My good friend Scott Hanselman just published the latest annual installment of his Ultimate Developer and Power User's Tool List, which you can always see the most recent version of over at http://www.hanselman.com/tools. As usual, it's a great list of the many, many, many, many pieces of software and sources of information - big and small - that Scott has found make his life as a developer and power user better. I love this list and it's fun when he updates it. Look for the new items this year (there's like 50 of them) in red.

UPDATED: As "Digger Dog" points out in the comments below, there is now a national hotline you can access by calling 811 from any phone, which will connect you to the proper utility marking service for your area. Funny thing is I heard a radio spot describing it yesterday, just a day after writing the original post, heh. Here's the description of the national service from the Call 811 web site:

"One easy phone call to 811 starts the process to get your underground utility lines marked for free. When you call 811 from anywhere in the country, your call will be routed to your local One Call Center. Local One Call Center operators will ask you for the location of your digging job and route your call to affected utility companies. Your utility companies will then send a professional locator to your location to mark your lines within a few days. Once your underground lines have been marked, you will know the approximate location of your utility lines and can dig safely, because knowing what's below protects you and your family."

YouTube has the 811 video PSA spots online, as well. Here's the shorter of the two:

People are also arriving here searching for campaign materials and signage for the Call 811 program. Bumper sticker, bus signs, workplace signs, ad slicks and a whole lot more -- you name it -- get that stuff here.

Thanks, Digger Dog!

My original post:

This weekend someone is going to be helping me to solve my long gravel driveway woes. After five years, it's time to take that lumpy surface out here in the middle-o-nowhere and fix 'er up, pot holes, bumps, ruts and huge puddles of water be damned. No more roller coasters for me. We'll have to sink some tractor teeth into the ground a foot or two, maybe deeper in some spots, so I needed to get the utilities marked ahead of time for safety and all that, of course.

Turns out there's a centralized service for a few states (specifically Oregon, Washington, Montana and Hawaii - weird but true) lets you make one call (or file a request online) and all the utility companies in your area will be notified and sent out to mark the spot. No need to call each one individually. In fact, when I called my electric company they directed me to the one-call service. You speak to an operator for a few short minutes and within 48 hours they'll have everyone out and the place all marked up.

CallBeforeYouDig.org is the web site where you can file your request online, and 800-332-2344 is the phone number if you're lonely or something and you want to speak to a human being. Again, it's available for people in Oregon, Washington, (most of ) Montana and Hawaii.

Enjoy, and don't dig without calling. It's not worth the hurt.

I recently acquired a boat. A smaller jet boat, made by Sea-Doo. Yeah, I know, go ahead and bring it on... Mid-life crisis comments welcome, whatever. Heh.

It's amazingly fun. I've been out with friends a bunch of times and it drives like crazy. the jet drive means you can turn literally on a dime, it slides an skids and turns and flies fast. We've pulled kneeboards and a big tube and it's a blast. No wakeboard yet, mostly because they're so much more expensive and we already have the tube and kneeboard.

The boat is a Sea-Doo 150 Speedster, and it's a 215-horsepower little water demon that seats four. It has a name (people seem to ask me that question a lot), which is Screaming Turtle. Long story behind that, so let's just say it's a random name that one of the kids in youth group and I came up with well before I bought the boat. Kind of pre-planned.

So, I had it out on the upper Willamette River (the clean part that is well upstream from the Portland sewage mess) Wednesday evening this week with a couple friends, and we were pulling the water tube. I was careful each time to make sure the tow rope, which floats on top of the water, was not under the boat. This boat has a water intake opening on the underside toward the back, into which water is sucked to feed the impeller in the boat - the "jet" drive. After several runs of carefulness I got lazy and started the boat without looking for the rope closely enough, so it was pulled into the intake, wrapped around the drive shaft and into the seal, and slightly into the impeller. Ugh. The result of that was a dead-in-the-water boat two miles from the boat ramp where my truck was. Not fun.

Anyhow, lesson there is *always* check to see if the rope is clear, without exception. It's a lot easier to get home that way, and it will save you a couple hundred bucks in labor.

On a side note, there was a very nice man who was out with his church youth group on the river who finished up for the day and towed us with our boat all the way back to the Boone's Ferry ramp, which was awesome. He was a true saint, and although I offered to buy a tank of gas in return for the favor, he declined and said he'd been there before as a new boat owner. Something about a sand bar and a destroyed prop. Heh. Nice guy. It's sure good to know there are people like him out there. Would have been really bad to be stuck in the dark.

Here's some video from Wednesday evening before the whole line-intake-suck-up thing. It was a really nice out. The sun was low in the sky so depending on which way we were heading it was really darned bright. Dave, Lisa and I had a blast.

UPDATED: On December 19, 2007 Blockbuster notified its customers that it is once again increasing rates for the Total Access service. Click here for more information.

Nothing like BS marketing diversionary explanations for what amounts to a profiteering move. Come on, Blockbuster - we're not stupid... Tell it like it is.

It looks like the great Blockbuster Total Access Premium plan I've been on was a little too good to be true, and Blockbuster is reeling in some line to cut back on the likely massive number of free in-store rentals they've been handing out for free when customers return their online rentals to the brick-and-mortar stores. I know I have enjoyed that service, but I'm not especially enjoying the news I just got in email this evening telling me my account is changing.

In a nutshell, for the price I have been paying all along I will get less. I can still get 3 DVDs at a time, but will only be able to exchange five of the online movies for in-store rentals each month, where before there was no limit. To get what I'm used to, I'll have to pay another $7.00 a month. Looks like I have some decisions to make.

Here's the plan I have today, at least the next week or two...

Your Current Plan: BLOCKBUSTER Total Access Premium 

• $17.99 / month (plus taxes)
• 3 at-a-time, unlimited mailings
• unlimited in-store free movie/discounted game exchanges
• +2 FREE bonus Movie or Game Rental E-Coupon / Month

And below is the chart from their web site with the new plans. Ouch...

The other thing that really gets me is the lame explanation (my opinion) they provided for why they're pre-determining and limiting the number of in-store rental exchanges they're allowing each month. This is taken from their online FAQ (emphasis mine):

QUESTION: Why is BLOCKBUSTER offering plans with a pre-determined number of monthly in-store movie exchanges?

ANSWER: We are now offering a full range of subscription options so that our customers can more easily find a plan that meets their specific needs, whether that means a basic online-only service without any in-store exchange privileges or a premium plan that includes unlimited in-store exchanges. Our new line-up of plans allow subscribers to get the right number of movies for their needs. Current subscribers are welcome to change their plan at any time by going to My Account.

What?? I already had a plan that met my needs, the very same plan that now costs $24.99, and which used to cost $17.99. Gah.

Why can't they just say it: They want/need to make more money and this makes it possible. Seriously, open and honest explanations about the obvious reasons would be much easier to swallow. In fact, if they told us the reason for the increase is because they didn't anticipate lower margins associated with lots of unlimited exchanges in the store, I might even consider paying the higher price to keep the same level of service. But putting forth what looks like a veiled, lame excuse for a reason doesn't exactly motivate me to do even more business with the company. Hey Blockbuster, just tell us what's really up -- please.

Oh and another thing - If you have one of the accounts with the limited in-store exchanges, apparently the counter for tracking your the in-store exchanges is based on how many you do in a calendar month, not per billing period.

Because I have been with the Total Access program for some time, I have also been getting two e-coupons a month for free in-store movie or game rentals. But I can't tell whether I will still get those after this change takes place. I might have to contact their customer support to find out. I hope they're keeping those in place for their longer-term customers.

Am I just whining here, or do you feel my pain? Are you affected by this change? What do you think?

Minutes ago and well in time for the Tuesday release goal on the West Coast, Omar released dasBlog v2.0 on Sourceforge, which as Scott mentioned a few days ago runs under the .NET framework v2 and supports medium trust deployment.

Downloads can be found here for source and compiled web files.

I'll upgrade soon (when I can find enough free minutes, probably later in the week). The dasBlog dev team is also pushing ahead with a version that will take advantage of the .NET 3.5 framework and should be very, very cool as well. So, lots there now and lots more to come!

I'll update here with details (or more likely a link to someone else's details list) soon.

I just ran across Microsoft.com's strong password checker, which is a little web-based app that lets you type a password or passphrase in and it tells you the relative strength. It's pretty nice and worth bookmarking.

Why are strong passwords important? Simple - because the simpler it is, the easier it is for someone to "brute-force" attack. That's a term that means they take a program that uses common terms, words and phrases to try to figure out your password by trying it over and over until it works. Strong passwords are complex in the variety of character types, are longer in size and don't use dictionary or other predictable, common terms.

Links:

• Microsoft Strong Password Checker
• Creating Strong Passwords article (I agree with most of what they say but not all - Suggesting blank passwords?!?! Whaaat?!?!)

Well, Amazon.com be praised... My new projector is here - The Epson PowerLite Home Cinema 1080 projector, along with a fresh-off-the-press copy of 300 in HD-DVD, a home theater HD-DVD calibration disc, The Matrix Ultimate Collection in HD-DVD (sense a theme yet? heh...) and a VGA cable for my Xbox 360 (which the the one that will let the HD-DVD player get output in true 1080p format - we will see how that goes).

Gonna be a fun evening at home. I'll post a review with details once I get my hands dirty. This projector is replacing my old Infocus X1, so I am upgrading from a 800x600 native image to a full 1080p (1920x1080) image and a much newer set of technologies behind it. Should be pretty amazing.

More to come. Time to go geek out for a while.

Quick Update: A-MA-ZING. Like as in wow. Watching the movie "300" in full 1080P at 130 or so inches projected size (I'll have to measure to be sure) is visually amazing. It doesn't even look like a video projection - you can clearly see the film grain and the screen door effect is non-existent. More later, I can't stop looking right now. And after a quick try, Xbox 360 games and HD TV both look amazing, too.

Microsoft's Windows Live Folders (Beta) is (another) service that allows you to upload your files to a secure, remote, backed-up, high-availability server system so you can access them from anywhere on the Internet with a web browser and your Windows Live ID account information. It's a pretty basic service, but it's clean and functional and that counts. You only get 500MB of storage (did I just say "only??"), so it's not (yet) a place to back up your entire hard drive or even a large number of pictures or other binary files, and there is a 50MB per-file limit. The service is currently in a limited release while it's in beta, but you can sign up and get in at some point.

You can store files in one of three ways:

• So only you can access them (personal files and folders)
• So only those you specify can access them (shared files and folders)
• So anyone can access them (public files and folders)

Below are a few screenshots. When you first log in and see your new account, you have 500MB of free space available. The graphical representation of the system functionality is nice and clean and very easy to understand. Anyone could use this stuff, it's plenty intuitive:

Once you choose how you want to store your files (in this case I chose Personal folders), you're presented with the opportunity to create or choose folders to store them in:

Then you can choose, as expected, which files you want to upload using a standard Browse dialog (below). It would be nice to have a tool I could run to choose a whole directory, or multiple files in a single dialog, or even that I could just drag-and-drop onto. Maybe someone else will write one (or already has for all I know).

Once you upload your file, the details page for the document (file) can be seen and reviewed. Options exist to rename, delete, etc:

All in all it's a good start. I am hopeful that larger storage and bulk upload tools will become available. If that happens, this will be a viable contender in the online storage market. But hey, it's beta and it's free, so it's hard to complain. :)

Want to quickly track your package being shipped by UPS, just type the word "track" followed by your tracking number into the Google search box and click. Google will help you find the info. In fact it look like you can just type the number in and Google figures it out for you.

Cool stuff. I don't have a FedEx or DHL package to track right now - but they say those work, too. Looks like Google automatically recognizes tracking numbers from UPS, USPS, and FedEx. But if you have a DHL tracking number, you can precede it with "dhl" on your search string. For example, something like "dhl 1234567890123" should work.

Or try isnoop.net's visual online tracking tool to map out your tracking information. Not sure what real value that adds, but hey it's really cool if you're watching your Amazon or Woot shipment with great anticipation. :)

Recent security issues revealed by a group of security researchers, which will be showcased this week at the Blackhat conference in Las Vegas, are apparently dealt with via an update to the iPhone software released last night by Apple. You can read the change-log here.

Time to load up iTunes, all you iPhone users, and get your security fixes.

Also, looks like the Engadget guys seem to think Safari runs better in general and Boy Genius Report has a few non-security-related fixes/changes they have found.

For the record, just wanted to let you know: Rory Blyth is a no good fish pirate. Here. Go look for yourself. Get to know Rory if you are not already acquainted.

He's crazy, sure. But he's coolio foolio.

Werd. FRACKIN' werd even yo.

Ouch, this news is a few days old but I am just catching up on security reading and ran across this one. The securityevaluators.com guys have found some real issues with the iPhone's security and have been able to exploit it. The New York Times and others have covered this recently. Seems much of the iPhone application library runs as admin/root. The overall design of the iPhone seems to rely in large part on preventing apps from running, rather than creating a robust security environment. But leverage browser vulnerabilities or similar issues on a hacked wireless network or Internet web site and it can get very interesting very quickly.

From the executive summary in the findings document:

To demonstrate these security weaknesses, we created an exploit for the Safari browser on the iPhone. We used an unmodified iPhone to surf to a malicious HTML document that we created. When this page was viewed, the payload of the exploit forced the iPhone to make an outbound connection to a server we controlled. The compromised iPhone then sent personal data including SMS text messages, contact information, call history, and voice mail information over this connection. All of this data was collected automatically and surreptitiously. After examination of the file system, it is clear that other personal data such as passwords, emails, and browsing history could be obtained from the device. We only retrieved some of the personal data but could just as easily have retrieved any information off the device.

Additionally, we wrote a second exploit that performs physical actions on the phone. When we viewed a second HTML page in our iPhone, it ran the second exploit payload which forced it to make a system sound and vibrate the phone for a second. Alternatively, by using other API functions we discovered, the exploit could have dialed phone numbers, sent text messages, or recorded audio (as a bugging device) and transmitted it over the network for later collection by a malicious party.

This is the sort of thing I was afraid of when I wrote about the potential for iPhone security and use in the enterprise. Security vulnerabilities are not just about the Windows platform, after all. Here's a mobile platform, effectively in v1, and it has flaws that can be readily exploited. Hopefully Apple will be able to get some patches ready and out before the these evaluators release the details the evening of August 2nd at the Black Hat conference, which is where the researchers - who have already provided Apple with the full details so they can create and distribute a fix - will be presenting their discoveries.

I was randomly looking at blogs and doing some read-click-read-click-drill-down action when I ran across something that made me laugh out loud, which as it turns out was written on a blog of someone that I used to work with. Small world eh?

It's a list of ten URLs that some unfortunate businesses not only registered, but without realizing they put into actual use.

Blatantly copied here from Steve's Rant (hi Steve!):

Everyone knows that if you are going to operate a business in today’s world you need a domain name. It is advisable to look at the domain name selected as other see it and not just as you think it looks. Failure to do this may result in situations such as the following (legitimate) companies who deal in everyday humdrum products and services but clearly didn’t give their domain names enough consideration:

1. A site called ‘Who Represents‘ where you can find the name of the agent that represents a celebrity. Their domain name… wait for it… is
www.whorepresents.com

2. Experts Exchange, a knowledge base where programmers can exchange advice and views at
www.expertsexchange.com

3. Looking for a pen? Look no further than Pen Island at
www.penisland.net

4. Need a therapist? Try Therapist Finder at
www.therapistfinder.com

5. Then of course, there’s the Italian Power Generator company…
www.powergenitalia.com

6. And now, we have the Mole Station Native Nursery, based in New South Wales:
www.molestationnursery.com

7. If you’re looking for computer software, there’s always
www.ipanywhere.com

8. Welcome to the First Cumming Methodist Church. Their website is
www.cummingfirst.com

9. Then, of course, there’s these brainless art designers, and their whacky website:
www.speedofart.com

10. Want to holiday in Lake Tahoe? Try their brochure website at
www.gotahoe.com

Recently I mentioned that my older Infocus X1 projector's lamp has about a zillion hours on it and I had to do a reset of the timer to keep it running. Also, a month and a half ago I discussed my research into 1080p home theater projectors as I thought about stepping up in quality and capability to replace the X1. The thing that's been holding me back is price relative to what you get in the high-def world. I have the Xbox 360, HD-DVD and a satellite receiver that does 1080p images, so that's what I have been looking into. Sure, you can spend like $5,000 and get a pretty incredible projector, and just a couple years ago you couldn't buy a 1080p projector for less than probably $30K.

I know I want to replace the old projector I have. But I really don't want to spend $5K. Maybe half that amount would be okay, but not much more. So I put my research hat back on today and discovered Epson recently released their PowerLite Home Cinema 1080 projector for home theater. It's super-bright, has a great picture, it's a three-LCD setup, and gets some great reviews. It's practically identical to the 'pro' model of the same line but costs literally $2,000 less. Most notably the retail price is just under $3,000 and for the next few days (til the end of July) there's a $300 mail in rebate from Epson.

Needless to say, I am considering making the move. I'll take some more time to weigh my options and keep researching. I do wonder what (if anything) Epson will do for an incentive once this month's rebate period runs out, but hey who knows...

As I type this, my X1's fan is starting to make a noise like the fan bearings are going bad. Not a good thing. Murphy's law, really. It may be time to break that thing open and clean it out so I can make it last as long as possible, but from the sounds of it I think it may be on its last legs.

Anyone have any experience with the Epson PowerLite Home Cinema 1080 projector? Or have a good alternative I should be considering? Let me know!

UPDATE: I ordered one, so the Epson is my choice for a new projector. Review to come after it arrives Wednesday (Amazon Prime rocks) and I get a little time with it.

I recently (meaning a couple months ago) dumped my increasingly unreliable and time-consuming self-hosted POP and SMTP email server in favor of one of the big hosted service options available for free from a variety of sources. In my case I looked at several of the more ubiquitous options, and chose to go with Google Apps for my domain. A close second was Windows Live Custom Domains from Microsoft, but a couple missing critical features prevented me from going that route (namely access to my email via POP3). Since I am not worried about either company going away or anything, I went with the one that seems to best fit my needs as far as features and functionality are concerned. Getting the Blackberry client app for Google mail was another bonus.

However, I ran into two frustrating problems when I set up the Google Mail for greghughes.net and started accessing the email server via POP access from Thunderbird and my Blackberry Internet service.

First, I found that in some cases, once an email had been downloaded by any POP client, no others had access to download it. This is a problem if you're relying on having your email available in more than one place as I have taken for granted before.

Second, any emails sent to my own email address - the same one associated with the account - simply would not download via POP3 access, ever. Since my weblog sends email to me from my own email address (as do a couple other apps), this was a real problem. I could not really change the behavior of my applications, since doing so would break other aspects of the systems. Besides, every other mail server with POP3 support had always worked the same way (and worked just fine), so why was Google Mail's so different?

Well, it turns out there is a not-so-obvious option (not used by default) that allows you to resolve both of these issues. It's called "recent mode." Google explains it in their help in the context of the "how do I use multiple clients" issue, but the problem related to POP-ing messages sent to 'Me' is resolved as well. The solution relates to putting an overload modifier on the front end of the email account name when you log in (a little weird and probably sloppy, but perfectly functional). It's explained below. Too bad one can't just toggle the functionality as a permanent setting in the Google Mail web interface (you can set it for a one-time download option, but it always reverts to the default after that, so it appears the below option is the only way to permanently resolve this).

To solve the problem, you have to modify your login in your POP settings with the overloading prefix:

"yourname@yourdomain.com"

 needs to change to:

 "recent:yourname@yourdomain.com"

The following information is snipped from the Google GMail help center (since this applies to both the general GMail and Google Apps mail services):

If you're accessing your Gmail using POP from multiple clients, Gmail's recent mode makes sure that all messages are made available to each client, rather than only to the first client to access new mail.

Recent mode fetches the last 30 days of mail, regardless of whether it's been sent to another POP client already.

If you sign in to Gmail using your Blackberry, you're signed in to recent mode automatically. For all other POP clients, replace 'username@gmail.com' in your POP client settings with 'recent:username@gmail.com'.

Source: Gmail - Help Center - How should I use POP on mobile or multiple devices?