0 comments suggest edit

MCSD Logo

I obtained this certification several years ago and pretty much forgot about it. It really hasn’t done me any good. The only benefit at the time was that it helped my former employer obtain Gold status as a Microsoft Solution Provider. However, I’m still waiting to see the real benefits of that status for them.

The benefit of any certification is fully dependent on the external perception of the certification and how well it represents skill and expertise. A PhD for example is generally highly regarded.

As it currently stands, the MCSD certification does not carry such respect. It seems this is due to Microsoft doing little to promote it. The status of a certification goes hand in hand with the people who carry the certification. When you see a lot of very talented smart people carrying a certification they are proud of, you strive for that certification.

Take a moment to think of the who’s who of .NET development. How many have MCSDs? My guess is not many. I can’t be sure, but I doubt that Don Box, Jeffrey Richter, Ian Griffiths, Chris Sells, etc… have this or even care for this certification. Otherwise they’d display it proudly just as Mr. Sells displays his IEEE member in good standing logo on his blog.

In any case, I’ll display it anyways just in case it bears weight in the future. At the very least, I like the color scheme.

0 comments suggest edit

A while ago I wrote up a post on Asynchronous Sockets. Ian was kind enough to send me an email correcting a few niggles with it and in an email exchange, cleared up a few other misconceptions about how sockets (and other IO operations for that matter) really work.

Well now he posts a great article that points out that a program doesn’t always use a thread to perform some work.

There seems to be a popular notion that in order for a program to perform an operation, it must have a thread with which to do it. This is not always the case. Often, the only points at which you need a thread are at the start and end of the operation….

This is recommended reading.

Read the rest here

0 comments suggest edit

Read the story from Fox News of all places.

The statement tells American voters that Abu Hafs al-Masri supports the re-election campaign of President Bush: “We are very keen that Bush does not lose the upcoming elections.” \ \ The statement said Abu Hafs al-Masri needs what it called Bush’s “idiocy and religious fanaticism” because they would “wake up” the Islamic world.

And my Republican friends scoffed at the fact that Kerry won the endorsement of many European countries. Well it’s better than being endorsed by Al Qaeda.

0 comments suggest edit

Found this interesting puzzle on BoingBoing. I figured it out. Can you?

Mark Frauenfelder: This looks like an interesting problem. Lloyd Borrett writes:

Take up the challenge of “Petals Around the Rose”. Also read what happened when Bill Gates was introduced to Petals Around the Rose in June 1977. How he tackled this brain teaser is an interesting insight into the man at the helm of Microsoft.

Link

[Via Boing Boing]

0 comments suggest edit

Someday when I have a kid, the young squirt will sit upon my knee and ask:

Daddy. What’s the difference between Progressive House and Progressive Trance? What does Dub sound like and how did it influence Chicago House? And where the hell does Speed Bass fit in all this?

Ha ha whoa there little one. One at a time please. Clean your room and all will be revealed.

Well now, I have just the site to show the little one. Ishkur’s Guide To Electronic Music v2.5. This flash site provides an exploratory interface to discover the various genres and sub-genres of electronic music. Starting at the top level with House, Trance, Techno, Breakbeat, Jungle, Hardcore, and Downtempo, the site graphs the various predecessor genres leading up to the genre and then shows how the genre splits into sub-genres. The graphs place the genesis of these various genres in their proper time context. It’s really quite nice.

For example, click on BreakBeat and you can see that the roots of BreakBeat are in Hip Hop. Plenty of musical samples are provided to help you gain understanding.

The best part is the author’s irreverent descriptions. For example, in describing Happy House the author states:

The official music genre of Dance Dance Revolution, this is by far the most syrupy, saccharine music known to mankind. I bet they play this kind of stuff to calm lunatics at insane asylums locked in padded room with pink walls.

And he goes on and on. In any case, have fun exploring the various genres. And I highly recommend turning up your stereo volume as loud as possible and check out SpeedCore. Do it. Do it. Do it.

0 comments suggest edit

Found this here on Yahoo news. What is this frog doing?

Frog spreads sperm on eggs \ Kermit takes revenge when Miss Piggy hooks up with Beaker.

Spanish zoologists have discovered that male frogs who are losers in love get their revenge by spreading their sperm over eggs that have been left by a pair of romancing amphibians.

You go boy! Exact that revenge. Can you imagine how awful it would be if humans engaged in this behavior.

Bitch left me for THAT asshole. Just wait till they have kids!

0 comments suggest edit

Someone pointed this out to me on Amazon.com. A book entitled How to Date a White Woman: A Practical Guide for Asian Men.

The fact that such a book exists leaves me speechless. I didn’t realize there was a demand by asian men to seek out specifically white women. Perhaps it’s a backlash against the perceived phenomenon of white men “stealing” asian women. This is absolute hilarity.

Then again, being biracial myself, I can only say I support more interracial coupling. Viva Hapas! The real humor is in the customer reviews for the book. For example check out this one from a reviewer in Brooklyn:

I suppose I really have only myself to blame, but based on a cursory glance at its title, I assumed that this book was about forensic techniques for identifying the age of bones, along with other remains and artifacts. If, like me, you are looking for any insight into the applications of C-14 comparisons, strontium decay or the like, you will be disappointed. However, I gave this book to a friend of mine, Arthur Fong, who said he appreciated it.

Too bad there’s no sample pages because I’m dying of curiosity to see what hackneyed tips the author provides. I’ll tell you the best tip for dating a person of a particular race (not that I condone dating people specifically for the color of their skin). Spend time where they are.

Studies show that the major determinant in who you marry is your proximity to such person. You want to marry a white woman, find out where there are high concentrations of white women. Want to marry a rich woman, hang out in the Hamptons. Oh, and it wouldn’t hurt to shower often and treat them with respect.

0 comments suggest edit

This is an animated gif. If it’s not animated, then you’re not seeing what I see.

The more times I watch this, the funnier it gets.

UPDATE: I removed the gif. Brian points out in the comments that the video is funnier.

0 comments suggest edit

I have the lovely task of importing a POP3 mailbox with 144524 messages into our database. I’m using a 3rd party component, but am quickly learning more than I ever wanted to know about POP3. For example, ideally you don’t want to use POP3 for large mail boxes because POP3 isn’t scalable.

Having read RFC 1939 which specifies the Post Office Protocol Version 3, I now understand why it isn’t scalable. There are three phases to a POP3 session, the AUTHORIZATION phase, the TRANSACTION phase, and the UPDATE phase.

The AUTHORIZATION phase is simply a login phase. The USER command specifies the username to log in the mailbox with and the PASS command specifies a password. Once authenticated, the server enters the next phase.

The TRANSACTION phase is where the POP3 client does the real work. For example, the STAT command returns the message count within the mailbox. In order to retrieve an individual email, the Message Id is required. To get that, issue the LIST command with no arguments, and the POP3 server will list all the message ids and the size in octets. There’s no way to specify a number of messages to return. So in my case, the command has to return the IDs and sizes for all 144524 messages. But wait, it gets better.

Once, a POP3 client is done issuing commands to delete messages in the TRANSACTION phase, none of those messages are actually deleted until the client issues the QUIT command. At that point, the POP3 session enters the UPDATE phase and the server starts to delete messages marked for deletion. As you can deduce, that could be problematic for a large mailbox.

Also, you might consider deleting messages in batches which is fine, but there’s a hitch. The QUIT command terminates your session after the UPDATE phase is over and POP3 does not guarantee that the message ids you listed before will be the same in a separate session. Therefore you have to issue the LIST command at the beginning of each session to list every message even if you only plan to process a small subset.

In any case, I’m working with the author of the POP3 component I’m using to iron out some kinks and make this work. Once I trim this mailbox down, it should hopefully never get so big again.

0 comments suggest edit

Last night Akumi and I attended the Laugh Factory on Sunset to see our friend and up and coming comic Rick Ramos perform. I met Rick through Kyle as the two of them went to Northwestern together and both Rick and I gave toasts at two of Kyle and Cara’s wedding receptions.

Most of the comics were latino, but there was a suprise appearance by Malibu’s most wanted Jamie Kennedy who was there to try out some new material. However, Jamie didn’t bring it like the other comics.

Before the show we didn’t know what to expect and were admittedly a bit worried. We had never seen Rick perform and we asked each other,

“What if he’s not funny? How akward will that be?”

The first guy was off to a slow start, confirming our fears that this show might be a bomb. But Rick took the stage like a Hurricane in the Bahamas and just rocked the floor. My gut is still busted from laughing too hard.

Several other top notch acts followed including one by a half-Filipino guy named Jo Koy who made everyone look like crying epileptics in a strobe light from laughing so hard.

0 comments suggest edit

If you’re having problems with your computer after upgrading to Windows XP SP2 and you are using a software firewall such as ZoneAlarm or BlackIce, try uninstalling your firewall software and re-installing it. That solved the problem for me. BlackIce recommends uninstalling their firewall before upgrading to SP2.

On two different machines (one with ZoneAlarm and the other with BlackIce), I had simply upgraded to SP2 and turned off the Windows Firewall. Even so, my machines would freeze up, especially when performing network operations. It seems that even with the Windows Firewall off, there’s some sort of contention for the network devices that is resolved by reinstalling.

0 comments suggest edit

One thing that bothers me about the CommentAPI is that the only response you get is the HTTP status code.

HTTP/1.1 200 OK

However, there are cases where it would be helpful to return more information. For example, when I post a comment on a blog that moderates its comment, the blog should note in the response that comments are moderated, allowing the application to notify the user as such.

Otherwise I might assume that maybe there was a problem in posting the comment and then use the web form within the blog itself to repost the comment, only to discover that comments are moderated.

0 comments suggest edit

This cracks me up.

It always infuriates me to see the conservative right quote the Bible to justify some of their policy choices. Mainly because I believe in a separation of church and state, but especially because of the passages they conveniently neglect that happen to fall in line with the liberal movement.

For example, when you look at the early Christian church, they pooled their resources and shared everything. When Ananias and his wife Sapphira sold a possesion and tried to keep back a part of the price, they were struck dead (Acts 5:1-11). Talk about socialism, no? Bush should heed that warning while he tries to give the rich a tax break while cutting back social programs. Luke 12:48 “For unto whomsoever much is given, of him shall be much required…”

Found on here via BoingBoing.

0 comments suggest edit

Fountain Pen I read with amusement this recent post on Scoble’s blog in which someone writes him a note dictating the tools that “Influencers” use.

Influencers use weird crap. They use Macs and Linux, Mozilla, and other eminently hackable systems. They don’t generally run Windows and IE.

This is very similar to Paul Graham’s view of what makes a great hacker, which revolves around the tools a hacker uses.

I don’t understand this focus on trying to nail the qualities of a great person (be it hacker or influencer) by focusing on the technologies the person uses. Let’s look back at influential writers such as Shakespeare and Whitman, they used pen and paper. Aha! Great writers use Pen and Paper.

When history looks back on great writers, I guarantee you that we do not focus on the tools they used. Rather, we focused on what they did. Their output. Do I know or even care what tools Steinbeck used to write The Grapes Of Wrath or Silvia Plath used to write Ariel? Hardly. It’s the legacy of their work and accomplishments that are remembered.

Call To Action Stop wasting your time trying to find the root of greatness by taking your narrow microscope and examining the tools a great person uses. This is as effective as documenting a randomly chosen idiosyncratic tick a person has to determine the cause of his or her influence. You’re trying to push an agenda and you’re not helping anyone. If you want to be a great hacker, influencer, or writer, focus on the necessary skills instead.

0 comments suggest edit

Dare puts this quote from Tim Bray up on his blog.

This has nothing to do with a California chip maker. Rather, its about a trip I recently took to a conference called Intelink, where the people gather who run one of the worlds biggest and most interesting intranets; the one that serves the community of U.S. Intelligence professionals\ … \ I was amused to note that on one of the sub-intranets distinguished by being loaded with particularly ultra-secret stuff, they were offering RSS Bandit for the people to download and use.

[Via Dare Obasanjo aka Carnage4Life]

Ok, I know 007 is actually a British Spy, but I couldn’t think of a good U.S. counterpart.

0 comments suggest edit

Aaron Skonnard mentionsthat

When you take the custom authentication route and write a UsernameTokenManager (UTM), your implementation of AuthenticateToken must return the same secret (e.g., password) used on the client side to generate the hash/signature, depending on which option you use.

As he correctly points out, this makes security experts cringe and hide under the bed (see Keith Brown’s cringing response where he proposes a solution).

The big issue is that your UsernameTokenManager needs access to the original cleartext password. But like any good security conscious developer, you don’t store passwords as cleartext, do you? (I sure hope not. Bad security conscious developer. Bad!). Hopefully you do something along the likes of what Keith suggests in his MSDN column. For each user, he stores a randomly generated salt value and a hash of the cleartext password combined with salt value. The salt value is unique per user.

Keith points out that the secret returned by the AuthenticateToken method doesn’t have to be the actual cleartext password. It just has to match the secret sent by the client. So if you store your passwords as an SHA1 hash, your client just needs to hash the password before creating the UsernameToken.

However, if you store your password as an SHA1 hash of the cleartext password + salt value, you’re going to have to do a little more work. Your client isn’t going to know the salt value for every user, so your client needs a way to discover that. This may require calling a separate web method just to query for the salt value given a user name. Service clients would be required to store that value (probably on a “session” basis) and use it when calling methods on the main web service.

Below is some sample code for doing just that. This assumes that user passwords are stored as described in the aforementioned article using salt and hash (no eggs, but do bring the ketchup). (My apologies for the ugly formatting, I didn’t want the code to be too wide)

//Make an initial web service call to get the 
//the salt value for the user "haacked".  
//This should be stored by the client so its 
//not called for every method of our main service.
MyServiceWse proxy = new MyServiceWse();

//In order to get the salt value, a special account
//"saltAdmin" is used to call GetSalt().  This account
//only has access to this method.
//This also requires that the client app knows the;
//saltAdmin's salt value up front.
string adminPassword = GetAdminPassword(); 
//implementation not shown.

UsernameToken adminToken 
    = new UsernameToken("saltAdmin", adminPassword
                    , PasswordOption.SendHashed);

proxy.RequestSoapContext.Security.Tokens.Add(adminToken);
string username = "haacked";
string salt = proxy.GetSalt(username);
proxy.RequestSoapContext.Clear();

// Hash password and salt.
string pw = "Password"; //assume this came from the user.
SHA1CryptoServiceProvider hashProvider 
    = new SHA1CryptoServiceProvider();

byte[] inputBuffer = Encoding.Unicode.GetBytes(pw + salt);
byte[] result = hashProvider.ComputeHash(inputBuffer);
string hashedPassword = Convert.ToBase64String(result);
//Set up the user's token.
//Notice we the hashed password instead of the cleartext one.
UsernameToken token 
    = new UsernameToken(username, hashedPassword
                    , PasswordOption.SendHashed);

proxy.RequestSoapContext.Security.Tokens.Add(token);

//Make the actual service call.
proxy.SomeWebServiceMethod();

The AuthenitcateToken method of your custom UsernameTokenManager class can now just return the hashed password value for the calling user from your data store and everything will work just fine and security experts can come out from under the bed.

0 comments suggest edit

Found this on Wesner Moise’s blog. He’s discussing the performance implications between managed and unmanaged code.

The working set for SharpReader is 30Mb, FeedDemon is 23 Mb, and RSS Bandit is 4 Mb in their initial configuration on my machine. (In comparison, the working set for MS Word and MS Excel are about 18 Mbs.) So, actually in their bare configuration, RSS Bandit is the tightest of them all, even considering that RSS Bandit also uses the .NET runtime.

[Via .NET Undocumented]

0 comments suggest edit

Toshiba M200 So I am in the market for a Tablet PC and after a bit of research, the Toshiba Portege M200 is the top contender for my hard earned dollar.

I’m trying to cut down on the time I spend sitting at a desktop by using a tablet PC for email, reading and writing blog entries, etc… Basically non gaming and non development tasks. I think the high resolution of the M200 makes it a nice choice for reading.

So my main question for you is do you think there’s a better Tablet PC out there (or about to be released) worth me looking at over the M200? Let me know. Thanks!