Friday, December 18, 2009

Enabling ASP.NET on a Windows Server 2003 64-bit

I installed 64-bit Windows Server 2003 (R2 with SP2) for the first time this week. Surprisingly, there is no option to enable ASP.NET on IIS even though I have all the .NET frameworks installed and updated.

The Add/Remove Windows Component Wizard does not have ASP.NET as an option under Application Server. Neither does the Managing Your Server application.  In 32-bit Windows Server, it says Application Server (IIS, ASP.Net) but in 64-bit it is as follows:

As it cannot be done through the GUI, I checked up the Help documentation. The documentation says my next task is to enable ASP.NET but I couldn't find any clues on how to do that.

Finally I found the instructions hidden in, an article which really does not apply to my situation as I want a pure 64-bit server.

The steps are:

a.  Install and enable IIS first.  Do this through Manage Your Server or Add/Remove Windows Components.
b.  Run: cscript %SYSTEMDRIVE%\inetpub\adminscripts\adsutil.vbs SET W3SVC/AppPools/Enable32bitAppOnWin64 0
c.  Run %SYSTEMROOT%\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe -i
d.  Enable ASPX (and ASP if you need it) via the Internet Information Services Manager, as follows:

Hope the above works for you as well.

Wednesday, December 2, 2009

Where to buy notebook batteries at ZhongGuanCun (中关村)

I guess you already know that ZhongGuanCun (中关村) in Peking (北京) is the largest collection of shoppping centers selling computers and electronics stuff.

If you need something for your computer, I think you will find at least 1,000 shops/counters selling what you want. The hard part is getting what you want at the price you don't regret later.

The trick is to buy only things you have researched thoroughly. Use a place like eBay to find out the lowest market price.

Buying something on impulse will always end up with regrets, unless you are a trained negotiator.

ZhongGuanCun is not one mall. It is a whole city of malls. I don't know how many there are. I went to only a couple of buildings. Basically they are all the same. I guess in lieu of marketing to differentiate, each just bank on fleecing one unsuspecting customer a day.

I went to look for a notebook battery. Surprisingly this was one item that was not really that popular. If you need a battery and want to save time, follow these steps:

a. Go to HaiLong building (海龙大厦). This is the mall directly outside the west exit of the ZhongGuanCun subway station. This is on line 4, a brand new line. Click the following air photo to see details.  Go to Google Earth/Maps to see readers' pictures of the building.  Just note that most of the positions of this building on Google Earth are wrong.  The location on Google maps is here but unfortunately the map and photos don't quite match.

b. Go to the fourth floor and look for the HoneStar Technologies counter at #4075.  The numbers are on a license plate hanging off the ceiling.  #4075 is furthest way from the escalators.  It is manned by two young ladies.  If you have limited time in Peking or you think your battery is a rare one, contact them before hand.

Email:, QQ instant messaging: 437105767, mobile: +86-13552906007.

English is barely spoken.  The best way to contact is to use QQ if you know how to install and use the software.  Otherwise email and then follow up a day later by phone to ask Miss Liang to check her mail.

The building opposite Hai Long to the east is KeMao (科贸中心).  There is a pedestrian bridge from the second floor of HaiLong going across to KeMao.  KeMao is another mall of the same, hundreds of counters selling computers and electronics.  But there is also a large supermarket (Wu Mart) and a KFC.

Hope you get what you want!

Sunday, November 29, 2009

Open source, free software, the confusion

There is some confusion and muddle over open source software and free software.

Many equate open source with free software, and vice versa. Nothing is further from the truth.

Open source means the source code is available. Having possession of the source code doesn't mean you have the rights to use the software. Just like legal ownership of a CD does not necessary mean you can use the software contained in that CD. Whether you can or cannot use a piece of software is governed by the terms and conditions set by the software owner.

In almost all countries, the software owner can determine the exact rights to use the software according to his own will and good pleasure. He can say that for a fee of $x you can use a piece of software for one year (for example Microsoft Action Pack). When the one year is up, you cannot use the software even though you may continue to hold the shiny CD with the hologram in your hands.

Similarly, and easier to understand, is that free software doesn't always mean you can see the source code.

So, software can have source code available, openly and freely or subject to terms, but it does not mean usage need be free.

I see peddlers and users of open source/free software divided into three general categories.

A. Big enterprises who cannot face the risk of support disrupted or terminated.

For such companies, they must have access to the source code, not to be able to resell the software, but so that, just in case the software owner cannot correct a problem, they can continue to keep the software running. There are some reasons when this can happen:

a. The software owner thinks a particular bug is not important enough and refuses to fix it.
b. The software owner retires the software but the business user cannot or does not want to upgrade to a supportable version.
c. The software owner goes out of business.

Although the last two situations can be protected by escrow, from my experience, escrow is 100% cow stools. A real-life experience: Oracle buys PeopleSoft, and retires Vantive (a PeopleSoft CRM system). A Vantive customer decides to continue to use the software and refuses to buy Siebel which Oracle pushes as the Vantive replacement. Customer activates access to source code. Oracle drags its feet for many months. Then they say they "couldn't find the tape". Customer threatens to sue. After a few more months, Oracle says "tape found" but "data could not be read".

There is no practical way to verify that when a software owner moves the source code to escrow, that source code is the right code and will generate the software the customer is using. In fact, there is no incentive at all for the software owner to ensure that the intent or integrity of this process is upheld. For most people, this un-policed task would be the lowest of priorities, and I wouldn't be surprised if people simply check in garbage files. The escrow is usually a bank or lawyer and would be none the wiser. After all, when the company goes out of business, no one would be around to be responsible for what's in the escrow's vaults.

Hence, the CIO who knows his business will insist on having access to the source code at all times. This in no way means that the customer is asking for free software. In all likelihood, such customers would have to pay extra for this service.

There is an alternative to achieving software support security without source code. And that is safety in numbers. Use software that is used by millions or hundreds of millions. First there would be revenue for the software owner to continue to maintain the software. Second, hopefully millions of users banded together can have some clout to insist that the software remain supportable for a long time. Windows XP is one good example.

B. The communists and Stallmanites.

There are still some people who believe that software should be free. They don't think that computers need be free. They don't think that Big Macs should be given out for no charge. They don't think that houses should be free. But for some unexplained reason, they think that software must be free.

And we know that the only communists left are in Cuba and North Korea.

C. The software losers.

Everyone is entitled to try all legal means to make a living. Hence, if you can't make money in one area, you think of another way. If you can't beat Microsoft at writing (and marketing) software, you try something else.

There's a category of people whose proud mantra is "we will give the software for free, and we will charge for support". It's like saying we will give you a car for free but you must come to us for maintenance. It's perfectly legal, but it's perfectly obvious that there are no incentives to deliver a software that is trouble-free.

It's good to know that there are customers of such software/services. We need them to help keep in check the other software providers.

Wednesday, November 25, 2009

Great Wall of China - DIY

It's very easy to plan a do-it-yourself tour of the Great Wall of China at BaDaLing (八达岭). And it costs only RMB12x2 (total USD4) for the journey there and back.

The Internet is full of postings on how people signed up to tours only to be held at ransom to cough up more money after the bus has moved off. Do not be another victim.

By the way, most of the victims are Chinese nationals from out of town or people who speak some Chinese. The swindlers, or enterprising businessmen depending on how you view them, tend to leave the non-Chinese speakers alone as sign language is harder, I guess.

Follow these steps carefully for a low-cost and enjoyable tour. We just did it last week.

1. Make your way to DeShengMen (德胜门). This is once a city gate of which only the archer's tower is now left standing. The archer's tower is a huge structure that cannot be missed once you are in the vicinity. There are a few bus terminals there. The one you must go to is north of the tower. From the air photo below you can see the buses lined up for the journey to the Great Wall.

2. The nearest subway station is JiShuiTan (积水潭), 500m to the west of the tower. You can also go to to find the buses to DeShengMen from where you are. Each city bus trip costs RMB1, or RMB0.20 if you have a multi-trip card. Taxis can be a cheap option especially if you have three or four persons in your party. Taxis start at RMB10 and covers some good distance before the fare increments.
Be careful about taxis. A seasoned taxi driver seeing an obvious foreigner wanting to go to DeShengMen in the morning would know that you are going to the Great Wall and would try to take you there himself. The driver of the first taxi we flagged pretended that he didn't know where DeShengMen was but asked where we wanted to go from there. We waved him off. The driver of the second taxi we flagged was a brand new driver who really didn't know where DeShengMen was and I had to guide him with the GPS in my Nokia phone.
3. The bus you need to take is number 919, a green and white bus. And that is where the problem is. Every bus going out of this DeShengMen terminal is 919 but they go to different places!  The signage is havoc. There are touts aplenty. They do not look like touts. They speak to you nicely and appear to be offering friendly advice. Ignore them totally and speak to only people in the bus company's uniforms.

On my trip, they put in extra buses to the Great Wall.  The bus had a sign as in the picture below, which actually means "extra direct bus".

When the staff saw me taking a picture, she helpfully flipped it over to the more meaningful one which says "Direct to BaDaLing" (八达岭).

Anyway, the bus-stop should have this sign.  But the crowds there could have moved it from its proper position.

The bus moves off only when filled. The whole journey is on the BaDaLing Expressway, which starts right at DeShengMen. The trip will take about 1.5 hours with the traffic jams on the expressway.

For the return trip, board the same 919 from where you alight at BaDaLing. I guess it is prudent to double check it's the express to DeShengMen.

Have a nice trip!

The entrance fee at the Great Wall in November is RMB40. Credit cards can be used.

The futility of expanding wi-fi

Remember CT2 or the initial incarnation of PCN?  They have gone the way of the dodo.  The technology is now used in DECT phones.

Efforts to expand wifi to provide wide area coverage will meet the same fate.

CT2 was marketed as a poor man's alternative to cell phones.  It is a neat engineering idea.  You get to use a wireless phone when you are in range of a base station.  But it is just that, a neat engineering idea.

Using wi-fi as a poor man's wide area data network is in a similar situation.  The reason is not un-obvious.

If only, say, 20% of the time that you need to use the Internet you find yourself outside wi-fi coverage, you would need to pay for a data subscription from your cell-phone company.  And, if you already have paid for wide-area data why would you still pay or need wi-fi?

Wi-fi has its uses, just like DECT phones.  You use it at home or in the office, when you are pretty stationary and there is no point expending power sending data a few miles away when you can send it down the hall.

Good communications equal a bad plan?

One of the fundamental principles of communications is that the amount of planning is inversely proportional to the efficiency of communications available.  The better communications you have the less planning you have to do.  The more planning you do, you are less dependent on the need to communicate.

To illustrate: a family hits the shopping mall.  In the old days, a detailed plan would have to be worked out, something like: "Everybody, it's free and easy for the next 30 minutes.  Then we meet at this water fountain.  If by 35 minutes, Johnny doesn't show up, this is what we will do,......"  Lots and lots of if's then else's to cover all conceivable contingencies.  Today, when a family reaches the mall, everyone takes out his or her cell phone, does a battery check, and everyone do whatever he or she likes.  When someone feels it's time to go, the phones start ringing.

This similar scenario occurs everywhere.  When an army wants to conduct an attack, a detailed plan with all sorts of contingencies covered means there is less need to rely on battlefield communications, which can be very poor.  A haphazard plan means everyone will be screaming into their radios when something unexpected happens.

A corollary from the above means that it is idiotic or sheer arrogance not to switch on your cell phone when you have one.  For if you know when you need to use the phone (ie you have a good plan), you wouldn't need a phone.

There are opposing arguments on whether having efficient communications is good or bad overall.  There are some who say that relying too much on good communications means there is no plan or no good plan.  But there are others who say detailed planning to avoid communications is impractical and would only lead to rigid and uncreative plans.

Extending the paradigm further, remember the times when an author writing a novel means inserting a piece of paper into a typewriter.  The writer has to compose mentally to some great detail before he commits onto paper.  With word processing software, it's type, delete, cut and paste at no extra cost or effort.

The same goes into finance budgeting.  If you work in a company where everything you want to purchase must be in the annual budget, you would be forced into detailed planning and forecasting the year before.  But if there is no such need, you would be making purchases every now and then and may over spend.

Sunday, November 15, 2009

Please do not reply to this email

Everyone must have received lots of such messages where at the end they say "Please do not reply to this email".

This is idiotic on many accounts. I won't even bother to explain them.

I do the exact opposite. In all emails that are generated by applications, I always include a line which says something like "Please reply to this email if you meet any problems." And of course I use a sender email address that is always monitored.

Saturday, November 14, 2009

Demystifying data and GPS on Nokia phones


The modern cellular phone is very powerful computer with fantastic capabilities. The technology, from the user point of view, is not that complex. However, the lack of information on implementation specifics prevents lots of wonderful things from being done. For example, Nokia documentation such as (on page 57 of my E-71 manual) "To use a specific positioning method, select Positioning methods" is not helpful. The bewildering number of terms used for the same thing, and the same term to mean totally different things add to the confusion.

The Nokia phone has lots of powerful features for data. For example, your laptop computer can have full Internet access by "dialing" out through the phone in your pocket. This is something I have been doing for the past ten years, since CSD days, and that iPhone users still cannot enjoy.

Data on the move

There are two distinctively different types of data networks the modern Nokia phone such as the E-71 supports (I will not talk about Bluetooth and infrared here). Even if you are a network expert, please read on to see the different nomenclature used by Nokia:

  • Wifi - on the Nokia phone this is called Wireless LAN .  Wifi is a very local area wireless network with a coverage of a few tens of meters. Most likely you already have one at home as part of your Internet connection. The little box with one or two short antennas sticking out to provide Wirless LAN is called by everybody as an "access point". Whether this service is free depends on whose access point you are using. When you move too far away from the access point, your Wireless LAN connection is broken.

  • Cellular data - on the Nokia phone this is called Packet data . This uses the same radio and spectrum that you use to make voice calls. Depending on what your telco has deployed, Packet data can be alphabet soup: GPRS, EDGE, 3G, 3.5G (HSDPA) or LTE. Packet data thus goes through your telco's towers and you need a subscription, and probably have to pay extra, to use this. Where you can make voice calls you should also be able to access Packet data. Thus Packet data has more universal coverage than Wireless LAN. Every operator gives a different name to this service, and some hide it so well that you will have to do some research before you realize which product they offer is Packet data.

  • Access Points, again

    In the Nokia phone, to connect to a network you first have to define an Access Point. This is not to be confused with a wifi access point! This Nokia Access Point is nothing physical but a configuration that you set up in the phone, so that other applications can refer to it to connect to the Internet. Example applications that let you choose one of these Access Points are: web browser, Windows Live Messenger, email and so on. To see your Access Points, go to Tools, Settings, Connection:

    Figure 1

    As part of defining an Access Point one of the properties you have to specify is Data bearer. The Data bearer is where you state whether it is using Wireless LAN or Packet Data.

    If your Data bearer is Wireless LAN, you have to provide the WLAN netw. name which everybody else in the world calls the SSID. Connection name is just a description string for your own reference. Depending on the wifi (not Nokia) access point settings, you may need a password.

    Figure 2

    If the Data bearer is Packet data, you will have to specify the Access point name. (See, this is the third re-use of the phrase "access point" to mean a different thing!) More commonly abbreviated as the APN, this is a value that you must obtain from your telco. Telcos can have different APNs for Internet access, walled-garden applications, MMS, et cetera. In all likelihood some default ones are already created in your SIM. There is usually no need to enter the User name or password as most telcos authenticate you by the SIM you are using.

    Figure 3

    In Figure 1 above you will notice there is another item called Packet data! I salute the extraordinary effort the documentation experts at Nokia have put in to confuse the whole world. If you press that item, you get:

    Figure 4

    What can this "Packet data" thing be? I could not find any meaningful documentation for this. You enter a telco APN in the "Access point" field. From my experimentation, this configuration is just a special (Nokia) Access point configuration that is used when I use my laptop to dial out through the phone. That means, if I set my laptop to dial out via Bluetooth to my Nokia, the configuration that is used will be this "Packet data" thing.


    It is surprising many people are still confused over what GPS is. If you are not sure, it is important you first Google and understand it clearly. Try here, or here.

    In short, GPS has nothing whatsoever to do with the mobile cellular network. GPS takes readings from a constellation of 24 low-flying US satellites, and from the different times it takes to receive a coded message from each satellite, it is a straightfoward triangluation calculation to determine where you are on planet earth. GPS requires a clear view of the open sky to work. You cannot be in a building, in a tunnel, or under a thick forest canopy.

    GPS simply gives you four items: x, y, altitude and a very very accurate time. There are no maps, no compass, no speed, no driving instructions, no when the fish will bite, no et cetera. All the other navigation goodies are applications built on top of those four pieces of data you get from GPS. For example, speed is the displacement from the last two position readings divided by the time between the two readings!

    The problem with GPS is that it takes a long time to synchronize with the satellites. There are two reasons for this. Firstly, the low power used and to make GPS robust and reliable, the data rate of the messages from the satellites is very low - 50bps. Secondly the earth is very big and the integer arithmetic rolls over about every 300km. So without some hints, it can take a cold GPS receiver ten minutes to lock in to the satellites.

    On the Nokia mobile phone, you see the following confusing GPS options and I will describe from the least relevant first:

    Figure 5

    Integrated GPS This means use the GPS receiver in the phone. I don't understand why this is necessary. If you have purchased a GPS receiver, why would you be switching if off to find your position?

    Bluetooth GPS means to use an external GPS receiver connected via Bluetooth. This may be applicable if your phone does not have a GPS receiver. If your phone (eg E-65, E-51, E-71) already has a built-in GPS receiver, I don't see any reason to use this. I know some weirdos complain that the built-in receiver is not accurate enough!

    Assisted GPS As explained earlier, it takes a long time to lock onto the satellites. Assisted GPS allows you to specify an external source which can provide some quick estimate of your current position so that the satellite fix can be achieved almost immediately. This feature requires a Packet data connection (see previous section) to a server somewhere on the Internet. The set-up is under Tools, Settings, General, Positioning, Positioning server:

    Figure 6

    As you can see, my phone has as the provider of the Assisted GPS service. Only Packet data access points can be selected, as I think it is assumed that you won't have wifi coverage when on the road. Once you have Assisted GPS enabled, the data connection will be made without asking you whenever GPS positioning is switched on in your phone.  So, if you are not a data user, don't be surprised with data charges in your bill when you use GPS.  GPS positioning can be switched on directly under menu GPS, GPS data, or it can be switched on by an application, example Nokia or Ovi or Google Maps. I don't know what data or protocol is used for this service. If someone knows please do share.

    Note that Assisted GPS by itself does not give you your location. Assisted GPS is just to speed up satellite synchronization. I am speculating that the server uses the IP address of the mobile unit to tell the GPS receiver the rough 300km zone it is in.

    Network based Cell phone towers (BTS'es) are usually fixed. If you can record the time taken for a signal to travel from two or more towers to a mobile phone, it is, theoretically, a simple task, just like GPS, to plot out your own position. In practice it is tough to measure accurately a signal traveling at the speed of light and also it is tough to identify reflections from buildings and so on. Hence, position location by cell phone towers at best is an estimate. But the estimate would be more than sufficient to allow the GPS receiver to lock in to the satellites in a jiffy.

    However, Network based option can be used for positioning if you are ok with the rough accuracy. Nowadays cells can be very small, eg a pico cell, that the position of the BTS can be taken as the position of the mobile phone. The Network based option comes in handy during those periods when the satellites are not visible, example when you are in a building.

    The Network based option requires that your telco deploy the locating services feature on the network. The triangulation is not done at the phone. It is done in the network, and the result transmitted to the phone via the signaling channel.

    If you have Network based GPS turned on when you launch Nokia Maps, you will notice that the red dot indicating your position would first be some distance from where you really are. Then after a few seconds it will jump to the spot where you really are.

    Important: from my experiments, Network based GPS requires a data connection. So if you are roaming, be aware of the possible high data charges. Without Network based or Assisted GPS, my Nokia E-71 will take about 20 minutes to lock in on the satellites. With Network based GPS, it is consistently under eight seconds.


    I hope you find the above information useful. Parts of the above are from pure speculation and some are from non-exhaustive reverse engineering. If you have more accurate information do let me know.

    Where Nokia menu commands are referred to, it is assumed to be the menu sequence from an unadulterated Nokia E-71.

    Thursday, October 29, 2009

    Nokia E-71 - Still the best

    [Superceded by Super OLED.]

    Bought my second Nokia E-71 today, for US$140 on a US$30 plan contracted for two years. I could have traded-in my one-year old one for US$140 but I didn't as the new phone is for my daughter.

    This phone is still the best considering all factors. The GPS receiver alone is worth the price.

    What I like about the phone (all equally important to me except infrared):
    a. Tethering without issues
    b. Slimmer than an iPhone
    c. Exchange client
    d. Full QWERTY keypad, albeit a bit small
    e. Reasonably good camera for all the emergency situations
    f. Two cameras
    g. Video recording
    h. HSDPA, Wifi, Bluetooth with A2DP
    i. Expandable storage through MicroSD
    j. GPS
    k. VOIP according to standards
    l. FM radio
    m. Browser that can see most web sites
    n. Plays MP3 and WMA
    o. Word, Excel, PowerPoint, PDF viewers
    p. Live Messenger client
    q. It's hardy. Have dropped it from height quite a few times and none the worse.
    r. It can stand upright on its bottom
    s. Infrared - though I can't find a notebook that has one these days

    I can find only one serious shortcoming: screen size of 320x240. I would like to see that increased without increasing the current thickness or losing the keyboard.

    Irritation? Still a 2.5mm headphone jack. It has to wait for a technology breakthrough in the E-72 to have that increased by 1mm!

    Wednesday, October 21, 2009

    So, Apple has a new mouse

    I am wondering why people still need a mouse, especially on a notebook. A quite common scenario I see is someone brings a laptop into the meeting, and then spends the next five minutes plugging in the charger and the mouse and then booting up. With all those cables, the laptop is no more a mobile computer!!

    I have not used a mouse for the last thirteen years, that is, since I got my first notebook, a Compaq Armada 4100. It has a touch-pad. Between 2000 and 2004 I was using the Compaq M700 and that has the stick. The stick was tough on the finger due to the force required.

    Even the stick is better than the mouse. For the very simple reason that it takes less than one-tenth the time for your hand to leave the keyboard to reach for it. So I can do things ten times faster than a mouse user.

    The touch-pad is still the best pointing device as it requires the least effort for a lazy person like me. A well-tuned touch-pad would allow me to move the cursor across a 1600-pixel wide screen by moving across just half the pad.

    I compare myself to colleagues sitting around me who still insist on using the mouse. I get screen work done at least ten times faster than all of them on average. It is frustrating every time I go to their PC to see something they are showing me. It's a snail's pace compared to what I normally experience on my PC. And when they come and see something demoed on my PC, it's a smooth flow of activities, so fast that they sometimes get lost.

    Another reason for my speed is that I use the pointing device for only a small fraction of the time. I have no hard data, but it's something like for 80% of the occasions other people are using their mouse I am simply using the keyboard. Basically I don't use the touch-pad if some key will do. Hence the speed difference is easily a few hundred times, two to three orders of magnitude apart. For example, I take five centi-seconds to hit a key, you take half a second to move your hand from keyboard to the mouse, two seconds to move it to a menu item, and another second to come back to the keyboard.

    All you need is to spend a diligent five minutes learning to use the touch-pad after tweaking the drivers. And you will never touch a mouse again.

    What I am looking forward to is a touch-pad that is located between the H and J keys on the keyboard. This will reduce the travel time even further whenever I have to use the touch-pad.

    The disadvantage of the touch-pad? Every time I have to use someone else's PC, I suffer from a major handicap as performance is down-shifted by a few notches.

    Wednesday, October 7, 2009

    Microsoft Security Essentials - Network and Connectivity Issues

    The only time I have used an anti-virus software for myself was in 1987 (yes, more than 20 years ago) when I checked out a version from an Israeli company. I disassembled it, examined the machine instructions, and promptly uninstalled it as I could not relish the idea that every int 21 call must go through a third party. Since then I have not installed AV software on any of my computers.

    If you have problems updating the MSE anti-virus files due to a proxy server, you may want to skip the long story and jump to the last paragraph below.

    My daughter started using Windows 95 at age 5 and went through the peak of virus mania circa post-2000. My wife uses the computer daily to check mail and browse the Internet but she belongs to the group of the most elementary and novice type of user you can find. So within my family you can find the full range of computer users. All our computers are running Microsoft Windows and none of them has AV software installed.

    It's 10 years later and none of our computers have been infected, not even once. All our computers are connected to the Internet all the time, and web browsing and emails are the major activities.

    In the last few years of my working life I struggled with evading corporate requirements to have anti-virus software. Now that I have my own small business I finally have the satisfaction of banning AV software within my company.

    Lately I had to work with a customer who "needs" AV software. Not wanting the bloated stuff, I dragged my feet until MSE was released. I immediately installed it for the customer on Sep 30. But updates couldn't work. The error dialog box says:

    Microsoft Security Essentials
    Virus & spyware definitions update failed

    Microsoft Security Essentials wasn't able to check for virus & spyware definition updates.

    Make sure your computer is connected to the Internet and try again.

    Click 'Help' for more information about this problem.

    Error code: 0x8024402c

    Error description: Microsoft Security Essentials couldn't install the definition updates because the proxy server or target server names can't be resolved.
    OK Help

    This customer's security people have an easy time. Management forgets to include in the KPIs of the security people the amount of business done or the level of business efficiency. So everything is prohibited. And the security people are never wrong. If something gets infected, it's because someone has asked for a waiver and indemnified and released the security people from being responsible.

    So this PC is in a maximum security area, where even access to a DNS server is denied. All it can connect to is a HTTP proxy server. And names are resolved by the proxy server. So if you want to go to, you tell the proxy server that and it will resolve for you.

    So why doesn't MSE updates work? Internet browsing and Windows Updates work fine on this computer. After lots of spent hours, the problem came down to one of Windows Updates not using the same credentials as the logged-in user.

    January 2010 update:

    To cut a long story short, MSE is using different proxy settings from IE. This is according to How the Windows Update client determines which proxy server to use.  So, even if the logged in user is using a certain manually configured proxy, Windows Update is not and is trying to connect directly.  So the trick is to use proxycfg.exe.  I simply typed the following on the command line:

    proxycfg -u

    and, presto, all udpates went through!  The -u option copies the proxy settings from the currently logged in user.

    proxcfg has gone missing in Windows Vista and Windows 7.  You should use netsh then.  The equivalent for the above is:

    netsh winhttp import proxy ie

    Hope it works for you too.

    Thursday, September 17, 2009

    Assembly version, File version, Product version

    If you are a .NET developer, Assembly and File version would be familiar to you. They can be set in the Designer UI (project Properties page, Application tab, Assembly Information button...) which basically updates appropriate attributes in AssemblyInfo.cs.

    Now, there is a less well known number - the Product version. It is not well documented and most developers ignore it altogether with no side-effects most of the time. However, it is an important number and it seems that, of the three, Product version is the most widely used.

    The three version numbers simply take the values you give them or:

    a. If Assembly version is not explictly specified, it takes the value of
    b. If File version is not explicitly specified, it takes the value of Assembly version.
    c. If Product version is not explicitly specified, it takes the value of File version.

    In Windows Explorer of Windows XP and Server 2003, you can see from the properties of a file all three version numbers. In Windows Vista and later, you can't see Assembly version anymore.

    To see the assembly version of a file in Vista or later without writing a program, simply type the following in Windows PowerShell:


    Where xxxx.dll is the full path of your assembly

    There are two special folders that developers should use for storing application level data and user level data respectively. They are:

    a. Application.CommonAppDataPath
    b. Application.LocalUserAppDataPath

    To prevent applications from breaking and to keep good security hygiene, developers should always reference these two Application properties instead of hard-coding. Where the physical locations of these two folders are depend on whether you are using Server 2003 and earlier or Vista and later.

    In Windows Server 2003 and earlier, Application.CommonAppDataPath is, in an unadulterated system, "C:\Documents and Settings\All Users\Application Data\CCCC\PPPP\vvvv" and Application.LocalUserAppDataPath is "C:\Documents and Settings\UUUU\Local Settings\Application Data\CCCC\PPPP\vvvv" for a non-roaming profile, where

    a. UUUU is the "user id", loosely speaking.
    b. CCCC is the Company name specified in the assembly.
    c. PPPP is the Product name specified in the assembly.
    d. vvvv is the four part Product version number. vvvv is not the File version number. Because Product version number has largely been ignored and adopts the File version number automatically, many may be led to think that vvvv is the File version number.

    In Vista and later, CommonAppDataPath is by default "C:\ProgramData\CCCC\PPPP\vvvv" and LocalUserAppDataPath is "C:\Users\UUUU\AppData\Local\CCCC\PPPP\vvvv".

    Why I came about to writing this article is because one day I decided to follow the good reasons given in KB 556041 to freeze the Assembly version temporarily and auto-increment the File version instead.

    However, specifying something like "1.1.*" for File version in Visual Studio 2008 simply does not work. Somewhere in the assembly the File version is kept as "1.1.*" literally!

    FileVersionInfo.GetVersionInfo(Assembly.GetExecutingAssembly().Location).FileVersion will return "1.1.*". That is alright in itself. But, if you don't explicitly specify the Product version, Product version will be equal to the File version and the asterisk character will cause your program to crash and burn when you try to access any of those two special folders mentioned above. The Windows file system does not accept "*" anywhere in a path name. The error is System.ArgumentException - "Illegal characters in path."

    How do you specify the Product version? Simply put the following attribute in AssemblyInfo.cs:

    [assembly: AssemblyInformationalVersion("v.R.b.r")]

    To retrieve the various version numbers, use these:

    string assemblyVersion = Assembly.GetExecutingAssembly().GetName().Version.ToString();
    string assemblyVersion = Assembly.LoadFile('your assembly file').GetName().Version.ToString();
    string fileVersion = FileVersionInfo.GetVersionInfo(Assembly.GetExecutingAssembly().Location).FileVersion;
    string productVersion = FileVersionInfo.GetVersionInfo(Assembly.GetExecutingAssembly().Location).ProductVersion;

    Hope the above information is useful to you.

    Wednesday, August 12, 2009

    Hyper-V Server on a Presario Notebook

    I thought it would be neat to have Hyper-V Server on a notebook, with Windows 2008 SBS as a guest OS, and then load some more legacy OS'es to test a piece of software I was developing. I have a 1.5-year old Compaq Presario (Core 2 Duo) lying around and I used it.

    I chose to install the Hyper-V Server clean before installing any guest OS'es. That went fine and trouble free. Not a squeak that the CPU was or was not suitable.
    Then searched around and found that Hyper-V Manager was needed. I downloaded the version for Vista 32-bit. It installed fine. But it won't connect. Complained with the famous error:

    You do not have the required permission to complete this task. Contact the administrator of the authorization policy for the computer XXX

    Did some tedious preparatory steps as indicated in John Howard's blog. But I just did: 1) create the common user, 2) netsh advfirewall ... 3) DCOMCNFG on the client.

    Hyper-V Manager now connects fine and I can install new virtual machines. But when I tried to Start one, I get another famous error:

    'vm name' failed to initialize. (VMID 'vmid')

    The virtual machine could not be started because the hypervisor is not running. The following actions may help you resolve the problem:

    1) Verify that the processor of the physical computer has a supported version of the hardware-assisted virtualization.

    2) Verify that hardware-assisted virtualization and hardware-assisted data execution protection are enabled in the BIOS of the physical computer. (If you edit the BIOS to enable either setting, you must turn off power to the physical computer and then turn it back in. Resetting the physical computer is not sufficient.)

    3) If you have made changes to the Boot Configuration Data store, review these changes to ensure that the hypervisor is configured to launch automatically.

    I went into my BIOS but could not find anything to turn on DXP or virtualization. Then Intel confirmed that my Intel® Core™ 2 Dual T5250 was not suitable for Hyper-V!!

    What a waste of time

    Well, I have an older Presario. It's a T5500 and according to Intel that has Virtualization Technology. It will take time to make that notebook available for Hyper-V.

    Wednesday, July 29, 2009

    Extended Desktop - 3 Big Screens?

    Now we all know that Bill Gates uses three screens.

    I have been using Extended Desktop in Windows for coming up to ten years now. I think it's one of the great things that Microsoft has done by making it easy for display adapter drivers to be developed to work in such a manner.

    My current set up is the 17" 1440x900 built-in of my notebook and a 1680x1050 standalone running off my notebook VGA port, with the external display positioned directly on top of the built-in display. I populate all the places I frequent with the second monitor (same specs), so that I can just plug in when I reach there, just like the power charger.

    I am not using three displays because:

      a. I don't know of any notebook that can drive two external displays, not even with the additional video port on a HP docking unit. Using a video adpater reduces the mobility of my notebook.

      b. I tried using three monitors but find that I spend much time moving my mouse to where I want to go (even though my touch pad is set to maximum sensitivity), or looking for the cursor.

    Sunday, February 1, 2009

    Sending Mail by Configuration in .NET

    Sending mail is an activity required in many applications. The SMTP protocol is clearly defined in RFC 821 in the last century. It is a beautiful piece of work and this can be acknowledged by the fact that it has remained largely unchanged since.

    Microsoft's .NET has all the classes in the System.Net.Mail namespace to make sending mail a breeze. You can read through the documentation and Google for the many examples and tutorials if you are new to this subject.

    What I would like to share today is that sending mail in .NET can be made even easier by configuration. The following two lines of code are all that are needed to send out a mail:

        MailMessage msg = new MailMessage("","",
                                             "Test","This is a test");
        new SmtpClient().Send(msg);

    There is no need to embed in your code SMTP server names or passwords. That is bad practice because when you deploy your application to different environments it may require different SMTP parameters. In fact, you should always use a SMTP server that is nearest (distance, hops, bandwidth, blah, blah, blah) to your application host, so you would want the flexibility to decide on which SMTP server to use at the deployment site. Or, your application may be a packaged one in the hands of users who have no capability to compile C# code.

    Where then do you specify the SMTP parameters? Answer: in your application configuration file, App.config or web.config. Below is an example where the SMTP server is
          <smtp from="">
            <network userName="xxx" password="yyy" host="" port="25" />

    .NET will read the configuration file and automatically populate appropriate the properties of the SmtpClient and MailMessage objects for you.

    The official MSDN information is here, but it makes no mention that it actually modifies your objects' properties with information from the configuration file.

    Thursday, January 29, 2009

    Email Forwarding in Microsoft Exchange

    There are times when a user does not have a mailbox in the Exchange server itself.

    The place to configure forwarding is in ADUC and not System Server.

    First, in the External Contacts folder in your domain tree, create the destination forwarding address.

    Then, in the user's Properties, go to the Exchange General tab and select Delivery Options. Check the Forward to option and select the destination address from the list of External Contacts.

    Creating SSL Certificates for IIS

    Here are the steps:

  • Create a certificate request (CSR). There're lots of documentation for this, mail me if you need help. Basically you do it from the IIS management console. (IIS 7 is different from previous versions by trying to make it "easier" but it assumes the user is illiterate - has lots of pictorial icons.) This will generate a Base64 encoded file, and it will also remember that there is a pending request.
  • If you use a commercial provider, then just copy and paste the contents of the file in your application.
  • If you want to use Windows Server 2003's certificate services, go to the server's website: /certsrv.
  • Either of the above will give you a .cer or .crt file. Go back to the IIS management console server certificate option and use the "Process pending request" option.

    Das ist alles.

  • Monday, January 5, 2009

    Hard Facts about Photography

    1. A SLR construction does not make a camera better

    Digital camera marketing has been very successful. Lots of buyers are "monkey see monkey do" paying lots of money without knowing how their cameras work. I can bet that majority of SLR owners do not know what SLR means.

    Today's SLR digital cameras can produce better pictures because most of them have a larger sensor compared to point-and-shoot cameras. Camera manufacturers would like to keep things this way to avoid fighting on price alone.

    The ability to change lens does not require an SLR. Thankfully Panasonic has broken this mental block with their latest model.

    A digital SLR is worse than a point-and-shoot when it comes to having a video viewfinder. Yes, some of us prefer to use the optical viewfinder up close with the camera touching our face. But there are situations where an indirect display is necessary, eg when holding the camera high to shoot over people blocking your view. The SLR was invented to achieve WYSIWYG, but when you need an external display the SLR prevents WYSIWYG. Inventions like Live View makes you lose some light.

    The mechanical mirror in an SLR must be the most serious disabling handicap. I can't imagine flipping a mirror up and down to take a picture in this day and age.

    So, all in all, a digital camera of SLR construction has nothing but disadvantages over cameras of other design.

    2. The best and most expensive camera in the world is totally useless

    when it is not with you when you want to shoot the picture you want to shoot.

    Most people do not understand this basic fact. They spend $1,000 on an SLR, go for a special-purpose photography mission. Then for 99.999% of the time, they come across great picture opportunites but the camera is locked up in a climate-controled bank vault somewhere.

    3. Megapixels

    It's amazing that many people do not want to take the time to understand simple geometry. What's the point of having many mega pixels when no display is big enough, no paper is large enough, and worse the lens cannot resolve that many pixels. People are going for 5Mpixels on a phone camera with a lens of 2mm diameter?

    Talk is cheap. Talk is free. I welcome you to the challenge here, single camera single lens, from 1cm to 240,000 miles.