Entries:
Comments:
Discussions:

Loading user information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading user information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements

Discussions

Dave Williamson davewill here birdie birdie, get in my belly!
  • Question about Azure Security

    A tendency in the 2 Azure account route is someone is going to want to avoid logging out of one account and into the other account when working with the azure portal and sure as the world they will give the other account an AD entry to facilitate working with the resources under each without logging in and out.  If browsers actually cleanly logged in and out then this wouldn't be an issue but it sure seems like that isn't the case yet.

    Given your last comment .... another option might be to use the Azure Virtual Networks feature to sit your protected server within.  But this depends more on what it needs to get to and from and how much complexity that might add.

  • coffeehouse: a great place to flood with junk

    ouch fellas. as one with limited resources I can understand that this forum isn't necessarily a core asset upon which to expend ... but with those comments it could sway a meeting that kills it for no other reason.

     

    its the coffeehouse. it is the virtual equivalent of the bar down the street where we can run into one another.  yes some spammer came in the last couple of days and cranked up his portable mega-phone and you felt handcuffed because you couldn't do anything about it.  that is the real issue.

     

  • SpamSpamSpam

    @Dr Herbie: Can't blame you there.

  • SpamSpamSpam

    Spambots

    https://channel9.msdn.com/Niners/cjfgml2234

    https://channel9.msdn.com/Niners/zvcv867

    https://channel9.msdn.com/Niners/bmw8282

     

  • ASPNET Identity / OpenID Connect / OAuth - what a mess!

    YEP!  A MESS!  Its like the battle between IPX/SPX and TCP/IP.  Except at least in that battle there was a set stack battling another set stack.  This current battle seems to be a battle between stack parts implementing a bunch of RFCs spit out by a bunch of academics.

    It seems too early to write anything that is to last on the current quicksand.

  • Real Programmers write their own tools ... ?

    , Bas wrote

    *snip*

    That's why you don't. You let someone else work it out. Plenty of libraries written by companies that have spent many, many development hours getting time conversions right. Use them! It's quicker, cheaper, and the results are better.

    Yep. We use those. The utility though is for the human when troubleshooting or doing support trying to make sense of data and/or the context of whom they are working with.

  • Real Programmers write their own tools ... ?

    , figuerres wrote

    *snip*

     

    dave what about time conversion from one time zone to another one ??

    while in the US we mostly add or subtract a few hours you can't always do that when an international time zone is involved.   the rules are to convert local to universal / TZ 0 and then from that to local.  and then there are different counties that do not follow the same rules, where they can roll forward or back on different dates ,  that stuff can get hairy to work out right! 

    Sorry missed this post. YES! Timezones are NUTs! I'm all for to each their own. But with that comes, don't expect to mix-match ... or at the very least recognize that developers are trying real blank blank hard to make it mix-match.

  • Real Programmers write their own tools ... ?

    CapImg: little utility to snag a pic off the clipboard and put it into a png file. handy for doing help documentation, support docs/media, things of that nature.

    JobTimer: little utilty that allows tracking time spent on jobs given the constant task switching that can sometimes occur.

    CurrentDateTimeVisualizer: because time zones are hard sometimes.

    ManagementObject: allows iterating the WMI Management Objects for discovery purposes.

    NetworkStatus: little ping utility that logs so I can tell where along a network path the drop happens.  useful for sporadic connectivity issues.

    SmarterMailLogParser: little utility to split the log into more manageable logs for investigation.

     

  • Unable to login Microsoft Partner website

    We aren't seeing this behavior.  In the past we have seen generally slow page loads but other than that we haven't see hard errors like you describe.  Just went in to test using your link and it came right up fairly quick given the nature of the page.

  • Backbone exists in 0s and 1s too

    , figuerres wrote

    *snip*

    we have this thing that perhaps should be replaced, it was created back when there was no way to count up all the votes fast and no way to have real time news.

    https://en.wikipedia.org/wiki/Electoral_College_(United_States)

    so no your vote does not select the president, you are asking the "college" members of your state to cast a vote, they may or may not vote as you asked them to vote.

     

    Yes I understand the electoral college and how it defines our republic. But this post was started because of the use of code in the voting process combined with the evidence individuals are putting pressure on developers to create code that alters votes just as they are cast.  Right now evidence is at the individual level. The corrupting powers are greater than an individual here or there ... but until evidence comes out we can't go there yet.

    Vote tampering via code would be a black eye for our industry.  Developers must push back if presented with such a situation because "backbone exists in 0s and 1s too".

    So going back to my prior post and expanding on that

     

    Again this year I will go to the voting booth and cast a ballot.


    And again this year I will take a photo of the ballot with my phone.


    And again this year I will have no way to compare my input with what was actually recorded in the FINAL vote tallies.

     

     

    Doesn't that seem odd that something so basic is not in place?

     

     

    At first I thought ... well the process is a carry over from the days of paper voting.  Sure in a paper voting situation with a low number of voters it is possible for the election officials to validate with the actual voter.  But as the number of voters increase the paper based validation becomes untimely.  And so I can see the validation not being possible.  Additionally in lower numbers it is harder to inject manual fraud.


    But then electronic voting came along.  This should have removed the untimeliness problems with high numbers of voters.  Yet today an individual voter can not confirm their voting choices are reflected in the FINAL vote tallies.

    Sure, in a few jurisdictions (not mine or any I've ever lived in), they can get a paper receipt. Here is an example in Orange County California:


    https://www.ocvote.com/voting/verify-your-vote/

    "The VVPAT printer allows a voter to verify their selections and compare them to the on-screen summary prior to casting their ballot."


    Notice this is prior to casting their ballot.  So not only is it before they actually vote but is well before all the other handling of the votes where fraud can be injected as well.


    How convenient.


    Let's come up with a way for each voter to cast their vote in a container (some unit of storage) that is encrypted with a private key that only the voter knows.  The vote tally systems would use a public key to see the vote value(s).  Vote tally being the vote totals for each candidate.


    So now at this point the fraud injection point has been moved through the process to the point of the tally.  Now what type of mechanism could be employed that would reveal fraud injection in the tally?  The answer ...  the ability for anyone to tally using the same containers to confirm the official vote tally.


    The containers are publicly listed.  The identifying internal data in the container is encrypted privately from the overall container encryption.

    So now:

    1.  3rd parties can confirm the official vote tally.


    2. An individual voter with their unique container number (let's presume a GUID is assigned) can verify their recorded vote.