It's not unusual for my coworkers to come to me seeking my help with .NET, HTML, JavaScript, or just about any other geek topic.  What isn't so obvious to them is that more than half of the time, I don't know the answer to their questions.  My black belt in Google-Fu is what enables me to quickly help them.   Case in point:  Easily 2/3 of all my Google searches start with "site:msdn.microsoft.com." 

I cannot over-emphasize this point:  If you want to be an effective developer, learn Google.  To get you started on learning the advanced features, check out Google Guide.  When you're ready to put your skills to the test, try Gwigle.

I got a chance to sit down and chat with Scott Hanselman for 20 minutes or so while I was in Portland.  Scott was a totally gracious host, and took an opportunity to introduce me to another tool that he raves about (and I never tried), PowerShell.  For the uninitiated, PowerShell is a command line and scripting environment.  Think cmd.exe, but with first-class support for the .NET framework class library, XML, WMI, and much, much more.  After Scott demoed it for me, I went back to my hotel and played with the shell for a few hours.  Although my need for it has been limited, I'm madly in love with PowerShell.  This is powerful stuff.

I can't say anything about PowerShell that hasn't been said already, so do yourself a favor and check it out.  While you're at it, check out some of the info on Scott's blog, his podcast on the subject, and his recent post about the PowerShell IDE.

Slashdot ran this story about a couple whose hard drive, which had been supposedly destroyed by Best Buy, turned up at a flea market.  The implications are, of course, a little scary.

It amazes me how blazé people are with their data.  It's just not a lot of effort to keep your data secure.  Here are the measures that I take: 

1. Password-protect your user account.  My wife an I run as local admin, which is a bad idea, and I strongly recommend that you do NOT do that unless you are very confident in your ability to protect your system from malware.  That said, it is ALWAYS a good idea to password-protect your user account.  My wife and I have separate logons on all of our systems, and we use Fast User Switching to log on/off.  Password protecting your accounts ensures that anyone in your house using your system is going to be logged on as the guest account, and will only have the rights you grant them.
   
   
2. The directory tree on our network that we store all of our stuff in is set up with proper ACLs to deny access to anyone that isn't me or my wife.  This is lets us comfortably allow a guest to login to our desktop system without worrying that they'll get into our files.
   
   
3. The really sensitive stuff (financial records, images of our birth certificates and SSN cards, medical records, certain pictures) is kept in a TrueCrypt drive.  This way, if the machine is stolen, and an adversary bypasses the ACLs (easy enough to do - reinstall the OS), the sensitive stuff is still safe.  The TrueCrypt drive also has ACLs to deny guests access if we leave the drive mounted while they log on via Fast User Switching.
   
   
4. Sensitive information is never sent to anyone via email.  I've got my mom and wife using PGP to encrypt plain-text messages and binary files for email transmission.  The basic functionality will always be free, thanks to the efforts of Phil Zimmerman (a true hero, in my mind).  My wife is a power user, but my mom is a more "typical" user, and she caught on very quickly.  If my mom can pick it up, how hard can it be?  (Sorry, Mom...)
   
   
5. Backup your stuff, but take the same measures to protect your data.  I use the cheap-o cheezy Backup app that's built into Windows to backup all my directories and TrueCrypt drives to an external drive, but I maintain the same ACLs on the backup media as I do on the "production" media.
   
   
6. If you're going to be selling/throwing away/giving away a drive, please, for the love of Pete, at least format the stupid thing first.  A better option would be Darik's Boot and Nuke, but a regular format will take care of most adversaries.
   
   
7. Whenever I connect to my network remotely, it's all done via SSH.  The only inbound port on my network is SSH, and I use PuTTY to set up a secure tunnel for any connectivity I need from work or on the road.
   

When I first started this blog, I wrote in the introduction that the primary purpose of this blog was technical and gaming.  However, I warned that their might be an occassional picture of my son, Connor.  Well, it's time I made good on that.  Here's a shot Michelle took of Connor and me bumming around on the weekend enjoying an episode of the Wiggles together.

What fun I'm having up here at Corillian!  I love Portland anyway, but I'm really getting to give my brain cells a workout on this project.  That makes it oh so much better.

Since I'm up here over Memorial Day, my wife and I decided to make a family vacation out of it, and she and our 18-month-old son are flying up to join me.   We're looking to do lots of fun local stuff, like the beach and driving around Mt. Hood.

I blogged earlier in the week about playing with my GPS mid-flight.  It was a fun little diverision.  As I'm waiting for my wife's (two-hour-delayed) flight to come in, I thought it'd be fun to track her flight in real time online.  There are lots of sites around the web to do this, but FlightView seems to be a predominant one.  Very similar to the thing with my GPS, I don't see that the information is actually useful for anything, and it's ultimately about as exciting as watching paint dry.

It ultimately doesn't tell you anything the flight status page on the airline's website doesn't tell you, but it is kind of fun to look at that blip and say, "hey, my wife and kid are somewhere over Nebraska right now."

I'm in Portland, OR right now doing a residency with our friends at Corillian in an effort to collaborate on the next release for Commerce's Online Banking product.  It's a three hour flight from Kansas City, and I've made the flight several times before.  I often find myself wondering where I am geographically when I stare at the patchwork quilt thousands of feet below the plane.

I recently picked up Microsoft Streets and Trips 2006 with GPS Locator, and it's a fun and useful little gizmo.  On a lark, I pulled out my laptop on the plane, stuck the GPS module's suction cup to the window, and waited.  It took a few minutes, but eventually my GPS got a lock and began reporting my position.  Not that you can do much with it at 33,000 ft going 460 MPH, but it's a fun little diversion when you don't have anything better to do mid-flight.

Scott Hanselman has blogged about it more than once, but I never listened.  Now I've been converted.  Go download Slickrun and quit leaning on the Start button.  That's so...  Windows 95.  Magic Words is where it's at, baby!

One thing:  Scott says he's got his Slickrun bound to Windows-R, so I followed his procedure to implement this.  For some reason, it flakes out on me sometimes and displays the Windows Run dialog anyway.  Since it's an inconsistent behavior, I figure it's probably just best to assign it to something else and get in the habit of invoking it from there (hopefully not the default  Windows-Q, since that's pretty awkward).

Update:  I figured out what was causing the flakiness.  It seems that the difference is whether you use the left or right Windows key when performing Windows-R.  At least, that's how it works on my Microsoft Natural Keyboard Elite at work.  (Side note: The Elite model sucks, but it's the only one our desktop support team will purchase.)

D&D and Star Trek are coming to PSP.  Now I'll never get any work done (presuming, of course, that these games don't suck).

Oblivion rocks my world.

I mean, wow.  Easily the most amazing RPG experience I've ever had.  Highly recommended.

Other than Oblivion, I've been getting in a lot of the Xbox 360 version of Ghost Recon: Advanced Warfighter.  This is very good, but it does have some difficult moments.  And your AI squadmates are pretty dumb and do a great job of getting themselves blown up.  Considering, however, that the  Xbox version of GRAW is something less-than-stellar, the Xbox 360 version is great.

I picked up Syphon Filter: Dark Mirror for my PSP, and I've been playing that with some guys at work.  It reminds me a lot of Rainbow Six 3 for Xbox.  And the single player campaign is very good, too.  This game is very worthy of all the praise it received.

And then there's Grand Theft Auto: Liberty City Stories.  I actually have never been a fan of GTA, mostly on principle.  I don't have a problem with adult-themed games.  In fact, I relish them.  And the game itself is actually a lot of fun.  My problem with GTA is the adolescent testosterone-driven fanboys the games attract.  Yes, GTA lets you play as a person of rather questionably moral turpitude.  That doesn't automatically make it better.  It makes you immature for thinking a game can't be fun without hookers and gang violence.  That said, I'm having fun with GTA:LCS, which I rented from Gamefly.  Definitely worth a play if you're looking for something different on your PSP.

We have an internal web application at Commerce that makes extensive use of ActiveX controls.  The application is used primarily by our financial service reps and contact center operators.  Thanks to the Eolas judgment, the application in question was still mostly functional, but required users to manually click on the ActiveX controls before they could interact with them.  Not only were the programmers who maintain the application concerned that their non-technical users would be confused by the "Click here to activate this control" message, but this behavior actually broke a control we use to push client-side updates.  Our programmers took Microsoft's recommeded steps to correct the issue.

The problem is, Microsoft's solution didn't work on about half the machines we tried it on. After a while, we determined that the problem machines were all laptops, so we immediately suspected a difference in the images our desktop team uses on our workstation PCs versus our laptops.  After running through all the usual suspects, like OS patches, our laptop security software, IE build number, etc., we were at a loss and opened a ticket with MSDN developer support.

After a week's worth of research on the Microsoft side, the support analyst suggested I compare version numbers on jscript.dll.  Sure enough, the version on the laptops is outdated.  We downloaded the installer for the most recent version, and all is good again.

I had a site where I was wanting to store some configuration data in web.config, but the problem is that the data was a little more complex than standard name-value pairs.  As it turns out, this is a rather common problem, and is easily mitigated by building custom handlers to parse the sections.  Some examples are here.

What I ended up doing was writing a handler to just pass back the XmlSection.  Then it can be cast as an XmlNode, and you can use SelectNodes or any number of classes, like XPathNavigator or XmlTextReader, to parse it.

    public class XmlSectionHandler : IConfigurationSectionHandler
    {
        public XmlSectionHandler(){}

        public object Create(object parent, object configContext, System.Xml.XmlNode section)
        {
            return section;
        }
    }

It's not terribly unlike what this guy is doing, but he uses XmlSerializer to just deserialize the whole section so he doesn't even need to parse the XML.

Google has finally heard my prayers and responded with a calendar app in the same style as Gmail.  It's still pretty early in its maturity, but it's got all the basics covered, including Gmail integration and a nice web invitation feature.  Between this and Gmail, it's safe to say that my home/personal PIM environment (as opposed to work) is no longer hindered by a lack of Outlook .  Besides, for personal data, I prefer the web-based stuff anyway, since it's way more portable.  Leave the work stuff at work, but I want to be able to get to my personal stuff anywhere.

Some things I'd like to see:

1. A to-do list with reminder capability.
2. A desktop reminder agent (integration with Gmail Notifier, perhaps?)
3. Configurable notification addresses, so I could use email addresses outside of my Gmail account (although they DO provide SMS capability - that's a plus!)
   

Having gotten sick of the obnoxious Flash-based ads in MSN Messenger, as well as the unweildy tabs mechanism, I made an effort several months ago to deprecate Messenger in favor of the Windows port of Gaim. Unfortunately, I found myself turned off by Gaim's incompatibility with MSN's video conferencing (how I see my kid when I'm on the road) and the general "industrial" feel of the GTK+ library Gaim is built on.  On my last trip out of town, I found myself going back to MSN Messenger.

The thing is, the interface still bothers me.  The ads are annoying, as is the clutter from the tabs.  Here's my tips on creating a nice, minimalist MSN Messenger environment.

1. The built-in configuration options are your friend.  At a minimum, turn off the "Show MSN Today on Login" option.  If you're getting sick of your contacts' display pictures, by all means, disable those too.  You'll note the default soccer ball associated with my wife's entry in the screenshot.  I hate that.  Default images annoy me.
   
2. Kill the tabs.  There's an option to do it in the Security section of the options (on Messenger 7.5).  Find the checkbox that says "This is a shared computer so don't display my tabs" and check it.  If you don't have that option, there are alternatives.
   
3. The ads are a piece of cake to kill.  Using ZoneAlarm to block and log all outgoing connections from Messenger, I quickly deduced that the ads were being served from a web service on http://config.messenger.msn.com.  If you're using ZoneAlarm or another software-based program-oriented firewall, just block outbound HTTP from MSN Messenger to that address.  Alternatively, add an entry to your HOSTS file (C:\Windows\System32\Drivers\etc\hosts on Windows XP) that points config.messenger.msn.com back to 127.0.0.1.  That works just as well.