# Wednesday, 29 December 2004

As the recent earthquake/tsunami crisis in Asia and East Africa has demonstrated, no matter how much we like to think we have mastered our environment, we haven’t.  So right after you send in your donation to a relief agency, start thinking about how prepared you are for a disaster.  These things can happen in First World countries too.  In fact, geologist predict that a 9.0 earthquake could happen off our own (Oregon) coastline.  A 10% chance in the next 30 years. 

The most important thing to keep in mind is that in the event of a disaster of this magnitude, EMS personnel will NOT be coming to your house any time soon.  They’ll be going to schools, hospitals, retirement communities, and places where there are large groups of people who are incapable of helping themselves.  We as capable citizens should be prepared to look after ourselves and our families, and to help our neighbors for the first 72 hours without the expectation of help from the authorities. 

So be prepared!  It doesn’t take much effort to put together a 72 hour kit for your family.  You can put one together yourself, or buy one already made.  You can do it a little bit at a time. 

Better still, take the next step and get some training.  Check out your local CERT (Community Emergency Response Team) program.  CERT is a program (now under the mandate of FEMA) for creating local teams of volunteers who can help themselves and their neighbors in times of emergency.  Check the FEMA site for a training program near you.  Most programs involve a fairly minimal training commitment (the program I entered in Hillsboro is 24 hours, or three hours a week for 8 weeks).  You’ll learn some important skills, and it’s a lot of fun.   

If you are into technology, get your amateur radio license and learn how to provide emergency communications.

Take the initiative!  Be prepared to protect yourself and your family.  No time like the present.

Wednesday, 29 December 2004 13:56:07 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [0]  | 
# Tuesday, 28 December 2004

I haven’t had cable TV for many years.  In fact my TV at home pretty much only gets one channel.  Luckily, it happens to be our fabulous local public broadcasting station, OPB.  Every time I see cable television, at the gym, at my parents’ houses, etc. I’m once again shocked and appalled by the lousy (I might go so far as to say “execrable”) shows that are on.  The one possible exception would be the food network, which often has some pretty cool stuff on, but they have their share of garbage too. 

Which isn’t to say that nobody is making good television!  There are some truly great shows on TV.  I’m just not willing to put up with the 99% that’s awful.  Luckily, more and more shows are being released on DVD, and I’ve become an avid fan of TV-on-DVD.  I’m more that willing to shell out $40–$50 for a season’s worth of good TV.  I must admit though, that’s about my limit.  There are a few really great shows out on disk that are just too expensive.  I love the Sopranos, but $75 a season is too much.  I was a huge X-Files fan in the early days, but there’s no way it’s worth $100+ a season.  But there are lots of shows coming out for a reasonable price that are well worth checking out…

I’m a huge Joss Whedon fan, so I’ve got all 7 seasons of Buffy the Vampire Slayer now (say what you will, it’s a fantastic show!) and the final season of Angel comes out in February.  I’m also a huge fan of Firefly, Joss’s sadly short-lived Sci-Fi series, which is a great on DVD and includes some shows that never made it to the air. 

For Christmas this year I got the first two seasons of Roswell (great stuff) and the first season of Dead Like Me, which I find completely hilarious.  My wife got the first two seasons of the BBC classic Red Dwarf, which she and my kids totally adore. 

There are also some “vintage” shows coming out on DVD which I think is pretty cool.  I’ve picked up 21 Jump Street, Quantum Leap, and Northern Exposure so far.  21 Jump Street is worth it for the clothing styles alone.  Those were the days.  If only they’d put Miami Vice on disk. :-)

So as you can see from the list above, it’s not that I don’t like TV, I’d just rather put my $40 bucks a month into content that I know I like rather than bet it on the drivel the networks pump out.

Tuesday, 28 December 2004 15:07:21 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [4]  | 
Last year I got a great jacket for my birthday from SCOTTeVEST.  This year I got the fleece version, which also fits inside the shell I got last year to provide (much needed this time of year) insulation.  These are great jackets, very comfy and covered in more pockets that the average non-geek would know what to do with.  I haven’t had a chance to properly wire up the fleece yet, but I’m sure that’s coming any day now.  I’ve got a pair of noise cancelling ear buds semi-permanently wired into the shell, so I never have to wonder where I put those #(@*! headphones.  Of course that just leaves me wondering where I put the #*@(!@ iPod instead. 
Tuesday, 28 December 2004 09:49:44 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [0]  | 
# Wednesday, 22 December 2004

Being a dedicated Firefox user, one of the few things that was still thwarting me was SharePoint.  We use SharePoint internally for a ton of stuff, and it was a drag to have to fall back to that other browser.  SharePoint pages look and work fine in Firefox, but I was having to reauthenticate on every single page, which really hindered my enjoyment of the experience.

I finally figured out how to get Firefox to do NTLM, which means I don’t have to deal with the authentication dialogs, thereby reducing my dependence on IE to one and only one application (Oddpost). 

It’s not at all obvious how to make it work, and it took me a few tries.  You have to go to your Firefox address bar and type about:config.  This will bring up the internal config editor, which allows you to set all kinds of properties that influence Firefox’s behavior.  Look for the key called network.automatic-ntlm-auth.trusted-uris.  Set that key’s value to a comma separated list of servers you want NTLM auth for.  So if your internal SharePoint sites are on servers called Larry and Mo, use “larry,mo”.  You can also add the same value to the key network.negotiate-auth.trusted-uris.  It’s unclear to me if that second one is required, but I set it, and everything works.  Now SharePoint works like a champ, and authenticates automatically.

Wednesday, 22 December 2004 10:53:30 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [18]  | 
# Monday, 20 December 2004

The open source email client, not the fortified wine. 

I’ve ditched Outlook at home in favor of Thunderbird 1.0, and I’m pretty happy with the decision.  Between the increased speed of startup and mail downloading, and the vastly superior HTML rendering time, it takes me much less time to read my mail now than it did with Outlook.  The junk mail filtering works very well, and consistently.  The filtering rules are easy to compose (although my one gripe is that I can’t figure out how to get the rules to run every time I get new mail) and work consistently as well.

I installed the extension “Enigmail” which provides a very nice frond end to GnuPG PKI engine, and it integrates extraordinarily well into Thunderbird.  The install of GPG was quite challenging, but the Thunderbird integration is super easy to use. 

Pretty much the only things I miss about Outlook are a couple of plugins, NewsGator and Plaxo, but I’m finding out that I didn’t use them all that much at home anyway. 

Thunderbird + Firefox == one big happy for me. :-)

Monday, 20 December 2004 14:18:51 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [3]  | 
# Tuesday, 14 December 2004

So MSN desktop search released a beta yesterday.  I haven’t installed it, and I’m probably not going to.  James Avery sums it up best:

MSN integrates with explorer, Google integrates with whatever web browser I am using. This means MSN has some cool GUI stuff and you can click on a file and it will launch, but does not work with my browser of choice.

I got as far as the download page which told me I was using the “wrong” browser.  With the single exception of Oddpost, any browser based application that only supports IE goes right out the window as far as I’m concerned.  I’m not willing to put up with IE when I use Firefox the other 99% of the time.  I gamely tolerated such lame behavior when IE was the better browser, but now it’s not, so I won’t.  I’ve pretty much switched to Thunderbird at home now, for the simple reason that I can download and read my mail about 10 times faster than I could in Outlook.  Not to mention the theming and extension support. 

Anyway, MSN desktop search may be cool and everything, but the IE only thing makes it a non-starter for me.

Tuesday, 14 December 2004 10:49:32 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [3]  | 
# Wednesday, 08 December 2004

I just listened to Microsoft’s web cast on the new Web Services features in Yukon, and I have to say I’m pretty skeptical.  I think it’s yet another case of Microsoft building support for “open standards” and then making them really only work practically if you’re running Windows on both ends. 

The biggest thing that concerns me is their authentication scheme.  They have disallowed anonymous connections, meaning that your HTTP connection must be authenticated using Basic, Digest, or Integrated Authentication.  That means on non-Windows platforms, you’ll be limited to Basic.  But wait.  They also decided that if you allow Basic auth, you must use SSL.  Furthermore, using Basic auth means that you have to use SQL Auth on your SQL server.  How do you send your SQL Auth credentials?, you might ask.  WS-Security Username tokens.  But WS-Security isn’t supported for either encryption or digital sigs. 

Plus, you have to use a separate SOAP header to carry session information so that you can maintain your context inside SQL server.  (OK, that bit’s pretty clever.)

So if I want to use Web Services to talk to SQL server from a non-Windows platform, I have to use Basic authentication over SSL, and provide a WS-Security header and a session header.  These seem to me like pretty heavy requirements.  Much of this was explained away with “WSE supports all this stuff”.  OK, great, but that’s not going to help my clients who are using Ruby under Linux. 

The guy giving the demo didn’t give us a look at the WSDL that SQL server generates, so I have no idea how complex or otherwise it might be.  Given that it’s hard to judge how hard it would be to deal with the data coming back from SQL Server.  In the plus column, they’ve provided hooks so that you can write your own WSDL if you don’t like the way they do it.

Besides the above issues, I think their implementation and support for Web Services is pretty dang clever.  They’ve thought about a lot of issues. 

What I don’t get is if my Web Services clients only work best under Windows, why do I need Web Services?

Wednesday, 08 December 2004 14:54:24 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [1]  | 

That’s just plain cool… 

Paper Enigma Machine

This machine is compatible with the original 3-rotor German Enigma used during World War II. For simplicity it omits the "ring settings" and plug board, but the primary workings of the machine are captured in this model. Great as an educational tool, or just for fun!

[via hackaday]

Wednesday, 08 December 2004 09:57:18 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [0]  | 
# Tuesday, 07 December 2004

The following is the final I gave my Web Services Applied class last night.  I was hoping to come up with a project that exposed the interesting things about developing a web service, and a client to access that service, with out getting bogged down in implementing what the service was supposed to do.  At the same time, I wanted something less trivial than Hello World!

The class had three hours to complete the project, and to my surprise only one person finished before the end of that time limit.  Is this too hard?  Do you think it’s asking too much?  I’m not used to teaching in an academic setting, so I’m still trying to gauge the difficulty of this kind of thing.  It’s a senior seminar, so it shouldn’t be too easy.  I’d be interested to hear people’s opinions.

Final Exam


Monday, December 6th.


Your final involves creating both a Web Service, and a client to exercise that Web Service. You will need to create a web service which matches the following UML.



The service has three methods: Remember, which takes a string, Forget, and Regurgitate. Remember will cause the service to store a string value, and keep track of the time it remembered that string. Forget will clear the stored memory entirely. Regurgitate will return an array of RememberedThing objects, which combine the string remembered with the time it was remembered.

You will also need to construct a WinForms client application that will allow a user to remember a string using the service, forget all the remembered strings, or display a list of regurgitated strings and times. You will need to call the web service asynchronously so that the WinForms application doesn't block.



You will need to turn in:

  • The complete code for client and server.

  • The WSDL and XmlSchema documents that describe the service.


Criteria for success:

The whole final is worth 100 points devided as follows:

  • Web Service interface – 30pts. (including WSDL and XSD)

  • Web Service functionality – 30pts.

  • Client functionality – 30pts.

  • Asynchronously calling web service – 10pts.


Tuesday, 07 December 2004 15:22:18 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [1]  | 

Maybe everybody knew this but me, but it’s been totally bugging me personally.  For my recent Web Services Applied class, when they set up the lab machines someone goofed up the permissions.  For reason or reasons I don’t understand (I’m guessing some kind of domain policy) there didn’t seem to be any way to get a web service running under IIS to allow anonymous access.  Everything worked fine with Integrated Authentication set, as long as the client knew what it was doing, which meant that WebServicesStudio worked just fine, you could hit the web service with IE and get the default page back.  But as soon as you tried to hit the web service from C# client code, you’d invariably get back HTTP 401.1 Unauthorized.  I tried changing every set of IIS and file system permissions I could think of, to no avail.  Crap.  Luckily, at long last Google once again came to the rescue.  I still don’t know why anonymous access doesn’t work, but I do know how to make the client problem go away.

        [STAThread]

        static void Main(string[] args)

        {

            localhost.Service1 serv = new ConsoleApplication2.localhost.Service1();

            serv.Credentials = System.Net.CredentialCache.DefaultCredentials;

            serv.TheMethod();

        }

 

Setting the credentials on the proxy allows Integrated Authentication to work the way it’s supposed to, and everything works just fine.  Unfortunately I didn’t figure this out until my class was about half way through their final last night, but at least that’s better than not figuring it out at all. :-)

Tuesday, 07 December 2004 11:18:26 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [2]  | 
# Monday, 06 December 2004
I’ll be teaching again next term at OIT (at CAPITAL Center in Beaverton), this time “Enterprise Web Services”.  We’ll be looking at what it takes to build a real-world enterprise application using web services, including such topics as asynchronous messaging, security, reliable messaging and a host of others. We’ll walk through all the stages of building an enterprise-level WS application, using .NET and WSE 2.0 to do the heavy lifting.  Required is a firm grasp of programming in C#, and a basic understanding of Web Services fundamentals such as XML, SOAP, and WSDL.
Monday, 06 December 2004 13:18:30 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [0]  | 

I just finished Neal Stephenson’s Cryptonomicon, and what a ride it was!  Snow Crash is one of my favorite books ever, but I was pretty underwhelmed by The Diamond Age, so I’ve put off reading Cryptonomicon.  I now see that was a mistake.  I enjoyed the whole book, and couldn’t put it down for the last 100 or so pages. 

Stephenson employs the fabulously wacky use of language that he did in Snow Crash, but along slightly less absurdist lines.  Snow Crash was cool, but definitely felt fictional (although not that far off from where we are today, frankly).  Cryptonomicon, on the other hand, is a bit more down to earth in it’s subject matter, even though it’s certainly fanciful.

I thought he did a great job of capturing modern nerd culture, and was gratified to see that Randy the geek turns out to be the hero of the tale in the end.  A great read.  Now I’ll have to start the Baroque Cycle…

Monday, 06 December 2004 13:04:38 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [0]  | 
Check out the ever-well-informed-and-entertaining Stuart Celarier this Thursday at CAPITAL center in Beaverton.  Should be a good talk.  If you ask nicely he might even juggle.  :-)
Monday, 06 December 2004 10:38:27 (Pacific Standard Time, UTC-08:00)  #    Disclaimer  |  Comments [0]  |