Yesterday I went out and picked up a new toy: a PSP (PlayStation Portable).  More than anything is was for the novelty of having it and tinkering.  I've got to say that I love it!  I'm not much of a gamer (though one might argue that looking at my XBox game library), but I enjoy them once in a while.  I picked up Frogger and Prince of Persia along with a 1 GB memory stick along with it.

Connecting it up to my WLAN was a breeze too (the PSP seamlessly connected to my G network, WPA-PSK (TKIP), MAC Filtered, etc :), so I can browse the internet, download updates (I'm on ver 2.60 now), play games against friends (though I don't yet know anyone with a PSP), watch movies, etc, etc.

It's TONS of fun...now if MS would only come out with an XBP (XBox portable)...something I've been wanting for quite sometime now...

There seems to be a lot of confusion floating around out there regarding the StrongNameIdentityPermission...and perhaps with good cause.  Perhaps you've seen (or written) code that resembles the following example which uses the permission declaratively via the StrongNameIdentityPermissionAttribute (SNIPA):

[StrongNameIdentityPermission(SecurityAction.Demand, PublicKey=".....")]
public sealed class TestClass { ... }

One might infer that a demand is placed on the consumer of TestClass such that it must be signed with the specified public key.  In fact, that assumption seemed to hold true in .NET 1.x.  Running within .NET 1.x you could effectively mark your types (or assemblies, constructors, or methods) with this attribute to prevent unknown callers from invoking those methods.  However, this was really just an illusion.  There were oh so many ways around this.  The best it really accomplishes is to present a facade of security (which may very well be worse than no security at all).

I'll be the first to admit that I've used that strategy in the past with smaller project to create a 'family of related applications'.

Basically what it comes down to is this:  In the .NET 1.x timeframe, all Identity permissions (except empty ones) were not considered to be a subset of the Unrestricted PermissionSet.  In essence this forced the various demands (e.g. Demand, LinkDemand, InheritanceDemand, etc) to take effect even if the assembly was running in FullTrust.  Effectively, the StrongNameIdentityPermission would block an application in FullTrust with an invalid public key.  This seemed hunky dory.

Things have changed, however, in the .NET 2.x world.  Hopefully these changes will affect only a small number of applications out there.  FullTrust now really means "Full Trust".  That is, Code Access Security (CAS) is not enforced if the assembly is running under FullTrust - ever.  Once an application, malignant or benign, is running in FullTrust, it can do whatever it darn well pleases.  Also, the various Identity Permissions have become a subset of the Unrestricted PermissionSet - they always pass in FullTrust.

One benefit of this is that performance of FullTrust applications will be increased because no stackwalks need to be executes for Demands.  Demands will automatically pass and LinkDemands are optimized out completely.

These changes are pretty dramatic and simply make apparent what was previously hidden: there is no real protection against FullTrust - though there seemingly was before.  Again, that was just a facade - a misnomer. Therefore, by way of example, if you've tried using the StrongNameIdentityPermission in a .NET 1.x application and seen it block a caller, but tried the same application in .NET 2.x to different results...that's probably the reason.

If you're a developer and marking your assemblies, types, and members with the SNIPA, you're probably seeing your calls pass on through your demands and may have been confused by that behavior.  Well, your applications are undoubtedly running in FullTrust.

You may wonder, then, "What's the purpose of such an attribute?  If it doesn't stop code from running, what's the point?"  Well, as it turns out, it does stop code from calling your code...just not code running in FullTrust.  Any application in the a lesser privileged permission set (such as the internet zone) if not found with the appropriate identity will not be able to execute your code.

So what can you do to prevent types from being publicly available in .NET 2.0?  Again, there's no real protection against FullTrust.

I have some ideas, but I'd like to get your feedback before divulging...
Thoughts?

Last night we had a fantastic event - our third Utah Geek Dinner.  Especially compared to last month (which in some ways was cool, others a fiasco), we had a wonderful evening.  By far we had our greatest attendance as well with over 80 people showing up and participating.  We had two brief educational presentations by some attorneys focusing on legal issues of which geeks should be aware.  Nathan Nelson (who also helped procure the Larry H. Miller SLCC Campus and the Panache Catering) spoke on starting your own company.  David McKenzie then addressed us on software patents, copyrights, etc.

Following both of those presentations we had a mini-presentation by Dave Turnbull of SoftwareFor.org who discussed a very cool initiative they have in getting quality software to students worldwide on a student budget (i.e. FREE) called “Software for Starving Students”.

We had a great time and a great turnout.  The next Geek Dinner will be on February 22nd, 2006 and (probably) at the same place at 6:00 PM.  If you haven't had a chance to make it out to one of these events you're missing out!  It's a wonderful opportunity to do some business networking and help promote the cross pollenation of technologies and technologists here in Utah.

Don't you hate it when you're debugging an application only to discover that the issue was a stupid typo that was sitting right in front of you?  Well, that happened to me tonight.  First time...honest .  The error message had me off on a wild goose chase when the problem was right in front of me

I am working of some software for a client that requires, alas, that an Access .MDB database be used (the reasons behind this I won't discuss herein, but they are valid).  Upon attempting to connect to the database I would receive an error message that said:

Could not find installable ISAM

Initially I thought I didn't have the latest MDAC (ver 2.81) installed, but that didn't really make sense.  Then I thought maybe it was a permissions issue.   I was googling around and browsing support.microsoft.com for any assistance. Turns out I simply mistyped my connection string.  It's “Data Source” not “DataSource”.  The issue was exacerbated by the fact that the debugger would not hit my breakpoint where the connection string is assigned for some odd reason so I didn't think to look there initially. Well, there went about 20 minutes.  All was not lost however.  I'm recording this little note for me and my posterity (and anyone else) so I might be able to avoid the issue if it crops up again - the resolution might be as simple as fixing a connection string and not having to reinstall any software. :)

A short while ago I purchased a license for an Email server called EmailArchitect by Admin Systems.  I can't say how impressed and pleased I am with the software.  While there are a few very minor things that I still take issue with (mostly because I'm such a hard-nosed perfectionist), I very much like the software.

I had an interesting experience with them this week that I'd like to relate.  I sent an email request to their support on Tuesday expressing a few issues (mostly typos, and the like) and I got an email back later that night indicating that they'd look into it and make the corrections in their next version.  At the time, I was running Email Architect 6.0.1.1.  Right now, I'm running 6.0.1.2 - two and a half days later and they have incorporated all of the changes that I requested and published it on their website!

That's awesome!  If you're in the market for a great email server application, check 'em out!

Extra! Extra!

** January Geek Dinner **

DevUtah's next Geek Dinner will be held at 6:00 this Tuesday night (Jan 17) at the Miller Business Innovation Center on the Salt Lake Community College campus (9690 South 300 West, Sandy).

We'll have two short educational presentations by accomplished attorneys who will discuss legal topics for geeks.  Nathan Nelson will talk about legal aspects of selling your software concepts, starting your own software development company (code shop), or becoming an independent developer.  David McKenzie will discuss popular myths about software patents and copyright ownership relating to contractors.

We will also have a brief mini-presentation by Dave Turnbull from SoftwareFor.org, who will talk about some of the successes and failures of the last release of “Software for Starving Students”, which had over 25,000 downloads in just a few days.

The event will be catered by Panache Catering.  Each attendee is required to contribute $7 to help cover the costs.  Attendees are strongly encouraged to prepay burnsadria@hotmail.com via PayPal, although cash and checks will also be accepted at the door.

Please RSVP here:

http://tinyurl.com/cgmv2

Here's cool Visual Studio tip...

You may be familiar with the F12 keyboard shortcut (or its more graphical, context-menu couterpart 'Go To Definition').  You may be intimate with Ctrl+Alt+J (Object Browser).  But did you know this...?

How about the 'Code Definition Window'?  Via the View menu in Visual Studio 2005 you can select the Code Definition Window option (or use the shortcut combination Ctrl+\, Ctrl+D) to cause a paned window to appear, similar to the Solution Explorer, the Properties Window, et al.  This window is pretty slick.  You simply position your insertion point (the keyboard cursor) within an identifier in your code (such as an object, property, variable, method, class, etc) and it will 'find' its definition for you, highlight the appropriate line where it's declared, and show it to you.

If the item isn't defined in your code (that is, if it can't find the source) it will reverse engineer the object for you from its meta data and show you.  I like it because it saves having to look in the classname.Designer.cs file.

One aspect of the Code Definition Window is that it's readonly - you can't go changing code therein...but it sure makes it easier to find out more information about what you're using.  If you want to make changes, however, there is a context menu option to 'Edit Definition' which will open a code pane at the selected spot for your editing pleasure.

I like it :)

By and large, I'm not a user of emoticons in MSN Messenger (or any Instant Messenger-like application - though I use the keystrokes frequently).  I copy and paste too many code snippets in the window (though purportedly Skype does a better job of handling code, I can't stand Skype's interface) and it gets wearisome to interpret the code sequences rendered as graphics.  I was reading a bit today on the next version of MSN Messenger and saw mention of a hidden MSN Messenger emoticon, so I thought I'd try it out.  Sure enough, it worked!  I then hunted these down.  I believe that they been in MSN Messenger since about version 6 (though the goat may be new to 7.5).  I present them here for your viewing (and using) pleasure:

Image	Shortcut	Description
	(brb)	Be Right Back
	(ci)	Cigarette
	(h5)	High Five
	(nah)	Goat
	(%)	Handcuffs
	(tu)	Turtle
	(xx)	XBox
	(yn)	Fingers Crossed

A couple of years ago I set out to create some of my own (feel free to use them as well for yourself).  The majority of these derive from my passion around board games, in this case Settlers of Catan.  I may take up to creating some more time permitting.  [Update 01/18/2006: I've added a few new icons below (ellipsis and arrow).  Additionally, I have added a zip file (click for link) that provides all of these custom icons in a single download.]

Image	Shortcut	Description
	(bowl)	Bowling
	($)	Dollars / Money (I never liked the money symbol in Messenger)
	(scrab)	Scrabble
	(brick)	Settlers of Catan - Brick Tile
	(desrt)	Settlers of Catan - Desert Tile
	(ore)	Settlers of Catan - Ore Tile
	(wheat)	Settlers of Catan - Wheat Tile
	(wood)	Settlers of Catan - Wood Tile
	(wool)	Settlers of Catan - Wool Tile
	...	Animated ellipsis (NEW: 01/18/2006)
	-->	Right Arrow (NEW: 01/18/2006)

I'm sure many out there get a bit irked when a product doesn't do what you want it to, or it does too much.  This may be one of the most frequent complaints users have with Microsoft Office.  While I don't usually share this sentiment in general, I do agree with respect to it's 'Save As HTML' options.  Word, for example, will inject a TON of unnecessary markup in the end result if all you're wanting is pure, clean HTMl.  This may not always be bad, but if you're intending to paste the HTML somewhere not Office, then you have your work cut out for you.

Jeff Atwood has created a slick little utility that cleans up the HTML within a Word document, resulting in a much cleaner result.  Go check it out...and don't forget to subscribe to his blog - Jeff has some pretty amazing insights and commentary.  A good read all around.

I've had a devil of a day diagnosing problems that practically piled faster than I found I could fix!  Ok, enough of the silly alliteration...

For some time now I've been assembling an application in C# 2.0 that relies on RDLC documents (Report Definition Language - Client-side).  I've had a very enjoyable time doing it (the details of which are forthcoming in a follow-up post).  That aside, I ran into an issue today which had me completely baffled.  All of the sudden today my project in VS.NET stopped compiling.  It had been working flawlessly for weeks (even this morning at 4:00 AM it was working).  When I opened the laptop on the plane it stopped working.  VS.NET was reporting “An internal error occurred on the report server.”  Lots of good that did me.  Well, the error message led me to believe that there was an issue with my Sql Reporting Server installation.

Sure enough, when I started going down the path of diagnosing that, I saw that my http://localhost/ReportServer virtual directory would not come up for me, giving me an error along the lines that my permissions were “insufficient for performing this operation.”  Inspecting the logs led me to believe that there was an error authenticating to the SQL reporting services databases.  I thought, “alright, the Windows user account's password associated with the SQL Server service might have expired.”  That turned out to be wrong.  “Ok,” I mused, “Maybe I mistakenly installed a time-bombed version of SQL Server (something I've never done - but hey, I was grasping at straws here).”  That, too, turned out to be wrong.

I went so far as resetting the user's password, connecting to the SQL Server database as that user via RunAs (which worked flawlessly).  As it turns out, I figured it out on the last thing I tried (of course, I didn't need to try any further). :)

Log on to your local machine as your administrator user (because you're not running  as an administrator user, of course), and browse to http://localhost/Reports.  Grant your user account 'Browser' rights.  Alright, that fixed my SQL Reporting services issue.  Great.  Go back to Visual Studio and recompile...BZZZZZZZZT!  Same error!  It turns out that I simply had never configured my user account with SQL Reporting Services permissions....

I was pretty irked by this time because most of my day was already shot diagnosing an issue that wasn't the root of the problem.  I then decided to backtrack through what I had last done in the project by removing the last two reports from the application.  When I did this, I found that I had some compile-time errors in my code.  I fixed them, brought the reports back in and it worked great!  At least I now know that if you're getting this strange “internal error” during a compile, chances are it's an error in your code and not the report server.

With all this mayhem, I then decided to go back and run my application (which relies on SQL Express User Instances) and lo and behold, I get a new error message “Failed to generate a user instance of SQL Server due to a failure in starting the process for the user instance.”  Man!  The fun just never ends!  I suspect this is happening because I was futzing around with my SQL Server configuration, changing passwords, etc.  Long story short, I found the solution while browsing around online.

SQL Express User Instances rely on content found in the “C:\Documents and Settings\[USER]\Local Settings\Application Data\Microsoft\Microsoft SQL Server Data\SQLEXPRESS” folder.  Simply delete this folder (you'll have to shut down the SqlServer process first) and reboot your machine.  SQL Express will then repopulate this folder with the appropriate Master, Model, TempDb, etc when the next User Instance database is requested.  In fact, that's probably why SQL Express takes a little extra time to load on the first time for a given user - because it has to copy files into this folder at startup.  This can lead to timeouts on first load.  Subsequent loads, however, should go more smoothly.

So there were three issues resolved today:

PROBLEM:  Permissions “insufficient for performing this operation”
FIX: Grant user 'Browser' permissions via http://SERVER/Reports virtual directory

PROBLEM:  “An internal error occurred on the report server.”
FIX: Temporarily remove the .RDLC reports, recompile, fix compile errors, add reports back (or recreate them)

PROBLEM: “Failed to generate a user instance of SQL Server due to a failure in starting the process for the user instance.”
FIX: Delete “C:\Documents and Settings\[USER]\Local Settings\Application Data\Microsoft\Microsoft SQL Server Data\SQLEXPRESS”

I took a bit of time today and updated the look and feel of my blog site and the root site for the community blog.  While its hardly revolutionary, and just slightly different from the look that it had, I like the new style quite a bit more; yet there is still some work to be done on it.  I also made a few more improvements so that the site would appear better in FireFox (I get quite a few visitors using said browser, and wanted to make their experience pleasurable).  There is still more work to do in that arena, particularly regarding the left-most bar, but it's still usable.  Any ideas on what I should do to better the site?

I've also made some upgrades and enhancements to my rating control which I will be posting tomorrow, time permitting.

Wow! This is pretty exciting!  I received today an email from Microsoft that I have been accepted as a Microsoft MVP in ASP/ASP.NET!  I'm stoked...my feet haven't yet touched the ground.  The emails were supposed to go out yesterday so when I didn't receive it I figured, oh well, I'll just work harder next year.  However, when I received the email today I was elated.  Even now, I'm gonna try even harder next year, so that goal is in place.

Thanks to all my friends that have and continue to support me, my colleagues, and also to the community (especially the Utah .NET User Group)!  This has been a fun and exciting year - hopefully we can do more this coming year.  There are days where I think I should get do something else for a living...but this is definitely NOT one of those days...I'm revitalized for a long time now.

What a way to start the new year!