Today is Blog Action Day.

You might be hoping for someone to invent a great new technology that will stop climate change.  Unfortunately, in reality it is really up to you to solve it.  Take a look at 10 Solutions for Climate Change.  We don’t need to invent new technology to stop climate change.  Instead, we just need to change ourselves.

I’m always searching for ways learn more.  I know a lot of smart people working on interesting projects, however it is often difficult to keep up with what others are working on.  This past June I organized lightning talk presentations for my company.   We had ten 5-minute presentations on various topics that we video taped and posted to our internal SharePoint site.  I think it worked out great.  Five minutes is just enough time to make a point or introduce a topic to an audience without boring them if they are not interested.  If they are interested they can always followup afterwards to find out more.  Lightning talks typically take place at conferences and give an opportunity for attendees to present to the larger audience, however I see no reason not to use the format inside your company as well.

I’m looking forward to our next series of lightning talk presentations tomorrow. I will be presenting on Cloud Computing in the Government.

Friendly reminder to update your BIOS and device drivers every once in a while.  Sadly enough it is not sufficient to only ensure all operating system, anti-virus, and browser updates are up to date.

My Dell Latitude D630 recently started blue screening and crashing when playing videos.  It got annoying pretty quickly, so I updated the BIOS and device drivers in the hopes that would resolve the issue.  This week it got a lot worst, in fact it would not even boot properly at times, instead just displaying lines.  A temporary fix was to remove the battery and power cord, hold the on button for 30 seconds, and replace the battery.  Not exactly sure what that did, but worked for at least one more boot.

Unfortunately after some searching, it looks like the GPU has failed due to a common overheating issue with this model.  The fix is to update the BIOS before it fails.  After it fails it requires a hardware replacement.  More information at http://en.community.dell.com/blogs/direct2dell/archive/2008/07/25 /nvidia-gpu-update-for-dell-laptop- owners.aspx

Security is a programmer’s responsibility.  Your project manager or client is not going to ask for security, but it is a basic implied requirement for any software project.  A good place to start is to look at the top ten common vulnerabilities.  Think about how many of these might affect your current project.  Odds are if you have not consciously though about security, then your application is likely vulnerable.

Since I recently started writing a lot more .NET based applications I have come across two useful tools for assisting in providing application security. Even if you are careful to validate all application inputs, it is still useful to validate your work using these tools.

Anti-XSS - a library that can help sanitize inputs to help protect from cross site scripting attacks. CAT.NET - a Visual Studio plugin that will do code analysis to help identity cross site scripting and SQL injection vulnerabilities.

It is a good idea to set up security scans has part of your project build steps with a continuous integration server.

Recently I came across Hudson, an open source Continuous Integration server.   I often hear about cruise control, however it always seemed like it would be difficult to get setup.

A Continuous Integration server can help you automate tasks in your development life cycle.  It will checkout a project from your source code repository, build it, and run any number of additional tasks that you can configure.  For example, it can run unit tests that you have written for your project.  Another example would be to configure StyleCop or FxCop to analyze your source code against various rules.  All of these tasks are completed on a build server automatically and any issues are delivered through the UI, email, or RSS.  This instant feedback loop will make you and your team members spot any issues sooner and make you a better programmer.

Some things that make Hudson in particular stand out:

• It can build .NET and Java applications.
• To get started you just run the jar, or deploy to tomcat.  No db or other configuration to install.  It can even install itself as its own service.
• Lots of plugins.  Plugins that you can install from within the application just like WordPress.
• User interface is simple and clean.
• It just works. Bottom line, take 10 minutes and check it out.  Let me know if this is not the best Continuous Integration server for Java and .NET.

One thing that really bothers me is long in-effective meetings.  Here are a few basic meeting tips.

1. Always have and distribute the objectives of the meeting beforehand.   (Hint: if you don’t have an objective, then you don’t need a meeting.)
2. Meetings do not always have to be 1 hour in length.  If you just need 15 minutes, then schedule 15 minutes.
3. Once you complete the agenda of the meeting, end it.  Do not fill the rest of the meeting time with something unrelated.
4. Take notes and distribute them after the meeting to all attendees.  This makes sure everyone is on the same page and does not forget any conclusions.  Often handy for any follow-up meetings.
5. Start on time.  If people are frequently late, it becomes a trend and more people will show up later next time to avoid waiting for the late people!
6. If there are action items identified, note them and be sure to assigned to an owner.
7. Always come prepared with any documentation or diagrams to facilitate the conversation.  (For example, I don’t need to spend 15 minutes watching you draw our existing network diagram on the white board.  This is what printers and projectors are for.)
8. Stay on point.  It is easy to lose focus and have attendees push discussion onto something unrelated to the objectives.  Table any off topic discussion and move on.
9. Limit the attendees to only those people required.  It is very difficult to keep everyone on the same page when there too many people in the discussion.  (Keep in mind that presentations can have lot of people, however presentations are not meetings!)
10. Lastly, improve every meeting.  After the meeting think about how the meeting went and how you can make improvements. What tips do you recommend to make a meeting more effective?

Earlier this evening I attended a Refresh DC event at CDIA.  Paul Annett, design lead at Clearleft, gave a great presentation on how being clever in web design can promote viral word of mouth marketing.   He gives great examples of logos and websites that have intentionally and unintentionally added subtle features/easter eggs that allow the user to discover and share them.  Who knew FedEx had an arrow in its logo? Check out the presentation below or on his site:

Oooh, that’s Clever! (unnatural experiments in web design)

View more documents from nicepaul.

Recently I configured Zenoss for a client to allow them to be more proactive and receive email notifications when a service or server goes down on their network.  When you are frequently upgrading or modifying applications there are bound to be issues that crop up and cause failures.  It is best to be aware of these and correct them before your users notice.

To get started you can download a Virtual appliance with Zenoss already installed.  Once it is up and running, you will want to install a few ZenPacks that are relevant to your environment.  These are basically just extensions to the product that can give you more specific collection and reporting tools. The next step is ensure there is an SNMP agent running on the machines you plan to monitor.  SNMP is a common network monitoring protocol and an basic agent comes with Windows.

Once you have the basic ZenPacks and SNMP running you can have Zenoss discover all your servers and network devices, or you can add individual servers as needed.

Zenoss will model each device, determine what software, services, ports, disk drives are on the device and assign default thresholds and alerts to each. For example if a disk drive is more than 90% of capacity it will create an event message.  These messages will start displaying in nicely color-coded dashboards for now.  The next logical step is to setup email notifications by defining alert rules per user or group.  Alert rules allow you to filter the event messages and only receive the ones that are important to you such as only Production systems that throw Error messages.

If you are in need of a monitoring solution, I highly recommend you give Zenoss a try.  It really is quite easy to setup and has a vibrant community behind it with a lot more advanced capabilities than I have discussed here. Also take a look at a ramp up video put together by JumpBox for Zenoss at http://vimeo.com/6408567.

If you find yourself managing a number of Windows servers take a look at Royal TS 1.5.1.

Royal TS allows you to organize your connections to multiple servers over RDP. There are other programs that do this, but this one allows you to easily categorize, sort and search the list.  It saves all of your settings in a XML, which you can easily share with other co-workers as they join the project.

The latest version is shareware, however I use the freeware 1.5.1 version and it works great!

One the common concerns in using open source software at some companies is having formal maintenance and support contracts.  The crazy thing is that most enterprise software products come with really bad maintenance and support at high prices.

Take for example Premier support offered by most enterprise software vendors that include claims of 4 hour response times and the like.  If your goal is having someone on the phone, then sure this works ok.  However if you actually want your problem solved, then get ready for a surprise.  Most of the time you are going to have to pull some pretty intense efforts to prove the issue is the vendors problem.  In most of these situations you end up doing all of the leg work which often includes writing the fix or workaround.  In many cases, the vendor boils down to becoming a place for you to file bugs along with their solutions so that you dont have to deal with in the next release.

Upgrades.  Oh don’t get me started.  Enterprise software vendors never sell licenses on how easy it is to install or upgrade their software.  In fact, sometimes I wonder if they don’t intentionally make this process difficult in order to require customers to buy more hours from consulting services.

Lastly, the enterprise product knowledge bases often require you to use the vendors website using customer logins.  This limits who has access and makes searching and contributing to this content difficult if not impossible.

Open Source on the other hand has to have great maintenance and support processes in order to gain any traction and acquire a user base.  Wordpress is a great example.  The installation and upgrade process is as simple as it gets.  Searching for any problems or issues is as simple as searching the web.

Like many things in the world, the logical choice is not the first choice due to tradition and fear.  Just keep in mind times are changing, walls are falling, and open source will set you free.