My day-to-day tech

 

Since I have been back on the consulting bandwagon, around business types and not the same people every day, I have gotten a lot of questions about the tech that I carry every day.  I promised a few people I would blog about it, so here we are.

MyTech

Here is my day to day tech.

The big laptop is a Toshiba Tecra M7.  It is the best laptop I have ever owned.  It’s it a tablet, and generally rocks.  However, Toshiba won’t support Windows 7 on it, so it runs too hot and won’t wake up properly from hibernation.  Considering going to Windows Server.

The e-reader to it’s left is a nook.  The nook is the best overall e-reader on the market.  It has a soft keyboard, and flexible, Android-based display.  The whole OS and rendering system can be replaced with a Micro-SD card.  Barnes and Noble does a great job supporting it.  It might not have been ready for market when they launched it, but it was always the best out there.

Above that is my Texas Instruments Chronos ez430.  It is a programmable watch.  It has a MSP340 microprocessor, and comes with a wireless interface and pinning for a usb adapter.  You can do neat stuff like change your PowerPoint slides, or measure your sensei’s punch speed with it.

To it’s right is my IronKey.  This is a USB drive, 4 gig, that is waterproof and hardware encrypted.  If you fail to enter your password 10 times, it destroys itself.

Next is the Nexus One.  This is by far the best device, let alone phone, that I have even owned.  It is a Android based slate similar in form factor to an iPhone, but I think it has a lot less suck.  (I know everyone loves the iPhone, it’s like a puppy.  I think it is unusable.)

Hmm, what’s next.  Oh, my Wand Of Business Analysis +4, otherwise known as a livescribe pen.  Basically, everything I write on the special books that I get for it gets moves to my laptop for later analysis.  Also, everything that is said while I am writing is recorded, in time with the writing.  So if I need to know what a customer said while I drew that diagram, I just click on it and the recording starts there.

Finally, a walkman.  Yes, I said a Walkman.  It’s a 8 gig Sony Walkman MP3 player.  Why?  Lots of reasons.  I don’t like to kill my phone battery running music.  I use it as a radio.  I can feed the music to my car.  I have it sync to my desktop to get podcasts.  And it is light, cheap, and if I destroy it by accident I can get a new one with my Best Buy Silver Reward points.

So there we have it.  Years of geeky research and gadget dependency reduced to a blog post.

BigInt not recognized in an Access 2007 ADP

Anyone who has read my blog or twitter feed, or worked with me, or drank with me, or been in the same room with me for longer that ten minutes, all know that I do not approve of using Access as a business-class development platform.  The technical debt that it creates is not worth the effort, and you end up depending on a software package that is better suited to tracking your recipes than your HR paperwork.

That said, there are some solutions that are well suited for Access, and one of them is form-filling.  In this example, we have an HR department that is required to fill out a form that uses some SQL Server-accessible data, and some entered data.  The resultant paper form has to match a template exactly.

This is the kind of solution that VSTO is actually very good for now, but VSTO wasn’t a reality when the solution was developed, so I give them a break there.  Since the only other real option is to build out a full windows application just to print one form, or to save off copies of Word documents, Access is a decent solution here.

Anyway, back to the problem at hand.  I need to add some fields.  The application is an Access 2007 ADP upgraded from Access 2003, and uses data from a SQL Server 2005 database.  I shift-double-click to enter the editing form.  As I right click on the table to enter design view, I get a surprising error:

image

If you can’t read that, the text says:

"Table 'table_name(dbo)' could not be loaded.

The table being loaded into memory has a user-defined data type ('bigint') that is not recognized.

Close all your open database diagram and table designer windows.  The new data type will be recognized when you re-open the diagram or table designer."

Needless to say, when I close all open windows and re-open them, the problem is still there.

So, usually when I blog about a problem, I have a cool fix.  This time, not the case.  I posted to the partner support forums and got this response:

“Based on my test, I was able to reproduce the issue on my side, if I create a table in SQL directly and open the ADP file associated with the database I see exact same error message when I try to design the table in Access.

create table a1 (id1 bigint primary key)

Also, if I try to create a new table from Access, I cannot find "bigint" in Datatype options.

It seems to be a limitation or issue in Access that it doesn't support bigint in design view though the tables work as expected in other functions.”

That’s kind of a shock: it’s actually a bug in Access 2007.

Anyway, I ended up dropping the table and re-importing from SQL Server which worked fine, BigInt and all.  I have a response in to them as far as finding a better solution, and I wonder if using an ALTER TABLE query might work.  Maybe I’ll roll back and try that.  I’ll post any update here.

SQL Modeling talk at the Central Ohio Day Of .NET

Thanks to Mike Wood and others for asking me to give my SQL Modeling talk at CODODN.  Events like CODODN are important, because they bridge the gab between local events and the larger regionals like CodeMash.  Smaller groups sometimes mean better hallway conversations and the like.  Kudos to all those who participated in getting this together.

Anyway, here is the solution (WarehouseManagementSystem.zip (2.65 mb)) from my talk.  No slides for this talk, just a little talking and a lot of coding.  Get the bits from the SQL Modeling Website, and make sure you have SQL Express 2008 installed.

 Thanks to all who attended; good questions and insight.

New lockpicking book coming out by the guy who taught me

Deviant Ollam, the guy who taught me (and Gabrielle) how to pick locks at Defcon 15, has a new book out, Practical Lock Picking: A Physical Penetration Tester's Training Guide.  I recommend that everyone get a copy, without ever having seen a page of it.  Fact is, Deviant has a passion for teaching - and not just lockpicking.  He is a wealth of information and a guru of many topics.  What's more, he is so very good at expressing them. 

Anyone who has been to Columbus L.I meetings and seen me to an intro presentation knows that I use DOs Intro to Lockpicking deck that he gives at Defcon.  His site, www.deviating.net/lockpicking, is a wealth of information.  His presense at the carious hacker cons has done more to spread locksport than most.

If you have an interest in physical security, I pre-recommend this book.  Too bad Syngress did it, and I wasn't allowed to write Lockpicking for Dummies.  Oh well.

SQL Modeling at the IEEE

Thursday night I had the honor of giving my new talk “Software Modeling with ASCII, and no I’m not kidding” to the Columbus Computer society of the IEEE.  They were very welcoming and enjoyed the talk, and had a number of comments about the technology and its use.

I start the talk with what essentially be the first chapter of Professional Software Modeling.  WE cover the problems with current modeling systems, and the timeline for modeling and object/relational mapping

The bulk of the talk is effectively a demo of deploying a database and entity classes form a simple model and then generating an ASP.NET MVC web site from the model.  It is similar to the hands-on-lab at the PDC, with the Mini Nerd Dinner. 

Right off the bat, a listener pointed out that we HAVE these tools already.  Don’t we have XML?  What’s wrong with that?  Tools like WSDL and EDMX solve these problems, and are human readable! Why do we need something else?

I agreed in principle but I pointed out that not many people think that XML is not human readable any more.  The sample code was, but the 150,000 line long files that end up getting used are NOT.  Especially when there are only about 1,500 important lines in the file.

The XML is still there, I assured everyone, and the model was still in EDMX.  M is just a way to work with the model that is a little more succinct than the XML.  Additionally, I pointed out, there are more semantic pieces to M that we hadn’t gone over.  We had done the nouns, but there are verbs too, if you get my drift.

As we went over how an M model looks in the M file, and how the final database and domain classes look, someone asked the obvious question.  It’s the same question that I asked last fall.

“Great!  What do I do with an EXISTING application?”

I don’t have a good answer for that.  Would I like to be able to take an existing application’s database and look at the representative M file?  Yes.  Can I?  I am not sure I can.  That is an open question.

Honestly, I haven’t taken the time to look into the story for existing applications.  Fact is, most application development is adding features to existing applications and I don’t know how M fits into that.  If it is going to be a good modeling tool for existing application there needs to be a reverse-engineering story, and I hope there is.  I mean, you can always make a model from an existing database, but I am not sure that is enough.

The last discussion we had was about potential.  Specifically – what is Microsoft doing to support hte wide adoption of this product?  How about multiple datasources?  What if I need to model an identity system, where there is an Active Directory, an LDS and a database with identity information?  Can I model that in M?

No, I answered.  Right now M is shackled by EDMX, which really only has a provider for SQL Server and Oracle.  It is theoretically possible to enhance the M modeling superstructure to handle a multi-source database, but it isn’t done yet.

In general, everyone loved the talk, and I am looking forward to cleaning it up a bit and giving it a few more times.  Thanks to Jack Freund and the IEEE Computer Society for allowing me to speak!  Hope to see you all again sometime!

The Build Button

At Code and Coffee yesterday, Tim Wingfield suggested that I blog about my Build Button, so here it is.

A while back I got myself a Griffin Technologies PowerMate.  This device is designed as a multimedia controller.  Read: Volume knob.  It has six events:

  • Turn left
  • Turn right
  • Press
  • Press and hold
  • Press and turn left
  • Press and turn right

 I left the Turn left and turn right events violume for Media Player, but I set Press to be <CTRL> + <SHIFT> + B

That's right, build, baby.

So, when I get to finidh a method, I can just up and smack the button, and the project compiles.  It's quite an experience.  I used to have Press and hold set to <F5> but now I think I will have it run the unit tests since that is how I tend to develop these days.

Any, it's not a cheap thrill at $45, but I still think it is worth it.

By the by - i also have an Optimus Mini Three, which I recommend for the remarkably high geek factor.

 

Getting started with Identity Services

I find myself needing to write a federated identity proof of concept for a client of ICC.  I got started with three downloads:

I wanted to get a good foundation, so I started with the training kit.  As an author, I heavily recommend everyone do this.  The days when you could just jump in and start hacking are long gone.  There are frameworks on top of frameworks in today’s development environments and learning the right path is paramount.

Getting started with a lab

The lab I started with was Web Sites and Identity, becasue it solved the particular problem that I needed solved.  Your might be different.  The prerequisites included:

  • Microsoft® Windows® Vista SP2 (32-bits or 64-bits) , Microsoft® Windows Server 2008 SP2 (32-bit or 64-bit), Microsoft® Windows Server 2008 R2, Microsoft® Windows® 7 RTM (32-bits or 64-bits)
  • Microsoft® Internet Information Services (IIS) 7.0
  • Microsoft® .NET Framework 3.5
  • Microsoft® Visual Studio 2008
  • Microsoft® SQL Express 2005 (or later)
  • Microsoft® Windows Identity Foundation Runtime
  • Microsoft® Windows Identity Foundation SDK

The basics needed to be present, but things like Powershell permissions and IIS 7 configurations have built-in installers that ran easily ran from the dependency checker. 

 

image

You are then asked to install snippets for code and XML.  I put them in the My Snippets folder for Visual Studio 2008.

image

After installing a few certificates, the labs were set up and ready to go.

Working the lab

In working with the lab, it seems that the setup scripts failed to supply the SSL binding for the default web.  I learned a fix in this ScottGu post after making this post to IIS.net

to fix it you just need to go to IIS7 and do these steps:

  1. Select the Default Web Site
  2. Click Bindings… under Edit Site on the right hand command panel
  3. Click the https binding and click the Edit… button

    image
  4. You’ll see that SSL Cert dropdown has No Binding Selected.  Change it to STSTestCert.

    image
  5. Click OK and Close.

That’s all there is to it.  The site will no longer give you Cannot connect errors.

Anyway, I like the lab and I like the WIF.  Generally, it has the same problem as all of the W*F patterns that Microsoft provides.  It is configuration over convention and there are SO many options that it is confusing.  WIF tries to be everything to everyone.  To find the exact situation that suits your needs will require a little digging through the lab.

“The Application Cannot Start” in VS 2008 after install of VS 2010

 

I ran into a problem today where my Visual Studio 2008 install gave me the “The application cannot start” error after I had installed the RC of VS 2010.  After poking around, I found this post which helped me out a lot.

I had to copy these files from “C:\Program Files (x86)\Common Files\microsoft shared\MSEnv”:

  • dte80.olb
  • dte80a.olb
  • dte90.olb
  • dte90a.olb

and paste them into “C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE”

Then everything worked great.  No registration was needed.

Quite a week of martial arts.

I started the extended weekend timeframe with my normal martial arts club, the Columbus Ninjutsu Club.  Most regular readers probably know that I study there, and am a big fan of the art of Ninjutsu.  Thursday, we did Yoko Nage, one of my favorite throws.  It meant hitting the mat many, many times though – probably forty over the course of the class.  Then I did the first randori (full speed training) that I have done in months with friend and fellow ninja Adam-san.

I knew I would be sore the next day, so I drowned my sorrows in 800 milligrams of Advil and 32 ounces of Muscle Milk.

Friday, I was sore.

Saturday I was REALLY sore.

Sunday, I have a three hour seminar with Don Frye.  Don and Dan-sensei are working on a movie together, Apparitions: The Darkness, and had some filming to do in Michigan.  Also, the Arnold was this weekend, so Don was here for that.  In between the two, he held a seminar for us.  Nice guy!

Don Frye seminar

Learned a lot from Mr. Frye.  He is built more like me – heavier, bigger boned – rather than the light willowy guys that mostly make up our classes.  His methods for getting people on the ground, especially, are very much along my idea of best practice.  For instance, for the two leg takedown, he comes straight in, low, still in guard, and then basically head butts you in the gut while grabbing the top of the thighs.  With his larger mass, he doesn’t have to screw around with all of the footwork of the jujitsu method.  Just knocks you down.

Anyway, that was three hours of opening up the top of my head and pouring as much in as I could.  The man knows a lot about fighting.  It wasn’t a very strenuous seminar, actually, though we all did get banged up a lot.  I have two huge bruises on my pecs from Frye demonstrating the head butt on my chest.

Strangely, Monday I didn’t feel too bad.  I guess we didn’t really DO that much, except train on a few of the techniques.  No randori, no drills, really.

Tuesday I went back to Ninjutsu, and had a much liter class under Bryan-sensei.  Did some chokes, drills, pretty laid back.  Good thing, because I went from there to Systema with Steve-sensei, and that was an experience.

Systema is a Russian martial art based on the standup from Sambo.  It has four tenets: breathing, relaxation, movement and posture.  There are no techniques, no kata.  You just use the basic philosophy and do whatever doesn’t hurt. 

Fascinating where that takes you.  Because a lot of akidoka study Systema, a lot of the finishing moves from Systema look like Aikido.  I have 6 years of Aikido, and three more of Ninjutsu (which are all Budo) so I fit right in.  Certainly will be looking more into Systema.

Columbus Architecture Group

 

I had a good time with the Columbus Architecture Group (ColArc) Tuesday night at the ICC conference center.  I gave the Economics of Cloud Computing talk there and it was well received.

I got some great commentary from Mark Freeman about the impact that CompuServe had on early internetworking, which is a very good point.  CompuServe was born out of TSO, with a large organization reselling unused computer time.  This is very similar to the IBM TSO concept, and what Google, Microsoft, Amazon and the other large players are doing now.

Another point was the impact of grid computing, which I need to research a little more.

One of the big impacts was security, though.  How is cloud going to interact with HIPPA?  how do you convince a CIO?  What else has to happen to prepare your application for the insecurity of the cloud?

Location is a problem too. How about a state’s requirement to keep all data inside its borders?  There are tough questions there!

Anyway, thanks for having me folks, and I hope to see you next month.

Who the heck is Bill Sempf?

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

Month List

Paying the bills