a cancer from ever growing; You can be so much more confident, and if the ability to prevent is there, it's simply negligent to assume the reactive posture. The removal of a cancer is painful, time consuming and expensive. Worse yet, you almost always have to wonder if you got it all, if it will ever resurface, and what the result will be when it does.

To be perfectly clear about where I'm going with this: I believe that organizations need to adopt a zero-tolerance policy toward avoidable downtime. Virus outbreaks should be very few, very far between, and extremely isolated in scope. If a virus infects an entire network, something is not being done correctly. If data is lost and can't be recovered, there's simply no excuse.

Kick Me If You Like, But I Know I'm Right

Some who work in the IT field will read this and be upset with me. Am I really telling people like my boss to fire their employees if they can't prevent the problems from happening?

Yes, in a matter of speaking I am. After all, if I can't (or rather “won't,” since pretty much anyone can) protect the company from internal and external threats, I am not doing my job and my boss needs to find someone who can (and will). While there are occasional threats that cannot be prevented, he knows that those are so rare that he'll know when the exception to the rule occurs.

IT professionals around the world, regardless of the organization's size or business, should hold themselves to this standard. If you're an employer, you're responsible for maintaining or hiring people who meet the standard.

We no longer live in a world where the guy your neighbor knows who “works in computers” is sufficient for a professional IT job. Even the interns I hire require a special skill and work ethic that's hard to find. High standards make for quality work and results, and I think that's the way it should be. To expect less in this day and age is to neglect the needs of the real world of IT.

It's Bigger Than Just Your Organization

By the way - when the people responsible to do the prevention at your organizations fail in their duties, who do you think those failures impact? It's not just your employees and customers. The nature of the Internet is that your failure will almost certainly impact many organizations outside of you own. That's what virus writers count on, that the poorly-designed and -managed networks of the world won't be proactively managed, and that employers who don't know the difference won't do anything about it.

If you're the employer and you can't for the life of you determine whether your IT employees know how to do their jobs, here's your best clue: They probably don't. It's one of those things where you know if they're doing their jobs. How? It's a dangerous world we work in; If they are not educating you and keeping you aware, they're not doing their jobs.

For the Record - Bad Employers Are Part of the Problem

Before I finish, I should say that I realize the world is not black-and-white, that there are many aspects of operational IT work that can put a very good and responsible IT professional in a position where he or she is doomed to fail. There are times when, despite the best efforts of the individual, the budget or company priorities actually prevent you from doing good security. I only see two options for you there: One is to make them aware, change the outlook and attitude, and failing that the second option is to find a place to work that will leverage your skills and and fits your priorities.

Line In The Sand

So, here's the challenge: I think that anyone responsible for day-to-day IT security who walks away from these words upset that I'd adopt this position probably needs to take a look at why they're upset. Seems to me if one does one's job, there's nothing there to be upset about.

Anyhow, that's what I think. It's a little more black and white in writing than in real-world practice, but I've read and re-read my words, and I'm good with them. This started out to be a short post about the 18-year-old kid who wrote a computer worm. It ended up becoming a bit of a rant about what really matters to my employer. Catching this kid doesn't mean less viruses and worms - We still have a job to do, and it's just getting more and more complicated as time goes on.

And since all good blog entries should include a question, tell me: What do you think? Click the comments link and talk back if you're so inclined. I could be wrong, you know.

I decided today to look for cool stuff and tie up a few loose ends from the past week. Nothing big - Just a few things that will probably change the way you work or live in the future that I thought you might like to know about, if you don't already. Not that I really know how they all work, I just find them very, very interesting:

How to Bundle Active Directory Application Mode with Your Directory-enabled Application - Microsoft created ADAM to let developers us Active Directory as a dedicated LDAP service. Someone was asking me what I know about it, and how to ship ADAM with his application. This article talks about how to bundle the ADAM setup as part of your app's setup. ADAM is cool. This makes it cooler. It may not change the way you live, but the potential is there to change the way people like me work.

Mono Beta 1 has been released - What the heck is it? No, you won't end up in bed for weeks wishing you could just die. Think of it this way: Write C# code and run it on Windows or Unix. This is big. It's a .NET framework for Unix, and when you think about it, the possibilities are - well - pretty interesting. Interoperability, here we come. It's worth noting that Microsoft released the whole .NET thing to the community to do this kind of thing. And for those who wonder why anyone should care, the abstraction layer of the .NET framework allows you to write and deploy much more secure (read: managed) code. That matters. That's probably not a great explanation, but someone else can chime in and comment if they want.

Keyhole is Super-Cool and Addictive - I ran across Keyhole a month or two or more ago, but forgot to blog about it. I don't know why, I mean this company has only mapped out the entire earth - more than seven terabytes of map images are on their system. I think the first time I saw their technology and started looking for it was when the news shows started doing these fancy fly-over maps of Iraq to show their audiences where certain cites, battles or whatever were happening. In the future, this kind of tool will be commonplace. Imagine tying this capability into a GPS-enabled application and speaking instructions to your car, then having it show you, step-by-step and in 3D detail, to your destination. Or dream up your own uses and ideas.

Well, During an excellent presentation about Longhorn by Chris Sells the other day where I work, he showed some forward-looking stuff that reminded me of the coolness of this new application. When Longhorn arrives and we get its amazing 3D graphics system, we'll no doubt see some amazing new things taking advantage of applications like this one. At any rate, no need to wait for Longhorn to see what this can do. Anyone with eyes and brain (and hopefully broadband) should truly enjoy themselves on this site today. Oh, and if you happen to have a nVidia graphics card, be sure to check out Keyhole NV and see Mars. A free trial account is available, and it's worth the download is you have a computer that's less than three years old (older than that might be too slow).

Longhorn - The Next Version of Windows - As mentioned above, Chris Sells, who works for Microsoft and speaks regularly about Longhorn, the way-cool next version of Microsoft's operating system, spoke at Corillian (my place of work) the other day. Chris is a great speaker and he convinced me about the one necessary assumption upon which Microsoft appears to be betting the company: Longhorn will be to Windows XP as Windows 95 was to Windows 3.1. They want people to flock out to get Longhorn the same way they did with Windows 95. they'll spend more in marketing the next version of Windows thank they've ever spent marketing any other product, ever.

Now, if you were around for the debut of Windows 95, you know what I mean and how big a deal this statement is. For those of you who are too young to remember, but are old enough now to be interested (yes, I am speaking to you Scott), well hold on tight - The ride's about to begin. The world of computing as we know it will (once again) change dramatically.

Want to see where things are heading? Check out these concept videos that show some of the new capabilities that will reach our homes and offices one day soon. They're geared toward business solutions, but show a lot of the new features and make you think about the possibilities. Note that one of the videos (the commercial real estate one) leverages the Keyhole world imagery application and data mentioned earlier - in combination with mapping applications like MapPoint. Neat stuff.

Two of my coworkers, Scott and Patrick, have been musing about what it means to be a coder. Or a geek. Or whatever. I'm not a coder (to be sure). But many people do consider me to be a geek. So at least in certain circles, they're not really the same.

Anyhow, Patrick had an interesting comment about his son. He mentioned that he has taken to calling himself “geek, son of geek.” Heheheh that's cool. He also mentioned his son's a little miffed that they don't have a t-shirt that says that.

Have no fear, my friends. Your fears and miffed-ness are silenced by my own personal form of geekdom.

It's faster, it's fixed up, it's super cool and stuff.

Omar says dasBlog v1.6.4121.0 has been posted to the GotDotNet workspace (note - takes forever to load, be patient). So you can download it, install it, use it, and enjoy it. There's nifty easy installers for the whole thing, ZIPs with just the upgrade files, packaged source code - you choose how and what you want to do. Instructions are here.

I upgraded last night, and the site runs faster and there's some cool fixes as well as new/improved functionality. For complete info about the changes, see the release notes.

Now all I have to do is get around to translating my blog entried from my old LiveJournal from back in the day to dasBlog. In my spare time. :-P

If you run it, get it. If you don't and you're looking to start a blog of your own, this is the stuff. Need a place to host yours? Email me, maybe I can help.

Forgive the randomness... Can't resist posting:

http://subservientchicken.com/

Burger King is - well - weird.

Thanks to the kind hearts of a large number of coworkers, friends and family, I was able to turn $2065 over to the Muscular Dystrophy Association Thursday as “bail” money to get me out of “jail.”

The money that was donated will be used locally to fight muscular dystrophy, and to make opportunities available to local kids who otherwise would not have a chance to do many of the things their friends are able to do. My personal story (in the email included below) is just one example among many thousands of how small donations can add up to provide big opportunities for these kids. 

Four local children and youth will get to attend a special summer camp this year thanks to the donations. I can tell you, the MDA workers and volunteers down at the “jail” Thursday morning were ecstatic to have such a large amount donated by so many people, in such a short period of time. I was the first person today to successfully meet my “bail” goal and get out of jail. While there, I also received an invitation to attend the summer camp this year, and I think I may just have to take them up on the offer.

Again, thanks very much to all who contributed. If anyone was hoping to contribute but was unable to prior to my “arrest,” they can definitely still do so. Simply contact me by email, phone or in person, and I will be glad to make the arrangements. 

Thanks again for making a difference,

 - Greg

From: Greg Hughes
Sent: Thursday, April 29, 2004 8:22 AM
Subject: Please help bail me out

Thursday, April 29, 2004
8:00 AM

In about one hour, I will be stolen from my place of work and carted off to jail. I have not been able to raise the full bail amount necessary to buy my freedom. Although many of my friends, family and coworkers have contributed to raise more than half the set bail, and every penny is appreciated greatly, it just doesn’t total up to the $1800 figure.

Perhaps there is something you can do to persuade more people that a small gift to MDA is a good and important thing to do. As an example, each $550 raised will send one child with Muscular Dystrophy to summer camp for a week, where they will have an opportunity to experience the kinds of things that other kids get to do. 

A personal story: When I was in college (and before I lost my hair), I worked at such a camp. I remember one boy from inner-city St. Louis who was unable to walk on his own and had some pretty severe muscular control problems. More than anything he wanted to go to camp and do what he had heard his friends rave about time and time again: To go into a deep, dark cave and spend an hour or two crawling through mud, seeing bats and cave formations, wading through cold ground water, and having an experience he could tell his friends about. I strapped him on my back (literally) and we went caving, with helmet and flashlights, just like all the other kids. You should have seen the look on his face. That’s the kind of experience these kids can have at these camps, and the meaning behind them (for the kids) is really something that can’t be fully measured.

At any rate, we’re not quite there yet, and I am truly hoping to be able to return to the real world today! Anything that anyone can do is appreciated. An email pledge for a specific dollar amount (sent to me and received on my blackberry while I am in jail starting at about 9am) would be great. And any amount helps make a kid’s life a little more special, and helps find a cure for MD. 

Yours in Prison,

 - Greg

I know there are some people in the world that never get spam email, but unfortunately I am not one of you. Between my email being publicly available on the Internet for the past few years and the fact that I have to sign up for all sorts of random things with a real email address, it’s just added up, and I get inundated. It’s funny to talk to others about spam email. Either they understand because they, too, have fallen victim to the scourge of the Internet, or they look at you like your advanced-stage leprosy has caused you right ear to fall off and your left leg to rot.

So, in the interest of protecting the reputations of those of us who unwillingly receive tons of junk mail a day, let’s take a look at how and why spam reaches our inboxes. Hopefully some who read this will learn something new, others will realize the errors of their ways and stop calling their spam-laden friends perverts, and still others will pick up a few hints about how to avoid becoming a victim (in the cases where it can be avoided, that is).

Remember one thing walking into this: Spam is almost completely about money. If there wasn’t a potentially big payoff in sending spam, no one would do it. If people did not reply to spam email messages and offers, no one would do it. It’s a business, albeit one that most of us hate with a passion.

Before I get too far down this road, let me say that every day I receive in excess of 200 junk mails in just one of my email accounts. I have other email accounts that get none. So, since I am one person with multiple accounts, something tells me the issue here is not me personally, but instead about how the world of email and spam works, and how the spammers started using my email address in the first place.

The fact of the matter is, much of what many people believe about spam and how one starts getting it is patently false. Certain assumptions are correct, although often the facts are twisted around, and people often wear blinders, assuming there is one root cause or one simple solution. It’s not that easy, friends. So, here are a few (admittedly random) things I think everyone should know about spam:

Myth Number One: If You Get Spam, You Must Be One Of Those Porn Surfers

Just like in junior high school, where your friends laughed at you and pointed in the hallway when they found out you did THAT (never mind that it wasn’t true, of course), people tend to assume that if someone gets spam email, it’s because they went to an “adult” web site and registered with their credit card and email address. As a result, you were added to an email list, and so now you get tons of junk email about V1agra and S3X – but hey, if you get that kind of email, it’s entirely your fault and you got what you deserved.

Not true. As someone who has *never* registered for online porn or anything even resembling such, especially with my work email address (I mean, come on, how stupid can a person get?), I can tell you that you don’t need to be a perverted Internet sex addict to become a spam victim.

I can also tell you that people really do think along the lines of this particular myth. Not many, but at least some do: A couple of years ago, I was standing in front of the entire company, showing off the new secure, web-based email interface. I switched from the PowerPoint slide to the browser where I had my email account open, and sure enough, right there on the screen was a spam email with the words “XXXPORN SUPERSTORE” in bold red letters. Luckily it was just text in the email, and while surprising to many, there was nothing vulgar displayed. Needless to say, many laughed and I still get (lighthearted and friendly) comments about it to this day. A few people followed the pattern of the myth and assumed I *must* have signed up for porn using my work email account (uh, yeah, sure), while others stopped by to see me later and tell me privately that they, too, had a problem with nasty, offensive spam and that they had no idea why or where it came from. It wasn’t long before we started working on ways to combat the spam at work. More on that later.

Myth Number Two: It’s Completely Your Fault

Another assumption people make is that if you get spam, it’s because you signed up for *something* somewhere on the Internet and voluntarily made your email address available when you filled in a registration form. If you had not done that, they say, you would not get the spam email.

Similarly, some say that if you get spam, it’s because you must have posted your email address somewhere on the internet, like on a web page, and so you advertised it for spammers to eventually find (this is one form of a technique called email address “harvesting”). And so – again – it’s all your fault.

Ok, so it is true that if you register with your email address on a web site that does not respect privacy, or if you put your email address on a web site somewhere, you could end up becoming a spam victim. It’s reasonable to say that these are two ways email addresses might get on a spammer’s list. However, it’s important to understand that you don’t *have* to do these things in order to get on a junk email list. There are many other ways, and some take no action on your part. More on that below.

Myth Number Three: People Who Get Spam Are Irresponsible, Don’t Think Ahead, and Cannot Be Trusted

This sounds almost comical, I know, but I actually stood on the edge of a conversation where one person said to another (seriously), “I would never hire anyone who gets spam email. It’s just an indicator they don’t know what they’re doing and that they’re basically stupid.” Wow. If there was ever a false, way-over-the-top generalization made about junk email, this has to be the one. The guy who made the statement was serious as a heart attack, and went on to explain that because people can completely avoid spam if they would just be more careful and use common sense in the first place, spam was an example of how you can tell whether or not someone will be a good employee. He even includes the question, “Have you ever received spam email, and if so what do you think about it?” in his interviews. I’m just glad this guy doesn’t work at my company. If he wasn’t actually serious, I’d laugh, but the fact of the matter is there are people out there who make off-the-cuff, uninformed decisions about lots of things based on completely irrelevant data. Amazing.

Myth Number Four: Spam is Totally Preventable – You Just Didn’t Do Enough

People just don’t seem to get it. Spam is *not* totally preventable. While there are ways you can protect your email address from getting on spam lists, there is no sure-fire set of things you can do that will guarantee your account will stay junk-mail-free.

By way of example, I set up a catch-all account on a domain I own recently. Any email sent to any email address on the domain was all funneled into this one email account. I did not set up a web site, did not set up or submit any email addresses anywhere. I just set up the brand new domain with it’s single show-me-everything email box and waited.

Within a few days I started receiving spam at random addresses on the domain. Some of them you might expect: admin@domain.com and support@domain.com for example. But others were more creative and sneaky. Random first initials and last names, first names followed by last initials, common first and last names combined, etc.

So, there’s the proof – you don’t have to sign up for anything, post your email address anywhere, or take any action at all to start getting spam. Now, granted – if you are not prudent about how you handle your email address or if someone else mishandles it (intentionally or otherwise), you are more likely to fall victim. But sometimes you just have to do nothing.

Myth Number Five: Out-of-Office Auto-Replies Are Totally Cool and Make My Life Easier

Ah yes, the ol’ OOF autoreplier – You know, it’s that thing that shows up in your mailbox when you send a friend or colleague an email and they happen to be, say, on vacation, or maybe at the mall shopping instead of working.

What, you ask, is so bad about that? And what does it have to do with whether or not I receive spam email?

Glad you asked.

Let’s say someone sends a spam email that happens to be directed at your email account. Here’s what happens.

1.       Email sent by sorry, good-for-nothing spammer

2.       Arrives at your email box

3.       Your server sends your out-of-office autoreply back to the reply address specified in the spam email

4.       That reply address is monitored

5.       Spammer checks the account your server replied to, sees your autoreply, and thus has confirmation your mailbox is legitimate, working, active and – therefore – valuable to him/her.

6.       Spammer adds your address to the list of email addresses confirmed to be good – the gold list, so to speak

7.       Spammer sells gold list of known-working email addresses to other spammers for a premium

8.       You get more (and more and more and more) spam

Fun eh?

Moral of the story: Don’t use Out of Office autoreplies, or configure them so they only work for internal emails. And yes, I know there are legitimate business reasons for wanting to use them – it’s a trade-off decision that has to be made. You just need to understand the potential effects.

Myth Number Six: Antivirus Software Has Nothing to Do With Spam

Wrong again. AV software certainly can protect your computer and its data from damage, theft and a lot of other nasty things, but what you may not have known is that it can also protect you from becoming a spam victim. The only problem is, everyone has to use AV software (and use it correctly) for it to really work.

For the uninitiated: A “Worm” is a virus-like application that replicates via email. Generally speaking, once they get on your computer they scan your system in a few common places (address books, cached web pages from sites you have browsed, text files, documents, etc.) for email addresses. *Any* email addresses. They then use those email addresses to send emails (which generally include an attached copy of the same worm) to the email addresses found on your computer. So, you see how it works – the worm sends itself all over the place, to thousands of people, and each step of the way it collects email addresses so it can send itself again to more victims.

But wait a minute – that’s not always the extent of what they can do. In addition to installing other software that might, for example, allow a hacker to gain access to the files on your computer or to use it to launch attacks against other computers, some worms take those email addresses and (as long as they are being gathered) send the addresses off into cyberspace where spammers and others can get them.

So, in other words, if you don’t use anti-virus software on your computer and you get infected with one of these harvesting worms, you’re not only making yourself a victim – you’re dragging along all the innocent people listed in your address book and the other files where the worm does its harvesting, as well.

Using current AV software is part of being a good Net citizen. By doing so you protect more than just yourself.

Myth Number Seven: Well, That’s All Fine and Good, But There’s Nothing You Can Do About It Once It Starts

Again, not true. There are a number of companies out there that sell software that is quite effective at blocking spam from reaching you or your end users.

Why would you want to use it?

If you’re an individual, then you want to rid yourself of the mess. Maybe it offends you (depending on what kind of spam you get). At least you’d like to segregate email that is determined to be likely spam so you can filter through that separately from your legitimate email.

If you’re a person with responsibility for a company’s information systems, the reasons are bigger and more important. You have a responsibility as an employer (or the agent of an employer) to make sure the working environment is positive (or at least not offensive or hostile). Depending on the type of spam email your end users are receiving, you may have a responsibility to them to make sure you are doing what you can to combat the problem. Remember, ignorance is not bliss. And as easy as it is to put measures into place to help curb spam these days, not doing something when there is a problem is – truly – ignorant.

Where I work we use Mailfrontier’s anti-spam gateway. There are a number of other products from a variety of vendors that also do a good job. But for our part, we like what we’re using just fine; Mailfrontier is highly customer-oriented as a company, and continually combats the latest techniques spammers are using to get their junk through to you.

UPDATED: My friend Travis emailed me with some valid comments about Myth Eight:

I think the validity of the unsubscribe link is directly proportional to the legitimacy of the spammer's business.  If you get porn spam, or "V1AGRA" ads, you're probably better off not clicking the link, sure, but ads from job posting sites and such generally do actually unsubscribe you if you click.

That's a good point. Travis continues with his own opinions about spam:

Spammers should be punished by death.  A brutal, painful, horrible death.  Something that's probably specifically in the "cruel and unusual punishment" class.

Spam sucks. There’s no one root cause. You can’t always prevent it. But there is something you can do about it.

Anyhow, when it comes to spam, that’s about all I have to say about that.

Rory Blyth, who is one of the funniest and (he said seriously) most thought-provoking people I have ever read, is one year old today. Or, rather, his blog is one year old.

And to celebrate, he chronicles his favorite posts from the first year.

(I can't believe the assFeed machine still works. Cooool. )

If you have not had the pleasure of reading Rory's unique perspective on the world, you're missing out.

But if you get hooked like I did, don't blame me.

Blame Rory.

The other day I was trying to get a OneNote blog post to work, and had some problematic results. True to OneNote team style, Peter Baer with Microsoft emailed me directly and asked me to send him the .one file that was causing problems. So, I did and he wrote back (quoted with permission):

“I can repro the bug as well, using your file.  I’ll look into it – great bug, I don’t think we've seen this before.”

“Great bug.” Now, there's something you don't hear too often. But if you think about it, a bug is either a lump of coal or a nugget of gold, and it's all in the approach. I like the gold approach, myself.

I also inquired about whether there was an ability to control whether or not OneNote does text-to-graphic conversion - sort of a way to tell OneNote not to convert no matter what. I pointed out to Peter that I had seen different results publishing from OneNote to email vs. doing a copy-paste from OneNote. Peter's reply was interesting, and sheds some light on the way OneNote deals with HTML content:

“As to your question: no, you can’t control it directly, but we do produce different HTML when copying to the clipboard vs. publishing to an MHTML file or email.  The in the 'publish' case, we attempt to preserve the original 2D layout as much as possible – hence the possible conversion of text to graphics, absolute positioning of divs, etc.  In the 'clipboard' case, because our main target destination apps are traditional word processors, we produce serialized content – mostly out of simplicity, since we don’t know just how the user will want to repurpose the data (and if the user really wants WYSIWYG fidelity, she can insert it as a picture).  So in that case, all text (including recognized ink) really will appear as text.”

That makes good sense, and the fact that Peter took the time to interact was really very cool. OneNote has quickly become a powerful and useful application that seems to care about its users just as much as its users care about it.

All this brings me to my real point: I have recently come to realize that the OneNote application itself is my second-favorite thing about OneNote.

The OneNote team at Microsoft is my first. I've learned more from meeting smart people at conferences, reading truly interesting blogs and using their application than from any other Microsoft program.

One of the other new things in OneNote SP1 Preview is added funcionality that allows programmers to build connectors that will import content into OneNote from other applications. Andrew May has a couple of entries on his blog that provide an early look at using the new Type Library:

“The new OneNote 1.1 Type Library includes functionality which enables you to programmatically import images, ink, and HTML into OneNote.”

Andrew also posted the OneNote Simple Import XML Schema.

Chris Pratley outlines a few ideas about what kids of power-toys for OneNote might be interesting to see some day, and offers to collect real, practical ideas from users and developers about what we think the OneNote dev team should build into the product:

“We're also interested in hearing details of any kind of extensibility you would actually use if we were to add it. The details are important - we plan to add extensibility only to support real scenarios, not just allow anything to be extended.”

SideNote: It's great to see this kind of two-way communication in the blogosphere. Thanks to Chris and the OneNote team for watching the user community and soliciting input!

Looks like maybe the future is starting to look up for PocketPC-based phones.

I used a Motorola SmartPhone (MPX200) for a while, but gave up on it because of poor performance in the Exchange sync department (on the part of the phone, which bogged down under the pressure).

As far as T9 text input has come, it drove me crazy trying to type email on a phone keyboard, so I switched back to the Blackberry Phone, which does a great job for me and others where I work. It just doesn't run the Windows Mobile OS.

But, looks like Motorola has some new models up its sleeve. While the new SmartPhone (MPx100) looks interesting, the new MPx PDA-Phone looks very cool. With a full keboard built-in, a true HTML browser, WiFi built in, etc., I'll be all over this (if it ever makes it to the US, that is). Availability is set for 2nd half of 2004 according to Motorola's press releases.

First Glance at the OneNote SP1 Preview

Saturday, April 24, 2004

11:40 AM

So, I figured I'd just jump in and take a first look at the new OneNote SP1 Preview and see what stands out. So far, a lot. Too much to play with this morning, and some of it I'll need to try at work with the team.

The above image was clipped directly into OneNote using the new "Capture Screen Clipping" tool, which lets you activate the function, and then use the pen or mouse to drag a rectangle around what you want captured. The clip is saved to the memory clipboard and/or to a SideNote (your choice).

Sharing with Others:

This is a big improvement area, and I think it will be a popular item in the future where I work. The previous OneNote email capabilities appear to be improved, as are the SharePoint capabilities, and newly added in this preview release are Shared Sessions - live note-taking sessions on the network between multiple participants. Password protect the sessions if  necessary, and share the OneNote sections relevant to your need. Chris Pratley described it well in a web log entry he made describing the new preview release: See  http://weblogs.asp.net/chris_pratley/archive/2004/04/20/117053.aspx

Audio and Video recording:

Support for webcams is added (uses WinMedia 8 and 9 codecs configured for typical PocketPC optimization, but you can tweak that, too). Found some weird behavior in the video player interface, but hey, it's complicated and this is a preview release. But at least people who care can see my cat (see below for the video file).

Video recording started: 11:49 AM Saturday, April 24, 2004

Integration with Other Devices/Apps:

Ability to create appointments, contacts and tasks are in the Tool menu, and PocketPC integration is there, as well - You can copy your notes manually or automatically from your  PocketPC device.

Wish-List:

Odd behavior and bugs don't get listed here (since I am reporting those anyhow elsewhere), but rather the few things I can think of that I don't see in the program just yet. In fact, for now I can only think of one glaring thing. Hyperlinks.

It appears there is still not an option to insert a hyperlink on one or more words of text (which you can do in other office apps, so was hoping to see that here in the service pack). This image is from Microsoft Word:

Screen clipping taken [from Microsoft Word]: 4/24/2004, 10:38 AM

You know - highlight a block of text, right click, choose "Hyperlink" from the menu and from their either add or edit the hyperlink associated with the text block. Link to a web page, or whatever. Maybe there is something about OneNote that makes this difficult to do, or maybe it's there and I just can't find it. But I have definitely tried!

Verdict:

Very cool. OneNote is already a great example of smart product building by a clearly talented team. It's a power-productivity tool, is able to be used by a wide variety of end users for an equally wide variety of purposes. The SP1 preview has addressed not only the top problems in the initial 1.0 release, it's added the low-hanging-fruit functionality that a) people are asking for and b) the product team could realistically deliver in the context of the service pack.

It's pretty nice. Will be interesting to see what the blog entry looks like.

More later.

Download: First Glance at the OneNote SP1 12.one
Download: Side Notes - First Glance at the OneNote SP1 Preview.WMV