You must watch - http://www.lightover.com/epic/

I can see the movie now. If google really does tailor news (in the future) by rewriting multiple news sources electronically, can this be seen as breach of copyright? Interesting.

Thx for the link IrishAfrican

A new version of my wallpaper changer is now available. This version allows you to specify min widths & heights for all of you that demand the highest res images. Also (for the boys) you can now have ONLY the angels collection. Existing users will pickup the changes via the auto-update.

If you have high quality wallpaper (of atleast 1024x768 resolution) on any interesting subject that you'd like to share send me the details and I'll add it to this collection. Nearing the 25,000 image mark.

If you like your news, check out these new tools.

Start.com - try the MSN blogger map (very cool)

Google news & weather

This week was not too bad. Finally released a stable-ish, performant-ish beta for the QA team. Just waiting for the bugs to roll in. Glad the approach so far seems to be "fix bugs" before "new features".

My apologizes to all those offended by my previous remarks about shareholders. It was a comment made in jest, late in the evening after a bottle (or two) of wine. It was not directed at anyone nor implying that any one pulls less weight than others.

For those offended i might suggest that you find another blog to read cos I have no intension of worrying about my posts. Generally if you dislike my posts you'd probably dislike me in person (if we ever met). I also remind you that this is a personal blog and is no way linked with my employer (whom I've never mention on this site).

Any ways this week was shorter than most as I thought now would be a good time to take some of the months worth of holiday I have left. I expect (if the weather poor) that I'll be online playing Halo2 or coding. Might post some Photoshop adventures.

This looks like something I may purchase soon.

Bringing clarity to your world.

Yeah right!

Be sure to visit all the options undfer "Configuration" in the Admin Menu Bar above. There are 16 themes to choose from, and you can also create your own.

From Bungie.net

That's right, I said Noob. Which as anyone l337 ("elite") knows, actually makes ME a noob. Kind of like an uncle trying to be "cool." It's an embarrassing contradiction. Some of you might not even know what a "noob" is. Well, it's short for "Newbie" which originally meant a new player who hadn't quite grasped the rules yet. As a matter of fact, its origin as a term was probably quite gentle, even charitable. "Aaaw. Let me help you dear, dear Noob. The railgun is at the end of the corridor on that crate."

But times have changed. Noob is now a catchall for any adjective, noun or pronoun with a negative connotation. You could for example say, "Your hat is totally Noobish." You could even apply it as a verb, "I'm going to give you such a Noobing you Nooby Noobster."

But really, I wish "Noob" was the worst of it. I think I could walk right up to the President and call him a "Noob" to his face and he'd probably smile and say, "Thanks son, always a pleasure to meet young folks." But if I called the President any one of the things I hear on a typical Saturday morning, a secret service guy would snap my neck, Seagal-style and toss me off a balcony. And I'd deserve it.

Behavior on Xbox Live, and frankly any internet gaming experience, can be joyous. Pleasant. Satisfying. Rewarding. But occasionally it can be home to some of the rudest, stupidest, most idiotic, insulting dialog you will ever hear.

And how can you do this? How can you get away with such horrible behavior with no repercussions? Multiplayer, microphone and the velvety luxury of anonymity. That last one is questionable, but we'll get to that.

If parents heard what their golden-haired angels were doing on the internet, or on Xbox Live, there'd probably be some serious spanking apocalypse going down. Most parents would hear what I hear most times I play – the odd curse, maybe a grudging "good game" in the post-match lobby. Other times? An idiot screaming abuse at complete strangers. Now, if I play ten games, I might hear that once. If I meet ten people on the street, how many of them are going to scream insults into my face? Statistically? None.

That's a valuable fact. It means that video games are not, like all other fads before them, the harbinger of the end of civilization. They are like every other technology, working out the kinks and the bugs.

When the telephone was invented, the first words spoken by Alexander Graham Bell were, "“Mr. Watson, come here, I want you.” If it had been invented today, by BunGsuxGoatz, the first words would have been, "Suck it noob! I OWNED CHOO! Taste that? That's tealeaves NOOB!"

When you talk about time scales in videogame culture, you have to speak in shorthand. The games industry has really only existed, properly for about 25 years. So things have evolved rapidly from glowing white squares to 3D, photo-realistic universes in record time. If only other industries grew up that fast – we'd have space-capable flying cars and magnetic induction toilet flush. Actually that last one might be a bit dangerous.

The point is, it's hardly surprising that this kind of rapid evolution has resulted in teething troubles.

And they're being worked out. The nature of Live and other gaming services is that the player is given the freedom to play against anyone he or she likes. Custom games, or games you set up in a group, club or clan, are controlled. They are friends or acquaintances. Rivalries tend to the friendly and enjoyable.

But to give players the most freedom to play whenever they like, we have to open it up to the broader population. And as a wise man once said, "A person is smart, but people are stupid." The bigger a group is, the more likely it is to act like a herd. Here's an experiment – go stand on a street corner, downtown, at lunchtime and stare, rapt, up at something. A window, a lamp post, whatever. Ten minutes later, everyone's doing it. And on Live, the herd mentality even works on smart people.

One jerk. One moron, runs around screaming abuse at players, acting out in the most infantile way possible, and soon, everyone is screaming at him. Unlike the old, "Stand up to a bully and he'll back down" myth, ignoring these clowns actually works. The trouble is finding a Zen-like space to inhabit while finishing the game. Bullies on the other hand will punch out your teeth and steal your lunch money when you stand up to them.

And cheats? Now, in a way, I can understand what a screamer or insult-hurler gets out of it. I met enough of 'em in junior school. He gets attention (and I say "he" with all deliberation – since girls are almost invariably pleasant – and they have to put up with the most abuse) and he gets off on making you mad. Cheats get nothing. People hate them, and their achievements are completely meaningless. They are almost invariably the worst players in terms of skill and ability, and eventually, they end up matched only against each other, in a kind of hell. Which they are welcome to inhabit.

Which brings us to the question again. What is Bungie doing about it? Seems like the preceding screed blames everything on the cheats and screamers. It's not THEIR fault Bungie's lousy code makes all this possible. Well, actually, it IS their fault. They are the cheats and the screamers. Ultimate responsibility lies with them. The question then is, are they going to stop? Eventually they will. They'll grow up, they'll get bored, they'll move along.

But for some of this stuff, you won't have to wait. Cheats, hackers, modders – and yes, this includes the ones who demonstrated a way to "unban" their banned accounts – are going to be largely history within a week or two. If I were them, (and one or two of 'em are reading this now) I would delete anything on my Xbox that shouldn't be there, and I would do that today. Feel free to ignore that, but you've been warned, and besides, we don't really owe you that courtesy. If you can't play Halo next week, it was your own fault. We're not going to unban you.

We're realistic, we know that every time we fix a crack, some jerk with a jackhammer makes a new one. We know that we can't stop screaming, cursing without silencing the good along with the bad, and we know that human nature is going to ensure that the system is never perfect. But it's going to be better.

We work very, very hard on this stuff, contrary to some of the less-thoughtful emails we get. There's a room behind me, filled with people working long hours, on difficult problems, in a complicated matrix of online code, gameplay problems, hundreds of ISPs, modems and different situations. Of course it takes time, and of course we appreciate your patience.

We have a special responsibility here and we take it seriously. Halo 2 is a really big online game – especially on consoles. It has more simultaneous players, more sessions and more people than any other console game out there, at least for the moment. So we encounter problems on a different scale. We have a responsibility to Microsoft, to Xbox Live and maybe gaming in general, to try and manage the process in a cool way and learn all the lessons we need to. We're still learning.

On the next generation of Xbox, the 360, some systems are already in place that will make Live a much nicer place for the nice among us. Imagine a perfect world where you only played against pleasant, well-behaved, skilled, non-cheats. Sounds heavenly huh? Well, looking at what they have planned, I think that's going to be largely possible. I hope Bungie's next game is one that takes advantage of that idealized, happy space.

I genuinely believe that as this technology and community matures, the bad apples will be shaken out and the good ones will float to the top. There will still be bad people – but they can all hang out on their own. In a dark place of their own making. And guess what? They're not really anonymous. We know who they are.

But what do I know? I'm just a noob.

When our company's air-con failed on possibly the hottest week for the summer I knew it was gonna be a tough week.

Working to an already impossibly tight deadline, I learn that even more features have crept in. So much for being a products company not pressured into release schedules by end customers! At least this latest contract is worth some decent money.

Next thing to go bad, my tropical fish start dieing due to excessive heat and know matter what I tried, 3 days pass and all 24 fish are dead. Sigh...

Boom... Broadband fails... Fucking NTL:home muppets. They run possibly the worst call centre in the UK if not the world. So called planned over night maintenance turns into 48 hours of complete loss of service. No web, no mail, no hosting (apologizes to all hostees), no Halo 2.

Bang. Band new freeview set-top box goes bang after 2 days. God what else?

Friday comes and we need to do a major build and release of our software. A deep sinking feeling in my stomach. I've done too many Friday builds to know how this was going to end. Badly.

Any how, seeing as all my development work for this release was complete (on time) it fell to me to do the build and test the install. The code freeze was scheduled for 12.

4pm. Start the build!

Bang... Here we go... Start debugging...

One by one the dev team leaves for a nice relaxing weekend...

9pm. Myself and one remaining developer (both shareholders funnily) call it quits. And leave writing off any chance to create a release before Monday.

Lessons learnt:

1. book Fridays off.
2. leave at 5:30 on Fridays no matter what.
3. plan DDos on NTL:home
4. never buy cheap electrical goods
5. finish coding at last possible moment, so someone else tests/builds
6. check water quality in fish tank daily on hot days

Now where did I put that third bottle of red wine?

Inspired by a recent TV commercial, I choose my favourite animal as the subject for my latest experiment with Photoshop. Here I was messing about with targeted colour control and layer masks.

More cookie issues with ASP.NET forms authentication that I expect to run into during QA testing with some of our more security conscious customers (e.g. using SSL). Thanks again Scott for sharing this stuff. Now if I only had time to test my code...

We use Forms Authenication in .NET 1.1 (using cookies) and as Scott warns there are some gottas with ASP.NET 2.0 if you dont recompile. Basically to allow support for cookie-less forms authenication you might find that you application goes stuck in an infinte redirect loop when users sign out. To prevent this, add the following to your web.config:

 <forms cookieless="UseCookies" name=".AUTH" protection="All" timeout="60" path="/"/>

From 43 folders:

So how does GTD work?

This is a really summarized version, but here it is, PowerPoint-style:

1. identify all the stuff in your life that isn’t in the right place (close all open loops)
2. get rid of the stuff that isn’t yours or you don’t need right now
3. create a right place that you trust and that supports your working style and values
4. put your stuff in the right place, consistently
5. do your stuff in a way that honors your time, your energy, and the context of any given moment
6. iterate and refactor mercilessly

Maybe I'm being thick. Or perhaps its the speed I'm having to code at. But I think I've found a bug in Reporting Services.

Basically we have implemented custom security so that our logins to the Report Server are using details in a custom database. They are not Windows usernames/passwords. However when we use the web service api (ListSubscriptions) to return user's subscriptions we get nothing? After digging further with my best friend Reflector I found the following code in M$'s assemblies:

public ArrayList ListSubscriptions(string user, string report)
{
      ArrayList list1 = new ArrayList();
      string text1 = "select
             S.[SubscriptionID],
             S.[Report_OID],
             S.[Locale],
             S.[InactiveFlags],
             S.[DeliveryExtension],
             S.[ExtensionSettings],
             SUSER_SNAME(Modified.[Sid]), 
             Modified.[UserName],
             S.[ModifiedDate],
             S.[Description],
             S.[LastStatus],
             S.[EventType],
             S.[MatchData],
             S.[Parameters],
             S.[DataSettings],
             A.[TotalNotifications],
             A.[TotalSuccesses],
             A.[TotalFailures],
             SUSER_SNAME(Owner.[Sid]),
             Owner.[UserName],
             CAT.[Path],
             S.[LastRunTime],
             CAT.[Type],
             SD.NtSecDescPrimary
            from
             [Subscriptions] S inner join [Catalog] CAT on S.[Report_OID] = CAT.[ItemID]
             inner join [Users] Owner on S.OwnerID = Owner.UserID
             inner join [Users] Modified on S.ModifiedByID = Modified.UserID
             left outer join [SecData] SD on CAT.[PolicyID] = SD.[PolicyID] AND SD.AuthType = @AuthType
             left outer join [ActiveSubscriptions] A with (NOLOCK) on S.[SubscriptionID] = A.[SubscriptionID]";

      InstrumentedSqlCommand command1 = Storage.NewSqlCommand(text1, CommandType.Text, base.Connection, base.Transaction, base.SqlCommandTimeout);
      command1.Parameters.Add("@AuthType", WebConfigUtil.AuthenticationType);
      if ((user != null) && (user != ""))
      {
            this.AddClause(ref text1, ref flag1, "Owner.[Sid] = @UserSid");
            command1.Parameters.Add("@UserSid", Native.NameToSid(user));
      }

  <removed code>
}

Now the interesting bit is:

            this.AddClause(ref text1, ref flag1, "Owner.[Sid] = @UserSid");
            command1.Parameters.Add("@UserSid", Native.NameToSid(user));

Why are they trying to lookup a SID for my custom username? Of course this fails, which results in a WHERE clause that fails to grabs our subscriptions.

Has anyone else found this? Am I completely wrong?

BTW: I'm using Reporting Services SP 2.

The following information is provided for informational purposes only. Neither my employer or I provide this information as a means to exceed you licence limit for InstallshieldX. Dont be a moron.

How to Disable InstallshieldX licence checks when opening VS.NET solutions

On to business:

1. Fire up regedit
2. navigate to HKLM\Software\Installshield\10.0\Professional
3. Change string key 'VSDotNet11SCKey' to point to a non-existant file. E.g. change existing value by adding a '2' to the end of the filename. Here's my settings: C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\IDE\devenv.exe /command "View.ShowWebBrowser file://C:\PROGRA~1\INSTAL~2\Program\0409\GETSTA~1.HTM2"
4. restart VS.NET

job done.

In one of my current projects some strange errors have been tracked down to cookies, more specifically their implementation in ASP.NET. Here's is a handy guide found by a colleugue:

golden rules of the cookie: http://www.codeproject.com/aspnet/aspnetcookies.asp

thread discussing similar issues: http://www.dotnet247.com/247reference/msgs/57/289969.aspx

Much has been written about the insecurity of passwords. Aside from being guessable, people are regularly tricked into providing their passwords to rogue servers because they can't distinguish spoofed windows and webpages from legitimate ones.

Here's a clever scheme by Rachna Dhamija and Doug Tygar at the University of California Berkeley that tries to deal with the problem. It's called "Dynamic Security Skins," and it's a pair of protocols that augment passwords.

First, the authors propose creating a trusted window in the browser dedicated to username and password entry. The user chooses a photographic image (or is assigned a random image), which is overlaid across the window and text entry boxes. If the window displays the user's personal image, it is safe for the user to enter his password.

Second, to prove its identity, the server generates a unique abstract image for each user and each transaction. This image is used to create a "skin" that automatically customizes the browser window or the user interface elements in the content of a webpage. The user's browser can independently reach the same image that it expects to receive from the server. To verify the server, the user only has to visually verify that the images match.

Grab it here: http://share.skype.com/directory/skype_toolbar_for_outlook_%28beta%29/view/

What an excellent day. Onwards to Edinburgh! Listen to some of my personal hightlights on solidstore radio.