greg hughes - dot net

From Longhornblogs.com, some of the first information about IIS7, which is reportedly code-complete and is now being integrated into Longhorn:

"IIS7 represents the unification of ASP.NET and IIS. Let me clarify what that means. Right now, ASP.NET is implemented as an ISAPI extension for IIS. That will still be true in ASP.NET 2.0. In IIS7, that changes. Instead, the concepts of HTTP pipelines, handlers, modules, XML config files, etc... are all natively built into the platform.

"Along with that, the IIS7 team has completely refactored the whole platform, so now practically every feature in the pipeline has been broken out into a separate module. From a security standpoint, this is a whole new realm for IIS..."

Read more here. Glad to see they'll be releasing it on the Pro and Server OS'es. Cool stuff.

Last-minute on my part, but I have been so busy I did not realize that tonight (Wednesday) is the monthly meeting of the Portland Area Dot-Net User Group (PADNUG).

And speaking tonight is Jason Mauer, Developer Evangelist with Microsoft, on the topic of "The Ins and Outs of SharePoint Development."

Check out Rich's weblog entry with complete info if you're interested - SharePoint use is growing quickly - good stuff to know! And hey, you can't really beat the price.

In an interesting and (at the same time, but for different reasons) rather scary turn of events, a company's computer data has apparently been locked up, by means of encryption, by an evil-doer and held ransom.

For - get this one - $200.

Tell me that is not the perfect Austin Powers moment. I can hear Dr. Evil now, from his Evil Hacker Base:

Twooooooo Hunnnnnnndred Dolllllllarrrzzzzz! Muuuhahahahahahhhh!!!

Unfortunately, it's worrisome in that through some lack of security protection or another, some bad guy was able to get malicious code into a company that located business files and packaged them up in a nice, neat encrypted (and therefore completely unaccessible without the key) form. They didn't even (necessarily) take the files off the network - they just locked them up and left them there. Maybe. Who knows.

Link to the story: http://it.slashdot.org/article.pl?sid=05/05/24/1321200&from=rss

Security researchers at the San Diego-based Websense uncovered the unusual extortion plot when a corporate customer they would not identify fell victim to the infection, which encrypted files that included documents, photographs and spreadsheets.

A ransom note left behind included an e-mail address, and the attacker using the address later demanded $200 for the digital keys to unlock the files.

"This is equivalent to someone coming into your home, putting your valuables in a safe and not telling you the combination," said Oliver Friedrichs, a security manager for Symantec Corporation.

The FBI said the scheme, which appears isolated, was unlike other Internet extortion crimes.

Leading security and anti-virus firms this week were updating protective software for companies and consumers to guard against this type of attack, which experts dubbed "ransom-ware."

Shane has started a weblog covering how to customize a SharePoint web site to create a site that provides some form of content management, etc. The first few posts are up, and it looks like it will be a detailed, step-by-step tutorial for people who want to learn something about SharePoint customization.

From his weblog: 

"This entry will likely span into a 4-5 part tutorial on creating a SharePoint site that looks like a 'real' website.

"I'll try and take things step-by-step in creating a "real website" and then converting it into a SharePoint site. I will keep it as simple as possible so that it's relatively easy to follow.

"For anyone that just wants to follow along and get their feet wet I will include everything I've used for the site creation, HTML/Graphics/CSS etc.

"This will be a fairly long post(s) but hopefully if there are a few people out there experiencing the SharePoint (Learning Pains) this should help you.

"I'm going to be fairly in-depth about the entire process of the site creation, covering everything from; brainstorming, what make's sense/what doesn't, sketching, creating the graphics, creating the site, styling the site and finally converting everything to a fully content-managed and dynamically driven SharePoint Site."

Sounds great to me - I've implemented a large number of SharePoint sites, and have done some amount of customization, but I am interested in reading Shane's guide and learning some more. He's also posted a list of what to expect from the tutorial:

Overview:

Step-by-Step guide on creating a SharePoint website that looks like a "real website".

Things to Cover:

• Why SharePoint? - Benefits of creating a site based on SharePoint
• Brainstorming - What's the purpose of the site
• Planning - Creating a site that works for both the end-user, and the owner
• Sketches - Laying the groundwork
• Graphical UI - Bring your sketches to life
• Initial Site Creation - Setting the stage w/ SharePoint in mind
• Creating a WSS "SharePoint Site" - The "basic" SharePoint site
• Setting up the dynamic elements - Lists, Libraries and all that fun stuff!
• SharePoint Conversion - Turning your site into a SharePoint Site
• Programming (without a) a Programmer! - Let's bring in those dynamic elements and create some nifty data-views
• Styling the site (CSS) - Styling the data-views and other elements to be visually appealing
• Styling the admin pages using "themes" - Step-by-Step on theme setup and customization
• Backing up your work - Using FrontPage 2003 to backup your work
• The Final Result! - See, that wasn't so hard now was it!

Fellow IT-management type Alex Scoble posed a wireless question in the comments from a random post yesterday (one that pictured my trusty Blackberry 7290), which led to a short series of comments of back-and-forth on wireless voice/data coverage. After thinking about it some more, I realized that I'm asked this type of question often, so I figure I'll harvest some of the comments content and create a new post here. After all, it's all about the conversation, and besides now I'll have a link to email to people, heh...

The in-building wireless coverage problem can be the scourge of many an IT manager. In-building dead-spot complaints have been known to pressure many IT pros to dump otherwise good carriers to go with another one that may offer good service at their micro-location, but which doesn't meet the business' other, broader needs. Not to mention the fact that the cost of simply changing carriers can be quite expensive.

If you have an in-building wireless overage problem, don't automatically assume changing carriers is the best or only way to solve it. Instead, exercise your two key options: Call your carrier and tell them you need them to provide you with a solution, and/or think about finding one yourself.

One of our teams recently finished a three-month review of many of the mobile providers available here. First of all, it's important to know that each carrier emphasizes a slightly different market. While T-Mobile's pricing was attractive, honestly their coverage was lacking outside the metro areas, which was a problem for our specific needs. Their people are great, and where it works it works well, but the remote coverage was our concern. Nextel was similar to T-Mobile in that regard. Verizon and Cingular have the broader coverage fairly well nailed down compared to their competition (especially when it comes to worldwide coverage, which we care about), but they, too have frustrating coverage gaps and spots. We looked at the other carriers, as well. In short, they all have their good and not-so-good points, and each caters to a somewhat different set of business needs. Most importantly, it's important to note that no carrier is perfect, especially in-building. You will always have one employee (probably a justifiably important one) that can't make calls unless they (literally) walk down to the corner from their home and press their phone to the stop sign pole. That's just the nature of wireless service in the US right now, and hey - it's a big country.

Also keep in mind that the phones you buy can make a difference. quad- and tri-band phones allow you to roam off network when the carrier's network is not available, and typically help to allow good worldwide coverage. Make sure you research those kinds of needs closely. Also realize that if your carrier's network is available, it won't matter how many other bands and providers are available if the phone is "locked" or set to use only the preferred networks - so while you are evaluating, ask questions about this and play with the phone's software switches for network preferences.

So anyhow, from experience I always recommend choosing a carrier based on what they can do for you in the macro sense: Do they provide the level of coverage needed in the areas where you move and travel to do business? Is the price right? Get test devices for a couple weeks and do a real-world evaluation with real people - you'll find that coverage maps and sales people don't tell you everything you need to know. After you've weighed the options and chosen a carrier, you're often best off to look to specialized technology to provide good coverage in places like offices buildings and exec homes. And you might be surprised how low the costs can be.

For example, check out http://www.spotwave.com/ - I have had one of their SpotCell devices, which are quite good, for a couple years now, and I know they've made refinements and improvements since then. The SpotCell package uses a directional collector antenna to gather the signal, and a donor antenna to provide wireless coverage to the location where it's installed. It's pretty cool an can solve some serious dead-spot problems. I originally got one through AT&T Wireless (now Cingular) to solve a residential problem and was able to move it to another location for a while to solve a problem there. I actually need to call them and ask about an update for it for my area, and I can tell you from past experience that they are quite willing to provide excellent customer service when you contact them. If you're looking to outfit a smaller office or someone's home (under 5,000 sq. ft.), it may be worth the small-ish investment, since these devices start out at about $1000. Larger office buildings might need more than one coverage device, and the SpotWave people can quickly help figure that out. I also have another brand of wireless extension kit similar to the SpotWave technology (I'll have to climb up and look at it to see what brand it is), but it's not nearly as friendly or intuitive to set up. The SpotCell is so simple to make work, even a five year old could do it (well, except for the antenna mounting part I guess).

I am also told on fairly good authority that there are some IP-based in-building devices coming to the market that act as a mini/micro indoor-coverage site - you can just plug them into your Internet connection and they'll "talk" back to the wireless carrier via VPN or similar method. I know T-Mobile is working on them now and will probably announce something before too long. But the carriers are staying pretty tight-lipped about announcing availability right now for some reason, probably because they know they have to do it right the first time and support needs to be solid, which means fuzzy launch dates until it happens. That will be an interesting space to watch.

Hahahah, okay as long as we're at it, this is a pretty funny flash short film, from the Organic Trade Association:

(Note - I saw the real movie tonight and it was pretty okay I thought... Rory's review is pretty close to what I thought, although I guess my expectations weren't quite as high as his, and I enjoyed it despite the weaknesses.)

Challenge Darth Vader to 20-questions in "The Sith Sense" and watch him read your mind:

The force is strong with this one. Of course, he's got some help...

Burger King's at it again - well done.

(thanks Chris)

Obscure trivia time... Let's see if anyone knows what this means (see image):

I don't expect anyone (except for maybe two people) to know what it means when it's stuck on the phone (it's an inside kinda thing), but surely someone (besides those two) must know what the figure means when it's used for it's real purpose...

Ok, this is completely random, I know, but people need to know about this stuff, and I am willing to provide a little free advertising when I see something worthwhile.

If you own a cat (my cat saga is long and complicated), you know all about the woes of litter boxes, scooping, smell, smell, smell and - well - smell.

Tired of crappy cat litter products (forgive the pun), I spent a few extra bucks on a four-pound bag of Fresh Step Crystals cat litter a few weeks ago, hoping to find something that would be easier to deal with in terms of cleaning and - yes - the smell.

This stuff is incredible (well, on the kitty-litter scale that is). I will never buy clay cat litter again. Ever.

Between the fact that it locks in the cat box odors like nothing else, and the fact that this four-pound bag can last up to a month (I didn't believe it at first, but wow...), I am completely sold. Clay doesn't compare.

What else is great about it?

• No dust. Zero. Nada.
• No smell. Seriously, this is the most incredible part.
• A lot less litter scattered out of the box and onto the floor.
• Easy to scoop - forget that super-clumping clay litter stuff, this is the better way to go.

Read about it here. Buy it anywhere cat crap products are sold.

By the way - my clean-freak, obsessive-compulsive cat was a little weirded out by the new litter at first, so I mixed a little clay in with it, and she took to it right away. Just a hint in case your cat freaks out on the new stuff - it will get used to it after a couple visits.

Engadget has a great little article about an Indy 500 racing team's use of OneNote on Tablet PCs in the race pits and planning stages. It's pretty cool what they're doing with technology in auto racing these days. Go check it out.

"... Robertson said they are now recording a driver’s spoken comments about how the car is handling as a Windows Media Audio file and can do a voice overlay within a OneNote document along with a track diagram to show where the car went fast or slow. Such OneNote documents can be instant messaged to engineers back at the garages and stored for future use ...

... He said OneNote is useful in creating reports and presentations that combine computer-aided design (CAD) drawings, data from the on-board data logging systems, and engineering notes with information gathered from various sources, such as photos of necessary parts from catalogues, on the Internet."

[Read the story at Engadget]

I've had the unfortunate experience of being on two vehicle accidents in the past couple of years - both were accidents that I could not avoid in the moment, and for which the law found me not at fault, but the insurance industry says were my fault nonetheless. No tickets issued, just a couple of against-the-odds situations, two wrecked vehicles and insurance premiums that rocketed somewhere into the upper stratosphere.

The first accident involved a deer in a curve in the roadway at night, and I had to choose in a split second whether to hit the deer (with a motorcycle, mind you), or to try to go around it. I chose the latter option and ended up on the shoulder of the roadway, which would have been just fine except that (unbeknownst to me) the shoulder turned into a ditch, which is not exactly a good thing when you're on a bike. Thank goodness I had on all the right gear - helmet, gloves, armored clothing. Anyhow, the lawman on the scene said it was a no-fault accident (and tried to talk me into joining the reserves) and my insurance agent told me (dead-seriously), "You should have hit the deer." Jeez, never mind the fact that I walked away from it relatively unharmed, which would almost certainly not have happened hat I hit that deer (and for the record, I don't give a darn one way or the other whether or not Bambi was hurt or killed). The law saw it one way, but my insurance company uses a book of rules, rather than real-world common sense: My insurance rates went up, because I didn't hit the deer.

The second one involved a semi truck coming down a hill (again late at night) through some switchback curves, heading at straight at me in my lane as I was going up the hill. I swerved hard to the edge of the road to avoid being hit by the semi (I seriously though that was "it"), and somehow he (I am making a gender assumption here, please forgive me...) got back over toward his lane far enough to where the vehicles did not touch. He kept right on going and my smaller vehicle fishtailed a couple times before sliding off the road, head-on into the hillside where it flipped and rolled. It was truly crazy. Anyhow, the law came on scene, took a look around, made sure I was not drunk (I have not consumed alcohol in more than eight years so no chance of that) and said "not your fault" based on all the evidence (semi truck skid marks, etc), but the insurance company (not my agent this time, it was an adjuster) told me I probably should have hit the semi truck (What?!?!?), and again jacked up my rates.

Now, all-in-all I'd much rather pay obnoxious insurance premiums than be dead, so I guess the tradeoff is not all that bad in the big picture. But let me tell you - my rates skyrocketed and became what I would call truly outrageous.

Unfortunately, when it comes to my own personal finances, while I am quite responsible I am not one to put the pressure on and fight hard for better prices as a matter or course. I will do it in my job (where the company is the beneficiary of my efforts and it's not personal), but for some reason it's different when I am negotiating and shopping around for myself. For the record, I consider this a weakness in my own character, and I've progressively gotten better in recent years, but I still have to occasionally remind myself to look out for me in my spare time, if you will.

Anyhow, I woke up the other day pretty pissed off about my insurance bills, which is not a pleasant way to wake up, so I decided to do something about it.

Long story short (way too late, I know), I just changed insurance companies, from American Family to AIG, and on an apples-to-apples auto policy (same coverage, same accidents, etc) I cut my rate almost in half. Not only that, I was able to get lots of rate quotes and apply online, and once I had decided which company to go with, I just called them up and completed the deal (Not that I needed to, I could have closed the deal online, too, without ever having spoken to a person, but that would not have been as much fun because the helpful lady I spoke to at AIG was born the exact same day as me and was really, really nice on the phone - which does make a difference in an all-else-equal world.)

In the process I learned a few things about buying insurance:

• You must shop around to find out what kind of deals you will get. They vary greatly from company to company.
• Always check with your bank to see if they have a bank-sponsored insurance program, that's what I did (I bank with Wells Fargo online and just clicked through their link to get a quote at AIG). It saved me a significant amount over the insurance company's default premiums to go that route. The lady on the phone told me that was the way to go, among several other useful tidbits.
• If you have multiple insurance products (homeowners, umbrella policy, life insurance, etc) always see if putting them under one carrier will save you money - it almost always does.
• Ask lots of questions about specific details - towing coverage, death and dismemberment, thing like that are often double-covered if you have separate policies from work or health insurance that provide the same coverage, so don't buy the same thing twice if you don't need it - but make sure you know exactly what you have and what you are buying. If an insurance company's agents are not helpful, you should consider going elsewhere.
• If your rates have gone up substantially at your current company because of accidents or claims, it's probably worth shopping around for a new company. It's a competitive market and just like other businesses, insurance companies know that if they jack up rates, a substantial number of their customers will pay the higher rates and never look around at options.

At any rate, I learned something in the process and thought others might, as well. All I know is that I just added a chunk of change to my monthly grocery budget by doing a small amount of research and online work, plus one phone call. It was a good investment.

I'm a dual-browser kind of guy. Honestly, I use Internet Explorer most of the time, and Firefox is in my backup slot. Recently security concerns have been pretty evenly divided between the two, and I am not married to one browser or another - I just use what works best for me at the time.

The one thing that tends to keep IT administrators from deploying Firefox across their companies in many cases is the complete lack of a process and ability to patch and update the software.

Well, IT admins, worry no more. Someone's been thinking about how to help.

FrontMotion has created a MSI installer for Firefox 1.0.4 that can be deployed via Active Directory - just like any MSI installer - and a set of accompanying ADM files that you can deploy as extensions to your group policy, in order to be able to exercise the level of control necessary in a corporate environment. You can download them here.

FrontMotion's Firefox Community Edition is Firefox with the ability to lockdown settings through Active Directory.  Similar to lockdown with mozilla.cfg on one computer, you can now use our Community Edition to set settings across your organization by loading Administrative Templates. Both the firefox.adm and mozilla.adm file can be loaded at the same time.

For those who want or need to do an Active Directory deployment:

• Download the MSI installer and save it to a network location accessible by client computers (e.g. a network share on a domain controller).
• Create or edit a Group Policy Object (GPO). Right click on an Organizational Unit (OU) or your top level domain, then Properties.  In the Group Policy tab, click New to create a new Group Policy or Edit. (Note: If you have an existing deployment of Firefox MSI, you should Edit an existing GPO)
• Edit the GPO and navigate to Computer Configuration -> Software Settings -> Software Installation
• Add the new package, specify the location of the Firefox MSI on a network share. (e.g. \\server\appinstalls\firefox\firefox-x.x.x.x.msi)
• If you are doing an upgrade, be sure to specify the older packages in the Upgrades tab in the new package's properties.

I'm watching FOX12 News here in Portland, and they just ran a story about Podcasting. The pointed out that it's even gone commercial, and had a quick interview with a guy from Centennial Wines - http://www.centennialwines.com/ - which apparently has a podcast available (I only see one episode, but maybe I am missing something).

Anyhow, TV is pushing the message of podcasting all the way into your living room on the newscast. That's gotta mean something.

Last year I ripped apart a Rio Carbon 5GB MP3 player for the hard drive hidden inside. I also grabbed one for it's real intended use - playing audio.

If you happen to see this soon after it's posted and want one at a great price, check out http://www.woot.com and buy one for $125, which is more than half what they cost new... It's a refurb model, but hey - half price, ya know?

Anyhow, as many emails and in-person requests as I get for this player, I figured it was worth posting about.

By the way - woot.com sells one item a day, until it's sold out. They must have a whole boatload of Rio Carbons in their stock, and sometime between now and Monday night at 10pm Pacific they'll run out, or else Monday night something else will go on sale - so act now if you're interested.

(And no - I don't earn a single penny for suggesting this to you.)

Google appears to have entered the personal portal space. Surf over to http://www.google.com/ig now and you can set up your personal preferences...

... and you'll end up with a personalized Google home search page:

You can set up Gmail, Google News, BBC News, driving directions from Google Maps, local weather, stock info and some online news sources. Word is that RSS support is in the cards for the future.

[via Slashdot, and others]