Archive for September, 2006
How to Keep Your Server Clock Correct
Posted on September 25, 2006, under Development.
Making sure the clock on your server is accurate is more important than you might think. Everything from scripting languages like PHP, databases, and other applications that run on your server all go off of your server time. If it’s off by five, ten minutes you will have inaccurate times on entries in your database for your web applications; like blogs. There are several ways to accomplish keeping your server time in sync, I primary use linux servers and accomplish clock syncing with a simple cron job.
[code]
0 */12 * * * ntpdate clock1.unc.edu >/dev/null 2>&1
[/code]
With this cron job, every 12 hours your server will synchronize itself with a time server. You can search for other time server, but I have never had problems with the one above.
2 Comments
Protect Your Customers Data
Posted on September 22, 2006, under Development.
Any service, company, website, or other means of taking in personal information comes with the responsibility to protect that information. Protecting customer information doesn’t stop at a template privacy policy for your customers to read. There are several ways you can protect your customers information.
Protect the Password
Just because a password is in a database, doesn’t mean it’s protected. In fact, if you are on a shared hosting plan it might be more vulnerable that you think. You need to protect your password, better yet you should one way hash them so they are not able to be recovered. When a user enters a username and password you can hash the password they enter and compare it to the hashed password in the database. This way if anyone gets a hold of your database, the passwords are useless.
Encrypt Personal Information
Credit cards are a must, but you should go a step further and encrypt phone numbers, addresses, zip codes, and other personal information.
Get a Secure Certificate
Yes, they can be expensive; but these days you should not be doing business with out one. Once you have a certificate on your server, make sure you use it correctly. Any input of personal data should go though the certificate. Furthermore, you should make sure that it is impossible to go to that page when not going through ‘https://’.
Conclusion
I am always dumb founded when I come across a site that does not practice any security measure with sensitive data. The longer you wait to implement solutions, the harder it becomes to upgrade your data and systems.
No Comments
Good and Bad Installers
Posted on September 19, 2006, under Development.
Software installation is both a blessing and a curse for software developers. Like you, I have installed many applications over the years. I have tried to learn from the mistakes and annoyances I see in software I install. Here’s the break down.
Be Independent
There are a lot of install systems out there; Inno Setup, NSIS, are some of the better free alternatives in my opinion. Do not choose an installer that has a lot of dependencies like the Windows Installer. Installation should be short and sweet, and the last thing you want is Windows Installer telling your customer it needs to update to the latest version of Windows Installer in order to install your product.
Don’t Extract
This comes in two form: 1) Don’t package your installer in a zip file. Your installer should be able to compress itself down, and a Zip file is only going to add one more thing your end user has to do in order to install your product. 2) In addition, do not have your installer extract files into another folder, and then install itself from those extracted files. Recently I installed a trial version of Diskeeper. The setup file I downloaded first extracted itself to a directory of my choice, and then installed itself. Not only was this annoying, but it left the setup files behind for me to manually delete.
Keep It Short and Honest
Don’t ask too many questions on the install, and make your default options honest. Don’t check items by default if they are not necessary to run the basic functionality of your application. This list includes: Adobe Acrobat, System Menus, Auto Start, Toolbars, Flash, Spyware, or other “add-ons” that some installers throw in for no reason. No body wants to have to answer a ton of questions or hunt to make sure that you are not doing anything bad, just to try out your application.
Wait to Register
Don’t ask for registration information during the install. In most cases this is not a necessary step to try your product, and people may think they need registration information in order to try the program out and exit the installer cold.
Don’t Be Personal
This is really before the installation, but a customer should not have to create an account in order to download your application. Changes are people who sign up aren’t giving you correct information, because they know you are going to sign them up for a company newsletters that they do not want to have to worry about getting off of. If a user is interested in your company and your products, they are probably capable of getting the required information from your website.
Conclusion
Yes, as always there are some instances where one or more of these can/should/and will be broken. However, every step you make your customer go through, is one more exit point for a percentage of your customers. Don’t make it difficult for a customer to be a customer!
1 Comment
Rojo Updates Look and Feel: Reviewed
Posted on September 19, 2006, under Development.
So after a day or two of using the new Rojo, I must say I really do not like it. It really seems buggy, and temporarily I am going back to Bloglines.
First, they really changes the UI to the point where they removed features, which is a no, no. If you are going to upload a UI, OK; but never remove any features even if you think there is only one user using them. I used to be able to view all of my feed on one page, and just scroll through all of the stories. This was great, I didn’t have to go down into each tag and view things separately. Now I can still view all my tags on one page, but I can no longer mark them as read. In order to mark stories as read, I have to view the stories by tags.
Second, it’s buggy. The new Rojo appears to load the stories via AJAX dynamically. Well sometimes I get a blank page and have to refresh to get things to appear, or in some instances I have to log out and clear my cookies. I do not know what’s going on, but it appears that things are not going the way they were planned.
I really like Rojo and prefer it over the stale Bloglines, but I can’t miss my news just because someone decided to fix something that wasn’t broken.
1 Comment
Rojo Updates Look and Feel
Posted on September 18, 2006, under Development.
Rojo, my choice for feed management, has once again updated their user interface for a better end user experience. More Ajax goodness is tastefully integrated into the site, and I feel that the pages are loading faster. Bloglines, one the other hand I have not seen much change in for the last year. Way to go Rojo!
No Comments
Better Packet Sniffing in Windows
Posted on September 12, 2006, under Development.
It’s a high speed Internet these days and more services are geared toward consumers with broadband connections. Power users like to know how their broadband connections are performing, and why not? We pay top dollar for a fast connection to the Internet, and it’s good to know if you are getting what you paid for. In addition, we also like to know if there is any rouge software on our computer that is sending information without our knowledge. This is where packet sniffing technologies come into play.
When I was in college I developed NetGrid, a simple application that monitors your bandwidth connection speed. The application took off, and I had to start charging for the application in order to make back money I was spending on hosting and support issues. In all honestly the application has sat on the shelf over the last few years, but it still works and works well.
Most recently I have been looking into packet sniffing SDK’s and libraries, and came across a little gem from microOLAP called simply enough, Packet Sniffer SDK. Over the last several months I have tried several Packet Sniffing technologies, including the well known WinpCap. So how does microOLAP’s Packet Sniffing SDK match up? Well lets take a look.
It’s Dynamic
Packet Sniffer SDK contains an internal packet capture driver, which is dynamically loaded and unloaded by your application. This means that no pre-installed packet capture drivers are required. This is nice for developers because you can control your install base. With some other packet capturing libraries that hold their own install base, there is no telling of another application will reinstall, uninstall, or update the library which could potentially break your application opening you up to support issues.
1.21 Gigawatts!
Well not exactly, but the Packet Sniffer SDK does support Gigabit networks. Now most consumers do not have Gigabit networks at home, however a lot of commercial consumers will. Gigabit is becoming more popular, so the support is very nice.
Loopback Support
This is a big one, that you do not see in most packet capturing libraries. Loopback support is where the Packet Sniffer SDK will be able to capture local packets. Why does this matter? Well a lot of developers and IT users setup local web servers or networks on their machines to test or develop applications. The ability to capture these packets is vital information that advanced users will benefit from and appreciate.
Winpcap Migration Support
If you have an application that is currently using Winpcap simply enough, the Packet Sniffer SDK makes the migration easy!
BPF and FastBPF Support
Packet Sniffer SDK supports packet filtering by BPF and FastBPF. Another advantage over other packet capturing technologies.
Send and Receive
The Packet Sniffer SDK allows you create and send packets with any structure. This is a great feature for developers who may not be using a standard protocol.
What’s Supported?
microOLAP has most flavors of Windows covered, including: Windows NT 4.0; Windows 2000; Windows XP; Windows 2003; Windows Vista; Windows 95; Windows 98; Windows ME, WinXP x64, Win2003 x64. Network adapters supported include: Ethernet (802.3), Token-Ring, FDDI, WAN (modem).
Implementation
The Packet Sniffer SDK could not have been easier to implement. They have an in depth manual that lays out the SDK in detail, as well as examples on how to take advantage of some of it’s great features. The Packet Sniffer SDK supports DLL, VCL, and static library builds. Most any developer will have no problems getting started with the SDK.
Conclusion
Overall the Packet Sniffer SDK is my favorite packet capturing library on the market. It is a great solution that can be implemented in to the most simplest to the most complex applications, and still run solid. A little background work on the company shows that they stay on top of the changing market and technologies, and implement fixes and updates into their products frequently. I recommend checking out their other products as well on their website.
2 Comments
Are We Really Ready For the Future?
Posted on September 10, 2006, under Development.
So I saw that Chase recently threw out 2.6 million customer records the other day, and it really got me thinking. It seems recently I have seen too many innocents like this, where some company looses or accidentally releases customers personal information. The worse part, is we as consumers end up paying for it. If not in credit card fraud and identity theft, we are the ones that have to pay for services to make sure these things do not happen to us. These days it’s hard to avoid these things as a consumer, because even if you do not share your information over the Internet; chances are a company you use does. It really concerns me that more and more companies are doing more and more work though online services. It’s great that these companies are taking advantage of technologies, but it really bothers me that they do not realize how fragile data can be. Punishments and fines are nothing for a company like Chase, so it mostly ends at making a press release in the form of an apology. I just do not know if we are really ready for what the future holds. It’s a big concern for me, because there have too many incidents like this lately.
No Comments
BlueCrestStudios Releases BackupSQL Studio v1.0.4.0
Posted on September 8, 2006, under Development.
BlueCrestStudios release BackupSQL Studio v1.0.4.0, which includes major feature enhancements and bug fixes. BackupSQL Studio now supports the ability to backup databases through a PHP script on your web server. This release also includes better supports for MySQL database structures, fixing issues some users were having with data dumps. The application is also more efficient in memory than the previous version. This release is a major milestone for BlueCrestStudios, who now readies further database support.
BackupSQL Studio is a database backup utility. BackupSQL Studio includes such features as backup archive compression, encryption, scheduling, notifications, and more. Did you know that most hosting companies only make weekly backup of your data, including your databases? This means if you servers’ hard drive fails on Thursday, you have lost most of your weeks work. BackupSQL Studio is a database backup solution that is perfect for developers, webmasters, companies, or anyone else looking to be in control of when, why, and how their databases are backed up.
Main Features:
- Ability to export Backup Archives
- Option to encrypt Backup Archives
- Option to compress Backup Archives
- Ability to schedule Backup Scripts
- Highly customizable way of backing up your databases and tables
- Customizable Backup Script Notifications
- Automatic Backup Archive exports
- Detailed logging
- Support for MySQL
- Support for SQL Server (coming soon)
- Support for backing up databases via a PHP script on your web server
- Multiple OS support
No Comments
WebThumb API
Posted on September 8, 2006, under Development.
You know those little thumbnails of web pages you see on sites like Alexa, DZone? Well I have always thought those were cool, and was wondering how that was all done. I recently came across an excellent article that explains how to use the WebThumb API in PHP. To me, this is definitely one of those cool features that I would start a service just to use 
1 Comment
Vista, as I See It
Posted on September 6, 2006, under Development.
So much conversation and controversy has surrounded Microsoft Windows Vista over the last year. To Microsoft, it’s probably strategy to keep Vista in the press while they scramble to finish the thing. Most recently the topic has been the Windows Vista prices that were leaked, and now available on Amazon. I have been keeping a close eye on Vista since the Longhorn days because I am both a consumer and developer for Windows, so it affects me more than I would like it to. So here is a break down
32 Flavors
So maybe Microsoft hasn’t totally become the next Baskin-Robins, but their closer than Apple and OSX. Windows Vista has five main versions of Windows Vista, which to the tech-savvy may not be a big deal. However, my Mom is not going to know what version of Vista she needs, wants, or should purchase; and there is a good chance that the sales person at Best Buy will want to put her in the “Lexus” of Vista because it will boost his sales for the month. Here are the Vista flavors from Microsoft:
Windows Vista Business
Regardless of the size of your organization, Windows Vista Business will help you lower your PC management costs, improve your security, enhance your productivity, and help you stay better connected.Windows Vista Enterprise
Windows Vista Enterprise is designed to meet the needs of large global organizations with highly complex IT infrastructures. Windows Vista Enterprise can help you lower your IT costs while providing additional layers of protection for your sensitive data.Windows Vista Home Premium
Whether you choose to use your PC to write e-mail and surf the Internet, for home entertainment, or to track your household expenses, Windows Vista Home Premium delivers a more complete and satisfying computing experience.Windows Vista Home Basic
Windows Vista Home Basic is designed to deliver improved reliability, security, and usability to home PC users who just want to do the basics with their PCs.Windows Vista Ultimate
If you want all of the best business features, all of the best mobility features, and all of the best home entertainment features that Windows Vista has to offer, Windows Vista Ultimate is the solution for you. With Windows Vista Ultimate you don’t have to compromise.
This makes it difficult for the average user to determine what version they should upgrade to, if and when they want to. Yes, Microsoft has a nice little Vista Readiness test, but it has a major flaw: it asks the user what they want out of Vista. Why is this a flaw? Well let’s say you were shopping for a new car, and you were asked what options you wanted with your new car, like: alloyed wheels, moon roof, leather seats.. chances are you are going to say ‘Yes’ to more features than you really need, just because they sound good. A user is going to want the most out of their operating system, even if they do not use the features. In the case of Vista, the prices vary and put users in a position where they need to figure out what versions have what features that they will need, and what versions they are able to afford. Something that will most likely frustrate customers, which I do not believe is the customer experience that Microsoft is expecting from Vista.
The Upgrade Path
So if the different versions of Vista wasn’t enough to make you go back to DOS, the upgrade path will. When you upgrade to a new Operating System it is always best to do a backup, and clean format and install. However for most users, this is asking too much. So you think… “Well I am running Windows XP Professional, I will just upgrade to Windows Vista Home Premium (which is the equivalent for Windows XP Professional). Well you are wrong, because to Microsoft you are going from Professional to Home which is a downgrade, and you will need to format. As if that wasn’t enough alone, if you purchase the Vista Update Install, you will need your Windows XP CD. Some manufactures do not ship OS CD’s when you purchase a CPU from them, they will split your hard drive partition up and install the OS and restoration files on a small part of your hard drive. Another step, making the upgrade process harder than it needs to be.
The Overhaul
So Microsoft decided to rewrite the TCP/IP stack in Windows Vista. For most consumers, this means nothing to you. However for developers and those tech-savvy there will be some things that will affect you in the long run. Microsoft is usually “good” about making things backwards compatible, so I am not too worried; however from a development standpoint there might be some issues when developing for Vista, XP, 2000, etc.
The Prices
Long last the price point. I think Chris Pirillo says it best with his posting, but I will chime in. Yes most users will not need Vista Ultimate, in fact I am not sure of anyone that will. So set aside the $399 version for Ultimate, the prices are still very high for an Operating System that is late, doesn’t really bring much new to the average consumer, and most customers can get for $199 from Apple. For most of us it’s a business expense, but the prices concerns me more from the consumer stand point. I think it’s a lot to ask from customers to upgrade at this price, for features that they probably will not use, when XP works fine right now for most, and new security flaws are being found faster than they are being fixed. Which brings me to my final point: Remember to add $49.95 (probably will go up) on top of whatever Vista price you pay for. This will be for Microsoft’s OneCare program. It’s Microsoft’s way of making you pay for security and updates that should be included in the over-priced Operating System you paid for.
In Closing
Will I be upgrading? Yes, most likely within the next year I will convert my main machine over to Vista, but we will see. When the upgrade comes I will have several friends and family machines that I will need to upgrade as well, since every nerd has become the “Geek on Call” for someone or another. One also must keep in mind that we are still five months away from the current release date, so any or all of this information could change. I am more just shocked with the way Microsoft is handling Vista, it really seems like they are scrambling to make release dates, and OEM and customers happy. Non-the-less the release will be interesting to see how it unfolds.
