While testing my MVC 2 based app, the test web server (Cassini) would crash about 50% of the time. When it was working it was slow and unreliable in serving pages. Several posts indicated my anti-virus was the culprit. I disabled AntiVir (good program btw), to no avail.

The only solution that has reliably worked is to alter my project to use IIS. I loaded the .csproj into a text editor and changed : <UseIIS>True</UseIIS> . Once I reloaded it never crashes, reliably serves out pages and is much faster.

I've never had problems with Cassini in the past, this may be an odd interaction with the new Visual Studio 2010. Until a patch may resolve issues in the future--I'm sticking with IIS.

Bob Mocny, directory of the department of Homeland Security's US-Visit program spoke today at Burton Catalyst Conference. The basic gist of the talk is that the US government is REALLY sold on the promise of biometrics as the key authentication factor in border security.

While the pure IdM techniques of biometrics are fascinating, from facial recognition, gait, or even typing style--I still find these techniques troubling. As Bruce Schnier (the Chuck Norris of computer security) points out, biometrics really are the oldest form of identity managment. Just watch dogs interacting on a walk and you'll get a great idea of some very primitive and smelly IdM. It's crude, but highly effective.

The most problematic biometric use case I've heard of is a case involving a rich Malaysian businessman, 4 thieves, and a very nice Mercedes S-Class with fantastic security...or so he thought. The thieves tried to steal the car only to find it required fingerprint identification to start. They got tired of carting the guy around so they cut off his index finger with a machete and went happily on their way with a gruesome authentication factor.

On a lighter note, I'm sure most people have seen the MythBusters episode where a fingerprint was successfully lifted via a gummy bear. Adam even used a simple photocopy to fool the machine.

As these metrics are collected, just imagine the terror if biometric data is released into the wild. If your credit card number lands in the hands of the Russian mafia, it sucks, but you can be issued a new number. You can't be issued a new thumbprint. As Popeye once said, "I am whats I am."

I think in some very limited and highly controlled applications biometrics are great (I'm thinking of the scene in Men In Black). But as this rolls out to the general public, random contractors at local airports, and outsourced datamarts--get ready for some identity fun...

Attended an interesting user group at the recent Catalyst Conference moderated by Burton analysts, Lori Rowland and Anne Thomas-Maines. The big takeaway from the meeting is that if you are using the Sun IdM stack--begin your preparations to switch to another vendor. Lori said flat-out, if you are currently planning or setting up an initial Sun IdM install...stop!

What's on hold/stopped? Sun Identity Manager 9 won't be released. OpenSSO, Oracle is simply going to be too busy to tinker with the open-source community. Larry is definitely not a pony-tailed leader like Schwartz. JCAPS, dead. GlassFish, dead. NetBeans, dead in favor of JDeveloper and Eclipse. The only survivor will be Sun's Role Manager.

Can you remain on Sun? Sure, if you want your support costs to increase every year until it simply becomes unbearable or the feature set is too antiquated. Oracle is going to ride-out the Sun install base. The carrot will be license-for-license swaps, migration tools (good luck), and other sweeteners to switch to OIM/OAM/OIF/OVD/OAAM (gotta love the Oracle acronyms). The stick will be increasing support costs and simple bug fixes, no new feature enhancements.

So what are the alternatives? From the latest Burton round-up the remaining players are : Oracle, CA, IBM, Novell + some niche players Courion, Aveksa + Microsoft which continues to play in it's own sandbox different than the big 4.

The biggest laugh of the meeting came in reply to a user's response that "Oracle support in a word...BLOWS!" Yes it does. Their frontline support is not great. Get ready to upload terabytes worth of logs only to roll to the next staffer.

How are others getting the support they need? Some have paid Oracle to be onsite and essentially offer a concierge service as a fastrack to Oracle support. The most useful methodology simply seems to be a pain in Oracle's side: get the direct lines to top management, escalate to development and duty managers, insist on immediate Oracle Web Access support calls. If you're a bigger customer, force calls with development, attend CAB meetings. Keep forcing the issue.

It's not an ideal relationship. But what's the alternative?

After seeing the latest info on the new claims based Identity support in the .NET 3.5 libraries "Zermatt" I decided to try out CardSpace. I've been reading the free book Microsoft handed out at the Burton Catalyst Conference, "Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities". It's an excellent book that not only explains CardSpace but provides a great overview of all major Identity technologies & trends. I find it refreshing that even the failure of Passport is presented.

While the book presents CardSpace in a great light, being a pragmatist I really want to see how the real-world experience works with "user-centric" identity. If it is truly user-centric, it should be user-friendly right? Seeing that I don't currently have CardSpace installed on my corporate laptop, and I don't like Internet Explorer--I want to see the experience on Firefox. I fire up google and search for an easy way to add CardSpace support to Firefox. At the Pamela Project (also at Burton conference, very interesting person), she suggests obtaining the XMLDAP Firefox extension. So I try to go to https://xmldap.org/ . Unfortunately, my attempts to connect to the site failed. Wondering if my connectivity was flakey I fired up a free monitor at WebSitePulse to independently ping the site...no dice, reports site is down. Any other attempts to get the plugin fail to get useful info. I can view the blog of the XMLDAP folks snowboarding and cute baby pix, but that really doesn't help me.

So why don't I get the CardSpace download and just use IE? I don't really want to, I want to use a Firefox extension based solution. Shouldn't the whole idea of "user-centric" identity be choice? Without choice aren't we back to the bad old days of passport?

Given the primary adopters of CardSpace are probably going to be the more technology savvy crowds (that overwhelmingly use Firefox), there is currently just too much friction involved in setting up CardSpace. I am used to extraordinarily complex enterprise installs of Oracle and IBM bloatware, so I can obviously handle large amounts of pain. So far, I've given up trying to get CardSpace for my current work setup. Until that situation changes, I am wary of CardSpace being yet another Identity pipedream.

It's my first time at this IT conference. Initial impressions have been positive. I'm primarily attending for the Identity Management talks. So far there has been far more info on that subject than other conferences.

The only other conference I've attended that touched on IdM subjects was Oracle OpenWorld. Those talks were ok, but as you would expect, very focused on Oracle product stacks and not very forward thinking. Burton does a good job of balancing immediate technical concerns with more "out-there" considerations: especially the influence of neuroscience & design fields on identity. Glad to know that my psych & art degrees might actually be put to good use. Interesting references to Don Norman (human factors guru) and "A Crowd of One: The Future of Individual Identity". I promptly went ahead and bought for the right price of 1 penny at Amazon (http://www.amazon.com/gp/product/1586483676).

Given the centrality of technology on business, and our everyday lives (Facebook, etc)--I think the trend towards multi-disciplinary approach to computing will only accelerate over time. The core competency of understanding coding/data structures will be assumed, but the true value comes from domain expertise in crafting the next generation of apps.

The best session so far has been the "REST Easy" workshop. Bad name, great instruction by Anne Thomas Maines from Burton. Interesting to see the degree of a backlash against the crazy number of WS-* standards. The REST-afarians are strongly against SOAP, WSDL, UDDI--the holy trinity of Enterprise Web Apps infrastructure. Slicing all services into URIs is a powerful idea. The first benefit for enterprises came with thinking about protecting web resources. To protect a normal SOAP service you have to do deep packet inspection. Poke inside the XML blob and make determinations based on the message. But, if you only need to protect http://bigcompany.com/identity/joeschmoe/order/1234 , that fits perfectly into existing WAM solutions. Just use an ISAPI filter to protect that string and you can come up with some very powerful, yet easy to administer access control for web resources.

Also interesting to hear that Microsoft's guru Don Box is heavily promoting REST, and corporate users working with IBM hear they are privately whispering the virtues of REST. 

It was easier than I expected to update the codebase for BlogEngine. I use the SQL datastore, so the first step is to update the schema. The script to update is available here.

Second, go to the robots.txt file in the root directory and update it with your site URL.

Next, update the web.config in the new release to use your selected datastore. Remember to delete the "<trust level="High" />" line if your site is on a shared host.

Lastly, upload all files with the new copies except for the sql.config and /app_data files.

Here is a list of all the new feature goodness in 1.2: http://dotnetblogengine.net/page/Feature-table.aspx 

Surprised at how few posts are on the net about these razors. Razor reviews might actually equal the number of insanely detailed review sites as caffeine addicts...I mean coffee drinkers have.

Basically CVS's M3 is a rip-off of the nice, but overpriced Gilette M3 razors complete with the same 3 blades and lubricating strip. It does not fit the Gilette handle, so you'll have to buy a new CVS handle--which is surprisingly solid.

The razors are $4.99 / 4, and if you combine the numerous CVS coupons then you can get 16 razors for $16. Not too shabby.

How is the shave? So far pretty comparable to the Mach3. No cuts or bumps yet. The only real difference is the shave isn't quite as close as the Mach, but only marginally so. 

Signed up for my $3.99/month shared hosting plan on GoDaddy. So far the experience has been pretty good. The collection of utilities to manage your site are a bit motley, it seems as if their developers have cobbled together various scripts into a common framework. Not nearly as cohesive as CrystalTech’s control panel (very simple but still very powerful). However, GoDaddy’s relentless marketing of various add-on features kind of makes them the Wal-Mart of hosting. Not the highest end features, but with so many features available at rock-bottom prices…they serve their purpose.

I remember GoDaddy back in the day (circa NetObjects Fusion era badness) and they sent a flier promoting some site building program. One of the click a few panels in a wizard and we’ll get your business on the newfangled Internets programs. Don’t think they saw too much success with that product. I read a story about Bob Parsons where he said that he sunk most of his money from the sale of Parsons Technology into GoDaddy. He got fairly close to empty on his reserves—finally his bet on domain names really paid off. I’m glad they stayed afloat as GoDaddy brought some development jobs here to Cedar Rapids.

Since I’m running this site on BlogEngine.net, I’ll post my experience in getting the thing up and running:

• First, do not upload any files before changing permissions
• Verify in Control Panel | Settings >> ASP.NET runtime that you’re using .NET 2.0.
• Find a root directory for your blog
  • If you choose the default folder, it will already be setup
  • Else, click “Create Directory”
  • Now check “read”, “web”, “set root”
• Click “Create Sub Directory” underneath your blog folder
  • Call it “App_Data”
  • Check “Read”, “Web”, “Write”
• Open and edit your web.config file
  • Delete the line “<trust level=”High” />”
  • If you want a SQL datastore instead of XML, then follow these settings.
  • Also, go to Control Panel | Databases >> SQL Server >> Open Manager
    • Login with your DB credentials and go to “Query Analyzer”
    • Paste the contents of the setup\MSSQLSetup1.1.0.0.sql into the textbox and hit submit
• Copy all folders EXCEPT “App_Data” to your blog folder
• Open your local and remote “App_Data” folder and transfer the files (not the folder)
• Alter the blog settings as usual
  • The one tricky setting is the mail server, it needs to be “relay-hosting.secureserver.net”

Good luck, hope this helps.