OT: Bank transaction privacy

BankRate.com is reporting a story about the use of financial transactions being used to track down terrorism. Of course, our anti-American partners at MSN are, of course, lapping up the story like a dog to a toilet bowl.

The article states:

According to their rules, any group of transactions totaling $5,000 or more that “is not the sort in which the particular customer would normally be expected to engage” can cause enough suspicion to create a SAR [Suspicious Activity Report].

Having engaged in more than my fair share of transactions last year that involved more than $5000 on a weekly basis, and having had my fair share of “irregular” bank transaction requests, I can state that I more than likely have one or more of these reports generated about me and suprisingly enough, I’m not cowering in a corner waiting for the feds to bust down my door. Now, if I had engaged in any illegal activity, I am sure I’d be singing a different tune. I also appreciate the fact that our government is trying to track possible terrorist activities and I’m thankful that we have a President who is willing to do what is necessary to meet that need.

It seems to me I remember some certain “Jersey Girls” complaining:

I watched my husband murdered live on TV. . . . At any point in time the casualties could have been lessened, and it seems to me there wasn’t even an attempt made.

Among other things, they charge that nothing was done in a meaningful timeframe to save anyone’s life, that the delay was on purpose, and that [President] George Bush was responsible for the deaths of three thousand people.

I actually can understand the sentiment and complaints. I can even sympathize with the rationale, but these same women are complaining when we do try to gather intelligence. Democrats are proud to bring up the intelligence failures of 9/11, but are also quick to leak intelligence to ensure failure again in the future — and they wonder why they lost the Presidential election as well as the House and Senate in 2004?

Now, I’m certain I’ll be attacked for taking this stand, but I want to get one thing straight. I don’t believe that the government should be so involved in our lives either. I think that we have let the government etch itself too deeply into our way of life. Let’s not forget that the government was never intended to control so much of our lives. Instead, we’ve perverted it to do so and now we are paying the consequences of those decisions. Socialism has crept into our society years after we supposedly defeated it. We’ve put the burdon of our every-day lives onto the government and now that the government is taking what we have given them over the years, we are going to complain?

You cannot have it both ways. Either you have a government that is in charge of distributing wealth, protecting citizenry, giving “free” health care to “everyone”, establishing what is moral and what is not, literally robbing from the not-so-rich and giving to the not-so-poor, educating our children (if you can call it that) and caring for our every need, or they can be a thin layer of government that conforms to the will of the people and doesn’t have the ability or business of prying into our every day lives.

Posted in: politics / Tagged: politics

Looking left and turning right: management style

Today, I was returning from my manager’s office to my own when I nearly collided with another manager-type in the hall. As I was approaching a hallway intersection, a manager emerged in a bit of a hurry looking to the left while she was turning to the right. She prolonged her view to the left for so long that her path was diverging directly into mine. In motorcycle safety course several years ago we were taught while taking a corner that we should look in the direction of the curve. Looking to the opposing direction could often cause us to veer off course toward the direction of our gaze. Referring back to my manager-turned-missile, of course, I scrambled to get out of her way before she hit me. This was rather awkward to do and by the time the manager looked back at me shuffling around, she look at me like I was the stupid one and didn’t as much as say “oops, sorry”.

Nothing in this world enrages me more than managers with an inflated view of their own self-importance. But this is rather indicative of the problem I think we face in our company. We know where we want to go, and if we just focused on our own goals, we would get there in spectacular fashion. This isn’t the case, however. We fixate on what other companies are doing and what else we could be doing instead of directing our gaze at what we are working on until it is completed. Couple these misguiding glances with all of our team meetings, morale events, office sharing and quarterly group/org/company ra-ra meetings that do nothing more than tell us what we already know — or tell us more than we care to know — and it’s no wonder we cannot get anything done.

I encourage Microsoft to start training our managers — and our non-management employees for that matter — to stay focused on the direction of our company. Stop worrying about what every other company out there is doing and start worrying about what we are NOT getting done on time. Our customers depend on us. You want to drive up customer satisfaction rates? How about delivering a product for them to be satisfied with! You want to drive up revenue? How about filling some warehouses with some freshly minted retail bits!

Obsessing over our career options at myMicrosoft and worrying about work-life balance cannot continue to be our main focus. Putting our focus in that direction will only take us off course from our real goals. Trust me, when we deliver quality products to our customers on time and under budget, our career options will open up for themselves. And nothing makes work-life balance easier than getting performance bonuses that we can spend on our nights, weekends and vacations or put toward our children’s college education fund.

Edit:
I should clarify that I am also guilty of this very same problem. While re-reading my annual review, my commitments are filled with goals that aren’t in my direct line of responsibility. This is as much of a criticism of myself as it is of anyone else. Furthermore, my managers up my direct line have been pretty wonderful, supportive and have kept me fairly focused on my tasks.

Posted in: microsoft / Tagged: culture, management, microsoft

Change the runtime of an IIS 7 application pool

The following quick SDK sample demonstrates how to list and change the managed runtime version of application pools programatically in IIS 7.

[VB]

Imports System
Imports Microsoft.Web.Administration
Public Class AppPoolSample
 Shared manager As ServerManager = New ServerManager()
  ' Main application processing
  Public Shared Sub Main(ByVal args As String())
      ' Get the apppool to change
      Dim iPool As Integer = GetAppPool()
      ' Get the framework version desired
      Dim rtVersion As String = GetVersion()
      ' Set the apppool runtime
      Dim poolToSet As ApplicationPool = manager.ApplicationPools(iPool)
      Console.WriteLine(
            "Setting application pool '{0}' to runtime version: {1}...", _
            poolToSet.Name, rtVersion)
      poolToSet.ManagedRuntimeVersion = rtVersion
      ' Commit the changes and recycle the application pool
      manager.CommitChanges()
      poolToSet.Recycle()
      Console.WriteLine("Your changes have been committed.")
  End Sub

  ' Prompts the user to select an application pool
  Public Shared Function GetAppPool() As Integer
    Dim pool As String = String.Empty
    Dim iPool As Integer = 0
    While (Not Integer.TryParse(pool, iPool))
      Console.WriteLine("Available ApplicationPools: Managed runtime version")
      Dim i As Integer
      For i = 0 To manager.ApplicationPools.Count - 1 Step i + 1
        Dim appPool As ApplicationPool = manager.ApplicationPools(i)
        Console.WriteLine("{3}{0,3}.{3}{1}: {2}", i + 1, _
            appPool.Name, appPool.ManagedRuntimeVersion, vbTab)
      Next
      Console.Write("{0}Choose an application pool to change: ", vbCrLf)
      pool = Console.ReadLine()
    End While
    Return iPool - 1
  End Function

    ' Prompts a user to select the version of runtime they would like
    ' the application pool to use
    Public Shared Function GetVersion() As String
        Dim rtVersion As String = String.Empty
        Dim iVersion As Integer = 0
        While (Not Integer.TryParse(rtVersion, iVersion))
            Console.WriteLine("{0}  1.{0}Framework version 1.0", vbTab)
            Console.WriteLine("{0}  2.{0}Framework version 1.1", vbTab)
            Console.WriteLine("{0}  3.{0}Framework version 2.0", vbTab)
            Console.Write("Choose the new managed runtime version: ")
            rtVersion = Console.ReadLine()
        End While
        Select Case iVersion
            Case 1
                rtVersion = "v1.0"
            Case 2
                rtVersion = "v1.1"
            Case 3
                rtVersion = "v2.0"
        End Select
        Return rtVersion
    End Function
End Class

[C#]

using System;
using Microsoft.Web.Administration;

public class AppPoolSample 
{
  static ServerManager manager = new ServerManager();
  // Main application processing
  public static void Main(string[] args)  
  {
    // Get the apppool to change
    int iPool = GetAppPool();
    // Get the framework version desired
    string rtVersion = GetVersion();
    // Set the apppool runtime
    ApplicationPool poolToSet = manager.ApplicationPools[iPool];
    Console.WriteLine(
        "Setting application pool '{0}' to runtime version: {1}...",
        poolToSet.Name, rtVersion);
    poolToSet.ManagedRuntimeVersion = rtVersion;
    // Commit the changes and recycle the application pool
    manager.CommitChanges();
    poolToSet.Recycle();
    Console.WriteLine("Your changes have been committed.");
  }
  // Prompts the user to select an application pool
 public static int GetAppPool()
 {
    string pool = String.Empty;
    int iPool = 0;
    while ((!int.TryParse(pool, out iPool)) ||
            (iPool > manager.ApplicationPools.Count || iPool <= 0))
    {
      Console.WriteLine(
                    "Available ApplicationPools: Managed runtime version");
      for (int i = 0; i <= manager.ApplicationPools.Count - 1; i++)
      {
        ApplicationPool appPool = manager.ApplicationPools[i];
        Console.WriteLine("t{0,3}.t{1}: {2}", i + 1, 
            appPool.Name, appPool.ManagedRuntimeVersion);
      }
      Console.Write("rnChoose an application pool to change: ");
      pool = Console.ReadLine();
  }
  return iPool -1;
}
  // Prompts a user to select the version of runtime they would like
  // the application pool to use
  public static string GetVersion()
  {
    string rtVersion = String.Empty;
    int iVersion = 0;
    while ((!int.TryParse(rtVersion, out iVersion)) ||
            (iVersion > 3 || iVersion < 1))
    {
      Console.WriteLine("rnt   1.tFramework version 1.0");
      Console.WriteLine("t   2.tFramework version 1.1");
      Console.WriteLine("t   3.tFramework version 2.0");
      Console.Write("Choose the new managed runtime version: ");
      rtVersion = Console.ReadLine();
    }
    switch (iVersion)
    {
        case 1:
            rtVersion  = "v1.0";
            break;
        case 2:
            rtVersion = "v1.1";
            break;
        case 3:
            rtVersion = "v2.0";
            break;
    }
    return rtVersion;
  }
}

Posted in: technical / Tagged: IIS, Migration, VB6, visual basic

Internal spam affects productivity

When I interviewed with Microsoft, I was asked, “What is one thing we can count on you to do at Microsoft?”

My reply was brief: “You can count on me to complain.”

My interviewer suddenly took on the puzzled look that an interviewee would normally take when presented with an unfamiliar scenario. The facial expression of my inquisitor demanded an explanation. I decided to end the torment by presenting further detail; “When something is wrong, I’m going to bring it up and someone will hear me. I’m not going to just complain, but I’m going to offer at least one alternative solution.” Apparently, my explanation cured the torment of my initial declaration. I was hired and here I sit; typing my 23rd Microsoft blog post to an audience that has graced me with tens of thousands of views. This particular post is a follow-up on my promise to complain and provide an alternative solution.

As many have said in the past, email is the life-blood of our company. We communicate everything in email. That’s why our anti-spam measures that counteract external tormenters are so critical to our business. But what are we doing about the measures to counteract internal spammers? Adam Barr made light of the need for Microsoft Outlook rules in his short story, “The Microsoft Code”, but the premise is 100% genuine. Internally, we have people who just LOVE to toot their own horns and, as you might guess, these horn-tooters are typically the management way up the line. They do this horn-tooting in a barrage of email that cripples productivity. This is fine, I suppose, but it comes from the internal culture that supports working toward better reviews each year rather than making meaningful contributions to their teams, organizations, the company and (hopefully) the customers. When a director sends you a “professional” email that contains exclamation points and smiley faces, you can almost assuredly delete the email – can anyone make an Outlook rule for that?

I’ve been at Microsoft for less than 4 months now and I’ve been swamped with work since I came to Redmond.   I am the only worker of my particular discipline in my particular group. I have deadlines; big ones; looming ones. I sincerely mean no offense here, but I don’t have time to listen to everybody in our company talk about what they did and what they are going to do. To take that one step further, I don’t care to know everything that’s going on. I lose my focus as I try to decipher the email and understand how that particular communication affects my day-to-day work. If our upper management stopped to think about the opportunity cost of each email they sent out, we might actually have time to stop reading email and start getting products shipped on time. Seriously, I wonder how many people send out these emails to distribution lists that “appear” correct (apparently based on the name of the group) without actually looking to see who is involved in the distribution. Those distribution lists in the GAL can be nested so many levels deep, I venture to say that no one knows who is going to receive a particular email with any degree of specificity.

If upper management is going to send email to everyone, what is intermediate management meant to do? I personally prefer a military style approach where one level talks directly to the level above them and the level below them with rare communications in between. If those particular levels above or below think the information is important to the next level up or down, they can forward that communication accordingly. Dissemination of information in this particular manner assures that the appropriate people get the data, and everyone else doesn’t suffer from information overload. Each management level can also summarize the information and parse out the pieces that they feel are important for their group – a human Outlook rule, if you will.  That’s obviously not the culture we have here at Microsoft.

One idea I tossed about in my head was the idea that everyone internally should have their own RSS feed or VLOG. When someone wants to toot their own horn, they can do so on their blog; their managers can see those accolades, their team can see it, and the people who really care about it can see it. If that particular employee keeps blogging about stuff that doesn’t affect me, I can unsubscribe and stop wasting my time reading/watching that feed – providing incentive for everyone to keep their topics relevant or risk humiliation with low agg-view participation. In this approach, new employees or employees who transfer to groups could then subscribe to manager-recommended OPMLs that generally contain information that you will want so you can be effective in your new role.   Furthermore, RSS feeds can be much more easily tagged than email can. I can subscribe to “John Doe’s IIS posts” but filter out “John Doe’s Accomplishments” (much like my own blog that will allow some of you to ignore this particular “Microsoft Culture” post if you so desire). Sure, this is not a perfect solution, but it’s a start.

I have tons of important data to keep track of. Communication is very important to the company – too important to gum up with internal spam. We need to find a solution or we will forever find ourselves bogged down in self-congratulatory expression and no real work getting done.

Posted in: microsoft / Tagged: culture, microsoft

Security: Incompetence

It’s one type of incompetence to keep the personal identifiers and financial data of customers on your laptop and then lose it — twice; It’s an entirely different type of incompetence that allows government data to be compromised through a network. Last year at TechEd, a demo showed how a completely patched network could be compromised using an exploit in a web site. The best part of the exploit was made possible due to turning on more functionality than was necessary. Namely, one issue in the demo was that the router configuration allowed port 80 and port 443 traffic — despite the fact that SSL was not in use on the web site.

Regardless of the platform being used, many of these compromises are possible these days not due to the operating system itself, but due to assumptions made about users, lack of planning, or pure laziness of administrators and developers. This is one major reason why I’m not a big fan of agile. Despite the best arguments I’ve heard for agile software development, I have witnessed too much emphasis on feature completion without regard to overall system security. I would encourage you all to read Michael Howard’s new book on the security development lifecycle (link provided below).

Whatever the case — whatever the cause — I would urge the community to pay attention to the recent news stories, learn to start protecting important data and please stop putting personal and financial information that doesn’t belong to you on your laptop!

For more Microsoft resources on security please check out the following:

General Security Websites:
http://www.microsoft.com/security/default.mspx

Blogs:
http://blogs.technet.com/msrc/default.aspx
http://blogs.msdn.com/michael_howard/

Books:
http://books.mcgraw-hill.com/getbook.php?isbn=0072260858
http://www.microsoft.com/MSPress/books/5957.asp
http://www.microsoft.com/MSPress/books/8753.asp
http://www.microsoft.com/mspress/books/6893.asp
http://www.microsoft.com/mspress/books/6788.asp
http://www.microsoft.com/mspress/books/6892.asp
http://www.microsoft.com/mspress/books/6432.asp

Posted in: technical / Tagged: Security

ADO.NET 2.0 Boot Camp

Sahil Malik, a prolific speaker, Microsoft MVP and author of “Professional ADO.NET 2.0” is holding a one-day ADO.NET boot camp in Charlotte next month. If you are in the area, I think this class will definitely give you your money’s worth. Sahil has a very unique way of teaching that is easy to follow and highly effective. If you are going to be in the area on July 21st, and want to master ADO.NET, I would encourage you to take a look at this great opportunity in the Charlotte, NC.

Posted in: events / Tagged: ado.net, data, microsoft, training

Workaround: Adding a script map in IIS 5.1

I was contacted by a customer who commented that he could not add a Script Map to IIS 5.1. After selecting his executable for the script map and adding his extension, the “OK” button was still disabled — preventing him from committing the script map change.

To work around this issue, once you have selected the executable and set the extension, click inside the “Executable” text box to expand the full path to the executable. Doing so will enable the OK button and you will be able to commit your script map change.

Posted in: technical / Tagged: IIS, iis5, scripting

Bill Gates affect on my mood

Being a new employee at Microsoft leaves me at a bit of a disadvantage in weeks like this. First, we hear that our “chief blogging officer”, Robert Scoble is leaving the company. Today, it’s been announced that BillG will be stepping back his responsibilities at the companies once again. It is not like this wasn’t expected, but it is a bit disheartening, none-the-less.

Bill Gates has had a profound affect on my life. I grew up in a poor town with family that worked VERY hard to provide for us, but by no means were we wealthy. However, when I was writing code on my Atari 800XL in fifth grade, I told my mom that I would be working for Microsoft one day. Since then, Bill Gates’ drive has inspired this poor kid from East Liverpool, OH to succeed. No matter what life throws at you, who makes fun of you or attacks you with pies you can always come out on top. Like BillG, I didn’t finish college — but unlike Mr. Gates, I quit because I ran out of money. None-the-less, in my mind, I said “If Bill can succeed without a degree, so can I!” Over the years, my life has thrown one curve ball after another at me. I’ve had good times and bad. The one common factor in all those years has been Microsoft software; I’ve made my career of it; I’ve based my life on it; My house and my belt clip are embedded with it; I’ve tied my success (if I can call it that) to it. So with all of this said, it’s a deeply saddening experience to see the man who is responsible for getting it all started is now slowly backing out of his role here.

However…

If you talk to the larger percentage of Microsoft employees, most of us have had little to no interaction with Bill. Our software goes in and out the door much without his micro-management or interference. How much of the Microsoft Office 2007 feature set was designed or coded by Mr. Gates? What drivers for Windows Vista do you think Bill had a part in creating? My guess is, very little of our software is directly controlled by Bill. Instead, he delegates those responsibilities as he sees fit.

I think it’s great that Bill gets to follow this path with his life. There is such an emphasis on giving at Microsoft. I’m proud to be part of a company that thinks about more than what goes on inside its own walls. I, too, intend to do charity work full time at some point in my life. I think, one again, Bill is setting an example for my own life. I obviously will not likely be able to do this to the same degree that Bill Gates is, but the example has been set and I admire the man.

Microsoft will go on making great software on and off the desktop for years to come and Bill is responsible for the spark that started this software industry off in such spectacular fashion. It’s time for someone else to take the torch and move on while Bill starts a new spark in charitable giving. If it’s possible for someone 11 levels under Mr Gates to say this, I’m proud of him for doing this and I can’t wait to see what he accomplishes with The Gates Foundation when he goes full time with it in 2008.

Good luck, Mr. Gates, and God Bless.

Posted in: technical / Tagged: culture, microsoft

ASP.NET 1.1, IIS 6.0 and 64-bit Windows

A few days ago, one of the many distribution lists I belong to was presented with the following requests:

I’m trying to create a Web Service in Visual Studio .NET 2003 and am getting an error “Visual Studio .NET has detected that the specified Web server is not running ASP .NET version 1.1. You will be unable to run ASP .NET Web applications or services.”

The individual said that he had checked the script maps and everything seemed to be in order on the server. They had installed and uninstalled the ASP.NET extensions several times using aspnet_regiis.exe. After a few more communications the poster added:

(Potential complication: my machine is a 64-bit OS; does this change the equation?)

The answer is that running 64-bit Windows does have an affect on your ability to run ASP.NET 1.1 in IIS 6. ASP.NET 1.1 only supports running in 32-bit mode. Fortunately, IIS 6 on 64-bit Windows can run in either 64-bit mode or 32-bit mode.

The following steps to run IIS 6 in 32-bit mode can be found in our MSDN documentation:

Click Start, click Run, type cmd, and then click OK.
Type the following command to enable the 32-bit mode:

cscript %SYSTEMDRIVE%inetpubadminscriptsadsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 1
Type the following command to install the version of ASP.NET 1.1 and to install the script maps at the IIS root and under:

%SYSTEMROOT%Microsoft.NETFrameworkv1.1.4322aspnet_regiis.exe -i
Make sure that the status of ASP.NET version 1.1.4322 is set to Allowed in the Web service extension list in Internet Information Services Manager.

After following these instructions, the issue still wasn’t resolved. In fact, the script maps for the web application were not being properly updated. I had the customer execute the “aspnet_regiis -ua” which would remove all versions of ASP.NET from the machine. To reinstall the ASP.NET 1.1 again, you then need to reissue the “aspnet_regiis -i” command (use “aspnet_regiis -i -enable” if you are using Windows 2003). This should allow you to run ASP.NET 1.1 on IIS 6.

Keep in mind, however, that IIS 6.0 cannot run in both 64-bit mode and 32-bit mode at the same time. By running IIS 6.0 in 32-bit mode on 64-bit Windows, ASP.NET 2.0 applications will also run in 32-bit mode.

Posted in: technical / Tagged: 64-bit, asp.net, IIS, IIS6

Work-life balance; Robert Scoble

Since coming to Microsoft, I have heard a LOT about our policy on “work-life balance”. If you aren’t familiar with what work-life balance is, a simple search on the web should satisfy your curiosity. Essentially, we believe that people work best when they are satisified with their accomplishments at work as well as their lives at home. Microsoft will often say that their greatest asset is their employees. However, Microsoft doesn’t actually believe that last statement. Now if you are a manager or an HR rep at Microsoft, and you just read that last statement, you probably just spewed your soda (“pop” for some of you) all over your flat-screen and keyboard. Never fear. Let me explain that. If Microsoft actually believed that employees were an asset, they would treat them like they owned them. This is NOT the case. In fact, Microsoft treats us more like a guest that they don’t want to leave. I’m sure this week will be particularly hard for Microsoft as one of our more prominent guests have announced they are leaving. I’m glad that Robert has seen fit to shut down the critics who opened their mouths before getting the facts straight.

I often hear about how Microsoft doesn’t pay enough or treat their employees right. While that may or may not be true (depending on who you talk to), Microsoft has proved with their benefits that they do care deeply about their employees. From day one at Microsoft, you are given a package of benefits so thick that it takes two days of new employee orientation to help you get familiar with them — and even then, you are left bewildered with all of the benefits and resources at your disposal. One such benefit that is actually a “requirement” at Microsoft is work-life balance. In the past three months since my arrival, I’ve been pressured to make sure I have been enjoying life while getting my work done at the same time.

However, here I sit at work on the weekend, trying to pound out some of my work while there are less distractions and no meetings to attend. This is by choice, obviously, and if anyone from my team knew I was here, I’m sure I would get reminded that my “life” is just as important as work. Of course, at the moment I decide to take a quick break, a member of my team walks in and “catches” me with a pocket full of ping pong balls on my way from the ping pong table. See, I’ve got work-life balance! (Thank goodness they didn’t catch me working instead).

This post was prompted by the news of Scoble’s departure and the folks that immediately took that opportunity to bash Microsoft over “letting him go”. And that they didn’t “do everything they could to make sure he stayed put”. I’m sure that everything was done to encourage him to stay — but remember — he is just guest and not an asset. Therefor he is entitled to leave any time that he wants for whatever reason he wants.

I’m very sorry to hear Robert Scoble is leaving Microsoft, but very happy that he cleared the air about life at Microsoft before it got out of hand.

Good luck, Robert!

Posted in: microsoft / Tagged: culture, microsoft

← Older Posts

Newer Posts →

Author Archives: Tobint