Tim Marman's Loosely Coupled

Browse by Tags

• AJAX
• Business
• C#
• DRM
• Enterprise
• Entrepreneurship
• Innovation
• Knowledge Base
• Microsoft
• Misbehaving Software
• Notches
• Personal
• Programming
• Security
• Startup
• Technology
• Video
• Vista
• Web 2.0

• Is IIS7 on Vista not serving static content?

  If you add IIS7 and ASP.NET on Vista, many of the common HTTP modules are not installed by default – including the one for static content. The problem is that it doesn’t return a 404 or other error, but rather zero-byte files. If you’re seeing empty files returned for CSS, images and JScript files, this is likely the culprit. (You’ll all see the Static Files handler for * being mapped to the DefaultDocumentModule). The answer is to go into the Windows Features dialog and make sure that the Common Http Features are checked off. Hope this helps. Posted Jul 02 2008, 02:10 PM by Tim with | with no comments Filed under: Software Development, Vista, Microsoft, .NET, Programming, Knowledge Base

• We are looking to hire good developers

  Notches is hiring developers . We’re looking to bring on developers to be part of the core engineering team. We want people that can contribute to the product in a myriad of ways beyond coding. We want people who can ask the tough questions and challenge us. We want people who are not afraid to take ownership over an area and really drive it forward. Our core platform is written in C# / .NET, so familiarity there will help – but ultimately we’re looking for smart, ambitious people with a good background in computer science, algorithms, and so on. Our offices are currently in downtown New York City (SoHo). We’re certainly flexible in terms of hours but we do want to spend as much time as possible collaborating in person – in other words, we’re not looking for offshore firms or out-of-town developers right now. You can find a more detailed job description here . If you’re interested or know anyone who might be, please contact us. Posted Jun 12 2008, 01:47 PM by Tim with | with no comments Filed under: Software Development, Personal, Web 2.0, C#, .NET, Entrepreneurship, Startup, Programming, Notches

• Congrats to Faisal on his new role on the ADO.NET team

  My good buddy Faisal has moved from MSBuild to ADO.NET . Specifically, he's the Program Manager for LINQ to SQL and the Object Service for Entity Framework. He says you'll hear a lot more from him on these things, but of course if past history is any indication his blogging will be short lived :) Either way, I'm still waiting for him to convince me why I should LINQ instead of SubSonic . The only issue we're really having now with SubSonic is with the JOIN story, and they're supposedly prototyping stuff to address this in the next build. Posted Dec 05 2007, 03:45 PM by Tim with | with no comments Filed under: Technology, Software Development, Personal, Microsoft, .NET, Programming

• Microsoft Silverlight

  A lot of people are very excited about Silverlight , the technology that was formerly known as WPF/E. Jesse says it will give Flash a real run for its money because of a better video story (emphasis in original). Unlike Flash, Silverlight (the new name) will support DRM, it supports the industry standard VC-1 codec used in HD-DVD and Blueray, and it can take advantage of the built-in media streaming capabilities of IIS. As for DRM support, I don't think that's of any real consequence. Jesse claims "companies that want to stream TV and movies over the web, will not consider any method that doesn't allow for DRM protection", but we're already seeing a trend away from DRM. That said, there are certainly things to get excited about, particularly the prospect of cross-platform CLR support and the ability to develop Flash-like applications with the power of the Visual Studio environment (and not having to learn a new scripting language at that). One thing worth noting is the fact that Flash is... Posted May 25 2007, 02:30 PM by Tim with | with 2 comment(s) Filed under: Technology, Software Development, Innovation, Microsoft, C#, .NET, Video, Programming, DRM

• An Introduction to OpenID

  OpenID, which describes itself as "an open, decentralized, free framework for user-centric digital identity", has been gaining momentum and getting press in the Identity 2.0 space. The fundamental idea of OpenID is that a URI is necessarily unique and thus a good way to identify users. If you say you own a URI and can properly authenticate with the URI, then you must be who you say you are. Admittedly, this can be tricky to understand at first. Perhaps the best analogy is an open version of Passport, where you can download and run your own Passport server. When you go to Microsoft.com or MSDN, you don't log in to a "local" account - you are instead redirected to a Passport (now Windows Live ID) screen to enter your username and password. From a user perspective, OpenID is not that different as Simon Willison showed in this his screencast (embedded below). Scott Hanselman also discussed OpenID on a recent Hanselminutes and has a number of good resources (including the screencast) linked... Posted Feb 15 2007, 09:06 AM by Tim with | with 4 comment(s) Filed under: Technology, Software Development, Security, .NET, Video

• SQL Server installation problems on Vista? (Failed to compile the Managed Object Format)

  I've been having issues installing SQL Server 2005 tools (i.e., Management Studio) on Vista. I know it works because I was able to get it installed on my tablet also running Vista - I just couldn't get it on my desktop. I thought it might be related to SQLEXPRESS installed as part of the VS.NET 2005 install, but that didn't seem to fix anything. As it turns out, this is related to a corrupt WMI repository - and the fix is quite easy. C:\Windows\system32>winmgmt /verifyrepository WMI repository is INCONSISTENT C:\Windows\system32>winmgmt /salvagerepository WMI repository salvage failed Error code: 0x8007041B Facility: Win32 Description: A stop control has been sent to a service that other running services are dependent on. C:\Windows\system32>winmgmt /salvagerepository WMI repository has been salvaged As you can see, I had to run it more than once - but it eventually fixed the problem. I clicked Retry and the install went through fine. Hope this saves time for anyone else running... Posted Jan 22 2007, 05:48 PM by Tim with | with 28 comment(s) Filed under: Technology, Software Development, Microsoft, .NET, Enterprise, Programming

• SubSonic

  We've been using SubSonic lately, which I first bookmarked from Scott's post . Essentially, the project is an implementation of the ActiveRecords pattern from Ruby on Rails in .NET. Or as the authors describe it, , "a toolset that helps a website build itself". I'm using it on a project I'm working on now and so far it's been very useful - though we haven't had to scale yet. We had to slightly adjust our data model to be more SubSonic-friendly, but it's pretty flexibile and even supports stored procedures if you're into that sort of thing (we are). It also "singularizes" the database tables - i.e., a Companies table becomes a Company object, and a Books table becomes a Book object. (Though it does strip the last 's' from Business.... I'm reminded of that old 1-800-MATT-RES commercial). Regardless of future experiences, I can wholeheartedly recommend it to build a DAL for prototyping. Posted Jan 22 2007, 06:25 AM by Tim with | with no comments Filed under: Technology, Software Development, Microsoft, C#, .NET, Programming

• If you can read a file, you can copy it

  Raymond reminds us that there is no "Copy" access mask because copying is not a fundamental file operation . Copying a file is just reading it into memory and then writing it out. Once the bytes come off the disk, the file system has no control any more over what the user does with them. Something to keep in mind when designing your web applications. Once you send something to the client, you inherently give up control over what can be done with that information. Posted Jan 09 2007, 09:42 AM by Tim with | with no comments Filed under: Technology, Software Development, Security, AJAX, .NET

• JSON and XML

  Back at the PDC, I mentioned that Microsoft chose JSON over XML in Atlas, its AJAX framework. The debate has reared its head again recently, prompted largely by Tim Bray's post . Tim says that JSON is great for its single intended purpose, "to put structs on the wire." Dare, who used to work on the XML team at Microsoft, say JSON is better than XmlHttpRequest because it helps work around browser security model limitations and is easier to program with . The cross-browser issues are a particularly big issue that people have tried to tackle in different ways - I mentioned before that Julien is using a Flash proxy to work around these issues , and I've seen other architectures which use a server-side proxy on the original server to handle the third-party request. The key here is that AJAX is not about the technology , but the experience. JSON may or may not be the "best" way to approach this, but the exercise at least highlights some of the limitations (and, to be fair, strengths) inherent... Posted Jan 05 2007, 09:44 AM by Tim with | with no comments Filed under: Technology, Software Development, Security, AJAX, C#, .NET

• The Prevalence and Danger of SQL Injection

  Michael Sutton looks at the prevalence of SQL injection vulnerabilities ( via Bruce Schneier ). He tested 708 different servers and found verbose SQL errors on 80 of them (11.3%) - numbers that are not, as Michael says, surprising but are certainly sobering. Michael acknowledges that his method is imperfect, and in fact I think the percentage is actually a lot higher. His test only captures sites that are vulnerable and actually return verbose error messages. I guarantee there are countless others on his list that were actually vulnerable and fail "silently" (i.e., reporting user name not found, but not the words he is testing for). If you're not familiar with SQL injection, and what can happen as a result, I suggest reading Steve Friedl's wonderful introduction in SQL Injection Attacks by Example . (Image above borrowed from his article). Oh, Scott Guthrie also had a great post on how to avoid these problems . As you can see, it's not difficult - you just have to be aware and not construct... Posted Oct 12 2006, 03:53 PM by Tim with | with no comments Filed under: Technology, Software Development, Security, Misbehaving Software, C#, .NET