Minutes ago and well in time for the Tuesday release goal on the West Coast, Omar released dasBlog v2.0 on Sourceforge, which as Scott mentioned a few days ago runs under the .NET framework v2 and supports medium trust deployment.

dasBlogv2.0releas.0andmediumtrustsupport_1387E/dasblogbannerimage_2.png" width="500" border="0">

Downloads can be found dasBlogv2.0releas.0andmediumtrustsupport_1387E/dasblogbannerimage.png" target="_blank">here for source and compiled web files.

I'll upgrade soon (when I can find enough free minutes, probably later in the week). The dasBlog dev team is also pushing ahead with a version that will take advantage of the .NET 3.5 framework and should be very, very cool as well. So, lots there now and lots more to come!

I'll update here with details (or more likely a link to someone else's details list) soon.

I just ran across Microsoft.com's strong password checker, which is a little web-based app that lets you type a password or passphrase in and it tells you the relative strength. It's pretty nice and worth bookmarking.

Why are strong passwords important? Simple - because the simpler it is, the easier it is for someone to "brute-force" attack. That's a term that means they take a program that uses common terms, words and phrases to try to figure out your password by trying it over and over until it works. Strong passwords are complex in the variety of character types, are longer in size and don't use dictionary or other predictable, common terms.

Links:

• Microsoft Strong Password Checker
• Creating Strong Passwords article (I agree with most of what they say but not all - Suggesting blank passwords?!?! Whaaat?!?!)

Well, Amazon.com be praised... My new projector is here - The Epson PowerLite Home Cinema 1080 projector, along with a fresh-off-the-press copy of 300 in HD-DVD, a home theater HD-DVD calibration disc, The Matrix Ultimate Collection in HD-DVD (sense a theme yet? heh...) and a VGA cable for my Xbox 360 (which the the one that will let the HD-DVD player get output in true 1080p format - we will see how that goes).

Gonna be a fun evening at home. I'll post a review with details once I get my hands dirty. This projector is replacing my old Infocus X1, so I am upgrading from a 800x600 native image to a full 1080p (1920x1080) image and a much newer set of technologies behind it. Should be pretty amazing.

More to come. Time to go geek out for a while.

Quick Update: A-MA-ZING. Like as in wow. Watching the movie "300" in full 1080P at 130 or so inches projected size (I'll have to measure to be sure) is visually amazing. It doesn't even look like a video projection - you can clearly see the film grain and the screen door effect is non-existent. More later, I can't stop looking right now. And after a quick try, Xbox 360 games and HD TV both look amazing, too.

Microsoft's Windows Live Folders (Beta) is (another) service that allows you to upload your files to a secure, remote, backed-up, high-availability server system so you can access them from anywhere on the Internet with a web browser and your Windows Live ID account information. It's a pretty basic service, but it's clean and functional and that counts. You only get 500MB of storage (did I just say "only??"), so it's not (yet) a place to back up your entire hard drive or even a large number of pictures or other binary files, and there is a 50MB per-file limit. The service is currently in a limited release while it's in beta, but you can sign up and get in at some point.

You can store files in one of three ways:

• So only you can access them (personal files and folders)
• So only those you specify can access them (shared files and folders)
• So anyone can access them (public files and folders)

Below are a few screenshots. When you first log in and see your new account, you have 500MB of free space available. The graphical representation of the system functionality is nice and clean and very easy to understand. Anyone could use this stuff, it's plenty intuitive:

Once you choose how you want to store your files (in this case I chose Personal folders), you're presented with the opportunity to create or choose folders to store them in:

Then you can choose, as expected, which files you want to upload using a standard Browse dialog (below). It would be nice to have a tool I could run to choose a whole directory, or multiple files in a single dialog, or even that I could just drag-and-drop onto. Maybe someone else will write one (or already has for all I know).

Once you upload your file, the details page for the document (file) can be seen and reviewed. Options exist to rename, delete, etc:

All in all it's a good start. I am hopeful that larger storage and bulk upload tools will become available. If that happens, this will be a viable contender in the online storage market. But hey, it's beta and it's free, so it's hard to complain. :)

Want to quickly track your package being shipped by UPS, just type the word "track" followed by your tracking number into the Google search box and click. Google will help you find the info. In fact it look like you can just type the number in and Google figures it out for you.

Cool stuff. I don't have a FedEx or DHL package to track right now - but they say those work, too. Looks like Google automatically recognizes tracking numbers from UPS, USPS, and FedEx. But if you have a DHL tracking number, you can precede it with "dhl" on your search string. For example, something like "dhl 1234567890123" should work.

Or try isnoop.net's visual online tracking tool to map out your tracking information. Not sure what real value that adds, but hey it's really cool if you're watching your Amazon or Woot shipment with great anticipation. :)

Recent security issues revealed by a group of security researchers, which will be showcased this week at the Blackhat conference in Las Vegas, are apparently dealt with via an update to the iPhone software released last night by Apple. You can read the change-log here.

Time to load up iTunes, all you iPhone users, and get your security fixes.

Also, looks like the Engadget guys seem to think Safari runs better in general and Boy Genius Report has a few non-security-related fixes/changes they have found.

For the record, just wanted to let you know: Rory Blyth is a no good fish pirate. Here. Go look for yourself. Get to know Rory if you are not already acquainted.

He's crazy, sure. But he's coolio foolio.

Werd. FRACKIN' werd even yo.

Ouch, this news is a few days old but I am just catching up on security reading and ran across this one. The securityevaluators.com guys have found some real issues with the iPhone's security and have been able to exploit it. The New York Times and others have covered this recently. Seems much of the iPhone application library runs as admin/root. The overall design of the iPhone seems to rely in large part on preventing apps from running, rather than creating a robust security environment. But leverage browser vulnerabilities or similar issues on a hacked wireless network or Internet web site and it can get very interesting very quickly.

From the executive summary in the findings document:

To demonstrate these security weaknesses, we created an exploit for the Safari browser on the iPhone. We used an unmodified iPhone to surf to a malicious HTML document that we created. When this page was viewed, the payload of the exploit forced the iPhone to make an outbound connection to a server we controlled. The compromised iPhone then sent personal data including SMS text messages, contact information, call history, and voice mail information over this connection. All of this data was collected automatically and surreptitiously. After examination of the file system, it is clear that other personal data such as passwords, emails, and browsing history could be obtained from the device. We only retrieved some of the personal data but could just as easily have retrieved any information off the device.

Additionally, we wrote a second exploit that performs physical actions on the phone. When we viewed a second HTML page in our iPhone, it ran the second exploit payload which forced it to make a system sound and vibrate the phone for a second. Alternatively, by using other API functions we discovered, the exploit could have dialed phone numbers, sent text messages, or recorded audio (as a bugging device) and transmitted it over the network for later collection by a malicious party.

This is the sort of thing I was afraid of when I wrote about the potential for iPhone security and use in the enterprise. Security vulnerabilities are not just about the Windows platform, after all. Here's a mobile platform, effectively in v1, and it has flaws that can be readily exploited. Hopefully Apple will be able to get some patches ready and out before the these evaluators release the details the evening of August 2nd at the Black Hat conference, which is where the researchers - who have already provided Apple with the full details so they can create and distribute a fix - will be presenting their discoveries.

I was randomly looking at blogs and doing some read-click-read-click-drill-down action when I ran across something that made me laugh out loud, which as it turns out was written on a blog of someone that I used to work with. Small world eh?

It's a list of ten URLs that some unfortunate businesses not only registered, but without realizing they put into actual use.

Blatantly copied here from Steve's Rant (hi Steve!):

Everyone knows that if you are going to operate a business in today’s world you need a domain name. It is advisable to look at the domain name selected as other see it and not just as you think it looks. Failure to do this may result in situations such as the following (legitimate) companies who deal in everyday humdrum products and services but clearly didn’t give their domain names enough consideration:

1. A site called ‘Who Represents‘ where you can find the name of the agent that represents a celebrity. Their domain name… wait for it… is
www.whorepresents.com

2. Experts Exchange, a knowledge base where programmers can exchange advice and views at
www.expertsexchange.com

3. Looking for a pen? Look no further than Pen Island at
www.penisland.net

4. Need a therapist? Try Therapist Finder at
www.therapistfinder.com

5. Then of course, there’s the Italian Power Generator company…
www.powergenitalia.com

6. And now, we have the Mole Station Native Nursery, based in New South Wales:
www.molestationnursery.com

7. If you’re looking for computer software, there’s always
www.ipanywhere.com

8. Welcome to the First Cumming Methodist Church. Their website is
www.cummingfirst.com

9. Then, of course, there’s these brainless art designers, and their whacky website:
www.speedofart.com

10. Want to holiday in Lake Tahoe? Try their brochure website at
www.gotahoe.com

Recently I mentioned that my older Infocus X1 projector's lamp has about a zillion hours on it and I had to do a reset of the timer to keep it running. Also, a month and a half ago I discussed my research into 1080p home theater projectors as I thought about stepping up in quality and capability to replace the X1. The thing that's been holding me back is price relative to what you get in the high-def world. I have the Xbox 360, HD-DVD and a satellite receiver that does 1080p images, so that's what I have been looking into. Sure, you can spend like $5,000 and get a pretty incredible projector, and just a couple years ago you couldn't buy a 1080p projector for less than probably $30K.

I know I want to replace the old projector I have. But I really don't want to spend $5K. Maybe half that amount would be okay, but not much more. So I put my research hat back on today and discovered Epson recently released their PowerLite Home Cinema 1080 projector for home theater. It's super-bright, has a great picture, it's a three-LCD setup, and gets some great reviews. It's practically identical to the 'pro' model of the same line but costs literally $2,000 less. Most notably the retail price is just under $3,000 and for the next few days (til the end of July) there's a $300 mail in rebate from Epson.

Needless to say, I am considering making the move. I'll take some more time to weigh my options and keep researching. I do wonder what (if anything) Epson will do for an incentive once this month's rebate period runs out, but hey who knows...

As I type this, my X1's fan is starting to make a noise like the fan bearings are going bad. Not a good thing. Murphy's law, really. It may be time to break that thing open and clean it out so I can make it last as long as possible, but from the sounds of it I think it may be on its last legs.

Anyone have any experience with the Epson PowerLite Home Cinema 1080 projector? Or have a good alternative I should be considering? Let me know!

UPDATE: I ordered one, so the Epson is my choice for a new projector. Review to come after it arrives Wednesday (Amazon Prime rocks) and I get a little time with it.

I recently (meaning a couple months ago) dumped my increasingly unreliable and time-consuming self-hosted POP and SMTP email server in favor of one of the big hosted service options available for free from a variety of sources. In my case I looked at several of the more ubiquitous options, and chose to go with Google Apps for my domain. A close second was Windows Live Custom Domains from Microsoft, but a couple missing critical features prevented me from going that route (namely access to my email via POP3). Since I am not worried about either company going away or anything, I went with the one that seems to best fit my needs as far as features and functionality are concerned. Getting the Blackberry client app for Google mail was another bonus.

However, I ran into two frustrating problems when I set up the Google Mail for greghughes.net and started accessing the email server via POP access from Thunderbird and my Blackberry Internet service.

First, I found that in some cases, once an email had been downloaded by any POP client, no others had access to download it. This is a problem if you're relying on having your email available in more than one place as I have taken for granted before.

Second, any emails sent to my own email address - the same one associated with the account - simply would not download via POP3 access, ever. Since my weblog sends email to me from my own email address (as do a couple other apps), this was a real problem. I could not really change the behavior of my applications, since doing so would break other aspects of the systems. Besides, every other mail server with POP3 support had always worked the same way (and worked just fine), so why was Google Mail's so different?

Well, it turns out there is a not-so-obvious option (not used by default) that allows you to resolve both of these issues. It's called "recent mode." Google explains it in their help in the context of the "how do I use multiple clients" issue, but the problem related to POP-ing messages sent to 'Me' is resolved as well. The solution relates to putting an overload modifier on the front end of the email account name when you log in (a little weird and probably sloppy, but perfectly functional). It's explained below. Too bad one can't just toggle the functionality as a permanent setting in the Google Mail web interface (you can set it for a one-time download option, but it always reverts to the default after that, so it appears the below option is the only way to permanently resolve this).

To solve the problem, you have to modify your login in your POP settings with the overloading prefix:

"yourname@yourdomain.com"

 needs to change to:

 "recent:yourname@yourdomain.com"

The following information is snipped from the Google GMail help center (since this applies to both the general GMail and Google Apps mail services):

If you're accessing your Gmail using POP from multiple clients, Gmail's recent mode makes sure that all messages are made available to each client, rather than only to the first client to access new mail.

Recent mode fetches the last 30 days of mail, regardless of whether it's been sent to another POP client already.

If you sign in to Gmail using your Blackberry, you're signed in to recent mode automatically. For all other POP clients, replace 'username@gmail.com' in your POP client settings with 'recent:username@gmail.com'.

Source: Gmail - Help Center - How should I use POP on mobile or multiple devices?

I have used an Infocus X1 projector as my relatively inexpensive but good enough home theater equipment for a few years now. It's served me pretty incredibly well. We put a lot of hours on it, between the zillion movies, satellite TV, and extensive Xbox/Xbox360 use. It's not HD resolution and I will soon upgrade (as I have mentioned before), but for not it does the trick.

Anyhow, the other day we turned the projector on and it displayed a warning that there were only like 8 hours remaining on the bulb timer. When they released the projector, as I recall they rated the lamp (and timer) at 3,000 hours. Since then they re-rated it at 4,000 hours. Some people get that much out of a bulb, others don't.

Today my friend Cory and I went to start a movie (Wesley Snipes is The Contractor) and the projector would not fire up the lamp. Enough use had taken place in the past few days since we first saw the timer warnings to ensure the timer had run out. Even though the bulb was not burned out, the projector would not turn it on. I started searching for replacement lamps online and found I was going to have to spend between $260 and $300 in order to replace it (ouch - like I said, time for a new projector at this rate).

While searching for lamps, I decided before I spent that kind of money on a projector I intend to replace that maybe I should ask the Google gods a question in the form of keywords: x1 projector bulb timer wont start. I was lucky, even if I was not necessarily feeling it. The first search result was an Infocus support page that told me exactly what to do at the very end of the long list of equipment (it covers every other projector they have made in detail).

If your X1, X1a, X2, X3 projector's bulb timer has run down to nada and the bulb won't light anymore, do this: Power on the projector and you will probably see a flashing red light on the control panel. Press and hold the Volume + and the Volume – buttons simultaneously for 10 seconds. The projector will reset the lamp counter to zero hours and the lamp will start. Note that what I probably should have done when I started seeing the warning was to reset the timer to zero using the on-screen menu system, but once it goes dead the volume button reset is your only choice.

Turns out the same or a similar tactic applies to a number of their other projectors, too. Check here to find out what to do for your model.

Well here's news via Digital Media Thoughts that the cost of the HD-DVD player for the Xbox 360 is suddenly cheaper. I bought mine about a month ago. I don't suppose they'll grandfather me in? Probably not...

"Today at Comic-Con International 2007, Microsoft Corp. announced it will lower the price of the popular Xbox 360(TM) HD DVD Player from $199 to $179 ERP (United States only) starting Aug. 1, 2007, and will add five free HD DVD movies for anyone purchasing an Xbox 360 HD DVD Player between Aug. 1 and Sept. 30. In addition, Microsoft further solidified the Xbox 360 as the ultimate high-definition (HD) entertainment platform, with key announcements around the HD DVD launches of "300" from Warner Bros. Home Entertainment Group and "Heroes: Season 1" from Universal Studios."

This is a great deal, but let me give you even more incentive: most of the Xbox 360 HD DVD drives on store shelves also include the media remote, and King Kong on HD DVD. On top of that, through the Xbox Live Rewards program (which is free), you can get an additional 10% off at Circuit City. So to sum up: the drive, the remote, and six movies, for just $162. Hell of a deal!

Source: Digital Media Thoughts

CIO Magazine online has a great new article detailing the top ten thing you should never write in an email, as well as some other communication tips for business-types. It's decent advice and worth a read, for sure.

Here are the top-ten items (be sure to read the original story as well for the full meal deal):

Don’t Do That! 10 E-Mail No-Nos

1. Negative comments regarding your firm's executives. Too easy for someone else to forward accidentally.

2. Performance criticism. Seems more "official" than when spoken, causing people to worry too much.

3. Bonus or salary matters. Company plans may change.

4. Racial or gender slurs. Enough said.

5. Details relating to product liabilities. Court trail, anyone?

6. Lies about your company's rivals. Another ticket to legal trouble.

7. Office dish. If people want to spread their own news, let them.

8. Sloppy writing. Your image is at stake, even if you're hacking away on a BlackBerry.

9. Sarcastic humor. Without inflection or visual cues, it's risky.

10. Private matters. Don't e-mail details on any part of your life that you wouldn’t want to see in the newspaper.

Source: Dianna Booh

Been bit before? What else do you think should you never, ever put into an email?

Analogies and parables abound on the topics of life and business. One I have told a number of times over the years is the story about the two fire chiefs. Having worked in public safety it's one I can relate to. It's a paraphrase on other tales, and I have no real idea where it came from. Someone probably told it to me at some point long ago, probably to teach me a well-deserved lesson or two.

There are two kinds of fire chiefs.

The first stands on a hill surrounded by his lieutenants, captains, firefighters and others, overlooking the town his department is responsible for. Fires are popping up everywhere, and the chief orchestrates call after call to put out each fire, emphatically choreographing each move and lecturing to everyone about exactly what's going on and why. He is in control. What the townspeople don't notice or see are the captain, lieutenants and in some cases the chief himself running down the back side of the hill and into the town, occasionally tossing their lit cigarette butts into windows of cars and homes.

The second fire chief stands on the hill, watching for fires. They rarely pop up, but when they do his captains, lieutenants and firefighters follow their safe, practiced, professional training. They quickly and efficiently move to the fire scene, take care of business and then get back to the station to continue to stand watch. No one gets hurt, and the people who work at the department are happy in their profession.

Which chief do you think gets the public's attention, the recognition and the accolades? Which one would you trust with your life on the line? Which one would you trust with your job? How do you think each of these people got to be chief?

Talk is cheap, talk can be dangerous, and talk is not always about communicating. Agendas and drama often overshadow the real heroes in our world - those that lead from behind and instill a sense of worth, value and respect in the people they represent.

And therein lies the difference: As a manager, do your workers represent you, or do you represent them? Your answer carries important philosophical meaning, and coming to an honest conclusion might be difficult. Take time for introspection and you'll be a better person for it. But most importantly be honest with yourself, regardless of the answer. Without that, there is no way you can truly be honest with others. And without honesty there is nothing - Just a bunch of burned, smelly, water soaked buildings. But hey, at least the fire's out, right?