UHHHHHHHHHHGGGGG !!!!!
There, I got that out.
I just received my first Facebook Phishing attempt. This is unbelievable - can we please pass a friggin law that allows the death-penalty for these assholes?!?
I'm sorry folks - I've always watched my language on this blog, but I find no other way of describing these people.
I got this email today:
------------------------------------------------------------------
Ray sent you a message.
Subject: Look at this!
"fbstarter.com"
To reply to this message, follow the link below:
http://www.facebook.com/n/?inbox/readmessage.php&t=1006165330410&mid=63b5b8G225127d4G2365040G0
___
This message was intended for miguel@steelbluesolutions.com. Want to control which emails you receive from Facebook? Go to:
http://www.facebook.com/editaccount.php?notifications&md=bXNnO2Zyb209Njk2OTA1MTU3O3Q9MTAwNjE2NTMzMDQxMDt0bz01NzU3NDM5NTY=&mid=63b5b8G225127d4G2365040G0
Facebook's offices are located at 156 University Ave., Palo Alto, CA 943
------------------------------------------------------------------------------
And of course, the fbstarter.com site is designed to look exactly like the Facebook login screen.
I know this is an old trick and it's still used to obtain banking passwords and such, but social sites ?!?!?
Am I the only one who would get actual pleasure and satisfaction by seeing these people hanged by their testicles (we can be equally creative if they were women), and picked at by 100 people each armed with nothing more than a pair of pliers?!?
Anyway - just be on the lookout for these emails, folks.
I've been using and teaching the ASP.NET Provider Model for some time now so I always felt quite well versed on the topic, specially in the context of membership and security. I thought I understood the "order of operation" in ASP.NET membership pretty well so every time I found the need to write a custom membership provider, I approached the task with confidence.
However, I have noticed that everytime I needed to write a custom membership provider, it has been for reasons of extending Microsoft's two-level (users and role) logical model with a more complex physical one. For example, on several ocassions I've had customers who needed not only users and roles, but also a third level like groups. Since this particular need came up on more than one ocassion, I actually wrote a complete provider kit with a custom membership, role, and a new group provider; complete with custom controls and everything - quite proud of it actually.
Because I needed to store more than just user and roles (groups), I've always resorted to writing a custom principal and identity object that contains the user's credential model. And since I've needed a custom principal, I've also needed the ability to repopulate it on every request and place it into the HttpContext's User property and the Thread's current principal property.
This is something that Microsoft's FormsAuthenticationModule does for you, but it does it from its own store and into its own principal and identity objects. My needs for a more complex model always prohibited me from using the Microsoft stuff... until now.
So believe it or not, after being so close to this topic, I now have need that on the surface appears significantly simpler. I need a simple user and role model, with no added complexity, but stored in a custom database, not the "aspnet_" tables that Microsoft provides. So I need to write a custom membership provider again; easy enough.
But when I got the part where I thought I would need a custom principal and identity, and thus a custom module used to repopulate the information on each request, I thought there must be an easier way.
I'm not extending the logical two-level security model so why can't I use whatever principal and identity Microsoft is using as well as Microsoft's repopulation module (FormsAuthenticationModule). After searching quite a bit on how to do this, I come across several articles on writing custom membership providers; something I know how to do already. But none show you how to take it further.
That brings us to the present. The answer on how to do this is quite simple, yet quite undocumented.
The answer is not only in a membership provider, but in a role provider as well.
When you implement the ValidateUser method of the custom membership provider, you need only return a true or false, end of story. This will automatically create a principal and identity object (FormsIdentity) and persist the user name there. It will also place this Principal in HttpContext.Current.User. The FormsAuthenticationModule is designed to repopulate this bucket from a cookie that is managed for you. This part I knew, but since I always needed to read in a couple of authorization levels at this point, I've needed my own storage and repopulation mechanism.
public override bool ValidateUser(string username, string password)
{
Person person = SecurityEngine.AuthenticateUser(username, password);
return (person != null);
}
When all you need is roles, you simply create a custom role provider and implement the GetRolesForUser method. Here you obtain a list of roles based on a user name (passed in for you) and return it as a string array. It's as simple as that. The RolePrincipal and FormsIdentity objects are created and populated for you. This method is hit every time either you or ASP.NET performs a role-check.
public override string[] GetRolesForUser(string username)
{
Person person = SecurityEngine.FetchPerson(username);
List<string> roles = new List<string>();
foreach(Role role in person.Roles)
roles.Add(role.RoleName);
return roles.ToArray();
}
If this is the "live" effect that you seek, you're done. If you want the role list to be stored in the authentication cookie and repopulated by the FormsAuthenticationModule, you just need to set an attribute to "true" when you install you role provider in the config file.
<
<
membership defaultProvider="customProvider">
<providers>
<add name="customProvider" type="MyProject.Web.Security.MyMembershipProvider" />
</providers>
</membership>roleManager enabled="true" defaultProvider="customProvider" cacheRolesInCookie="true">
<providers>
<add name="customProvider" type="MyProject.Web.Security.MyRoleProvider" />
</providers>
</roleManager>
And that's it. This role provider detail doesn't seem to a part of any article out there. If I'm wrong, I welcome feedback.
This blog posting is designed to test TwitterFeed. A twitter entry should have been made automatically on this posting.
I'll be ath the Northern New Jersey .NET Users Group, hosted at the offices of SetFocus, tomorrow the 13th. The topic is "So you finally decided to get into WCF!"
I've been chosen to speak at VSLive again next month in the first of the 2009 conferences. VSLive is limiting to 3 conferences this year, held in San Francisco, Las Vegas, and Orlando.
If you are interested in attending VSLive, you cna register at www.vslive.com and use the promo code: NS9F04
This promo code will get you $500 off the regular price of $1895, making the registration price $1395.
This is like my 12th or 13th VSLive, hope to see you there.
Regarding the Feb 2007 posting I made (http://geekswithblogs.net/mcastro/archive/2007/02/14/106269.aspx#398291) and the responses I've had, I feel I need to revisit that opinion (even though it was over a year and a half ago).
I run two powerful rigs at home, Superrig runs Vista 64 (8gig RAM) and contains two NVidia 8600GTS cards (640meg each). This rig is powering four monitors effortlessly (and how sweet it is). Son of Superrig runs one NVidia 8800GT card powering two large monitors, also without effort. I was doing this well before Service Pack 1 so I have to say that the multiple monitor situation has been solid.
thanks for feedback
I received an MSN instant message from a friend today who I know well but only ocassionally chat with. His status showed as offline and for someone I talk to only once in a while, it was weird getting an IM from him with just a link. The link was to john.insaneimagz.com. His first name is John so this at first seemed legit, but then the page came up. It offers picture galleries but asks you to log in with your MSN credentials. Now, we've all seen sites that use "Live Passport" login, and most of us know what the login dialog looks like. This was nothing like that so I immediately did a search for it on the web and found this: http://www.phishtank.com/phish_detail.php?phish_id=491418.
I immediately called my buddy John, only to discover that his IM was comprimised and everyone on his IM list received the same message. Be alert about this one because we don't see too many phishes that come from IM.
Whoever starts these things needs to have their ass removed !
Well, TechEd 2008 is over and so is my first speaking slot in this extremely large conference. My talk was "Sexy Extensibility Patterns" and I was properly inaugurized with an 8:30am slot on the second to the last day. However, to my amazement, 296 people showed up to watch my deflowering. The final averages were 8.13 which I'm told me puts me in the "above average" category so I can't complain about this first TechEd speaking experience. As usual, there were a few idiotic comments from people who were oblivious to the point of the talk, but you can't please everyone.
The code for this talk can be found on my web site: www.steelbluesolutions.com
I'm in the middle of writing an extender provider for something I need and I came across a pain-in-the-ass scenario. Extender providers, like controls, run at design time as well as run time. I needed to debug something in one of my set-accessor methods so I put in something like this:
if ctl.Name = "controlName" then stop
Man, all hell broke lose. VS2008 does not like this one bit - it IMMEDIATELY gives you a window telling you that it found a user break point and needs to close. From this point forward you cannot re-open that project. I tried opening that file in notepad and removing that code since obviously VS was trying to compile it but that did not help. I ended up renaming the file then opening my project. Then I clicked on the "Show all files" button in the property browser, brought up the culprit file, comfirmed the code was fine, right-clicked and selected "include in project". Then I was OK.
I can see why VS doesn't like this, but why the hell can't it give us a recovery option !
Well, it's been about 10 weeks since I launched the SteelBlue Site's store-front and the official release of CodeBreeze. Sales have been decent considering I haven't had time to do any marketing. If you're reading this and you're one of my customers, thank you for your business. All the comments I've received from my customers have exceeded any of my expectations on what people would think of the product.
On the 12th of January, I'm sponsoring a code-camp in Philly where I plan to give away a couple of licenses as well as discount coupons to all attendees. CodeBreeze is on release 1.0.0086 currently and contains several enhancements specifically requested by my users. CodeBreeze 1.1 is under final development stages and will include some amazing new features.
For those of you who have not seen it yet, I recorded a DNR-TV show demoing the product in its entirety. The product was in release 1.0.0079 when I recorded the show so there have been several new features put in since then; but the release notes describe all.
CodeBreeze can be obtained at www.steelbluesolutions.com, or you can contact me directly if you are looking for enterprise-level licensing.
Thanks again to all and a happy new year to everyone.
Since the release of CodeBreeze about 2 months ago, I've made quite a few sales but all through personal contact using a PayPal account. I'm glad to say that's no longer necessary.
You can purchase CodeBreeze at www.steelbluesolutions.com now !
Until November 30th, there is an online coupon (you'll see it in the checkout process) offering a 15% discount off the total purchase. This means above and beyond already existing quantity discounts.
A fully functional trial is available for download and for purchasing you can use all the major credit cards. The PayPal option will be up in a couple of weeks.
Don't forget, you can watch a one-hour full demo on episode 77 of www.dnrtv.com !
Thank you to all my existing users - the response has been beyond anything I ever expected.
|
The Liquid Loop and Powering it up - yikes
So you saw the surgery I performed on the video cards to attach the cooling blocks. I also talked about the CPU cooling block, the radiator, reservoir, and pump. Each of these has two barbs on it, used for in and out liquid flow. The goal here is to make a closed loop where everything gets part of the flow. Also, do not think that by ordering the loop in a certain way you are providing more cooling in one component than in another. The entire loop maintains the same temperature throughout.
My loop went as follows:
The pump's input (the part that sucks) pulled liquid directly from the reservoir and the output pumped it to one of the radiator's barbs. From there I went out of the radiator (through the other barb of course - remember, everything has two) and into the CPU. I then went out of the CPU and into the first video card, out of that card and into the second, then out of the second card and back into the reservoir. All my equipment has 1/2" barbs so I can use either 1/2" or 7/16" tubing. I went with 7/16" because it's a bit easier to bend and still fits relatively easy into each barb. Some things required more of a twist than others but in any case I sealed it up with some plastic clamps afterward.
Have you noticed I keep using the word "liquid" and not "water"? There's a reason for that. When liquid cooling a rig, you need to use either distilled water or an actual coolant fluid. I went with the later for two reasons. The first is that I wanted something with color; not for show, because this case does not have any window, but so I can actually see something going on. The other reason is that most coolants are actually non-conductive and should there ever be a leak, I felt this was safer. This brings me to testing for leaks.
You don't want to build a rig like this and simply power it up - this thing needs to be tested. First of all of course, you need to fill the reservoir. Before I did this, I had to rig the power supply so I can turn it on without actually turning the machine on. First and foremost of course, this means DO NOT plug any of the power cables to your devices - the most important one being the motherboard. Not plugging it into the other devices is simply because it isn't necessary yet. There are some articles out there on how to cross a couple of pins on your 24-pin connector on the PSU so you can power the PSU up but it's seemed like a pain in the butt. The easy solution will cost you around 30 bucks but worth it because it involves buying a power supply tester, which I feel we should all have anyway. I picked one up online and most of them have receptacles for every single type of connector, letting you test them all. Some have lights that tell you the voltage information; mine has an LED screen. All are about the size of small MP3 player. In fact, I ordered one online then saw one at MicroCenter. Since I'm so damn impatient, I bought it, used it to test my liquid loop then returned it - a few days later, the one I ordered (which was much nicer) came in. Plugging the 24-pin connector into the power supply tester not only tests its voltage, but it also cross-wires it so your power supply can turn on and provide power to the other connectors. I then connected a standard 6-pin connector to the pump and made sure it worked.
The next step was to start filling the reservoir. I picked up this cool syringe that's about as thick as a can of Red-Bull. I used some black coolant that I picked up on the Danger Den web site but later saw that MicroCenter also carries it - the bottle is about 30 bucks. I poured some coolant into a glass so I can easily suck it into the syringe then squeezed it into the reservoir. My reservoir like I stated earlier, mounts in a 5 1/4" bay and I left enough length in the tubing connected to it so i could slide it out through the front about 4 inches. This was enough to unscrew the plastic filling lid on the top-front. I started squeezing coolant into it and repeated the process a couple of times until the reservoir was filled past the barbs. That's when the coolant started flowing down into the tubing. The problem is that of course, gravity is not enough to get the loop filled so it was time to close the reservoir lid and turn on the power. I heard the pump start right away and almost immediately start to suck coolant and pumping it through the loop. As soon as the coolant level came down under the reservoir barbs I turned off the power and added more coolant to the reservoir. I had to repeat this process about 3 or 4 times, effectively using the whole bottle of coolant but I wanted to make sure that the pump can suck coolant properly and I only saw that happening if the coolant level was above the reservoir barbs. I also noticed that if I left the coolant level too low under the top of the barbs, you hear slushing. Filling it up to cover the barbs eliminating the slushing sounds.
The idea is to let the coolant circulate for about 24 hours. This is to ensure that nothing leaks. I actually set some napkins inside the case to capture a liquid and make it more visible. My test was successful and I had no leaks (knocking on wood three times now) !
It was now time to finish connecting the power cables and power this puppy up. I have to tell you, not many thing make me hold my breath in anxiety; but this did. Remember, this was my first venture into liquid cooling and I just wanted to make sure I did things right. I checked and double-checked and triple-checked everything and finally decided I had to take the plunge. I powered it up and...
IT WORKED !!!
My SuperRig powered up and I was able to enter the CMOS configuration. I should tell you that I did have a small problem where the motherboard's internal LED display (it shows you status codes) was showing me an error status code which prevented booting. This happened every so often and was very annoying, but a call to EVGA support taught me that sometimes they leave the CMOS test-jumper in TEST mode, which they did in mine. Moving it over fixed the problem and I've been fine since.
|
 |
|
Gripes
So I could not have finished this project without at least one or two gripes. I do have one small problem with the Cosmos 1000 case. It's real nice that both sides of the case come off with literally the flip of a lever in the back - I really love that. It's also nice that both removable sides have sound proofing on them already. The problem is that the space between the foam on the side panel and the motherboard backboard and case framing is not too much. This makes it a bit of a pain in the ass when you slip cabling (especially think cabling like the motherboard power cables) through the bottom slot and back into the case through a side slot. What I ended up doing is just running the 8-pin cable through the back of the case through the bottom slot and back into the front through the top slot (the 8-pin connector on this motherboard is all the way at the top). The 24-pin cable was simply two thick and would have to squeeze between the case framing bar and the panel with the foam on it; this had the effect of repeatedly popping out that side panel. My solution was to run it inside the case but I did tie-wrap it nicely so it was not in the way. As you can see in the picture though, all the other cables like the SATA power cables, the 3-pin connectors, and the 6-pin connectors all come to the back of the case through the bottom. Then those that need to go back in to the case, like the DVD drives, do so through one of the vertical slots; while the others like the SATA cables stay back there. Also notice that the three radiator fans use 3-pin power cables and since they're at the top, I just ran them through that top slot to the back of the case and connected them to a power cable (a couple actually) that ran through the bottom slot to the back of the case.
The other gripe I have is really my own fault. Liquid cooling requires a little maintenance about once a year so I'm told where you need to empty the loop out and clean the cooling blocks. This means removing them from their components and of course cleaning the chips, and reapplying thermal paste again before rebuilding them; it's the price you pay for the life you choose. My gripe is that I designed a completely closed loop so emptying the coolant will probably be done by using the syringe to suck it out of the reservoir. This would of course mean reconnecting the power supply tester so I can run the pump without powering up the machine, running the pump a few seconds so it can move some more coolant into the reservoir and repeating the suck process. If I would have thought about this, I would have put a T-junction with a stopper in the base of the T, in the part of the loop where the pump pushes liquid into the radiator just after it sucked it out of the reservoir. This would have let me open the cap on the T-connector, plug a tube into it and put the other end into a jar or something. Then when I run the pump, it would suck coolant from the loop and push it into the T-connector and into my jar. Of course, ideally the T-Connector should be able to close itself from pushing coolant back into the loop; I am not sure if something like that exists out there - I'll have to research it. |
 |
|
The Monitors
What's the use of having two powerful video cards when you're running Vista, which at this moment does not support SLI? Well, the answer is to run multiple monitors of course. I've been running a triple-head setup for a long time. My last rig was a P4 and used a Matrox Parhelia card that supported three monitors. At that time, I had 3 19" KDS LCD monitors. These only support 1280x1024 resolution which was OK at the time but pretty lame today. I wanted to keep a triple-head setup (at least) and since my second rig (workstation #2) had a Samsung 21T that always looked great, I picked up three more on eBay. These were not refurbished; I bought new ones from a reseller that was getting rid of them and I paid about $250 each. After setting them up on the my primary work area, I decided that it wasn't insane enough so I took one of them and placed it on a wall mount next to the original 21" that was connected to my second rig. That made that machine dual monitor -- nice (in my best Borat imitation), but it left a gaping hole between my other two monitors that would be attached to the SuperRig. I decided that this gap needed to be filled with a nice, brand new, 24" Dell wide-screen monitor capable of running 1920 resolution. The wings were the 21"s which run at 1600 resolution.
Since most of my time on this rig is spent in Visual Studio, I've configured the IDE to take advantage of this. I've taken every tool window I use, including the Solutions Explorer, Toolbox, Server Explorer, Property Browser, Help, and Output Window and docked them all together - with the Output window across the bottom. I've then taken that entire set of docked windows and docked it to the right of the code window and stretched Visual Studio out to take up the center and right monitor, with the center one being all code - it is sweeeet !
Now I was happy ! |
 |
|
Conclusion
I'm happy to report that daddy and SuperRig are doing well. The machine is blazing fast and I couldn't be happier - that is, until the 8-cores come out. I have one available monitor port left in one of the cards and heaven forbid it goes unused, so I purchased a 20" widescreen which will go above the center screen. I also have an available PCI-E slot so I may actually pick up a cheaper 8600GTS card to connect two more 20" widescreens as top-wings. Don't say it ! Last time I posted an entry about my old setup, which also has 3 monitors, I got emails from people actually yelling at me with negative comments. Comments like, "why the hell do you want all that" and "you're an idiot, you could have just gotten one big screen" and "why would anyone need that many screens". My answer is simply, "mind your own friggin business - because I want them, and believe me, I use them. And baby, once you play Microsoft Flight Simulator on multiple screens, you're hooked !
  |
|
|