a a d h o c

Cryptographic failure while signing assembly -- Unknown error (8013141c)

2010-05-28T20:22:00.000-07:00

My Visual Studio 2008 project built fine a few weeks ago, now every time I compile it, I receive this error:

Cryptographic failure while signing assembly 'MyAssembly.dll' -- 'Unknown error (8013141c)'

This post helped the most, and brought me to the answer.

My twist on the solution is as follows:

1) I use 64 bit Windows 7 (though it should be the same for Windows Vista, and 32 bit)
2) I needed to change security on directory:
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
3) I added my user name, with the following minimum "Advanced" set of permissions:
* Create files / write data
* Create folders / append data
* Write attributes
* Write extended attributes
* Delete
4) After hitting apply, I had to accept that 5 directories were "Access is denied"

The project then built successfully. Any fewer permissions, and the error reoccurred.

According to blogger's consensus, a Windows Update broke the permissions on that directory. I'm using a domain account in the local Administrators group which has "Full Control" so I don't understand why I had to do this at all.

WCF Service 401 Intermittent Error (Solution)

2010-01-19T12:48:00.000-08:00

Summary:
For a WCF service running on IIS7, the entire service may become inaccessible reporting an HTTP 401 error on every web access, even the main /Service.svc/ and /Service.svc/help URLs. The problem may be that the web.config's aspNetCompatibilityEnabled must be set to "false"

Scenario A (works):
1) web.config / aspNetCompatibilityEnabled="true"
2) iisreset
3) Issue GET request, success (200) (Agent w3wp.exe appears in Task Manager)
4) Issue PUT request, success (200)

Scenario B (fails):
1) web.config / aspNetCompatibilityEnabled="true"
2) iisreset
3) Issue GET request, success (200) (Agent w3wp.exe appears in Task Manager)
3b) Wait 25 minutes (assuming app pool is set to recycle agents after 20 minutes, or do iisreset, agent w3wp.exe disappears from Task Manager)
4) Issue PUT request, failure (401) (See Attachment A below)

Solution:
If at all possible, change your Service's web.config setting aspNetCompatibilityEnabled="false" Even if your app needs it to be true, make the change and redo the test to see if you get by the 401 error. Luckily, my service wasn't using any compatibility features, so I could remove this template default value from my WCF service. This behavior appears to be a bug to me.

The repeatable problem:
When the IIS app pool agent (w3wp.exe) is not running, if a PUT request comes through first, the service will fail with an HTTP 401, and all endpoints of the service will become completely unusable. An iisreset will fix the problem temporarily, but again if the service agent becomes idle for long enough, you may be unluckly enough that a PUT may be the first hit. If a GET is the first hit to the new (or recycled) agent, then the PUT (and other) requests will work properly.

Checking for recycled agent:
1) You could look for that service's w3wp.exe in the task list. Be warned that if you have more than one site/service on that machine they will all look the same.
2) An easy way to determine the first hit on an IIS agent is to look at the IIS log file. The headers are added to the log file when the agent starts up. If the first HTTP hit below the header is unexplicably a 401 (but that hit worked before), then you may have this problem.
3) You could check the "System" event log, it will have an Informational "WAS" event saying: "A worker process with process id of 'NNN' serving application pool 'MyService' was shutdown due to inactivity. Application Pool timeout configuration was set to 20 minutes. A new worker process will be started when needed."

Attachment A: Resulting error

Access is denied.

Server Error in '/' Application.

Access is denied.

Description: An error occurred while accessing the resources required to serve this request. You might not have permission to view the requested resources.

Error message 401.3: You do not have permission to view this directory or page using the credentials you supplied (access denied due to Access Control Lists). Ask the Web server's administrator to give you access to 'C:\inetpub\MyService\Service.svc'.

Version Information: Microsoft .NET Framework Version:2.0.50727.4927; ASP.NET Version:2.0.50727.4927

Automotive Warranty scam

2009-03-13T12:55:00.000-07:00

I've been receiving phone calls from these caller-ID numbers recently, claiming to have important information about my automotive warranty. They clearly are not my car's manufacturer, and similar scams are being reported elsewhere. These types of offers have arrived in postal mail for a while.

Do NOT fall for their sales pitches. They want to pretend to be a company you already deal with, and sell you expensive and questionable extended warranties under false pretenses.

I wanted to put these phone numbers on the net to help anyone searching for them from their caller id:

1-062-233-4418
1-062-226-3618
1-062-291-1712

Be warned.

Copy content types Across Farms (SharePoint)

2009-02-19T12:35:00.000-08:00

Content Types in SharePoint can be very useful, and can be created by manually by users or automatically by various products or procedures. In one case, content types may be created automatically during a migration of content from CMS to SharePoint MOSS 2007 publishing server. Regardless of where they came from, they can be copied from one site to another, even moved across farms.

Under most circumstances, Gary Lapointe's stsadm extensions can be used to help automate the process. He has operations for copying content types between sites in the same farm, for propogating content types and for exporting content types from a site. Strangely there is no import content types, which would have enabled cross-farm content type copying.

To copy content types across farms, you'll need to do the gl-exportcontenttypes and then create a SharePoint feature that adds them to your site collection, site, ... whatever. If you don't want to install Gary Lapointe's stsadm extensions, you'll need to use his source code to write a console application that does the same thing. If you have the console application, you can drop it onto your source server (no install needed) and do the export.

For the export, I used the following flags:
url = http://hostname
contentTypeGroup = "Custom Content Types"
contentTypeName = null
excludeParentFields = false
includeFieldDefinitions = true
includeListBindings = false
listName = null
removeEncodedSpaces = false
featureSafe = true
outputFile = "ctypes.xml"

Once I had my output (ctypes.xml), I had to remove any ... tag pairs. For some reason they were included in some of the field definitions (site columns) associated with the exported content types. I don't know what the ultimate effect of this is, but it didn't matter to me in this case, and it worked without it.

The structure of the ctypes.xml file should look like this (values removed):
<elements xmlns="http://schemas.microsoft.com/sharepoint/">
<field id=" Name="" sourceid=" StaticName="" group=" RowOrdinal="" type=" DisplayName="" readonly=" Sealed="" colname=" PITarget="" piattribute=" /">
[...]
<contenttype id=" Name="" group=" Version="">
<folder targetname=" /">
<fieldrefs>
<fieldref id=" Name="">
<fieldref id=" Name="">
</fieldrefs></contenttype></elements>

Create a 12 hive feature directory:
C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\TEMPLATE\FEATURES\MyCtypes

Copy the ctypes.xml file into the directory.

Add feature.xml with content like this (with a new Id GUID, and change Scope if desired, remember Scope="Site" means SiteCollection):
<?xml version="1.0" encoding="utf-8"?>
<feature id="031D991D-2559-4512-BE86-024E9CA035B3"
Title="My Imported content types"
Description="Content types imported from wherever"
Version="1.0.0.0"
Scope="Site"
ImageUrl="Health.GIF"
Hidden="FALSE"
DefaultResourceFile="core"
xmlns="http://schemas.microsoft.com/sharepoint/">
<elementmanifests>
<elementmanifest location="ctypes.xml">
</elementmanifests>
</feature>

Install the feature this way:
"C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\BIN\stsadm.exe" -o installfeature -name MyCtypes

(if your xml file doesn't comply to proper schema, this installfeature will fail)

Now go activeate the feature. In this case, go to "Site Collection Features" and click activate for the new feature. This will add the content types to the site collection.

Uninstall this way:
"C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\BIN\stsadm.exe" -o uninstallfeature -name MyCtypes

This uninstall will remove the content types from the site collection. I suspect this will fail if the content types are in use by the site.

Olympics of the Mind - Smarty Pants - 1985

2009-02-02T20:40:00.001-08:00

(Flashback to high school... Reprinted here with attribution but without permission. From this source.)

Marcellus NY Weekly Observer 1985
Press-Observer, April 24, 1985 - Page 24
Two O.M. Teams Bring Home Trophies

Two school buses, a station wagon and a van slipped quietly back into Skaneateles late Saturday, April 20. This caravan was returning from the New York State finals of the Olympics of the Mind competition at SUNY-Buftalo.

Skaneateles pupils who participated in the Buffalo event were all winners of the regional competition March 16 in Auburn. The contests were titled "Big Top," "Ecology Dozer,"
"Compound Fracture," "Music Maestro" and "High Tech-Smarty Pants." Competition is in three divisions according to the grade level of the student.

After checking in at the guest dorms on the Buffalo campus, Friday, April 19,the 60 students and adult coaches were treated to a dinner at Niagara Falls, Canada. Mist and dense fog unfortunately totally obscured their view of the Falls.

Saturday morning the Skaneateles teams began competing against the other regional winners. The first part of the event is called "long term." This allows the competitors to show or use devices and skits to earn points toward victory. The second part of the event is called "spontaneous," where the team members use only brainpower to earn additional points.

The Division Three Skaneateles team for "High Tech-Smarty Pants" won first place for their robot and its skit dealing with an explosion in the chemistry laboratory. Coached by Georgia Peach, with Tammy Dudden assisting, the team of Sharon Graham, Eric Hadley, Maggie Kelly, David Leonard, Aaron Naas, and John Spear earned the privelege of competing in the 1985 World O.M. Finals at the University of Maryland on June 6 and 7.

A third place trophy went to the Divison Two Skaneateles team for "Ecology Dozer." This team of sixth graders, Jim Darrow, Michael Hancock, Jason Highsmith, Jilian Richards, Dietrich Rapalaski and Marcus Frick, built a vehicle powered by a small hydraulic jack. The car and driver had to move four trees from a starting point and place them into buckets along a 25 foot course. Beth and Jorge Batlle coached this team.

This team also won an award for exceptional creativity for the "long term" part of their event. Carol Anne Smith, coordinator for the elementary teams remarked that this was the first time in her memory that this award was presented for the "long term" portion of the event.

Jimmy Allred competing in Division One's "Compound Fracture" event won an award for special achievement in the "spontaneous" part of his team's event.

The Olympics of the Mind competition encourages the development of individual creative skills, team work, diligence and hard work. The predominant spirit of O.M. competitions is fun and humor, and finding new and different ways of doing things.

Frack the BEEP (in BSG podcasts)

2009-02-02T06:46:00.000-08:00

There is a great Battlestar Galactica podcast where the Executive Producer, Ronald D. Moore, discusses each episode and the decisions and circumstances that affected aspects of the show. Very interesting and insightful.

I listen to podcasts as I drive to and from work, and unfortunately I can't listen to this one. His podcasts for each show are constructed from segments, and those segments are separated by something that sounds like an industry standard scene-change extended BEEP. Unfortunately he speaks softly enough that I have to turn up the volume to hear him, and the BEEPs are unexpected and ear-piercing. I'm convinced that he has never listened to his own podcast.

I just posted this to podcast alley for that podcast (http://www.podcastalley.com/podcast_details.php?pod_id=1819):

"Not recommended for listening while driving. Great podcast, but he speaks softly, and the transition beeps are very loud and unexpected. In the car I have to turn it up enough to hear him and I do a massive flinch each time it beeps, and I'm concerned that I'll run off the road. Ronald D. Moore, you need to listen to your own podcast, maybe while you're driving or working out. You'll want the beeps reduced in volume too."

Seagate/Maxtor SeaTools Drive Diagnostic - Problems/Solutions

2009-01-09T06:28:00.000-08:00

I had a hard time testing some new Seagate ST31000340NS drives recently, and here is what I learned.

Always test new drives ASAP so you can return defective drives within warantee period, and avoid lots of wasted work/installs/reinstalls.
Download the Seagate SeaTools (also works for Maxtor) DOS ISO for drive testing, and burn the CD (I downloaded v2.13B on Jan-7-2009).
The SeaTools Windows version doesn't generally work in Vista x64 (Known problem). Though a certain hack/fix (from this discussion) might work for you in Vista 64 bit. It worked better for me, but I think my hardware hindered the drive detection.
Connecting the SATA drive externally via eSATA works great for drive testing (I used a Rosewill eSATA enclosure).
My A7N8X Deluxe based computer would not boot with the drive attached. After drive detection, the machine hung.
My P5B Deluxe/WiFi-AP based machine booted from the SeaTools CD no problem.
The SeaTools software must have a floppy disk in the A drive (possibly writeable) or the long test will not complete. After the test, the floppy disk was completely empty. I put the CD and floppy in, then booted.
I ran the Short Test, the Long Test and the Acoustic Test, taking a digital photo of the results of each.
I also photographed the drive. The photos are for my inventory and testing results.

If you were wondering my new drives tested as flawless.

-AAron

GoodShop, NewEgg and PackageMapping

2008-12-31T06:32:00.000-08:00

I've just ordered some new computer equipment, and I'm rather excited and anxious about it's arrival! But when will that be? I have the UPS tracking number

Firstly I have to say that I've been buying from NewEgg for many years, and they've always been wonderful. Among other things, I've ordered at least 5 motherboards and over 15 hard drives. I point those out because I have received faulty equipment (odds are with that volume that it will happen), but NewEgg support has always been helpful and courteous. I just spoke with them today about a 1 yr old Samsung hard drive that Samsung refused to warantee, to which NewEgg then offered me a full refund. They have great prices, and great service. And you can help a charity dear to my heart if you shop NewEgg from this link:

GoodShop
No additional costs or registration. The charity will be preselected, just select NewEgg or any other store and shop as normal.

Ok, so I've place my order. When will it get here?!?!?!?!
I've just discovered PackageMapping.com, which uses any tracking number and shows you the path and current location of your package on Google Maps! Very cool. I now have a sense for the geographic proximity of my package and how soon it may arrive!

Computer Backups @ Home

2008-11-18T08:55:00.000-08:00

After trying lots of different backup strategies for my home computers, I’ve finally settled on a backup system that is fault, fire and theft tolerant. With a convenient combination of live recovery and offsite backup, I can easily recover from single hard drive failures, and even a complete system loss.

The trick is that I’m using a RAID 1 mirror approach with an extra drive. In this scenario, I’ve got two drives working as one that tolerates the complete loss of one of the drives, and the system continues to operate without interruption. Each week, I power down the systems and remove one of the drives (which is a perfect copy of the other). I then install a drive that I had kept offsite in a safe deposit box at my bank. During the boot process I tell the machine to rebuild the RAID 1 array and overwrite the newly inserted drive. The RAID rebuild doesn’t take much processing power, and a few hours later the machine is back to full redundancy.

At any one time, I have 2 drives in a machine acting as fault tolerance, and a third drive at the bank acting as standby for a complete and total loss disaster. I’ve experimented with my motherboard built in ICH8R hardware assisted RAID controller, and I know that I can easily rebuild from only the offsite drive.

To make the process better, I put mobile drive racks into my 5.25 bays. The rack accepts direct insertion of SATA drives (no sleds needed). I don’t even have to disassemble anything to make the drive swap. These days 500GB drives are cheap, which makes this scheme very affordable.

KINGWIN KF-1000-BK 3.5" Internal hot swap rack ($25)
http://www.newegg.com/Product/Product.aspx?Item=N82E16817990001

OEM 500GB drives ($60-$70)
http://www.newegg.com/Product/ProductList.aspx?Submit=ENE&N=2010150014%20103530113&bop=And&Order=PRICE

This is arguably not a backup strategy. Considering that I have fault tolerance AND an offsite copy, this simple system satisfies all my needs. The offsite “backup” is about a week old at any one point, but I would suggest that it’s more current, more reliable, more viable and more convenient than most people’s backup strategies. Considering that most people backup by taking hours copying files to an external drive, my backup is basically just pulling the drive out of the machine.

Also consider that my RAID 1 mirror strategy can be used like a Virtual Machine rollback feature. If I wanted to, remove one of the drives, and try arbitrary system changes and software installs. If I didn’t like the result, I could remove the remaining drive, and reinsert the one I had pre-removed. At that point the system would be in pre-experimentation mode. The system would need to rebuild the array, but a small price to pay for having rollback capabilities on a physical machine.

There are some issues/annoyances to this approach. First, when a drive is failing, typical consumer drives make “heroic” attempts to prevent data loss. This means it can take extremely long amounts of time retrying and remapping bad sectors (hard drives are S.M.A.R.T. you know :-) I’ve seen this occur on my systems, and it takes a while to realize why the system is semi-freezing, acting erratic, or possibly not shutting down properly. Once I recognize it, I shut down and run my vendor supplied drive diagnostics to find (and possibly correct) the bad drive. I don’t like any drive problems, but these days the diagnostic software will correct them enough that a warrantee exchange can’t be done. The other annoyance is having to shutdown my systems once a week, and drive to the bank. The systems aren’t down for long and it is a short drive to the bank, but it is slightly annoying. If you wanted to attempt this scheme, you would have to RAID enable your system in some way. Maybe buying a new motherboard, or a PCI card, or external NAS RAID… I can see that being annoying too if you don’t have it already.

With my frequent visits to my safe deposit box in the vault, and bringing my precious data (photo collection, word docs, personal projects, etc…), I feel like it would be cool to have one of those steel secret-agent brief cases handcuffed to my wrist :-)

Note:
I could use an online Internet cloud-based backup solution, but my Honda Civic can transfer 1.5TB of data to/from offsite in about 20 minutes. My cable modem at home can't achieve that type of bandwidth every week :-)

Telemarketers and Robo Callers

2008-10-03T11:06:00.001-07:00

Sigh.

There's only so much attention that I can give to unwanted callers interrupting me during all hours of the day. Whether the attention I give is to annoy them in return, research them on the Internet, provide "public service messages" about the ethics of these callers and the do-not-call list, ... there's just too many annoyances in the world, and giving them any attention at all has become too much.

Although it's interesting to document and blog about "Freedom's watch against Kay Hagan", "Associated Builders Association against Kay Hagan" (both of whom called today), the democratic party doing opinion surveys yesterday, or whatever... I'm done with them. The next time I get a robo message on my voice mail, or a person calls at 9:30pm... I'm done. I'm going to delete the message. I'm going to cut the phone calls short. I'm going to stop blogging about how the do-not-call doesn't stop all the annoying phone calls, and how wrong the whole system is.

I'm done.

What Telemarketer Research ? For WHO ?

2008-09-17T13:09:00.000-07:00

I got ANOTHER call today from a telemarketer claiming market research.

TELL ME YOUR CONCERNS
The call was from Mountain West Research Center (http://www.mwrcenter.com) wanting to ask me about national and local issues facing communities. As I probed for answers about who they were and who would get the results of the survey, the caller could not provided me with an answer on where my responses would end up. Why would anyone volunteer information that may go toward causes or political interests that they do not agree with. For example, lets say that I'm concerned about local businesses losing out to big corporations. Now anyone can bring up that topic to try to sway my opinion, regardless of their real intent. If I said pollution was my national concern, any corporation or political machine would know to how to gain my favor or dollars.

Are you a republican? How would you answer the survey if it was democrats calling?
Are you a democrat? How would you answer the survey if it was republicans calling?

I don't mind giving my opinions in the proper forum, but phone calling blind (which is annoying enough) and not telling me how my answers will be used. Its easy for both friends and enemies to use a person's opinion to sway or coerce them.

As an aside, I asked their company name, location, phone number... they told me they didn't have a phone number, that they were calling from the Internet (how ridiculous is that?).

YOU LIKE PET FOOD?
I had a different call recently (at 9:00 pm) researching my views on pet food products. They too weren't selling anything and felt the Do-Not-Call list didn't apply to them. I kept them on the line for a while asking about who was paying for and receiving the survey. As they said the survey results would be free, I asked them to send me the results. They then said it was not free, to which I asked who was paying for it. I had the guy talking in circles before he suggested I speak with his supervisor. The supervisor was rather unapologetic about calling anyone and about not revealing who was getting the survey. My point with these people was that it WAS a commercial phone call, and that they shouldn't be able to call me due to the Do-Not-Call List.

YOUR HOMEWORK
When they call YOU, be sure to get any identifying information so that you can look them up on the Internet, and blog about them. Get company name, address, phone number anything you can search on. Also insist that they tell you where your information is going, and who is paying for it. Good luck.

Enterprise Library Logging with WMI

2008-09-10T11:44:00.000-07:00

In Enterprise Library for Microsoft (EntLib v3.1), you can use the WMI TraceListener (WMITraceListener class) to send logging events/statistics to the Windows Performance Monitor application.

Steps:

Enable Instrumentation on the host: Start / All Programs / Microsoft Patterns & Practices / Enteprise Library 3.1 - May 2007 / Install Instrumentation
With Enterprise Library Configuration, configure your app.config or web.config to use the WMI TraceListener.
With Enterprise Library Configuration, add Instrumentation
Edit the resulting config file (from previous steps) to set the instrumentation properties to "true": <instrumentationconfiguration performanceCountersEnabled="true"
eventLoggingEnabled="true" wmiEnabled="true" />
If you have subclassed LogEntry, make sure any custom typed Attributes are decorated with [IgnoreMember] (you'll have to have System.Management as a Reference)
Run your program
Add a new Counter in Windows Performance Monitor: Performance Object "Enterprise Library Logging Counter"; Select counters from list; Select your program's instance.

Troubleshooting:

If "Enterprise Library Logging Counter" isn't available in Performance Monitor, then you didn't Install Instrumentation in EntLib.
If you can't select an instance while adding the Counter, then your program probably isn't running, or something is preventing it from being instrumentable
If the application event log contains errors suggesting that you use IgnoreMember, then you are logging a subclassed EventLog that has Attributes with special types (the event log error will say which one). Or change the type of you attributes to string, int, etc... to avoid the problem.

Don't Give to Rude Telemarketers

2008-09-08T18:31:00.000-07:00

Hey Telemarketers!
Telemarketers, when you call me midday or in the evenings, I am not happy or receptive to your message... but I am polite. I generally will try to end the call gracefully. If you are rude to me, then I start to question why I am being polite to you.

Fraternal Order of Police
Yesterday evening I received a call from the Fraternal Order of Police, asking for a donation to their noble cause. I listened and waited for a chance to reply and when I calmly said "no thank you" they immediately hung up.
Today, to my surprise, I received another call from the Fraternal Order of Police (in the afternoon). I interrupted the telemarketer a few times to make sure that I was talking with the same organization, as I made notes. Then I interrupted again and said that they had called yesterday and were rather rude to me. I conveyed that they hung up on me after I had politely refused. As this telemarketer tried to break in, I said that I was NOT happy with them, and I hung up. I'm surprised that I was able to hang up on them before they hung up on me.

March of Dimes
I like the intent of this organization, but their fund raising efforts are ruthless. The March of Dimes has called my house asking for my wife... I'll ask who they are. After they respond I tell them that my wife isn't around, but I can help them. At that point they tend to hang up without further response. Later (sometimes hours, sometimes days) they call back, identified by caller ID, and hang up quickly when they find out that my wife isn't available. To me, that's rude and devious. It is also impossible to get off their mailing list.

Not Over the Phone
Additionally, stop insisting that I give right now! I tell anyone who calls that I do not make donation decisions over the phone. Send me information in the mail, and I'll make my decisions casually when I sit down to pay bills. I've had telemarketers hang up when I tell them that I do not commit to donations over the phone, but that I would like them to send information to me.

Who are the Telemarketers Helping? Themselves?
Some of the telemarketers that call me are not doing justice to the charities that they represent. Either through poor phone etiquette, or not providing a high enough percentage back to the charity. The telemarketers that are now blocked by do-not-call lists seem to have moved to calling for charities. They see the potential for raising money for a charity, the potential to get around the do-not-call list, and a way to make profits again. I've asked some of the telemarketers that call me about what percentage goes to the charity... some don't know, some are low percentages, and others are more reasonable. I don't know how March of Dimes works, but do your own googling on the telemarketers calling for Fraternal Order of Police... I've seen horrible reports stating the charity gets as low as 12%. All of these comments are about the telemarketers representing the charities. I'm sure the charities are worth while, but ask some questions and do some quick research (Google) before you give to any charity through a second party service (ex: what percent goes to the charity?)... that's why I don't make decisions over the phone!

Give, but Not to Telemarketers
I do suggest that everyone find a charity they feel is deserving, and find a comfortable way to donate to them. Each year I tithe to our church and give to some charities. I'm also on the board of NathanCan Foundation (NathanCan.org) working to help chronically sick kids. If I weren't giving or directly participating in a charity, I'd feel like this entire discussion was merely an excuse not to give anyone anything... but there ARE good and deserving causes out there, and GOOD ways to donate.

Porting YetAnotherForum.NET to SharePoint

2008-08-24T13:50:00.001-07:00

Idea

YetAnotherForum.NET (YAF.NET) on SharePoint, sounds like a great idea!
(The main focus of this article is partitioning data between YAF.NET forums based on SharePoint site.)

It sounds like YAF.NET might already handle authentication of users arriving through Active Directory (ie: auto register), but I don't want just a YAF.NET install next to my SharePoint system. My needs are to have YAF.NET be a feature that can be deployed across hundreds (thousands?) of SharePoint sites without intermingling the content (Topics/Posts) between sites.

It seemed like it might be a weekend effort, but with family activities, other personal projects and the size of the effort, I've decided that I just won't have the time to port YetAnotherForum.NET to SharePoint 2007 (WSSv3). I will share my findings though.

Approach #1

Inversion of Control, decoupling the data access mechanism from the application so a new data store (ie: SharePoint) could be injected. The approach would be to take all the DB access methods in YAF.NET, and make them use an interface, and put the existing DB access code into a class to satisfy that data interface. The phase 1 result would be a code refactored YAF.NET that works exactly the same as it did.

The second phase of the port would be to create another implementation of the data access interface that utilizes SharePoint lists instead of the SQL database. Plug in that new interface, and the YAF.NET should work fine without knowing that its running on SharePoint. It should be possible to satisfy all the database needs of YAF.NET with SharePoint lists and CAML for access. The only need that might not work is YAF.NET's free-text search capabilities.

Data will need to be compartmentalized into the SharePoint sites that YAF.NET was enabled for. This will help application scaling and content ownership. There are some practical data limits to SharePoint's core list capabilities, but utilizing separate YAF.NET lists per SharePoint site avoid those issues. The YAF.NET SharePoint data access would have to utilize the lists for the current site to make this work, would be pretty easy once the rest was in place.

Example YAF.NET loading from SharePoint site context:
http://hostname/sites/TestSite/_layouts/YAF/default.aspx

The SharePoint site at "/sites/TestSite" would have the normal YAF.NET data sources:

[...]

The entire YAF.NET for SharePoint system would be packaged as a SharePoint site collection or web scoped feature in a SharePoint solution file. That means that once the solution has been added to your SharePoint system, site administrators could go to Site Features (or Site Collection Features) and enable that feature. The initialization of the feature would run, creating the proper lists and default data.

This approach sounds like the best SharePoint solution, but without in-depth knowledge of YAF.NET, it feels like 3-4 weeks worth of development and testing.

Approach #2

A compromise solution to porting YAF.NET to SharePoint would be to partition the data for SharePoint sites within the current YAF.NET SQL database. By adding a new "Context" column to all existing tables, then slightly modifying all the SQL in YAF.NET, the system could function within the context of the SharePoint site it was accessed from. This approach simulates different data stores for each SharePoint site, but does not change the native source YAF.NET already uses, so the approach is less complex.

This approach sounds like a reasonable SharePoint solution, and avoids some of the questions about SharePoint list data scalability issues by continuing to use native SQL Server. Because this approach is generally many simple modifications, it feels more like 1-3 weeks worth of development and testing.

I started some work down this approach to flush out the main issues. Some of these steps are required for either approach...

Live in SharePoint Layouts
YAF.NET would need to function in the common SharePoint "layouts" directory. This is where common SharePoint functions/systems need to live, and they are given the opportunity to be "aware" of the site context that they are invoked from. This part was quick and easy.

Misc:
In \web.config, I enabled session state, and switched trust level to full. Neither is a great idea for SharePoint, but worked for my development purposes...
pages enablesessionstate="true" ...
trust level="Full" originUrl=""

For this url to work:
http://hostname/sites/TestSite/_layouts/YAF/default.aspx

...YAF.NET needs to be copied to:
C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\TEMPLATE\LAYOUTS\YAF
(I put the YAF.NET binaries into the webroot/bin for testing)

Config.cs needs to know about site context:


        /// 
        /// Determine the site context from the http request.
        /// /
        /// /sites/TestSite
        /// 
        static public string UrlContextPath
        {
            get
            {
                string scriptUrl = HttpContext.Current.Request.ServerVariables["SCRIPT_NAME"];
                string rawUrl = HttpContext.Current.Request.RawUrl;
                int pos = rawUrl.ToUpper().IndexOf(scriptUrl.ToUpper());
                if (pos <>
                {
                    return "/";
                }
                return "/" + rawUrl.Substring(0, pos);
            }
        }

UrlBuilder.cs needs to build urls with site context:


        public string BuildUrl(string url)
        {
            return string.Format("{0}{1}?{2}",
                Config.UrlContextPath.Substring(1),
                HttpContext.Current.Request.ServerVariables["SCRIPT_NAME"],
                url
                );

            //return string.Format("{0}?{1}",HttpContext.Current.Request.ServerVariables["SCRIPT_NAME"],url);
        }

Partition Data by Site Context

This is the BIGGEST porting task, requiring changes to all 31 database tables, 1 view, 162 stored procedures, and all corresponding code invocations of SQL and stored procedures.

Add the Context field to all database tables. For example:


IF NOT EXISTS (SELECT 1
          FROM   sysobjects
          WHERE  id = Object_id(N'yaf_AccessMask')
          AND Objectproperty(id,N'IsUserTable') = 1)
CREATE TABLE dbo.yaf_AccessMask (
[AccessMaskID] INT IDENTITY NOT NULL,
[Context]      NVARCHAR(255) NOT NULL,
[BoardID]      INT NOT NULL,
[Name]         NVARCHAR(50) NOT NULL,
[Flags]        INT NOT NULL CONSTRAINT DF_yaf_AccessMask_Flags DEFAULT (0))
GO

IF NOT EXISTS (SELECT 1
          FROM   syscolumns
          WHERE  id = Object_id('yaf_AccessMask')
          AND name = 'Context')
BEGIN
ALTER TABLE dbo.yaf_AccessMask
ADD Context NVARCHAR(255) NOT NULL DEFAULT '/'
END
GO

Modify all SQL and Stored Procedures to use the new Context field. For example:


CREATE PROCEDURE [dbo].[yaf_accessmask_delete](
                @AccessMaskID INT,
                @Context NVARCHAR(255) = '/')
AS
    BEGIN
        DECLARE  @flag INT
        SET @flag = 1
        IF EXISTS (SELECT 1
                   FROM   yaf_ForumAccess
                   WHERE  AccessMaskID = @AccessMaskID)
            OR EXISTS (SELECT 1
                       FROM   yaf_UserForum
                       WHERE  AccessMaskID = @AccessMaskID)
        SET @flag = 0
        ELSE
        DELETE FROM yaf_AccessMask
        WHERE       AccessMaskID = @AccessMaskID
        AND         Context = @Context
        SELECT @flag
    END
GO

Modify all invocations to SQL and Stored Procedures to use the new Context field. For example:


        static public bool accessmask_delete( object accessMaskID )
        {
            using ( SqlCommand cmd = new SqlCommand( "yaf_accessmask_delete" ) )
            {
                cmd.CommandType = CommandType.StoredProcedure;
                cmd.Parameters.AddWithValue( "@AccessMaskID", accessMaskID );
                cmd.Parameters.AddWithValue("@Context", Config.UrlContextPath);
                return (int)ExecuteScalar(cmd) != 0;
            }
        }

With a few of these changes in effect, YAF.NET continued to function properly, which helped prove the viability of the approach, but also proved that it would take a non-trivial amount of time to complete. I did not continue the effort due to my lack of availability.

Additional Issues:

Web Part - These approaches are targeted at making YAF.NET work as a companion to SharePoint, not fully integrate it. An expectation of any SharePoint admin would be how to drop a dynamic view of the forum onto a SharePoint Web Part Page. Luckily YAF.NET is constructed with web user controls, which translate pretty easily into web parts. Look at SmartPart WebPart (or other sample code) for how to load a normal web user control in a Web Part container.

Isolation - Some elements of YAF.NET need to be shared rather than isolated between SharePoint web sites. Data such as Users, Permissions and Access Masks are some examples of data that might need to be shared across all SharePoint sites (especially users!)

Overlapping domains - Some elements of YAF.NET need to pull data from SharePoint rather than handled by YAF.NET. For instance, Users and Permissions should come from SharePoint, otherwise SharePoint admins will need to setup users/permissions TWICE (once for SharePoint sites, and another time for YAF.NET).

Default data - Some data is provisioned during the one-time YAF.NET install. Some amount of data provisioning may need to occur once per SharePoint site. During setup/initialization. For instance, the AccessMask is setup with some default permissions. If data in YAFF.NET is merely partitioned between SharePoint sites, that one-time data initialization will only benefit one SharePoint site.

Microsoft Update - the following updates were not installed

2008-08-18T17:40:00.000-07:00

I kept receiving "the following updates were not installed" when trying to use Microsoft Update on one of my plain Windows XP VMware machines. I have HEAVILY relied on Microsoft Update for a long time for many machines, and this is the first time updates just wouldn't install. In my scenario, I would choose "Custom" and anything I chose would go through the motions, but ultimately fail to install.

I followed the simple instructions here which solved my problem: Updates are not installed successfully from Windows Update, from Microsoft Update, or by using Automatic Updates after you perform a new Windows XP installation or you repair a Windows XP installation

Method 1: Register the Wups2.dll file in Windows

To register the Wups2.dll file in Windows, follow these steps:

Stop the Automatic Updates service. To do this, follow these steps:

a.	Click Start, click Run, type cmd, and then click OK.
b.	At the command prompt, type the following command, and then press ENTER: net stop wuauserv

a.	At the command prompt, type the following command, and then press ENTER: regsvr32 %windir%\system32\wups2.dll Note For a computer that is running Windows XP Professional x64 Edition, type the following command, and then press ENTER: regsvr32 %windir%\syswow64\wups2.dll
b.	Click OK on each verification message that you receive.

Start the Automatic Updates service. To do this, type the following command at the command prompt, and then press ENTER:

net start wuauserv

Exit the command prompt. To do this type exit, and then press ENTER.

Service manuals are very useful !

2008-08-10T20:37:00.000-07:00

My printer broke and I was confident that I'd be able to fix the simple problem once I downloaded the service manual. I have to say it was very cool to be able to get a hold of that manual ! It has instructions on how to diagnose, disassemble and fix. The printer went through the motions, just didn't lay any ink... must be clogged, should be easy to fix.

The printer actually stopped printing about 2 years ago, and I had since abandoned the overly expensive and questionable ethics of that printer's manufacturer. Since I HAD purchased extra printer ink cartridges with that company's settlement to the class action lawsuit (pertaining to questionable ink practices)... I wanted to use up that ink, and spare some ink on my new Canon PIXMA MP780.

I have to applaud any company (even the maker of this printer and its expensive ink) that has a service manual that I can find online (I got it at this site). Kudos ! I also found community help for exactly the problem I had. Regardless of technical expertise or skills, I think everyone should have the chance to get the full manuals and self-help for all the products they own.

My project started following A FIX for Clogged Printheads which was VERY nice. The disassembly, construction of make-shift tools, and use of anti-freeze... all went great removing tons of gunk from my old printhead. Followed all instructions, didn't help in the end. I was still happy and empowered by the community help.

Then I found and dove into the service manual. I wouldn't gotten nearly as far carefully and gracefully locating and removing the proper screws without it. I usually break things as I'm being careful, which I didn't do as I followed the manual.

As the manual pointed me at screws that could only be reached with long narrow specialized screwdrivers I started to get frustrated, but still thinking there was SOME hope that I'd be able to reseat them all and get this thing back together.

Having to ultimately go for removing the printhead itself (ugh), I abandoned the manual, and honestly all hope of ever getting this darn thing back together. Just think though, without the manual I wouldn't have ended up with this, or potentially in the mood to buy a new printer. Too bad I already decided I didn't like this one's manufacturer, I might have bought another of their printers merely because I was empowered with the service manual to destroy my old one!

Care with the service manual lead to not caring and destruction.

Well, at least the 3 day project is now over, and I've got some additional neat parts for my Junk box.

Send Email Attachment Through Filter

2008-07-16T15:59:00.000-07:00

Through much trial and error, I've found an obscure but reliable way to send any attachment through an email system that normally prohibits DLL, CMD, VBS, etc... files. Even zipping the files or renaming files usually isn't enough to trick the filter into letting the file through. Sending emails through gmail and corporate systems, the attachment can cause the email to be partially or fully rejected. With a solid need to send .CMD and .CAB files (with a DLL inside the CAB) through a corporate email system, I figured this out:

Create original.zip, NOT password protected.
Rename original.zip to something else original.zip.RemoveThisExtension.
Zip the original.zip.RemoveThisExtension file with a password.
Send the original.zip.RemoveThisExtension.zip file to someone.
Tell recipient the password to unzip the outer file and that they should remove the ".RemoveThisExtension" portion of the inner file.

I think password'ed zip files still provide the directory without needing the password. So "double embed + password " doesn't let the email scanner see past the one non-zip extension'ed file. Here's a shocker, I suspect that the file doesn't even have to be renamed! I didn't have time to try zipping the zip (while adding the password).

AVG Free v8 - Start automatic updates fix

2008-07-12T07:51:00.000-07:00

Recently I found that my AVG Free (version 8 / AVG8), was not updating definitions and complained that "Database update is disabled" (strange since I had installed only this Vista x64 (64 bit) machine only about 1-2 months ago). I didn't reinstall, but I did find a fix:

The problem was that automatic updates were not enabled. But when I was not able to make AVG save my settings when I tried to enable it via:
Update Manager / Update Manager settings / Start automatic updates

I found Error: e001018b in the log file (C:\ProgramData\avg8\Log\avgcfg.log):

[AVG8.CFGMGR] ERROR 2008-07-12 14:25:06,155 AAFRY PID:3800 THID:2848 ID:{4B69726F-6E736B79-4C696C69-32303036-30393034}:519.134.79458 MSG:'DWORD:0x455295d4', 'DWORD:0x2', 'DWORD:0xffffffff', 'DWORD:0xffffffff', 'ERRORCODE:0xe001018b'

The solution was to remove the schedule config file (C:\ProgramData\avg8\Cfg\sched.cfg), and let it be recreated. Here's what I did:

Move "C:\ProgramData\avg8\Cfg\*.cfg" to "C:\ProgramData\avg8\Cfg\old" (NOTE: you might want to try moving JUST sched.cfg... that might be enough)
Open AVG console from the system tray
Check the box at Update Manager / Update Manager settings / Start automatic updates
Perform "update now" on all AVG components
Reboot

At this point everything seems fine.

These files were automatically recreated:
C:\ProgramData\avg8\Cfg\mail.cfg
C:\ProgramData\avg8\Cfg\sched.cfg
C:\ProgramData\avg8\Cfg\update.cfg
These files were NOT auto recreated:
C:\ProgramData\avg8\Cfg\krnl.cfg
C:\ProgramData\avg8\Cfg\user.cfg

File paths/directories will probably be different on Windows Vista vs Windows XP. To reiterate, I'm using Vista x64, so the paths above are for Vista.

If anyone does the above procedure with moving JUST sched.cfg, let me us know if it worked for you.

Accumalizer.com Pretends to Care

2008-07-08T10:17:00.000-07:00

I've been getting a lot of spam recently from Accumalizer.com. Various spam offerings always with the Accumalizer.com top banner with the sugar speckled gumdrop, makes it easy to identify and delete the spam.

I'm enraged by the good-neighbor spam policy at the bottom. It reads (FYI: I made the email change to someone@somewhere.com):

"Accumalizer.com thanks you for opting-in to receiving email advertising with us. You signed up one of our partners with the address someone@somewhere.com, but if you would prefer to you may unsubscribe from future correspondence at anytime.
Please visit the original website where you opted-in to view the relevant privacy policies.
Or, you may contact us at: 3 The Drive, Great Warley, Brentwood, CM13 3FR, UK (CoNo: 06187068)"

This is not only a half truth (I didn't opt-in in any fashion), but it's also intentionally vague and probably impossible to opt-out electronically. Since I didn't opt-in, or I don't know what horrible site gave them my email address, how do I return to the original site to tell them to stop? Even if I did figure it out, it probably WON'T stop Accumalizer since they already have my email address, and wouldn't notice an off-site unsubscribe!

It looks to me like they want to appear legit in being a good and responsible custodian of your personal information. Meanwhile they've made it impossible for anyone to actually unsubscribe!

I've tried their unsubscribe link, which is basically this form: http://accumalizer.com/webforms/accumalizer/unsub/
Yet I'd bet that it doesn't ultimately stop them. I'll add a comment later if the emails stop (or if they continue).

Blockbuster Knew

2008-07-05T19:12:00.000-07:00

I just got home from Blockbuster and I am impressed. Their "bricks and mortar" store is connected directly to the online rent-by-mail service, and as far as I can tell, the connection is real-time.

I have the online plan where they send me one movie at a time via the mail (like Netflix), but I get the added advantage of getting a free rental and an immediate return of the mailer. Its great that I can have a different movie almost every 2 days with this setup, but that's not what this post is about.

Yesterday I went online and put Futurama "The Beast with a Billion Backs" on the top of my Queue. Today, I went to return a mailer and get a free movie... and lo and behold, the Futurama "The Beast with a Billion Backs" movie was right there on the shelf! I formed a plan to rent the movie, and rush home and remove it from the queue. I raced home and within 5 minutes I was in my online blockbuster queue. I was greeted with an alert that said that I had just rented Futurama "The Beast with a Billion Backs", and that it was also in my queue... and would I like to remove it from the Queue?... and would I like to always remove rented movies from the queue.

I'm impressed that they have this feature, but I'm more impressed that the system kicked in SO fast! Wow.

Samsung ESTOOL Drive Diagnostic Does Nothing (here's why)

2008-06-28T20:43:00.000-07:00

Or does it?

http://www.samsung.com/global/business/hdd/support/utilities/ES_Tool.html

I have been trying to get the ESTOOL hard drive diagnostic program to work for over a day now, and just figured out the problem. The bootable floppy disk seems to work. It lets me auto detect and select my Samsung hard drive. It lets me see information about the drive and its settings. When I choose "Drive Diagnostic," it asks how many loops to run, and when I hit enter (defaulting to 1), I end up back at the main menu.

Ends up that the ESTOOLS boot floppy disk MUST NOT BE WRITE PROTECTED ! It wants to write a status log to the disk, but fails silently if the disk can't be written to. I'd guess that if the floppy disk were full, the same silent error would occur. So, to save yourself the grief I went through, don't lock the disk, and make sure there is at least 10K for log files (they are actually less than 5K each).

Would have been nice if the program told me what the problem was !!!
(I thought it was that my chipset was Nvidia, which was the problem with another vendor's hard drive diagnostic toolset)

Web Routines - In the Wild

2008-04-02T18:24:00.000-07:00

This is a log of Web Routine concept "sightings" in the real world:

1) 1999-2004 : DailyRoutine.com (Web Archive)
Free proof-of-concept site, addicted many before shutdown due to cost of maintenance.

2) 2000 : Backflip (Backflip.com)
Backflip adds "My Daily Routine" feature.
"Backflip is a free service currently being run by volunteers."

3) 2001 : SunGard (Web Archive)
SunGard Launches High Net Worth Portal Solution
Birmingham, AL, March 7, 2001- SunGard Asset Management Systems, an operating group of SunGard (NYSE:SDS), has launched the SunGard AMS High Net Worth Portal, a customized, private-labeled Internet portal for financial institutions providing asset management services to high net worth clientele.
[..] Traditional portal features such as news, weather, sports, stock quotes, charts, and market updates are also provided. In addition, using patent pending WebRoutine( technology from DailyRoutine.com.Inc., clients can organize Web sites into channels that can be cycled through in a manner similar to using a TV's remote control. This unique personalization tool allows clients to surf their favorite Web sites without ever leaving the portal.

4) 2006 : US Patent issued (6,993,531)
A system and method for navigating through routinely visited web pages with a browser that allows a user to navigate through the web pages using a “Next/Previous” paradigm.[..]

[ Return to index (Web Routines) ]

Web Routines

2008-03-26T18:30:00.000-07:00

Web Routines organize a user's web browsing habits to provide convenience and efficiency for frequent browsing. RSS readers are a way to browse special web site feeds in a list format (like email), while Web Routines guide the user through a live browsing session to ANY web site, providing each one in its full and intended glory.

A web browser with bookmarks works well when searching for answers, entertainment and shopping. But when you visit a list of specific pages frequently (a routine), you are stuck digging around a potentially huge list of bookmarks, in an attempt to find the next one, then the next one, ... Web Routines solve the problem, and provide additional enhancements, like preloading web pages before you get to them, and allowing tangential browsing without losing track of the next page in your intended sequence.

This is the growing index of the postings I've made on Web Routines.

Index

Web Routines - Fair Use License

2008-03-23T19:26:00.000-07:00

Patent number: 6993531
Filing date: Feb, 1999 (Provisional)
Filing date: May, 1999 (Utility)
Issue date: Jan 31, 2006
Inventor: Aaron J. Naas

I, AAron nAAs, owner of patent number 6993531 (The Patent), hereby provide fair use of The Patent to the public to create software works that utilize it (The Software) under the following terms (Fair Use License). I am releasing The Patent for use under the Creative Commons license "(CC) BY-NC-SA", which requires Author Attribution, allows Share-Alike Modifications, and allows for Non-Commercial use with the following additional custom stipulations: having The Software default to directing traffic to a commercial site is considered commercial use; hosting or distributing The Software on a commercial site is considered commercial use.

Note that dispite my best efforts and intentions, if any portion of this license is found to be illegal, incomplete or invalid, the entire license shall be considered invalid and void.

If you have questions or an interest in uses beyond the Fair Use License, contact me (aaron_naas at yahoo d0t com), and please include "Web Routines" in the subject line.

[ Return to index (Web Routines) ]

Web Routines - InfoPorn 2000

2008-03-07T19:59:00.000-08:00

Back in 2000 and before, there was evidence that users sit down and “routinely” browse their favorite web sites. See the table.

Consider that these numbers suggest that average users browse about once per day to 5 web sites. They view about 7 sub-pages at each site (36 pageviews) - their whole session (routine) lasting 30 minutes.

Consider yourself falling into this pattern just by browsing for news (two sites), then weather, then stocks, then email. With the extreme advances in web technologies, businesses flooding the web with services, and the ever increasing numbers of households with broadband, you probably do a lot more!

These “Routine” habits already exist. I've been touting that “Web Routines” are an opportunity to capture user loyalty and understand user interests.

[ Return to index (Web Routines) ]

Mood/Rage not eco friendly? More costly?

2008-03-07T19:43:00.000-08:00

It would be interesting for someone to do a study on the effects of road rage on the environment and driving expenses. I'm not even considering the increased risk of accidents, which is an obvious issue.

Consider that someone in a bad mood (or generally rage-inclined) drives from here to there, they probably race their engine, break hard at stoplights, and quickly accelerate off of a stop and to drive around other cars. Anytime you consider how much energy is used for something, consider that the energy consumed is dependant on the path chosen. If your car was at the top of a hill, and you coasted down in neutral (or off), you would use much less energy than if you raced down the hill with your foot on the accelerator, then braked hard at the bottom. The more energy you use, the more gasoline consumed and the more pollution expelled.

If someone in a bad mood gets into their car and drives to/from work, they are more likely to use more gasoline and create more pollution than someone in a good mood. I wonder how much difference there is across a years time.

Maybe road-raged drivers should be required to buy carbon offsets for the extra pollution they are adding to the environment?

Web Routines - Elegant and Powerful

2008-03-07T15:00:00.000-08:00

Originating in 1998, Web Routines are one of the first implementations of “tabbed” type browsing, but further addressed user browsing habits rather than just session window organization.

This idea lays the foundation for compelling feature sets and user reliance, while the host gains insight into user interests, allowing automated site suggestions, useful product and service endorsements and other value added services.

[ Return to index (Web Routines) ]

Web Routines - Browse with Purpose

2008-03-06T17:34:00.000-08:00

Web Routines are about organizing users’ web browsing habits into a natural flow. The resulting system is as sticky and personal as email, and frequently leaves the users feeling satisfied-as if they’ve just browsed the entire Internet.

“It’s like bookmarks on steroids” ... “Sometimes bookmarks and Favorites aren't enough. Sometimes you need a little guidance to keep track of your daily routine on the Web.” - Al Fasoldt (tech columnist/radio/tv)

[ Return to index (Web Routines) ]

Consuming Podcasts (virtually anywhere)

2008-03-05T20:20:00.000-08:00

I just listened to this week's TWiT (fantastic podcast), where they were talking about Blogs, RSS, iPod, Twitter, Podcatchers, etc... That sent me back a few years with my initial experimentation with consuming podcasts. I didn't get an iPod at first, and had a Samsung YEPP YP-T7Z (1GB) mp3 player, which was nice, but I would soon find that it was rather bland.

It felt like the device needed to both be the bucket to hold the mp3 files, but also the mechanism to receive them. ITunes plays on the concept of your "home base," tying up, and tying you to your home computer to receive and update your iPod. It should be that plugging in your media player into ANY computer should auto start the appropriate software to look for and receive new content, for storage back on the device. When you disconnected, your device would be both power and content charged. This is similar to the Windows-on-a-thumbdrive virtualization concept, utilizing the host computers's (PC or Mac, why not?) cpu and bandwidth.

I tried putting some lightweight podcatchers on the device to varying degrees of success, but didn't get anything solid or compelling enough to believe I had it right. I even provided feedback to some of the authors that the software should be runnable from (and to) the player hardware's filesystem.

It ends up the the iPod was vastly superior for listening to podcasts with it's content switching and resume features. ITunes really isn't that bad since I have to charge the iPod each day or so anyway... now my thoughts have turned to trying to connect the iPod (while at work) back to the home PC via a virtual USB connection and LogMeIn.com (which would probably CRAWL so slowly as to be useless).

I wonder if putting a virtual machine (VMware or VPC) on my iPod to be the ITunes "home base" would work. I would want it to run on any PC box I connected it to, and ITunes would have to recognize the iPod as being "plugged in" when it would in fact, be the unmountable "C:" drive. Too bad ITunes is such a heavyweight program. In this scenario, ITunes would use 2x the diskspace necessary to store music/podcasts for consuming on the run. For example, ITunes would download a TWiT episode onto on the C: drive somewhere to have it available... then detecting the the iPod was connected, it would copy the TWiT episode to the iPod (C: drive remember?)... What a colossal waste of space and effort for what MIGHT work, and certainly would be burden/timewaste and disk corruption risk... but it would be fun to try :-)

Web Routines - The Beginning

2008-03-05T19:19:00.000-08:00

Navigate through your favorite web sites with a natural flow. Let your web browser help.

I had this compelling idea back in 1998 and began to secretly pursue it. We were in the middle of the Dot-com Bubble and this new web browsing concept that had more potential than most of the products of the day that were getting millions of dollars from VCs and IPOs. I was more interested in product success than a quick sellout. Now, after almost 10 years I’d built a proof of concept, seen its addictiveness, acquired a patent (7 years after the initial filing), and approached Google, Microsoft, Yahoo, Apple, etc... about acquiring the technology.

Big companies have very strict (paranoid) rules about receiving unsolicited product ideas, due to concern over law suits, and would prefer to have an idea be public knowledge before give it any consideration. I, on the other hand, felt it was a golden opportunity for an Internet savvy corporation to benefit by offering unique features before their competitors.

Now that the key companies are aware of my pursuit, and they need the concepts to be more visible before further consideration, I am posting the ideas. I’ve committed a lot to this effort across the last 10 years, and before a large company can deny or dictate terms of public use, I will use this opportunity to spell out the terms at which the public may utilize my work without cost or fear of cease-and-desist retribution.

[ Return to index (Web Routines) ]

Easy Opening - First Blood

2008-02-23T19:10:00.000-08:00

I am astonished at how dangerous sealed plastic packaging has become.

It was one thing when I was now required to use a knife or hefty pair of scissors (metal cutters) to open a product from its throw-away plastic casing. If I didn't cut myself with the knife (not yet), I'd quickly find the plastic to be razor sharp (which HAS hurt). I'm surprised that no big product recalling law suits have resulted from that alone.

Now, I'm seeing the same plastic now in an "Easy Opening" form. The pre-perforated plastic corner DOES break nicely, but going beyond the corner is extremely difficult. The plastic is still hard and sharp, but now it's got jagged razor sharp teeth ! Each stiff triangular breakaway is extremely sharp and pointy. I was extremely careful as I tried to get at my new gadget trapped inside. I still recoiled in pain MANY times at that cautious pace.

I really like the company that made the gadget I had just ordered, but I'm positive that they've not done any usability standards or gathered any first impressions (bloody) on the customer contending with the disposable plastic shell casing. I'd love to see the CEO get his hands on one of his products, and try to open it. He'd probably be swearing his head off and looking for band aids in less than 60 seconds.

Surely some one's been sued over this by now. Any severe lacerations anyone? ANYONE?

IZArc virus scan settings for McAfee VirusScan

2007-12-25T16:37:00.000-08:00

IZArc is fantastic for handling virtually every possible file compression, but I'm sure you already knew that. Microsoft did well building zip into the operating system, but IZArc is better.

Anyway, when you install it, you can optionally specify a virus scanning program. I have McAfee / Network Associates VirusScan (v8.0.0), and it took me a moment to figure out reasonable values for the Virus Scanner options. I didn't see any settings on the web for what other people were using for scan32, so here is what I did.

Options / Configuration / Program Locations / Virus Scanner
Optional Virus Scanner: C:\Program Files\Network Associates\VirusScan\scan32.exe
Parameters: %d /AUTOEXIT /NOESTIMATE

If anyone has better settings, let me know.

Google Pages hosting with/without WWW

2007-11-21T11:18:00.000-08:00

As a tip to godaddy subscribers (such as myself), I post my experiences with google page hosting...

I have a host (example.org for this writeup) domain purchased through godaddy.com, and I wanted to host pages at Google. Google makes it easy to point http://www.example.org to their page hosting services, but there is no (or little) information about making http://example.org point to the same web site. The result was that if you people visited http://example.org, they would be greeted with a godaddy domain parked page.

The good people at godaddy.com lead me to forward the main domain to the subdomain.

I had already setup godaddy as Google pages suggested creating a CNAME to point to ghs.google.com.
I ensured that the A record for Host @ is set to the original value set up by godaddy.com.
I then clicked on example.org and clicked the "Forward" button, enabled forwarding to "http://www.example.org" with option "302 Moved Temporarily".

Now, when someone tries http://example.org, the forwarding should cause them to browser redirect to http://www.example.org, which has a cname record pointing to ghs.google.com, which should bounce the browser to google pages for example.org.

In short, http://example.org (and http://www.example.org) should now end up at http://www.example.org-a.googlepages.com

I hope this helps godaddy customers who have google apps page hosting.

Repair ViewSonic V150 BATTERY

2007-10-03T18:27:00.000-07:00

I bought a ViewSonic V150 airpanel Smart Display on ebay a while ago, and its battery was never very good. Now it won't hold a charge at all. This isn't surprising since the device was discontinued years ago. I see that a "new" battery is currently $129, and I've seen repairs for $79 (at BatteryRefill).

As a remote display, it is a nice laptop replacement for around the house, and repairs are too expensive, so I'm fixing the battery myself. Warning: I must mention that this is my attempt, and an account of my own experiences. I ended up encountering many warnings about Li-Ion batteries and their potential for fires and explosions. You may follow my instructions completely at your own risk, but you will need the skill (not just confidence) to do it safely and successfully.

The battery cartridge appears to be glued tightly all the way around, and the rubber feet have nothing useful hidden below them.

Carefully twisting this battery compartment cracked the seal on the connector's side. At this point, I can see that there is a groove that goes all the way around the compartment that holds it all tight, and is only glued together.

Some additional prying from the center, to crack open the entire connector side.

The with some gentle, but firm prying, the end came apart. Again, just glue holding it together.

As I claimed victory against the glue, I let the comparement open with the labels side down. A small circuit board, and 4 crudely taped batteries are exposed. Interesting that the space beside the batteries is clearly contoured to handle another row of batteries. The extra batteries must have been an idea, or buy-up option that you could have paid for.

A quick search on the internet for this ICR18650-20 Li-Ion Rechargeable Battery by Samsung reveals all.

Samsung Site for ICR18650-20 battery.


ICR18650-20 Li-Ion Rechargeable Battery

Nominal Capacity            2,000mAh
Nominal Voltage             3.7V
Dimension                   D 18.25mm, H 65.0mm
Charge Method               Constant Current
                  Constant Voltage (4.2V)
Max. Charge Current         1CmA (2,000mA)
Max. Discharge Current      2CmA (4,000mA)
Discharge Temperature       -20°C ~ +60°C
Weight (approx.)            44g
Energy Density              448Wh/I, 172Wh/kg
Charging Time               Standard : 3hrs.
                  Rapid : 2.5hrs.

I could order the same exact battery, or improve the battery with either the 2,200mAh or 2,400mAh alternatives.
See
http://www.samsungsdi.com/contents/en/product/battery/type01_ICR18650_20.html
http://www.samsungsdi.com/contents/en/product/battery/type01_ICR18650_22.html
http://www.samsungsdi.com/contents/en/product/battery/type01_ICR18650_24.html

I looked around at all the options, 2000mAh - 3600mAh, with slightly varying specs. Sometimes the built in safety protection circuits made the size slightly longer than 65mm tall. It looks like any additional length will cause problem with the already tight fit. I suspect that there are lots of options that will work, but I tried to go for close compatibility and safety. More capacity means more longer charging, higher density, and more potential instability. Closer specs to the original should mean the better the existing circuitry will treat the new batteries. I also want a good price without buying cut-rate or used merchandise.

I found an inexpensive battery that had a close match to the original Samsung 18650, except in a 2200mAh. It even had similar charge and discharge current numbers, which sometimes was the only obvious difference from the original battery. I decided to get pre-wired tabs since I'm not supposed to soldier directly to the battery. The company also had "reasonable" feedback on ResellerRatings.com.

I ordered:

Li-Ion 18650 Cylindrical Cell 18650 3.6V 2200mAh Cell (LC-18650H2-tab)

4 x $5.80 (includes $.25 for Pre-Wired Tabs) + shipping = $30.18

Here at BatterySpace

I NOTED THE ORIENTATION (DIRECTION) OF ALL THE BATTERIES. If I put a battery back in the wrong orientation and tried to charge it, the battery would probably catch fire or explode. The negative/positive ends must be lined up properly !!!

I removed the batteries by clipping the ribbon "tabs," then noted the orientation of all the batteries to install the new batteries exactly the same way as the old batteries. I removed all the tape from the tops and bottoms very carefully. Be most careful by the two small wires next to the blue one. Save the brown single sided tape if possible! Throw away all the double sided tape.

I soldered the SAME wires to the battery tabs the SAME way the old batteries were attached. I was careful to only solder to the tabs (and quickly) to be sure no heat bothered the fire hazard explosive batteries (as all the warnings told me).

I left the two dangling wires beside the blue wire. I'm convinced that they are thermo devices to help the circuitry ensure that the batteries aren't getting too hot during charging. These temperature sensors must attach the same way they were afterward.

I secured the batteries to the plastic compartment with double sided tape. I used "Glass-Tac Acrylic Double-Face Tape" from Home Depot. I also had to secure the batteries AFTER I soldered them in place. It would have been MUCH better for me to put tape in the plastic chamber, add the batteries, positioning the tabs for soldering, then solder them in. I was left trying to lift the connected batteries enough to put double sticky tape below, which was rather difficult.

When I secured the batteries, I made sure the blue wire's connection was reasonably far from the two temperature sensing wires, because I would then need to carefully secure those two with their own tape.

I put tape over the two wire temp sensors to secure them tightly against the batteries just as they were before. If I had saved any of the brown single sided tape from above, I could have reused it here. I ended up using the same double sided tape for this. I wanted to use heat resistant tape as was there before.

I resisted the temptation to use the typical black electrical tape. That stuff tends to get gooey over time and slide around. It certainly wouldn't work for anything that needed to be tightly taped. I did put the little paper dividers back under the solder points to protect the battery from contact and put a little bit of electrical tape on top of the paper to thicken the divider.

After reassembling the pack, I found that the battery pack would attach to the console without the battery pack top plastic attached. I attached the power supply and charged the unit out in the garage for 1.5 hours keeping it carefully covered (in case of explosion), and touched the batteries every few minutes to test for overheating. The unit charged perfectly, without the batteries warming up at all.

I will probably NOT glue/secure the battery pack shell together since when assembled and jammed into the console, it locks and stays together perfectly. If anyone other than myself were to use the unit, I would immediately consider gluing it back together. I will be carefully charging this unit for some time to come, and feeling for battery heat.

I spent less than $40, and consider the project a success!

If you want to further hack the unit, try this (I'm not going to)
PanelPet's Smart Display Panel page

Google Bot-Net Stopper?

2007-09-26T20:30:00.000-07:00

With an idea like GoogleDNS widely in use, Google would be in a position to detect Bot-Nets. Many computers (estimated to be 1 in 4) have been taken over and made part of a Bot-Net to do the hackers' bidding. Quite often, these computers are used to serve as hosts for impossible to detect/track web sites.

If a scam artist wanted to run an "example.com" web site and provide purchase and payment instructions, but not get caught doing it, they would pay a hacker to have it hosted by a bot-net. When the user clicks on the example.com link, a dynamic DNS entry would dole out an IP address for some poor individual whose machine has been compromised. The scammer's web page would be served up, and no one would be able to track down the scammer. The next time someone went to example.com, the IP address would be someone else's compromised computer. The IP addresses for example.com would appear to bounce around all over the world. Law enforcement is left trying to "follow the money" to catch the scammer, since they can't track them down via the web site.

A GoogleDNS solution would allow Google to detect DNS resolution oddities such as a bot-net would exhibit. As the user attempts to visit example.com, Google could provide the user with warnings or outright blocking of the site based on the user's preferences.

Unfortunately there is a possible work-around for hackers to avoid immediate detection. Hackers would want to make their bot-net web site "clusters" act like respectable authentic web site clusters. Many web sites exhibit this DNS resolution behavior as they load balance their web site across the country, or across the world. I am convinced though, that there are detectable differences in this behavior that the clever people at Google can use. For example, bot-nets would likely need a larger number of sites, or higher turnover, to do the same thing as a "respectable" cluster... or the hosts of the web site could be resolved to be on home cable networks.

Google is in a unique position to offer protection from bot-nets that few services could detect or provide.

GoogleDNS

2007-09-26T20:25:00.000-07:00

Google has a lot of high level information about internet web sites, including topical categorizations. They have the ability to offer services to filter the web traffic from your machine(s), and insights to discover phishing and other malevolent web sites.

(See Google Porn Stopper? and Google Bot-Net Stopper?)

Google could provide a service such as OpenDNS.com which currently provides a robust DNS lookup and web site filtering (if desired). Google has the knowledge and horsepower to offer DNS services and the associated web site filtering. They would then connect your existing Google account to web site filter settings (possibly with some automatic help from a small network identifying and setup application in Google Pack). Google Apps already intends to be most of the personal/home/business web services infrastructure that you'll need... web based content filtering seems to fit right in for those users that want it.

A GoogleDNS solution would also provide users with a way to remotely monitor the activity of their own machines/networks, just as any commercial web site filtering software would offer. This would be possible because your machine using GoogleDNS services would log all their DNS lookups (which amounts to all internet activity).

The real question is whether Google will determine this to be "evil" because of the potential for abuse of information. Though they are already housing your email, your web sites, your browsing habits, ...

Google Porn Stopper?

2007-09-26T20:06:00.000-07:00

Google is built on some rather advanced reliance algorithms, but can also detect communities of interest. Looking at white papers about detecting groups of sites in a topical community can be rather difficult due to the surprising amount math involved. The end result though, is that Google can detect the interconnected nature of adult web sites, or sites of any other topic.

The difficulty for adult site blocking software is the manual categorization of sites. I would suggest that Google has that information, through it's current algorithms, possibly with better coverage than any other database. They are already offering a glimpse of their knowledge by providing moderate and strict filtering from the search preferences page.

The next step is for Google to package an web site filter into their Google Pack of essential software.

(Of course this filtering and web site categorization works great for other topics as well. Google should have sites already categorized as: adult, violence, gambling, illegal, ...)

Look to my GoogleDNS post for how Google could help us filter our web browsing.

FileSystem Firewall

2007-09-24T17:18:00.001-07:00

There is a compromise security model that could make it easy for Windows users to prevent unauthorized programs (ex: malware) from reading files that they shouldn't.

There is currently a disparity between the "ideal" file system security model touted by Unix/Linux zealots, and the "practicality" of novice Windows users. The tight security model says log on to your computer as a low privileged account and only occasionally run "certain" programs as the high power administrator. The Windows user is used to logging in as a "Power User" or an administrator, and running every program with full authority. With file system security usually as the main goal, the Unix users are preventing rouge programs from corrupting or taking over their computer. Windows users typically see security as getting in the way of desirable programs conveniently auto-installing plug-ins and sometimes even working at all!

Security enthusiasts use the approach of securing with users and groups that have just enough access to regions of the file system to perform their preprogrammed function. If a program tries to step out of bounds, it will fail since the user account the program "runs as" simply was not granted access to any other region of the file system. This is a solid approach that has worked for decades, but generally requires a system administrator to setup and maintain. In the Windows world on a workstation, this would require a high degree of effort (creating dozens of accounts and groups, and assigning proper permissions to file system nodes) and is well beyond what even most power users would consider reasonable.

What is needed is an approach where the program is considered as an individual entity automatically. Consider how modern network firewalls let the user allow or disallow network access down to the application level. If a new program tries to access the internet, or a modified program attempts to phone-home... the user is alerted, and given the option to allow or block it. What if an individual application was automatically treated with those kinds of restrictions while trying to access the file system?

Programs start their lives on your system with an install. You then run them repeatedly and they might even receive updates. An uninstall may also occur. Generally this normal cycle is moderated by core APIs and known directories on the Windows platform. When considering what files and directories an application should be legitimately accessing during that life cycle, it is possible to use community submitted configurations and distribute them the way virus protection software gets updates.... but there is also another "automatic" way.

When an application is installed, the operating system can "notice" the installation directory, and automatically provide that application with full control to that directory as its "home." When the user goes to save files from the application, the operating system's common "save" dialog box could inform the system of directories or individual files that the application should have read/write access to. Registry entries associating file types to applications is also a clue for the operating system to allow special access. If all these clues aren't enough, the user could always be asked to allow/disallow, the way firewall programs do. Generally between these system clues, and profiling by the community, this system shouldn't require much, if any interaction from the end user to provide this extra layer of security.

I think there is a potential here for a solid application based file system fire-walling product. A few years ago I did the research, and I only found one defunct product that had attempted this type of "sandboxing" (with a different market and purpose). I am sure that the same consumers that enjoy the Norton or ZoneAlarm network firewall features would find the security and ease of use of this approach. In fact, I even approached ZoneAlarm with an idea to enhance their product line, but I got no response from them.

I run my PC as an Administrator, and would welcome this security enhancement. I don't want any programs but Quicken accessing my Quicken data files! In Windows, I'm basically forced into this "wide open" predicament because Windows is such a standard and productivity enhancing platform... ie: I like it, but it has problems.

This Work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 License.

Swarm fighting

2007-09-23T19:34:00.000-07:00

Fighting games are limited by the player's ability to comprehend the complexity of game play, the player's reaction time, and the computing horsepower to present a beautifully rendered bout (which people expect these days). One-on-one or One-on-few games are all you are likely to find. What about an advanced One-on-Many or Few-on-Many where one or more players battle a large group of nicely rendered attackers with realistic physics? Are you wondering if it would be playable or even possible? I think it can work well, but conventional one-on-one game play concepts won't produce a compelling result.

Consider a One-on-One fighting game. It is easily comprehended by the general gamer. The game authors improve the game by adding stunning graphics and special button press combinations (combos) to enhance game play with special moves. Combos are a sly way to add complexity to a game to challenge advanced players, without turning off the beginners, since the core game play still seems obvious (approach opponent, use attack buttons). Utilizing new hardware and improving the software make the games wonderfully rendered and attractive to new players. Modern games feature three dimensional "feel," realistic looking surroundings / bodies / clothes / eye movement, swooshes / blurs / replays, fighting implements (like swords), humor, special moves and powers, strategy, … But when you consider them, although fun, they are still just "souped up" classics, and not revolutionary.

The One-on-Few or Few-on-Few fighting games are not very prevalent. They usually have poor game play due to limiting the virtual environment or providing contrived fighting scenarios to aid the player's game comprehension and reaction time (by turning the game play into many one-on-one fights). These games have existed for a while, and are getting better.

Remember the old arcade games like the Simpsons or Teenage Mutant Ninja Turtles? They were Few-on-Few by having 1 to 4 players and usually had several attackers on the screen at once. Horrible graphics, physics and game play from today's standards, but they were somewhat entertaining at the time. Many of the multi attacker games today unfortunately provide the same simplistic two dimensional feel of those old classics.

It would be amazing to see a good "Swarm Fighting" game where one or more human players face a large group of attackers (imagine 100 attackers!) in the same type of beautifully rendered three dimensional physics that modern one-on-one games exhibit. The questions are how would it work, and would it be playable. There have been some successes in this arena, but nothing modern. Robotron 2084 and Smash TV were basically two dimensional top-down perspective shooters, but they drew players in and gave them the panic of attacking hordes. These games introduced two joysticks (no buttons) for quick reaction time. Move with one joystick, fire with the other. Smash TV even supported two players. The innovation of top-down perspective and two joysticks broke with convention (not just 1 joystick, and 1 fire button) and made game play more natural in fighting large swarms of attackers with what looked like near impossible odds. They were good games, but how about a modern game with well rendered actors and believable physics as dozens or hundreds of attackers approach?

Here is an approach that would be entertaining and would pull players willfully into the middle of a swarm of attackers. The proven combination of "simplicity of play for beginner players, with combos for advanced players, and beautiful imagery for players and onlookers alike" can be achieved, but the mechanics of game play needs to change to allow the player to react to a new type of battle scene.

Base the fighting game play on a meta-game that the player can easily understand, allow them to almost fight by "feel" so they get so absorbed that the controls quickly become an extension of themselves, and then add combos and stunning visuals that are worthy of modern gaming. The meta-game is a game-within-a-game, and could be anything. In this case we are using it as a mechanism to play the main game… or a sly substitution for the impossibly difficult task of battling 100+ opponents with one or two joysticks. The player will be drawn in by the simplicity of the meta-game, but then subconsciously find the depth and challenges addicting. Some players may even find themselves internalizing the meta-game and reacting solely to the main display of the game in ways that wouldn't have been possible without easing them in with the meta-game.

As a concrete example, let's talk about a playable version of the Agent Smith swarm on Neo in the movie Matrix where he fought the impossible battle to a rock'n soundtrack. In the movie, Neo could fight off the swarm of thousands of Agent Smith attackers due to his immersion and first person interaction with the environment. To make the game playable to the average real-world person, overlay a fast paced meta-game on top of it that corresponds to the visuals and expected game play. A meta-game that would work well in this example would be a variation of Dance Dance Revolution where upcoming moves are presented "just-in-time" and even correspond to the rhythm of the sound track. As attackers approach, the nearest 4 to 8 would be represented on the "radar" as approaching "blips." The physical orientation of player would be represented in that peripheral viewer with the attackers approaching. Just as Dance Dance Revolution (and others) show you what is coming, and when to act, the player would see the swarm of attackers and be able to react to the most imminent 1-8 attackers. Run away from the swarm to minimize simultaneous attackers, into the swarm to maximize simultaneous attackers. Consider that even in "real-life," if you were attacked by 100 people, it would be difficult for more than 8 people to actually be physically by your side to attack you at once.

To completely bring the player into the action, the game would take advantage of rhythm based game play that Dance Dance Revolution demonstrates so well. This swarm fighting game would have an immersive sound track just as in the Matrix fights or any Hollywood theatrical fight scene (think of our Matrix Agent Smith fight swarm for one), but in this case, the game play would also benefit from it. In the fight, each punch would correspond to the heavy beat of the soundtrack rhythm. The software would even adjust the approach of the attackers to ensure that every punch or kick occurs on the beat. As the player learns this enhancement to game play, reactions will start to occur more accurately and quickly than just watching for or anticipating attacks. There are many depictions in television and movies where a "tough-guy" starts playing a "fight song" or theme song before engaging the enemy. In the case of this game, the fight song will actually help further the immersion and improve game play (I've been in that zone, it feels great).

Theories for improving immersion with additional feedback have worked well for driving games for many years. Provide the player with a rear-view mirror, radar to show other cars and players, and the player will be more entertained, more involved, and even play more realistically. Consider that adding force feedback to the steering wheel to subtly inform the user of road conditions (and turns) is similar to adding awareness to a fighter that would help convey the timing of encounters with attackers' punches and kicks. The radar and soundtrack rhythm provides the fighting player with a tactical advantage.

One joystick with directional attack buttons would work. With two joysticks, the player is provided with more flexibility, each joystick representing a different side of the body, or one joystick would be arms and the other joystick would be the legs. These types of controls provide the ability to respond to more attackers in the "radar view" and also provide a wider variety of responses. Add joystick/button combos to game play to allow for one-hand-stand-kicks, round-houses, jumps, pile-up-escapes, attacker-freezing-fast-time and other gravity and time defying moves.

Considering these approaches, the overwhelming fights in the Matrix movie should be as playable (and cool) in the arcade as they were depicted in the theater.

(It has been suggested to me that a big game house such as Electronic Arts should appreciate this idea, should build the next killer game based on the One-On-Many or Few-On-Many concept, and that they should also express at least $ome gratitude my way for putting forth the core idea. That remains to be seen.)

Buy Food @ Movie Ticket Counter

2007-08-03T17:53:00.001-07:00

The food served at a Movie theater is it's bread-and-butter, metaphorically that is. They need to sell more (and better) to survive. The proceeds from the movie itself are minor compared to the soda, popcorn, candy, etc... sold at the refreshment stand. Those items are completely under their control and sometimes the only real profit the theater can make. I've even gone to a drive-in theater where they ~~begged~~ outright requested that you buy food from their snack building. These days, without the refreshment stand, the theaters couldn't stay in business.

Theaters need to make food purchases more convenient and FAST. I try not to buy refreshments at the theater because I'm normally late, either on my own accord, or because the ticket line was so long. I'm certainly not going to stand in another line. Especially one where a bunch of hungry patrons stand at the counter in indecision trying to determine what looks good, then fumble with money or credit cards. Although snacks and drink are pricey, who wants to sit for 2hrs without a drink nearby?

Theaters need to provide the opportunity for patrons to purchase food at the ticket counter. Consider the convenience for couple asking for two movie tickets and two large sodas at the outside entrance. The couple would pay once and then be handed their two movie tickets and two food vouchers. As the couple enters the building and approaches the refreshment counter, they would choose the short "prepaid food" line, and hand over the vouchers, maybe indicating which soda they preferred. Moments later they are walking to their seats and had avoided a 5-15 minute wait in a second line, and didn't have to pay an additional time.

The main problem with the refreshment stand is the wait and perceived inconvenience. This system removes all the long indecision times and payment concerns from the customer when going for food. If money is involved, the customer will need to go to the "long" line. It's almost like the airport's self-checkin ticket kiosks or the shorter lines for preferred status customers.

The ticket counter (and associated line) still cannot be burdened by the aforementioned delays of a normal refreshment stand. To avoid the delays, food should not initially be offered or even suggested by the ticket seller. A small menu could be provided at the counter, but in general, word of mouth, perceptive patrons, and the signs inside will quickly spread the new offering. After one person asks for a drink and popcorn at the counter, the people right behind them are likely try as well. Actually, a short menu of only a few "combo deals", like 2 large sodas and popcorn, would minimize indecision and maximize customer throughput and theater profits. Customers uncomfortable with exploring the new idea (or whom are naturally indecisive) will have to stand in the long line inside and will quickly figure out the benefits of prepaying outside (as they watch the prepay customers walking away with food).

With the advent of purchasing movie tickets on-line, this could be another valuable differentiating offering. The value of purchasing movie tickets on-line is avoiding the theater entry line and ticket counter. What if the patron could get the snacks they want while avoiding the "long" line at the snack bar too?

Or... You could always wait for the theaters to implement a "frequent flier" program of their own so you could rack up your "movie points" and stand in the short preferred-customer line at the door, then the preferred-customer line at the refreshment stand.

I hope I haven't ruined your next movie theater experience. Now that you know it should be possible to avoid one, or both lines a the theater, you're going to hate the wait even more.

This Work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 License.

The Four Way Door

2007-07-13T18:53:00.000-07:00

A door that can open four different ways.

I wondered 10 years ago if it was possible to create a door that opens 4 different ways. We've of course seen doors that swing in or out on a double way hinge. I figured there should be a way to build a door that, regardless of whether you were inside or outside, you could push either the left or right side of the door and it would open. Not only that, but the door would swing open as a door should intuitively swing... not merely pivoting in the center.

This is the design that I came up with, and have done nothing with all that time. One of many ideas that I will eventually publish here.

There are many Rube Goldberg ways to accomplish an opening door based on pushing any one of 4 areas on it. This was the simple way that I came up with after chewing on the idea for a while.

At rest, the door's hinges are rods that jet out of the top-left, top-right, bottom-left and bottom-right, engaging into the frame so that the door is essentially "locked" in place. Consider this just as immobile as adding conventional hinges to both sides of the door.

The pedestrian (user) is expected to approach the door, then push on either the left or the right side. There are many doors with wide recessing "push panels" that disengage the door latch to open the door. This idea uses a panel that pivots in the center so that when pushed on either side, the mechanism behind that side engages.

When the right side of the door panel is pushed, the right-side mechanism retracts the right-side hinge rods, allowing it to swing on the remaining left-side hinge. The door must also be prevented from "falling out" of the frame due to a curious pedestrian then pushing the other side. The answer is to engage a lock on the opposing hinge. When the right-side mechanism retracts the right-side hinge, the left-side hinge rods are locked at the normal full extension until the door returns to the resting state, and all four hinge rods return to full extension.

Normally, some sort of automatic door closing mechanism would be added to the door to ensure that it returns to its closed state once a person walks away. The normal mechanisms mounted on left and right sides would seize a 4 way door. One solution involves a semi-attached version of the conventional slow swing hydraulic mechanism. As the door opens, an extension of the door pushes one of four hydraulic arms out, which slowly returns the door to its closed state.

Gravity could also be used as a simple mechanism for returning the door to a closed state. When the door is opened, the door's construction where the hinge meets the frame causes the door to slowly rise as the door is opened wider. With the door's weight working for us, the door wants to drop back into the hinge/frame groove, which causes the door to close.

When the door returns to the closed position, the springs in the retracted mechanism and tapers on the rods will cause the rods to re-engage back into the frame. The door would then be back in it's resting position, and ready for the next pedestrian to walk up and randomly push one of the door's 4 pressure points to open it again.

This Work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 License.