Rants, rambles, news and notes from another geek

What Is That Big Yellow Thing in the Sky?

I guess I’ve been living in Seattle too long.

We spent the Thanksgiving holiday back in Denver and MAN is it sunny there. And dry. And cold. Our daughter Hadley kept saying, “Daddy, it sure is bright here.”

“Yes, honey. It is.”

Damn bright. And you know what? I don’t miss it. Not one bit. I just kept having to look for the sunglasses I no longer own.

And not a tree in sight. I mean, they’ve got these little things they call trees, but they ain’t nothin’ like the 10’ diameter beasts in my front and back yards. Sure, unlike Seattle, you can see a McDonalds coming for miles and miles, but is that really a good thing?

Seeing the family and friends was great, though. We got a nice turnout for our little get-together at Lounge on Colfax.

That’s enough. I’m sure Emily’s write-up will be better than mine though, so if you really want to know what we did, go read her blog.

Using the CAB Bank Teller Quick Start With Partial Trust ClickOnce Deployments

There have been a few posts on the CAB message boards asking for instructions for getting the Bank Teller QuickStart working in a Partial Trust ClickOnce deployment. I took a few hours yesterday and carefully documented the steps required. This was based on a standard CAB installation done with the November 2005 C# Release.

  1. I assume you have ClickOnce working for a standard Windows Forms application. Please make sure you do before proceeding. If you need help with this please see http://msdn2.microsoft.com/en-us/library/fb94w1t5(en-US,VS.80).aspx
  2. Open the BankTeller QuickStart.sln Solution File in Visual Studio 2005. Please make sure you are running Visual Studio as a local machine Administrator or some of the following steps won’t work.
  3. In the BankShell Project, open App.config and add requirePermission=”false” to each <section> element&nbsp_place_holder;in the **** at the top.
  4. Open ProfileCatalog.xml and comment out the CustomerMapExtensionModule.dll module. As far as we can tell, since that module uses Internet Explorer, it will require full trust.
  5. Right-click on the BankShell project and choose Properties. Ensure the following values are set on each of the indicated Tabs: * Debug Tab
    • Enable the Visual Studio hosting process - CHECKED
      • Signing Tab
    • Sign the ClickOnce manifests - CHECKED
    • Use Create Test Certificate to create a certificate if you don’t already have one.
      • Security Tab
    • Enable ClickOnce Security Settings - CHECKED
    • Select “This is a partial trust application” from the drop down box.
    • Choose Local Intranet from the Zone dropdown box
    • Click the Calculate Permissions button
    • Ensure that the following permissions are set:
      • EnvironmentPermission - Include Unrestricted
      • FileDialogPermission - (Zone Default)
      • FileIOPermission - Include Unrestricted
      • IsolatedStorageFilePermission - Include
      • ReflectionPermission - Include Unrestricted
      • RegistryPermission - (Zone Default)
      • Security Permission - Include - Grant the following permissions:
        • Enable assembly execution
        • Allow calls to unmanaged assembliesSkip verification
        • Allow principal control
        • Create and control application domains
        • Enable serialization formatter
        • Allow evidence control
      • UIPermission - Include Unrestricted
      • KeyContainerPermission - Include
      • StorePermission - (Zone Default)
      • DnsPermission - (Zone Default)
      • PrintingPermission - (Zone Default)
      • SocketPermission - (Zone Default)
      • WebPermission - Include
      • EventLogPermission - (Zone Default)
      • PerformanceCounterPermission - (Zone Default)
      • OleDbPermission - (Zone Default)
      • SqlClientPermission - (Zone Default)
      • DataProtectionPermission - Include
    • Click the Advanced button. Make sure “Debug this application with the selected permission set” is CHECKED
  6. Press F5 to run the application in the debugger. The application should start just fine. If it does not and gives a security error, go back and double-check the security options you set in step 5.

Now that we have it running correctly, we have to make sure the files all deploy correctly using ClickOnce. Because ClickOnce uses a project’s references to determine dependencies, it won’t correctly identify that BankShell depends on BankTellerModule. The most CAB friendly way that we have found to get this resolved (without actually adding references to BankTellerModule) is to do this:

  1. Right-click on the BankTellerModule project and choose Properties.
  2. Go to the Build Tab and change the Output path to “bin\Debug".
  3. Build the BankTellerModule project
  4. Right click on the BankShell project and choose Add Existing Item from the Add menu. Browse to the BankTellerModule\Debug\bin directory. Change the File Type dropdown box to “Executable Files”. Select BankTellerModule.dll. Important: Do not click the Add button! Instead, click the little down-arrow on the right side of the Add button and choose Add As Link. You should now see the BankTellerModule.dll file in the BankShell project and it should have a little shortcut overlay icon.
  5. Click on the linked BankTellerModule.dll in the BankShell project and press F4 to get right properties Tool Window open for that file. Make sure that Build Action is set to Content and that Copy to Output Directory is set to Copy If Newer.
  6. Reopen the BankShell properties page by right-clicking on the BankShell project and choosing Properties. Open the Publish Tab and click on the Application Files button. Make sure that BankTellerModule.dll and ProfileCatalog.xml both have their Publish Status set to Include and are in the Required Download Group. (Note: You may have to select the “Show all files” checkbox to see the files.)&nbsp_place_holder;

Once you have the application running correctly, you should be able to Publish it using the Publish Tab in the BankTeller Properties. Again, please make sure you can publish a regular Windows Forms application before doing this with a CAB application. One thing that I found that helped me was to use a local file path like C:\Inetpub\wwwroot\BankShell for the Publishing Location and the provide an Installation URL like http://localhost/BankShell.

CAB November 2005 Released!

After a number of last minute hiccups, we’ve finally posted CAB to the GDN Codegallery. We’ve still got a little more work to do to get the VB.NET version complete, but the C# version is done and posted.

Notable changes since the October CTP:

  • Bugs fixes
  • NUnit and VSTS Unit Tests
  • VS Integrated Help Documentation

Please download the installer from the CAB Codegallery Download page.

Thanks to everyone on the team who worked so hard to get this done.

Kill the Sony Rootkit

Jason Garms posted this to the Anti-Malware Engineering Team Blog:

We have analyzed this software, and have determined that in order to help protect our customers we will add a detection and removal signature for the rootkit component of the XCP software to the Windows AntiSpyware beta, which is currently used by millions of users. This signature will be available to current beta users through the normal Windows AntiSpyware beta signature update process, which has been providing weekly signature updates for almost a year now. Detection and removal of this rootkit component will also appear in Windows Defender when its first public beta is available. We also plan to include this signature in the December monthly update to the Malicious Software Removal Tool. It will also be included in the signature set for the online scanner on Windows Live Safety Center.

Excellent news! Get that crap off your machine! In the meantime, make sure you are running as a non-admin and that you turn off AutoPlay for CDs before you insert any CDs in your computer.

(For more info, here’s [the c net article on the subject](http://news.com.com/Microsoft+will+wipe+Sonys+rootkit/2100-1002_3-5949041.html?tag=nefd.top).)

Geek Notes 2005-11-13

I’ve been very very busy getting CAB out the door and haven’t been reading or writing much lately. Oh well… you gotta do what you gotta do.

I’m really looking forward to Thanksgiving this year. We (the entire family) are going back to Denver for a week from 11/22 till 11/29. I’m sure it will be hectic as all hell, but I’m also sure it will be fun.

Oh and speaking of vacation, the Seattle winter (rain) has started and Emily is already starting to talk about takinig a vacation to the sun in January. I guess that is just part of choosing to live in a place where the sun doesn’t shine for 5 months.

  • Obfuscated Monad Script - Adam Barr is truly the king of Monad geeks with this one. It took me 30 minutes to figure out how it works, but I did eventually figure it out.

  • ShowEzMDIFileList - Craig Andera discovered this little keyboard shortcut. In Visual Studio 2005 press Ctrl+Alt+Down and you will get a little popup menu in the upper right corner that contains the names of all the open windows. Turns out that keystroke is bound to the “Window.ShowEzMDIFileList” command by default. Hmmm… nice command… bad keystroke. I think I may need to put that one somewhere a bit more convenient.

  • Amazon Mechanical Turk - Amazon has a new umm… marketplace where you can do work for someone else online and get paid. At this point, the only “work” is helping A9 get the storefront images right for their search engine, but they will pay you $0.03 per image, which if you can do 1 every 15 seconds (a bit hard) can yield you a whopping $7.20 per hour.

  • Exporting Templates in VS2005 - This one made me laugh because I’ve been making my VS item templates by hand, which isn’t that hard but certainly isn’t as easy as choosing Export Template from the File menu. [via Harry Pierson]

  • Debuging MSH Scripts Part 4: set-mshdebug&nbsp_place_holder;- Over on the Monad Team Blog Jon Newman has been posting a series about debugging MSH scripts and chapter 4 really caught my eye. This is an excellent help given the lack of a true debugger. Cool. [Here are links to the whole series: 1, 2, 3, 4, 5]

PostXING Review - Yet Another Blog Posting Clilent

I decided today to try out PostXING as an alternative to BlogJet. So far my reaction is mixed.

Pros

  • Seems to have good WYSIWYG support

  • I like having the standard HTML heading tags available in the toolbar.

  • I can easily insert a horizontal rule in my post

  • I love the fact that it has the CodeHTMLer syntax hilighting engine in it, but it doesn’t feel quite as smooth to me as BlogJet does.

  • I’m very glad that it supports uploading images via FTP in the same way that BlogJet does. This is a must have in my book.

  • As with BlogJet, I can’t open an arbitrary post by ID. I have to find it in the historical list of posts, which sucks when the post is from a year ago.

Cons

  • I have to click a button and wait for a popup to set the post’s categories

  • I can’t use TAB&nbsp_place_holder;to&nbsp_place_holder;navigate the UI which means I have to use the mouse (a serious usability error as far as I’m concerned). And I don’t know if I agree with the idea that TAB causes BLOCKQUOTE in the resulting HTML.

  • I can’t find keystrokes for many of the standard formatting things like ordered and unordered lists, styles, etc.

  • Sometimes after using CTRL+K to format some text as a link (good), the input focus leaves the text editor and goes up to Title field (bad).

  • I can’t figure out how to post with a keystroke. It should be CTRL+Enter (like Outlook and BlogJet) but it isn’t.

This will be my first post with it, we’ll see if it is also my last. If the author can fix a few of those cons, I would be considering switching. For now though, I’m not so sure.

This seems like such a simple problem… I can’t believe how poor all the choices really are.

CAB: There Will Be a Slight Delay Until Takeoff

Eugenio Pace, the Product Manager for the _patterns & practices _Smart Client Program, has just updated the Roadmap for CAB:

It happens sometimes. Everything seems to be tracking well for a deadline and at the last minute something occurs. We had planned to release CAB today, but thorough testing is yet to be completed. We at patterns & practices are fully committed to delivering top notch quality assets.

As many of you already know, the team is working on several other things besides the block itself: a Visual Basic .NET version, training content, documentation, and so on. One of the things that happened, is that some of the usage scenarios brought by Visual Basic .NET, required us to change a few internal implementations, and therefore, we have to fully regression test the block, a process that unfortunately takes time. For example, some of these tests include long-haul, multi-day tests to make sure there are no resource leaks, deadlocks, or anything along those lines.

We apologize to our user community for this delay. We know all of you are anxious to get the released version of CAB, but again, we want CAB to be the best guidance offering for developing smart clients on .NET.

We’re all very sorry about this delay, but it is only for a few days and is only being done to ensure a top notch deliverable for you, our customers.

To see the updated schedule, see Eugenio’s post on our Code Gallery Site.