Showing posts from October, 2009

Amazon's EC2 Isn't A Good Windows Desktop

It is tempting to think that you could have a configured Windows desktop computer on Amazon EC2 that you turned on whenever you like paying 12.5 cents an hour, then turned off and have it cost you nothing but storage of the hard drive. This computer you could use as a configured desktop with all your favorite applications installed to check email, do work and that you could access anywhere. However, Amazon EC2 isn’t set up that way; in fact it would be very hard to work day to day on an EC2 machine unless you left it turned on constantly. Here are the reasons that Amazon EC2 doesn’t make a good desktop environment: Amazon EC2 only runs Windows 2003 (As of 10/24/2009). Most people are used to a better desktop experience provided by Windows 7, Vista, or Windows 2008 and the Windows 2003 Windows 2003 desktop will feel old to them. When you terminate your Amazon EC2 instance (which stops the meter) EC2 deletes the underlying hard drive and everything that you have saved to that drive

Shutting Down Windows in Amazon EC2

Restarting Windows in Amazon EC2 doesn't terminate the EC2 instance. This is good to know if you are installing software and wonder will the required restart terminate the instance before you are able to Bundle it into an AMI. The answer is no, restarts don't cause termination. {6230289B-5BEE-409e-932A-2F01FA407A92}

Started a new web site yesterday with an idea from Rob S -- it is called and it is using the Stack Exchange technology. Stack Exchange was written by a team at FogCreek Software to run the hugely popular website. Our version of is all about asking and getting answers to puzzles, riddle, and brain teasers. The unique feature of the Stack Exchange technology is that it allows the smartest user to rise to the top with reputation. The whole site only took me an hour to configure in that hour I purchased a domain name, started a Stack Exchange instance and added Google’s AdSense to the web site. Promoting the web site will take me much longer then the technology aspect for this undertaking. If you like brain teasers, riddles and puzzle come visit: {6230289B-5BEE-409e-932A-2F01FA407A92}

Update To MVC's LogOnUserControl.ascx

Microsoft has this code for the LogOnUserControl.ascx partial control when you create a brand new ASP.NET MVC application: <%@ Control Language= "C#" Inherits= "System.Web.Mvc.ViewUserControl" %> <% if (Request.IsAuthenticated) { %> Welcome <b><%= Html.Encode(Page.User.Identity.Name) %></b>! [ <%= Html.ActionLink( "Log Off" , "LogOff" , "Account" ) %> ] <% } else { %> [ <%= Html.ActionLink( "Log On" , "LogOn" , "Account" ) %> ] <% } %> However, this isn't 100% correct. It just so happens that Page.User.Identity.Name in their example is the User's name, however really Page.User.Identity.Name in most cases is a unique (primary) key to a users table. This is a little cleaner: <%@ Control Language= "C#" Inherits= "System.Web.Mvc.ViewUserControl" %> <% if (Request.Is

The Big Idea : Better Password Hashing

For the last couple of days I have been thinking about how browsers send passwords across the network. I think I have a safer way. I would have to work at Microsoft or Mozilla to get this implemented however, I am content with blogging about it and getting some feedback. This is a line of code that as a web developer I write all the time: < INPUT TYPE =” TEXT ” NAME =” Login ” />< br /> < INPUT TYPE =” PASSWORD ” NAME =” Password ” /> This HTML delivers the login and password to the browser in clear text. The web application takes the password and concatenates it onto a stored piece of random text (called salt) and then hashes the complete string. This hash is compared with the hash store for that login and if they match then the web application can assume that the user knows their password. If the web developer implemented good security for his system then he never stores the password, only a hash of the salt and the password. The salt helps make every ha