I was looking at the MSDN OS downloads and noticed MS-DOS and Windows 3.1 are still available for download Boy, that brings back memories. Windows 7 is sure a long way from those days. I jokingly sent an email about the old OS downloads and a colleague responded we might want to install Windows 3.1 in case we want to play SkiFree!

Now that really brings back memories! You can still download it at http://ski.ihoc.net/ and it runs on Windows 7! Sweet

Between work and this blog I do a lot of screen captures and trying to capture a scrolling window is at best problematic. I purchased a tool called Snagit from Techsmith which accomplishes scrolling window screen captures Happiness!

I recommend it for screen captures in general as well. It does cost just under $50, but it has been worth it.

I created a short tutorial to show how it works:

This is a basic method I’ve used to find missing HTML element open and close tags. I use the text editor EditPad Pro which is very regular expression friendly. The idea is to use a regular expression to match a type or types of HTML elements and then fold the lines of the HTML text to the lines that match the regular expression. From there you have a view of the HTML source with only the lines that have the type of HTML tag(s) you are interested in viewing.

I created a short tutorial to demonstrate what to do:

I hope I’ve gotten the basic idea across. There may be better ways to do this, but if you are stuck with only your text editor and HTML then this technique might bail you out

I recently upgraded to Windows 7 and while doing some IIS tinkering I noticed my HTTP 404 page was blank. I was getting a HTTP 404 header back in the response so I was a bit confused. It ends up when I turned on IIS I missed checking the HTTP Errors check box in the windows features.

I created a short tutorial showing what I did as well.

Hopefully this might help someone quickly figure this out

Classic ASP.NET uses the page extension .aspx. If you want to hide the .aspx page from the browser URL I’d recommend using URL rewriting to make your pages extensionless.

I’ve created a screencast which goes over the basic idea of how to implement extensionless URLs in your ASP.NET application. I use Microsoft’s URL Rewrite module which can be used for IIS 7. There are other URL rewrite modules available which can be used to accomplish the same thing for IIS 6.

I created this tutorial because of a question about hiding ASP.NET pages extensions on Stack Overflow.

I’ve created a series of tutorials about Google Website Optimizer that will hopefully help others. These screencasts are not perfect by any means, but hopefully they will get the point across.

Google Website Optimizer is a tool you can use to serve out various versions of website pages and measure how those variations affect the rate for visitors reaching a goal on your website. One obvious case is for ecommerce sites to measure changes to pages and how it affects order placement conversion rate. I’ve seen on the job various changes to a website that can have a significant affect on conversion rate.

I do not follow the method that Google prescribes to create Website Optimizer experiments. Google attempted to make the GWO experiment creation process as easy as possible, but I find it a bit constricting. I’ve implemented GWO experiments on the job and have found ways to work with GWO that I find more to my liking.

Please note that I only go over creating multivariate experiments. I do not cover A/B experiments.

In the following tutorial I discuss how I go about creating Google Website Optimizer experiments.

Here I go over Google Website Optimizer experiment creation once again, but in a much more abbreviated manner.

In the next tutorial I go over how I approach implementing GWO experiments in website code. For this example I’m using an ASP.NET MVC website. I go over how to vary page content based on a page section variation using jQuery.

In the next tutorial I discuss implementing GWO experiments and XHTML compliance. The default mechanism provided by Google is not XHTML compliant, so I go over how to use GWO and maintain XHTML compliance. The JavaScript script provided by Google is not XHTML and Google also recommends using a </noscript>HTML element which is way off from being well formatted!

In my final GWO tutorial, I go over how to interpret GWO results. You have to be careful about how to interpret if a certain page variation is better than other variations.

I hope these tutorials are useful to someone

I also highly recommend you check out www.gwotricks.com which is a great GWO resource.

I configured SSL on this blog site and found some info on the Microsoft TechNet page Configure a Host Header for a Web Site (IIS 7). The TechNet page was a start, but it didn’t quite get me all the way there. With a bit of experimentation I successfully configured SSL on my web server. You can view a screencast of what I did at the end of this post.

For this post I’m going to use a non-existent website www.abc-test1.com.

First I added an SSL binding to the web site. In IIS Manager, with the web site selected, click on the Bindings… link.

On the Site Bindings dialog you’ll want to click the Add… button.

Then select https from the Type drop list, select your IP address, and pick your installed SSL certificate. For my testing I created a self signed certificate.

Then from the command prompt you’ll want to issue the command:

appcmd set site /site.name:www.abc-test1.com /bindings.[protocol='https',bindingInformation='*:443:'].bindingInformation:*:443:www.abc-test1.com

You can go back in IIS manager to check you SSL binding’s host name. You should see the host header you configured at this point.

I created this tutorial describing how to configure host headers in IIS 7.5 using Windows 7. It is the same process for any version of IIS 7.x.

I hope this post helps

Years ago I was discussing password security with a good friend at work and at one point we disagreed on some aspect of password security. He asserted that in one sense the password did not really matter as it is so easy to get someone’s password. He stated he could get one of my passwords if he really wanted it. I thought to myself “no way”. I don’t click on email attachments, I’m wary about what I download, and I consider myself careful about not doing stupid stuff.

Later in the day, after having forgotten about the challenge, I was in my friend’s office and he said he was having trouble logging in to our Oracle database. He tried a few times and his login was not working. He asked if I could try my logon, so I tried typing in my user name and password and it worked. He tried again and his worked, no harm no foul   I sat back at my desk and an email was in my inbox with my password!

I immediately realized he had gotten it when I typed it in on his machine. Ends up he used a Visual Studio program called Spy++ to monitor windows messages. So he captured the windows keystroke messages and easily logged my password keystrokes.

Ever since then I have been interested in computer security or really the lack thereof! If someone has physical access to a machine, then whatever anyone types on that machine can not be considered secure. Especially if you are dealing with a coder. There is no security when there is familiarity between the parties. You are left to trust and decency with those you know.

As a developer I believe you should think about how to hack computer systems in order to think about how to secure it. It is one of the mindsets you should have when coding. I’m not the type of person who would do any type of hacking, but if you are oblivious to what can be done you are more likely to make mistakes when designing computer software that open you up to standard hacking attacks.

Ever since my password was obtained so quickly and easily whenever I type my password I always think, “Someone just hacked my password”