Author Archives: Tobint

RFID-proof wallet!

When the anthrax scares popped up some time after the attacks on the world trade center, our nation was astonished to find that all of our biological concerns could be solved with plastic sheeting and — duct tape. Duct tape is like a modern day snake oil — its great for everything. So when I read today that you could block RFID intrusion with it, I wasn’t the least bit suprised

I carry a couple of security cards in my wallet that use RFID tags. While these tags make it easy for me to gain access to sites which I’ve been given access to, its an increasing security risk to cary these things in your wallet. Let’s hear it for duct tape bringing us peace of mind once again!

Posted in: technical / Tagged: ,

Award for Customer Excellence Nomination

Today I received a very strange email from Microsoft. It claimed I was nominated for an “Award for Customer Excellence”. I’m not particularly sure what work I did that this award would be for, but here’s what the email said:

Dear Tobin Titus,

Thank you for being a great contributor to
Microsoft Visual Studio 2005.

You have been nominated to receive the Award
for Customer Excellence. This award recognizes
your extraordinary contribution to the Visual
Studio 2005 product and will be shipped to you
without charge. Please click the following
link to arrange shipment of your award:

www.xxxxxxxxxxxx.com
ACE Code: xxxx-xxx-xxxx-xxxx

Should you have any questions about this award,
please contact xxxxxx@xxxxxxxxx.xxx .

All the best,

S. Somasegar
Corporate Vice President,
Microsoft Developer Division

The accompanying site had this award that was to be sent to me if I filled in my personal information.

Ace Award

Ace Award

Does anyone know what this is supposed to be for and if its legit?

Posted in: personal / Tagged: ,

Visual Studio 2005 Community Launch Tools

This year, I was asked to be the INETA community launch champion for my local user group. Essentially, the job is to present at least two topics related to Visual Studio 2005 and/or SQL Server 2005 and/or BizTalk 2006. I was honored to be picked for this role and have done my best to provide the best possible experience for those who come to listen. This month’s topic is “Managing the Software Development Life Cycle with Visual Studio 2005 Team System”. WOW! Here’s the blurb that the UG’s sent out on this topic:

“Today’s software projects have one consistent trait – they fail. They fail to meet budgets. They fail to meet deadlines. In many instances, they fail to even make it to implementation. In 2000, only a fraction of software projects succeeded. That rate did not get much better in 2004. Industry demands such as more complex business requirements, government regulations, and standardization of components will make success all the more challenging. In this presentation, we’ll explore how you can utilize the new tools found in Visual Studio Team Services to increase your own success track record. This presentation will show how requirements can be gathered early, managed, modified, tracked, and reported on all the way through the software development life cycle. Come see the powerful new tools that are provided for architects, developers, testers, project managers, business analysts, and even project stake holders!”

While its always a good thing to prepare for a meeting, I realized while sitting in my hotel room that there are quite a few tools that I use to give presentations. I thought I might post pictures and informationa bout the tools I use so that others who are just getting started in their presentation careers can get a glimps into their future.

The Laptop

Its an HP Pavilion zd8000 series laptop that has been customized for the best performance I can get out of it. It has 2GB of ram, a 100 GB hard drive, Lightscribe DVD burner, and the like. I love this laptop because it has 4 USB ports (5 if you count the HP usb digital drive port), firewire, built in wireless, bluetooth, 5-1 media reader, built in speakers, and the list goes on. It even has a media remote control (meant for use with Windows Media Center Edition) that works very well for remotely moving forward and backward in powerpoint slides. Its a varitable swiss army knife of laptops and the kicker, of course, is the 17″ widescreen LCD.

notebook

The External Hard Drive

I use a Maxtor 300GB exernal hard drive to keep all of my VPC images on. This serves as both a repository and a backup for my Virtual Server (or Virtual PC) images. Having your VHD image on a hard drive other than your system drive is essential for performance. This drie is particularly useful because I can use either firewire or USB to connect to any system. Using Maxtor’s software, I can also use this device to automatically backup files from any of my systems too — and literaly at the touch of a button!

external hard drive

The Bluetooth Headset

On occassion, depending on the room setup, I can use this Motorola headset in place of a mobile mic. I pair the headset with my laptop and use the mic to output to my speakers at a podium. If I bend the podium mic to the speakers, I have a virtual walking mic. Obviously if a mobile mic is available, I use that instead for better clarity.

bluetooth headset

The Tablet PC

You may be asking why I use both a laptop and this new Gateway Tablet PC. Actually, this makes great sense if you ask me. I can set up the tablet as a sort of teleprompter during my presentations. The tablet can hold my demo scripts and walkthroughs (in case I lose a bolt during the presentation and need to remember where I’m at). Also, I didn’t buy the top of the line tablet. While the 14″ widescreen LCD makes this item look expensive, I only paid $1300 for this one — and that’s standard pricing. It only has 512 MB of ram, but thats all I need for my tablet PC needs — particularly when doing presentations. This tablet has a directional mouse-like input device on the left hand side that allows me to easily scroll up and down in my document without using the stylus.

tablet PC

The Thumbdrive

While I do have wireless connections, bluetooth and infared that can share data, I prefer to use the tumbdrive for quick transport between the laptop and the tablet when neccessary. I also carry a copy of the presentation materials on it in case someone asks me for them. Then its as easy as plugging the thumbdrive into their machine and letting them drag them onto their desktop.

thumbdrive

The Smartphone

I use the smartphone to help keep my timing in presentations. I leave the phone clipped to my belt and set up vibrating reminders to tell me when I should be at a certain point in my presentation. If I’m not there, I can speed things up. If I’m off to the races, I can slow things down and take a few extra questions when needed. I wouldn’t recommend buying one of these if you just want it for these purposes. I just happened to already have this phone so its what I use.

SMT5600

I love my tools. Its taken me a little while to learn what works and what doesn’t. I would imagine what works for one person wont neccessarily work for another. Let me know what you think.

Posted in: events / Tagged: , ,

Microsoft Korean Promo for Visual Studio .NET 2005

OK. I don’t really know how to react to this.

Posted in: personal / Tagged:

Review: HP Officejet 7410

Product Review: HP Officejet 7410
There are just some times in life when you have to spend money on equipment that you’d prefer not to. Yesterday was one such day for me. I’ve never been in the market for a combination fax/copy/printer/scanner before, but yesterday I had to break down and go shopping for one.

I’ve been signing a lot of contracts lately for various things. Going back out on my own has just required that I spend a considerable amount of time restructuring my life, my finances, and my contracts. Documents come as hard copy via the postal service or courier. Purchase orders come through email. The sales contract on my house had to be handled by fax. All of these things are pretty standard forms of communication, but require I spend time going to Kinko’s to make copies, or to scan the documents into digital format. Sometimes, the emailed documents have to be printed, signed, then scanned and emailed back with my signature. I’ve had a scanner for the longest time that just finally had to be replaced. It was also an HP scanner and it has served me well. Its time has come, however, and I was in the market for something better. I also had a Canon photo printer that was going to need replaced. I don’t have a home phone line, so the idea of having a fax machine really hadn’t occurred to me. Whatever I did decide on, however, had to actually be worth my while and help me do business. I didn’t want another expensive obstacle sitting in my home office.

I’m not a person that likes to spend a lot of time on product research. In general, I make sure the product I’m buying is a brand that is trusted, and has all the features I want. After that, I’m not really concerned if one uses a lower voltage or has a better network throughput. I care about a product that works reliably and at a fairly decent rate of speed — nothing more.

When I reached Office Depot, I found several “all in one” appliances. Many of them were in the upper $800-1000 range. Once I determined that these were laser printers/copiers I walked around to look at the much more stylish and much more affordable HP Officejet products. The started at around $199 and went up to as much as $899. As I walked down the isle, the prices and features increased. I settled into a sweet spot of about $500 where I found the Officejet 7410. After glancing over the feature set, I decided to bite and bought it for $457.00 after getting a price-comparison mark-down from SAMs club. I used the money I saved to buy an additional 1 year extension onto the manufacturer’s warranty. I don’t typically buy these warranties, but I was able to get a signed and personal commitment from the manager promising to abide by the terms of the agreement — terms that stated if I dropped the printer off my desk and broke it 729 days after I bought it, they would replace it.

So here is how I feel after one day of owning this device:

Assembly / Setup:
The folks at HP showed just how smart they are with this device. I don’t mean that sarcastically either. I unpacked the machine immediately and started putting it together. Surprisingly the device was very easy to assemble without so much as a glance at the instructions. I stacked the printer on top of its lower tray base; I added the two-sided printing attachment onto the back and plugged the device power cord and network cables up; I then attached the faceplate to the front of the machine. At first I thought it was odd that I would have to attach this faceplate but then quickly realized that HP did this so the product interface could be completely localized based on where it was being shipped to. After realizing the genius behind this move, I smiled and moved on.

After setting all of these things up, I turned the device on. The instructions on the LCD panel told me to attach the faceplate (oops, I already did). It then did something that I found nothing short of brilliant. It told me to look for any buttons that might be stuck under the faceplate and then cycle the power again. Sure enough, I found one that didn’t quite make it into the faceplate hole. I giggled the button a little bit and released it. Had they not provided this step, I would have spent a great deal of time trying to figure out why my device was misbehaving. My hat is off to the quality assurance folks who undoubtedly pointed this out in tons of testing. The hat is off once again to the product team who decided the QA/usability staff were right and should be listened to!

At this point, unbelievably, I was done. The network automatically configured itself using my local DHCP server. It did have one disappointing feature, however. This device comes with wireless networking capabilities. For those of you familiar with my typical stand against wireless, I do understand that sometimes this is the most usable approach and as long as security best practices are kept up with, it’s “reasonably” secure. HP, however, didn’t follow best practices, IMHO. The device came with its wireless radio ON by default. While I do see this as a usability issue, I would have preferred to see the secure approach of leaving the radio off by default and forcing you to simply turn it on. They could have even done the same thing they have done with their laptops, which is to provide an “on/off” button to enable and disable wireless. It’s a minor issue but one that I find important in this day and age.

The Photo Printer:
This machine boasted that it was a photo-quality printer. To enforce its usefulness as a photo-printer, the 7410 had many multi-media slots on the front that allow you to simply plug in your favorite digital camera media. Once you provided the media a small LCD allowed you to select the photos you wanted to print and queue them up for immediate printing onto your favorite photo paper. I tested this feature out right away and printed a large picture of our new kitten, “Rayne”. While the picture was taken with a very old Epson digital camera, the photo came out wonderfully. There isn’t much more to say about photo printing for me — it’s just not the most important feature I was looking for, but it did a great job and I’m sure that will come in handy when I print brochures or reports with graphs and images.

It would have been nice to see a little on screen cropping or orientation available to me, but once again, that isn’t ultimately the main purpose of this machine, in my opinion, so keeping the price down for us folks that just want “reasonable value / quality” is great in my book.

The Document Printer:
I installed the printer drivers and software that comes with this machine and followed the instructions to add the printer as a network printer. I was impressed at just how easy this was. It should be noted that my printer was NOT detected by default. This was more a function of my paranoid network than it was of the printer. I was able to easily set up the printer, however, based on the network setup sheet I printed from the printer. I quickly configured my internal home router to allow traffic to this IP from my secure network as well as from the few devices I have sitting in a semi-DMZ. Once this was done, I printed a contract that I had to get out the door immediately. It was a three page document and the printer I printed it from was down the hall from me. By the time I got to the printer, the last page was just completing and the quality was excellent.

I’m giving this document printing feature high marks – not because I feel it’s the best document printer out there, but because it does exactly what it advertises it will do and with the same speed and quality I was expecting from the product. My one beef with printing is the paper catcher that holds your printed documents as they are printing. Its very flimsy and doesn’t hold the full document. This means if I don’t pick up my print job right away, the corners of my document curl up from their own weight. This would have been fine if HP would provide a much more “durable” print job catching accessory.

Scanning:
I had to scan some receipts into my scanner to record my expenses for my latest trip to Redmond. I decided to go ahead and try the scanner out and boy was I in for a treat. Obviously I had several pages worth of scans to make with airline tickets, hotel bills, gas station receipts, meal receipts, etc. In case you haven’t figured this out yet, I have placed my device in another room – different from the one I’m using as my main home office. I thought I was going to have to scan the document, run to my computer and save it, then go back and forth until this was done. This wasn’t the case at all. I lined up each of my receipts as I wanted them laid out on the scanner and pressed the “Scan” button on the device interface. The LCD then prompted me to tell it where I wanted to send these items. I selected my computer from the drop down list – that’s right, it knew my computer was already configured with the software I needed to handle this scan. I was then asked how my computer should handle the scanned document. I was given several choices: HP Image Director, Word Document, and email were among the choices. The last choice was the file system. This is what I wanted so I selected the OK button and let the receipts get scanned. When the scan was complete, it asked me if I wanted to scan anything else. I did, so I continued scanning my documents one at a time until I was done. When I returned to my computer, I was prompted with a message box that asked if I wanted to save. I, of course, said yes and selected my location and file name. All of the documents I scanned were then saved with the format of xxxx.bmp. (I could have selected a different file format if I wanted too). This is exactly what I wanted. I need to be able to put forth as little effort as possible to get this paperwork out of the way. HP has come through!

Copying:
Any time you have a scanner and a printer in one product, it just makes sense to add copying to the machine as well. After all, copying is simply scanning one document and then printing it. This device has implemented this copying feature brilliantly. I hesitate to give it a 4 out of 5 but had to based on the speed and usability. By default, the copying machine uses the second tray whereas printing uses the upper tray. This is a great feature to have since you may want to use different paper for copying than you do for printing. When I attempted to make a copy however, it simply told me that I was out of paper. After adjusting the paper in my upper tray several times, I decided to try putting paper in the bottom tray. Sure enough, my copy job worked. Since this is a “scan-based” copy and the 7410 isn’t an “industrial” copier, the copy took a little longer than I expected. The great thing is that if I have a multi-page copy job to create, I can simply place the copies in the upper paper feed and walk away until the job is complete.

Fax:
I personally use eFax for my faxing needs. I like it because I can fax documents from anywhere. Since I’m out of town a lot, this is important to me. Technically speaking, I could open up enough ports on my network to let me fax to my network-connected printer However, this wouldn’t be the most secure approach. Because there isn’t a really secure way to implement this functionality, I am sticking with eFax for now and calling the fax machine “average”. It will be a welcome feature for the average home office worker, but not necessarily the best approach for the traveling consultant. You’ll be able to fax a document directly from your computer without printing it first and then faxing it. In fact, the drivers install a new type of “HP fax printer” that allows you to “print” any document directly to your fax machine. When you do this, you are prompted for the recipient information. The interface for the recipient information is a bit out of date and slightly cheep looking, but it definitely works. You can add recipients from your address book, add a generated cover page (and edit the contents), set the quality and contrast levels and preview the fax before sending it away.

Since I don’t use the faxing feature that much, the cool thing is that the rest of these features make it easy for me to scan documents and store them on my computer to be faxed out later – either through the fax feature on the 7410, or using eFax messenger.

Summary:

Feature Rating (0-5)
Assembly / Setup 4.0
The Photo Printer 4.0
The Document Printer 4.0
Scanning 5.0
Copying 4.0
Fax 3.5
Over all 4.0

This device has a lot more to offer than what I’ve described here. You can sign up for the “HP instant share” service which will allow you to instantly share information with others you scan, print, or add through the multi-media ports. This is a fee-based service and requires that you and the people you know have the same service, but it is very interesting if you want to send a picture of the kids directly to grandma’s photo printer after you take it.

I love that I bought this device. I really just wanted to have a product that met my needs, but this has turned into my new favorite toy. I’d change a few things on this product which I summarize as follows:

  • Disable the wireless radio by default
  • When you state that I’m out of paper, tell me what tray you are trying to load from.
  • Provide a free or fee-based service that allows me to use my fax machine from anywhere. Just like you use Instant Share, you could provide the ability for me to add a fax job from anywhere and let my fax machine do the work. I’d drop eFax in a heartbeat if I could use my own machine securely!

Aside from that, I would highly recommend this device to anyone looking for something in an all-in-one device.

Posted in: product reviews / Tagged: , , ,

Review : SMT 5600 Smart Phone

This product has been out for quite some time. Some of you may know it by other names such as the Orange SPV. I finally decided to break down and buy one of these guys. I managed to wrangle one from Cingular for about $219 bucks by extending my service contract with them. I was a bit apprehensive about buying this a Smart Phone as opposed to a Pocket PC Phone because of the size of the screen — I really enjoy having a large screen to look at. However, I really didn’t want to hold that large screen up to my ear or rush for my bluetooth headset every time the phone rang. Since my current phone service is through Cingular and I haven’t had a large complaint with them, my only option made abundantly clear to me was the SMT 5600.

First Impressions
After my first day with the device, I wasn’t very pleased. I pulled out my data cable and configured ActiveSync how I wanted it. I synched up some tasks I and appointments I had and was shocked at how hard it was to read this data on the screen. For instance, I am scheduled to fly out to Microsoft on the 17th-21st, and one of my calendar items had my flight information in a fairly simple, fixed-width format with my flight number, gate number, departure time and arrival time. I figured it would be very convenient to be able to look at my schedule quickly while switching flights in Ohio. However, when I looked at this data in the smart phone, I could barely make heads or tails of when one flight’s data ended and another started. I found this same problem with formatted email, tasks, and other outlook artifacts I have. I’m completely new to mobile devices, and don’t feel like reading a ton of how-tos to figure out how to use features of my phone — If its not intuitive, I dont want to use it. I was going to return the phone.

Day Two with the device
I found a WMA file of “Always Look On The Bright Side of Life” and though I just had to have it on my smart phone for a ring tone. I noticed a “mobile devices” icon sitting in the “My Computer” display. I clicked on it while my data cable was attached. “Wow, that’s pretty cool”, I can access my phone’s file system — almost like my USB pen-drive. I dropped the WMA file into the “My Sounds” folder and searched for a way to add it as my ring tone. No luck. After digging around in the phone’s file system, I found the folder where ring-tones are stored and I added the WMA file there. I changed my ring tone and called myself from another phone — it worked. Obviously, I wouldn’t keep a phone simply because I could add a media file to my phone and use it as a ring tone, but I was somewhat amused.

Day Three
As I stated, I left my job so I needed a laptop. While I had a new laptop on order from HP, I needed something right away since my order wasn’t scheduled until October 15th. I went out and bought a pretty nice Lance Armstrong L2000 Special Edition laptop (review will be forthcoming). The laptop had bluetooth and I thought “oh, cool, I don’t need to use my datacable all the time now.”. After unpacking the laptop and charging the battery appropriately, I booted up the computer and immediately installed ActiveSync on it. I clicked the spiffy little “wireless enable” button on the laptop and noticed that bluetooth was now running as I expected. Excited about the prospect, I immediately tried enabling bluetooth on the phone and connecting. After an hour of searching the web for help and impatiently fumbling around with the phone itself, I managed to get the ActiveSync to work. This phone’s street cred is picking up pace quickly — now I can drop ring-tones onto my phone without a data cable. Ok, so maybe I can do a bit more, but for now, the idea that my laptop can access my phone from across the room (and vice versa) is pretty cool. Just for fun, I used the phone’s camcorder feature to record a short clip of my cat playing around on the floor with, well, nothing (go figure). I immediately sent it to my laptop with bluetooth and had it playing on my 15″ widescreen LCD with decent sound quality. Had I opted for a media center PC, that would have allowed me to record the video and put it on the television immediately — that’s cool!

Day Four
I’m at Sam’s club looking for a new case for thislaptop. The one I had ordered for my other laptop was too big for this smaller laptop. But as I came into Sams, I saw “it” blinking at me. It was one of those dreaded blue-tooth headsets. Since I wanted to geek out a bit more with this bluetooth stuff, I decided to go ahead and buy one (product review forthcoming). I do drive around a lot, and with my schedule for the next couple months being hectic, having a hands-free device to talk on would come in handy. I followed the instructions and immediately got the device working. I paired the device with both my laptop and my SmartPhone. It seemed to work and it has this ultra-geeky blue LED that turns on and off when I’m talking on it.

Day Last+n
I’m sitting in my hotel room. The wireless internet connection the hotel purports to have is down and doesn’t have much hope in coming back up, so I take a chance to try using my phone as a means to connect. I did some easy configuration with the bluetooth modem in my computer and dialed *99#. I watched in amazement as the network icon showed up on my phone. “Dialing *99#…” , “Connecting…”, “Verifying Username and Password”, “Registering computer on the network” — HOLY COW! My laptop just connected to the internet through my bluetooth modem. I know this is trivial stuff for a lot of people, but I am truely amazed. The connection is somewhat glitchy. I got disconnected a few times and finally got disconnected for good just before posting my last blog post. But I was still very much impressed — something to fall back on in a pinch. As I write this blog now, I’m sitting in my bed and I have no idea where I set my phone. I know its here somewhere because my bluetooth modem connection is working just fine.

Summary
I’m able to watch video and listen to music on my phone. Its not the greatest quality in the world — but its a phone so I don’t expect it to. What I don’t like is the digitized voices I hear now and again on this phone. For some reason, I hear clicks in the phone and digitizing of both my voice and the voice of the person I am talking to. The interface and action items aren’t always completely intuitive. I hate the action and directional control button – its very hard to control at first. Despite all of my complaints, I really am starting to warm to the device as I learn how to be more effective and efficient with it. All in all, this device is a thumbs up for me. I definitely have a laundry list of wishes and wants for the next generation phone, but this phone will suffice for my needs for now.

Posted in: product reviews / Tagged: , , ,

And now back to your regularly scheduled blogging…

Many have already asked me why I haven’t been blogging lately. I’ve been taking care of a few family issues and putting my energy into that. Most of the major fires are out and its time to get back down to blogging as normal.

For some of you that know me, and some that may have picked up on it in other ways, I had been working as an employee for the past year and a half. I’ve decided to leave the days of employment behind me and head out in my own business ventures. I’ve always felt I had an adventuresome entrepreneurial spirit and its time to put that to use again. I have already landed my first large contract and have only been officially on my own since Thursday (9/29/2005) so I’m feeling pretty good about my chances of survival. More so than putting bread on my own table, I’m already renewed my confidence in my abilities to help provide sound business and technical advice to small and medium sized businesses — helping to put bread on the tables of project managers, developers, and busines owners for a long time to come.

Over the next few months, aside from working on Project Fazr with some really great guys, I’ll also be working on helping my parents grow their small-town business into a franchise, grow my own venture into something to be reconned with, working with Microsoft on several other projects under NDA, and helping as many small and medium sized businesses with their needs as I possibly can. Look for more information to be coming soon. I also promise to pick up the pace soon with the technical blogging!

Posted in: personal / Tagged: , ,

What part of conserve gas do you not understand?

Forgive the non-technical post and the language, but this has me a bit upset.

There is nothing I hate more than to see millionaires complain about money problems. NASCAR is apparently having some difficulty with their races due to the recent gas hike. My favorite quote was:

“We also are seeing it in our aircraft. Our charter company, because we charter our team planes, has given us an extra charge directly due to the raise in fuel costs.”

Well boo-f ‘ ing-who.

Posted in: politics / Tagged: ,

Hackers Attack via Chinese Web Sites

I don’t know if anyone caught the Washington Post story a few days ago titled “Hackers Attack via Chinese Web Sites“. It seems to have slipped past everyone in the news. Of course, The WP has become so disreputable and biased that it shouldn’t surprise me that no one paid attention. However, we were warned well in advance, so it should be no surprise.

This begs the question, however. The government has to be, without a doubt, one of the largest consumers of computer goods and services. While I am not an advocate of increased tax spending, this area could use some. Perhaps its time to take a different approach with that spending, however. We have tried many things over the years: Internet War Games, hiring our own elite forces, and even creating more laws and policies. These are certainly deterrents, but security in depth is the key here.

Any good football team has a good offense, a good defense, and a great different game plan depending on who their enemy is. We have the offense now (as mentioned above), we have ‘some’ defense as well. Laws do us no good when dealing with hackers in foreign countries. So what is the answer? I will not purport to have that ‘nail in the coffin’ answer to cyber terrorism and anyone that claims they do is selling you a bill of goods (And they will typically have the abbreviations “Sen.” or “Rep.” in front of their name). However, there are a few other things we need to explore. One mark of a great football team is that they have the ability to surprise and misdirect their enemy. Making the opponent attack in the wrong direction has often led to victory in some of the best games I have seen played. In IT, the misdirection can be supplied with honey pots and misinformation. We can take a trip from the tabloids and start putting out information that sounds correct and feasible, but is nothing more than fodder for the masses. For instance, sending out communications that will most likely be intercepted to “expose” a weakness that is actually a strength can cause a huge failure on an attacker.

This is also not a new concept in typical warfare. Many of you may remember the move “The Patriot”, which was a loose description of the revolutionary war battle in Cowpens, SC, made use of a “double envelopment” strategy, which essentially used a perceived weakness to entice the enemy into a trap. Obviously, this was not the first use of the strategy either, but is highly notable due to the movie’s popularity. Honey pots and misinformation are highly useful in this same context. We strengthen what we may now understand is a weakness, and then taunt the enemy with the weakness again. While the enemy attacks, we have a better chance of pinpointing their location, and perhaps sending them a nice drone-delivered “ACK” to their received packets.

The football analogy works to some degree when trying to put together a cyber security policy. However, we do not “play” against one enemy at a time. We play every team out there — known and unknown. This is why defense is our most important aspect of policy. Our defense needs to be highly educated, state of the art, and driven. We have no way of knowing who is going to attack and when. There is no way we can be prepared for every attack possible. However, we can at least provide some misdirection while we shore up our defense and plan our counter-attacks.

Posted in: technical / Tagged: , , ,

Engineering for Reliability: Learning from a chair

The other day, I posted an article about Engeneering for Usability. I hadn’t intended to make a series of this, but it may very well turn out that way as today’s post is about engeneering for reliability. Who knows what future posts may hold.

I was sitting in a doctors office the other day, waiting very patiently to be called in. I fidgetted as I always did. Leaning forward, leaning sideways, flopping around like an idiot just trying to reconcile myself with the fact that I didn’t have a laptop or something in front of me to do. But then it sort of hit me. I was abusing that chair to death and it was taking it.

Lets think about the first sentance of this blog post. I said that I was sitting in the doctors office. I’ll bet not one person reading this said “Oh man, what kind of chair was it?” or “Oh my goodness, what if it breaks?” or “Holy cow, that guy is really rolling the dice there isn’t he?”. All of you most likely pictured someone just plopped down on a chair. No one was really fixed on the idea that the chair could fall apart or that it wasn’t an appropriate height. The reason behind this is that, in general, we tend to think that a chair will work when we use it. When was the last time you tested a chair to see if it would hold your weight? I’m sure under the right circumstances, you just might — like if the chair looked visibly weak or damaged, but once again, the general concensus is that its going to work out for you.

When was the last time you could rest this easy with the software we use on our desktops? Do we ever hear someone talk about a piece of software crashing and say, “wow, that’s unusual”. No, in fact, many computer vendors design their software to handle crashing more gracefully. Microsoft themselves have implemented the ability to report errors to them that occur (with a prompt to the user, of course). We have event logs, log files, dump logs, and the like. As developers we spend more time preparing for our software to crash than I think we should sometimes spend making sure our software doesn’t crash to begin with. But while we should spend a great deal of time testing and thinking through our applications — making sure they can work, that isn’t even half of what is required to develop a reliable software system. There are things that are out of our control such as network connectivity, power failures, hard drive crashes, and other hardware failures.

For these very reasons, desktop software most likely never will be as reliable as a chair — its too dependant on too many things in the environment. We have to depend on outside influences such as universal power supplies, raid controllers and backup network connections. These are not typically all seen in your typical home system and even if they are, you can’t make those things prerequisite to installing your software because your available user base would sink considerably. The chair, on the other hand, has everything it needs on hand to appease its user base. Despite the fact that there are a million chair varieties, they all come with their own support system and don’t depend on anything but gravity to make it work right (there’s that gravity constant again).

When it comes to desktop software and even small business applications we are forced to plan for and handle as many failures as we can forsee. We have to accept the fact that outside influences such as memory corruption and IO errors may cause our application to misbehave. Obviously with enterprise software, the guys with the big bucks pay us to implement systems with hardware failovers, double, tripple or quadruple redundancy, and the like. We can make most of those applications truely reliable and nearly as reliable as a chair. However, till we see Dell shipping every system out the door with a UPS, backup and restore operations, RAID and free connectivity to multiple providers, prepare your applications well to handle these errors.

So what can you catch? What can you do to make the user trust your application in spite of these obvious physical problems?

  1. Call it as you see it when a failure occurs. Make sure before you crash that you point the finger at the culprit: “An I/O error has occurred, shutting down to prevent data loss.” or “This application was shut down unexpectedly, would you like to restore?” are common dialogs that you see in highly reliable desktop applications such as Microsoft Word. Which brings us to our second point.
  2. Provide data recovery after failure. This typically means that you have to save state in your application often. One of the most famous uses of this was already noted above. Microsoft word can recover from an error by presenting you with a recovered document as of the last autosave. Obviously, you dont’ want to automatically save to the file that was opened. Microsoft Word creates a temporary file with a similar name to the opened file (placing a “~” at the beginning of the name and setting the file attributes to hidden). That way, when the application crashes, and someone attempts to open the document again, Word can recognize that changes were made to the file. Office knows then to alert you that you can recover the changes to the document you are trying to open.
  3. Provide failover storage durring periods of communications disconnection. When you cannot communicate with a remote database, consider writing changes to a local storage repository and allow those changes to be uploaded when communications are restored. This allows the user to trust that they can continue working on the application and their changes wont be lost or have to be retyped should communications go down. This store and forward style of communication is even seen at lower levels of the OSI layer in routers, switches, and firewalls. Packets are received, stored, and then routing is attempted. If the routing fails, the attempt can be made again because the packet was stored in the device.
  4. Restore network communications automatically. Take note of applications like ICQ, MSN, Yahoo, and the like. They can detect when an internet connection is available and automatically reconnect to their respective services when communications are restored. Don’t expect the user to reconnect every time. This can get annoying if a network connection is having particular difficulty.
  5. Provide logging and feedback capabilities so you can determine what errors occur and how user experience is impacted. Not every user will use it, in fact most will opt out. But for the users that are willing to take the time to fill you in on what’s happening, you should take it. Consider it free QA. Make sure you aren’t just collecting this information. Be sure to respond appropriately with hot fixes and service packs that address the issues you find. Let the user’s know that you cared enough about their input to make sure it didn’t happen again.

These certainly isn’t a comprehensive list, but it should be enough to get you started. You’ll never be able to meet the same reliability standard of a chair with software, but you should be able to instill confidence in your application’s users. Let them know that they can “sit back and relax” knowing that you, your application and their chair will be there for them when they expect it to be.

Posted in: technical / Tagged: , ,