Why I build systems using Microsoft

by Bill Sempf 25. July 2007 12:11

I have a few very high profile (read: TV ads and NYSE listings) clients who are on me about solving their problems using Microsoft.  "LAMP ( Linux Apache MySql PHP ) is cheaper!", they say.

Well, they are wrong.  You have to consider cost of ownership, and that includes a lot of inputs.  This, which I have been following for years now, is just the latest.

PHP Security Team Member Resigns

Fact is, this story at Microsoft would have been reported by Brian Williams, probably from Seattle.  As it is, most everyone says 'What is PHP?' even if they do hear about the story.  They don't realize that many many high profile sites use this toy for an enterprise language.

You know, this is a big deal.  I'll get the rest of the information that makes this blog interesting and add it later.

One thing - this is not a condemnation of open source.  I love it, I participate, and I use it a lot.  Don't use it for enterprise applications unless you know exactly what you are doing.



by Bill Sempf 21. July 2007 12:27

I blogged earlier about an injury I received that has sidelined me. I am not pleased, but the fault is my own. I was practicing without focus.

Focus in the martial arts is particularly important. First, you must practice as you wish to perform. If you wish to be successful in saving your ass in a combat situation, you must absolutely be focused on winning. In order to know what that means, you must be focused in practice. Just like the kata must be felt to be understood, just like ukemei must be felt to be understood, just like torimei must be felt to be understood, focus must be felt to be understood.

Not surprisingly, focus is somewhat hard to describe - it is corollary to being felt to be understood, right? Focus is a matter of clearing your mind so that nothing exists except you and your uke. The samurai called it mushin - no mind. You are acting out of muscle memory.

Aah, but there is more than that. Even before you have the muscle memory, you must concentrate on a lot of other factors in order to learn the technique. That is not trivial. In order to accomplish it, you absolutely must not be thinking about being hungry, or your job, or your homework, or your wife, or your sore leg, or your gi, or the cute chick that joined class today, or the fact that your buddy missed class. Just the technique. Nothing else.

That in itself takes practice - which makes it even more of an important part of practice. (I mentioned that this is complicated.) I wasn't focused on my own ukemei, so I let me legs flop around, and one of them ended up under my tori's knee - which was exactly where it was supposed to be. Uke have responsibility for focus too.

So lesson learned. If you aren't able to focus, don't go to class. Or meditate before class and get that focus back. But don't ever, EVER practice without focus.


Personal | Ninjutsu


by Bill Sempf 17. July 2007 12:24

Unshinjutsu is the art of being invisible. It is usually studies in the literal sense: use of hensojustu to disguise oneself, or metsubushi to remove eyesight, or shinobi iri to not be noticed or whatever.

Today’s ninja has a lot more to worry about than someone seeing him where he shouldn’t be. Invisibility is now as much a matter of privacy as anything else. If someone searches for me name on line, they will get (hmm, let’s see…) 19,400 hits. My privacy is shot to hell because of what I do for a living. Invisibility matters even more for me than most because of this, so it has always been an interest of mine. Ninjutsu has renewed that interest.

We have been doing hensojutsu exercises in class, and they largely end with a bunch of guys sitting around giggling like high school girls. It’s hard to practice situational acting – it takes both knowledge and practice. In order to improve on this, I got Meisner On Acting from Amazon, and did a keyword search for Hensojutsu in Amazon.

On of the books I came across is turning out to be very interesting. It is How to be Invisible, by J.J. Luna, and it is very well – if somewhat spectacularly – written. He overstates some examples, but his ideas are just really well thought out and extremely well presented.
His first drive for invisibility is to erase your home address. Now, I am not going to tell you how he says to do it (go buy the book – sheesh!) but I can say this: it makes a lot of sense. Identity is a much more straightforward thing than we think. We are defined by our home address and phone number to a tremendous number of entities.

In the professional world, I am a computer professional with a specialty in the internet. I can say from personal experience that companies – both .com and brick and mortar – give privacy a lot of lip service while doing everything within the law to get as much information as possible. If an FBI agent walked into Target with a warrant, they could know practically everything important about you in a few minutes if you have ever shopped there at all. Trust me.

When you disconnect your address from your name your privacy – electronically and physically – increases dramatically. However, it means a dramatic change in personal habits. Like physical invisibility, which requires a large amount of observation of your environment, privacy will require you to think twice when just ordering a pizza. More take out, less delivery, folks.

Get Mr. Luna’s book and read it if you want to learn about today’s unshinjutsu. Privacy matters.

Tags: ,

Personal | Ninjutsu


by Bill Sempf 16. July 2007 12:26

Well I finally got hurt - took a falling knee to the side of my shin and have a hell of a welt there now. Leg injuries like this suck because they impact your walking and then your hips hurt, and then your back, and then your shoulders ... just terrible.

To treat initially, I just wrapped the contusion in gauze and soaked with Witch Hazel. This is quite effective - much more so than ice. Remember, ice is for dead people. The next day, I went to the health food store and got an Arnica compound over the counter, and some homeopathic trauma pills. So far it is pretty successful - I probably will only miss one class, and I am about 90% mobile.

I own a copy of A Tooth from the Tiger's Mouth: an excellent book about traditional Chinese medicine as it applies to sports injuries. That got me started on trauma liniment or Dit Da Jow (spelled a hundred ways) which is basically witch hazel with a bunch of herbs, steeped in alcohol. It is designed to prevent the pooling of blood in a contusion and it really works quite well.

I decided to make my own for the next time I am hurt, and did a little online research to find some recipes. Basically, there are three categories of herbs that are needed: pain reduction, blood flow stimulation, and blood clot reduction. They are soaked in vodka (not everclear, you need some water too) for a few months, then you are good to go. Here are a few of the recipes that I found:

American Die Du Jow

  • Alcohol (Vodka, Gin, Brandy - even Rubbing Alcohol) 1 or 2 quarts
  • Breadstraw
  • Calendula (Marigold)
  • Camomile
  • Comfrey (if you can still get it - you may have to grow your own if you want to add this)
  • Common Club Moss
  • Cow slip
  • Dandelion
  • Shepherd's Purse
  • Stinging Nettle
  • St. John's Wort
  • Wintergreen oil

Traditional Jow

  • 1 bottle of strong vodka, gin or Chinese rice wine
  • Artemesia (Liu ji nu) - 5g
  • Borneol (Bingpian) - 1g
  • Carthamus (Honghua) - 5g
  • Catechu (Ercha) - 8g
  • Cinnabar (Zhusha) - 5g
  • Cirsium (DaJi) - 1g
  • Dragon's Blood (Xuejie) - 30g
  • Mastic (Ruxiang) - 5g
  • Musk (Shexiang) - 1g
  • Myrrh (Moyao) - 5g
  • Pinellia (ShengBanXia) - 5g

Another simple one


  • Arnica blossoms (anti-inflamatory, pain relief)
  • Comfrey (anti-inflamatory, pain relief)
  • Blessed Thistle (blood purifier)
  • Goldenseal root (antibiotic, wound healing)
  • Ginger root (circulation, wound healing, pain relief)
  • Myrrh (antiseptic, circulation, wound healing)
  • Sasparilla root (blood purifier)
  • Witch Hazel (anti-inflamatory, pain relief)

Chinese formula


  • ru xiang, 12 grams
  • mo yao, 12 grams
  • chi shao, 12 grams
  • mu xiang, 12 grams
  • hong hua, 9 grams
  • tao ren, 9 grams
  • dang gui wei, 12 grams
  • pu huang, 12 grams
  • da huang tan, 9 grams
  • tian qi, 12 grams
  • xue ji, 9 grams
  • ding xiang, 9 grams

Remember, this formula is VERY TOXIC and should NEVER be taken internally or used on an open wound. You will end up in the emergency room if you screw up. If the skin is broken, and the bruise is deep, go to the doctor. It's just not worth being hurt for a long time.


Personal | Ninjutsu


by Bill Sempf 12. July 2007 12:24

Randori is compared by many to a chess match and I agree. There aren’t that many quick movements … belay that. There aren’t many fast movements. There is a difference between quick and fast. Quickness describes explosiveness – “quick off the blocks”. Fast implies time between decisions. You might drive fast (is 90 miles an hour) but you change lanes quickly. Get what I mean?

Anyway, in ground fighting fast movements aren’t a boon. When a pause comes in the action, taking a moment to think is of the utmost importance. What do I have? What are they giving me? What can I take? If I look ahead a move, what do I have?

My problem is essentially one of panic. When I am in that pause between moves, I hurry to grab what I can and squeeze. That has two problems. First, it tired me out very fast. Second, it is totally ineffective.

Those two do not a good combination make.

I defend quite well, really, because I am big and I am not afraid to put a hand in someone’s face to make them thing of something else. If my upper body is totally exhausted I can’t make use of either of those benefits. When you add in the ‘best defense is winning” bit, I really have one path – taking the time to look for the win.

What does that entail? Certainly I have to stop working mindlessly. When I am in the position of having a break in the action, I must do a mental inventory of actions. What joint can I use my weight on to make it go the way it doesn’t? What leverage do I have? Perhaps I should even work with some uke to give me the chance to try this.

The take home here is “it’s a chess match, not a race”. Take your time when the fight goes to the ground.


Personal | Ninjutsu


by Bill Sempf 2. July 2007 12:23

I am amidst a discussion at my club about the definition of genuine ninjutsu. You see, the bujinkan teaches a very well-defined, kata driven style or taijutsu that has by soke's own admission survived eventually unchanged since the eighteenth century. My club trains on a very modern style of taijutsu that looks a lot like a contemporary MMA match that broke out at a gymnastics meet. The reasoning for my club is that no one wears armor or throws lunge punches, so why train on them?

Well, I like that philosophy, so I train with my school, not the bujinkan school down the road. Why? Because I would rather get my history in books and be able to defend myself in a fight, than get my history in training and get my ass kicked. This is exactly how I see it too.
The bujinkan is trying - at least on the surface - to keep a historical art alive, and more power to them. Here's hoping that the history of the ninja is never lost. If it takes the bujinkan to keep it alive, so be it. Something has to.

However, the spirit of the ninja is to persevere. When a new threat emerges, it must be dealt with in its turn. When guns were introduced to Japan, the ninja embraced them. Today, people fight differently - heavily influenced by western boxing and easily carried knives. The ninja embraces these changes.

As such, we train for the new challenges, and allow the old ways to die. When we train metsubushi, we use pepper spray. Our intonjutsu looks a lot like parkour - embracing something that works. We have a ground game in our taijutsu because fighting occurs on the ground - honor is out the window, these days.

Are we less ninjutsu than the bujinkan schools? It could be said that we are more. I understand their point, though - there is a historical precedent and we are tromping on it. I firmly believe that we have a good reason, however, and I would put our curriculum up against any one's. I am glad I am studying this way - and I would like the bujinkan to see this for what it is and be pleased that the art continues to grow.


Personal | Ninjutsu


by Bill Sempf 20. June 2007 12:22

I have learned in the last six months that weakness takes many forms. Few of them, in fact, are weaknesses of the flesh - rather I find weaknesses of the mind. What I am learning is that anything that prevents you from performing your best is a weakness. It's not just muscular, and it isn't just skill either.

For instance - Do you like the occasional drink? Do you like the occasional 7 drinks? Aside from that being bad for you, it is a weakness. You have lost control over yourself - just as bad as losing control in conflict. You have also given other people power over you. You have also compromised your ability to fight, both during and after drinking.

Overweight? That is also a weakness. It can be significantly exploited by an adversary. You likely have a lower endurance than a lighter compatriot. In a conflict you would be more apt to be overcome with exhaustion than a lighter adversary.

How about attitude? Is that a potential for weakness? You bet it is. I found myself in randori the other night basically 'laying down my king' - just giving up because I had lost the will to go on in that conflict. It is a completely ridiculous attitude, and I can't explain it. A bad attitude is a major weakness in conflict and in life.

The reason I bring all of this up is that Charles Daniel in his book Taijutsu: Ninja Art of Unarmed Combat stresses that increasing your strengths is not the goal of studying Taijutsu, but rather reducing your exploitable weaknesses. I agree, but take it a step further. Don't just look for weakness in your taijutsu. Look for it in your life.


Personal | Ninjutsu

TechEd 2007

by Bill Sempf 15. June 2007 12:15

I would have liked to post live, but things got a little out of control.  Stuff happens and all that.  If anyone is interested, let me know and we can take it offline.


I had a good TechEd.  There was a good mix of courses.  The Technical Learning Center was impressive - with the notable exceptions of Office Live, Visio team members and MapPoint.  There were about 50% IT Pro vendors, and about 50% programming vendors.  It was a well designed conference.

I attended a panel of Open Source advocates who made me blush to be in their presence.  There was much discussion about the reasons that Open Source is beneficial to the developer community, without my well known views of programmer education even making an appearance.  (My mouth was full)  So I'll blog about that this week.

I attended a GREAT talk by Steve Lasker about SQL CE replication that I will blog about later.  He covered Merge and Replication and RDS, as well as the new Sync modules taht are coming in Orcas and CE 3.5.  I plan on using what I learned to further the Clarity Workgroup Edition (Oh, didn't I mention that?) and generally become a better DBA-friendly architect. 

I talked with my old friend Simon Guest (I remember how we know each other, Simon.  Apress!) about the Microsoft Certified Architect program.  I have a few thoughts about that program that I would like to share with the community.  A few of the nay-sayers make a lot of sense to me.

I missed the Birds of a Feather sessions.  Rich Hundhausen is gonna roast my toes.  He even gave me a flamingo.  Anyway, the guys from Community Server were there and I am sorry I missed them.  I'll blog about the implementation of the OmniPath AICC LMS that I have put on top of CS later this month.

I also went to a great talk by Tom Fuller about SOA.  This applied directly to a project that I am starting later this summer, and I will have a lot to say about what I learned.  (See what I am doing here?  Setting myself up to HAVE to blog a bout this stuff.)

Another career changing talk was the Composite Application chat by Scott Jamison.  He showed me how the SharePoint services stack that is included in the Windows 2003 install can be used to provide search, object management and a bunch of other neet stuff.  Very cool.  I'll post about that session later too.

Finally, I got Gabrielle a new HP tx1000z with a conference-only deal that they had going.  It's pretty snazzy.  I'll post about it if it is good, and post 10,000 times if it is a dog.

Carry on as before.




by Bill Sempf 11. June 2007 12:20

Preparation isn't just about carrying a weapon wherever you go. There is more to it than that. Preparation is having the tools that you need, when you need them.

Practically, there is a problem with that. Clearly you might need a bathtub here and there. You know, those times when you think 'man, I could really use a bath'? But you don't carry one. When you travel, though, might it not be a bad idea to have a bit of soap in case you fine a place you can get clean?

That's the kind of preparation I am talking about here. Pragmatic preparation is my goal. I am a fairly parochial chap; I go to see clients, and come home. I travel only occasionally, and live in the suburbs. This defines in part my preparation tactics. If you are in a rural setting, or travel a lot, and your strategy includes preparation, your needs will differ.

My personal preparation includes two phases. I have certain things that are always on my person. There is also a 'kit' of items that I stash in a hall closet to those 'better grab the kit before I go out' kind of trips.

On my person, I have three things that I always carry: a belt, a Leatherman Wave, and a lighter. I believe that each of these things - none a weapon in most minds - is an important part of hour by hour preparedness. A belt fives you two extra feet of reach, is a Kusari Fundo, and can be used as a restraint. A Leatherman trims toenails, disassembles anything, and has a four inch blade with a thumb release. A lighter gives light, can be a distraction, and lights cigars.

The kit is a little more complete. I don't have a complete inventory at the moment, but off the top of my head, I have the following:

  • screwdrivers
  • a crowbar
  • wire
  • rope
  • an emergency blanket
  • first aid
  • smoke bombs
  • waterproof, windproof matches
  • water purification
  • a mechanical flashlight
  • thermite and starter
  • a glass cutter
  • epoxy
  • wire cutters
  • a small butane torch
  • a slingshot
  • nails
  • duct tape
  • and a few other things

When your brother and law calls and says "I have a problem, can you come over?" it is time to grab the kit. When you have to go to a strange part of town, grab the kit. If there is an odd noise outside, grab the kit. Get the idea? It is self protection times twelve.

What to you do to assure preparedness?


Personal | Ninjutsu

Something to think about

by Bill Sempf 10. June 2007 12:19

If you had to run a mile, could you do it? I don't mean in a race, or among friends. I mean running a mile as if your life depended on it? How about the life of your spouse, or your child?
Really? How about after a full meal? Or after three drinks? Or if you were ill? Or injured?
How about through pouring rain? Or through standing water?
What if you were carrying someone else?
Just to test, I ran around a lake with my son on my shoulders, while we were on vacation. We were near the recent shuttle launch, and I used the Magic If. "What if that shuttle exploded and there was rubble landing all around me?" I needed to get to shelter: to save myself and my son. I had just had a full meal, and a beer. I couldn't do it.
Could you?
While you never know what adrenaline can do, wouldn't it be good to know that it was possible to run like that in a Magic If situation? If you had the energy of a real life or death situation it should be even easier - you should be able to go twice as far.
This is something that everyone should think about - not just warriors. It doesn't take the shuttle exploding to make for a situation in which a person might have to run a mile under less-than-optimal situations. Train like you needed to run that mile to save what is dear to you.


Personal | Ninjutsu

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

Find me on Mastodon

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites