Search Results

Search found 1336 results on 54 pages for 'rob dudley'.

Page 50/54 | < Previous Page | 46 47 48 49 50 51 52 53 54  | Next Page >

  • Silverlight Cream for June 15, 2010 -- #882

    - by Dave Campbell
    In this Issue: Colin Eberhardt Zoltan Arvai, Marcel du Preez, Mark Tucker, John Papa, Phil Middlemiss, Andy Beaulieu, and Chad Campbell. From SilverlightCream.com: Throttling Silverlight Mouse Events to Keep the UI Responsive Colin Eberhardt sent me this link to his latest at Scott Logic... about how to throttle Silverlight -- no not that, you'd have to go to one of the *other* blogs for that :) ... this is throttling the mouse, particularly the mouse wheel to keep the UI from freezing up ... check out the demos, you'll want to read the code Data Driven Applications with MVVM Part I: The Basics Zoltan Arvai started a series of tutorials on Data-Driven Applications with MVVM at SilverlightShow... this is number 1, and it looks like it's going to be a good series to read. Red-To-Green scale using an IValueConverter Marcel du Preez has an interesting post up at SilverlightShow using an IValueConverter to do a red/yellow/green progress bar ... this is pretty cool. Infragistics XamWebOutlookBar & Caliburn With assistance from Rob Eisenburg, Mark Tucker was able to build a Caliburn sample including the Infragistics XamWebOutlookBar, and he's sharing his experience (and code) with all of us. Printing Tip – Handling User Initiated Dialogs Exceptions John Papa responded to a common printing problem by writing it up in his blog. Note this problem quite often appears during debug, so check it out... John also has a quick tip on an update to the PrintAPI in Silverlight 4. Automatic Rectangle Radius X and Y Phil Middlemiss has another great Blend post up -- this one on rounding off buttons... they look great to me, but he's looking for advice -- how about that Phil? They look great to me :) WP7 Back Button in Games Planning on selling 'stuff' in the Windows Phone Marketplace? Are you familiar with the required use of the Back Button? How about in a game? ... Andy Beaulieu discusses all this and has some code you'll want to use. Windows Phone 7 – Call Phone Number from HyperlinkButton Chad Campbell [no relation :) ] is discussing dialing a number from a hyperlink in WP7 - oh yeah, it's a phone as well :) -- I think I've only seen a number attempt to be called -- hmm... and we're not yet either because we all have emulators, but this is a good intro to the functionality for when we may actually have devices! Stay in the 'Light! Twitter SilverlightNews | Twitter WynApse | WynApse.com | Tagged Posts | SilverlightCream Join me @ SilverlightCream | Phoenix Silverlight User Group Technorati Tags: Silverlight    Silverlight 3    Silverlight 4    Windows Phone MIX10

    Read the article

  • Evolution Of High Definition TV Viewing

    - by Gopinath
    The following guest post is written by Rob, who is also blogging on entertainment technology topics on iwantsky.com Gone are the days when you need to squint to be able to see the emotions on the faces of Humphrey Bogart and Ingrid Bergman as the lovers bid each other adieu in the classic film Casablanca. These days, watching an ordinary ant painstakingly carry a leaf in Animal Planet can be an exhilarating experience as you get to see not only the slightest movement but also the demarcation line between the insect’s head, thorax and abdomen. The crystal clear imagery was made possible by the sharp minds and the tinkering hands of the scientists that have designed the modern world’s HDTV. What is HDTV and what makes people so agog to have this new innovation in TV watching? HDTV stands for High Definition TV. Television viewing has indeed made a big leap. From the grainy black and whites, TV viewing had moved to colored TVs, progressed to SD TVs and now to HDTV. HDTV is the emerging trend in TV viewing as it delivers bigger and clearer pictures and better audio. Viewers can have a cinema-like TV viewing experience right in the comforts of their own home. With HDTV the viewer is allowed to have a better viewing range. With Standard (SD) TV, the viewer has to be at a distance that is from 3 to 6 times the size of the screen. HDTV allows the viewer to enjoy sharper and clearer images as it is possible to sit at a distance that is 1.5 or 3 times the size of the screen without noticing any image pixilation. Although HDTV appears to be a fairly new innovation, this system has actually existed in various forms years ago. Development of the HDTV was started in Europe as early as 1940s. However, the NTSC and the PAL/SECAM, the two analog TV standards became dominant and became popular worldwide. The analog TV was replaced by the digital TV platform in the 1990s. Even during the analog era, attempts have been made to develop HDTV. Japan has come out with MUSE system. However, due to channel bandwidth requirement concerns, the program was shelved. The entry of four organizations into the HDTV market spurred the development of a beneficial coalition. The AT&T, ATRC, MIT and Zenith HDTV combined forces. In 1993, a Grand Alliance was formed. This group is composed of researchers and HDTV manufacturers. A common standard for the broadcast system of HDTV was developed. In 1995, the system was tested and found successful. With the higher screen resolution of HDTV, viewing has never been more enjoyable. [Image courtesy: samsung] This article titled,Evolution Of High Definition TV Viewing, was originally published at Tech Dreams. Grab our rss feed or fan us on Facebook to get updates from us.

    Read the article

  • SQL SERVER – Three Puzzling Questions – Need Your Answer

    - by pinaldave
    Last week I had asked three questions on my blog. I got very good response to the questions. I am planning to write summary post for each of three questions next week. Before I write summary post and give credit to all the valid answers. I was wondering if I can bring to notice of all of you this week. Why SELECT * throws an error but SELECT COUNT(*) does not This is indeed very interesting question as not quite many realize that this kind of behavior SQL Server demonstrates out of the box. Once you run both the code and read the explanation it totally makes sense why SQL Server is behaving how it is behaving. Also there is connect item is associated with it. Also read the very first comment by Rob Farley it also shares very interesting detail. Statistics are not Updated but are Created Once This puzzle has multiple right answer. I am glad to see many of the correct answer as a comment to this blog post. Statistics are very important and it really helps SQL Server Engine to come up with optimal execution plan. DBA quite often ignore statistics thinking it does not need to be updated, as they are automatically maintained if proper database setting is configured (auto update and auto create). Well, in this question, we have scenario even though auto create and auto update statistics are ON, statistics is not updated. There are multiple solutions but what will be your solution in this case? When to use Function and When to use Stored Procedure This question is rather open ended question – there is no right or wrong answer. Everybody developer has always used functions and stored procedures. Here is the chance to justify when to use Stored Procedure and when to use Functions. I want to acknowledge that they can be used interchangeably but there are few reasons when one should not do that. There are few reasons when one is better than other. Let us discuss this here. Your opinion matters. Reference: Pinal Dave (http://blog.SQLAuthority.com) Filed under: Pinal Dave, PostADay, Readers Contribution, Readers Question, SQL, SQL Authority, SQL Performance, SQL Puzzle, SQL Query, SQL Scripts, SQL Server, SQL Tips and Tricks, SQLAuthority News, SQLServer, T SQL, Technology

    Read the article

  • Roll your own free .NET technical conference

    - by Brian Schroer
    If you can’t get to a conference, let the conference come to you! There are a ton of free recorded conference presentations online… Microsoft TechEd Let’s start with the proverbial 800 pound gorilla. Recent TechEds have recorded the majority of presentations and made them available online the next day. Check out presentations from last month’s TechEd North America 2012 or last week’s TechEd Europe 2012. If you start at http://channel9.msdn.com/Events/TechEd, you can also drill down to presentations from prior years or from other regional TechEds (Australia, New Zealand, etc.) The top presentations from my “View Queue”: Damian Edwards: Microsoft ASP.NET and the Realtime Web (SignalR) Jennifer Smith: Design for Non-Designers Scott Hunter: ASP.NET Roadmap: One ASP.NET – Web Forms, MVC, Web API, and more Daniel Roth: Building HTTP Services with ASP.NET Web API Benjamin Day: Scrum Under a Waterfall NDC The Norwegian Developer Conference site has the most interesting presentations, in my opinion. You can find the videos from the June 2012 conference at that link. The 2011 and 2010 pages have a lot of presentations that are still relevant also. My View Queue Top 5: Shay Friedman: Roslyn... hmmmm... what? Hadi Hariri: Just ‘cause it’s JavaScript, doesn’t give you a license to write rubbish Paul Betts: Introduction to Rx Greg Young: How to get productive in a project in 24 hours Michael Feathers: Deep Design Lessons ØREDEV Travelling on from Norway to Sweden... I don’t know why, but the Scandinavians seem to have this conference thing figured out. ØREDEV happens each November, and you can find videos here and here. My View Queue Top 5: Marc Gravell: Web Performance Triage Robby Ingebretsen: Fonts, Form and Function: A Primer on Digital Typography Jon Skeet: Async 101 Chris Patterson: Hacking Developer Productivity Gary Short: .NET Collections Deep Dive aspConf - The Virtual ASP.NET Conference Formerly known as “mvcConf”, this one’s a little different. It’s a conference that takes place completely on the web. The next one’s happening July 17-18, and it’s not too late to register (It’s free!). Check out the recordings from February 2011 and July 2010. It’s two years old and talks about ASP.NET MVC2, but most of it is still applicable, and Jimmy Bogard’s Put Your Controllers On a Diet presentation is the most useful technical talk I have ever seen. CodeStock Videos from the 2011 edition of this Tennessee conference are available. Presentations from last month’s 2012 conference should be available soon here. I’m looking forward to watching Matt Honeycutt’s Build Your Own Application Framework with ASP.NET MVC 3. UserGroup.tv User Group.tv was founded in January of 2011 by Shawn Weisfeld, with the mission of providing User Group content online for free. You can search by date, group, speaker and category tags. My View Queue Top 5: Sergey Rathon & Ian Henehan: UI Test Automation with Selenium Rob Vettor: The Repository Pattern Latish Seghal: The .NET Ninja’s Toolbelt Amir Rajan: Get Things Done With Dynamic ASP.NET MVC Jeffrey Richter: .NET Nuggets – Houston TechFest Keynote

    Read the article

  • Microsoft MVP Award Nomination

    - by Mark A. Wilson
    I am extremely honored to announce that I have been nominated to receive the Microsoft MVP Award for my contributions in C#! Hold on; I have not won the award yet. But to be nominated is really humbling. Thank you very much! For those of you who may not know, here is a high-level summary of the MVP award: The Microsoft Most Valuable Professional (MVP) Program recognizes and thanks outstanding members of technical communities for their community participation and willingness to help others. The program celebrates the most active community members from around the world who provide invaluable online and offline expertise that enriches the community experience and makes a difference in technical communities featuring Microsoft products. MVPs are credible, technology experts from around the world who inspire others to learn and grow through active technical community participation. While MVPs come from many backgrounds and a wide range of technical communities, they share a passion for technology and a demonstrated willingness to help others. MVPs do this through the books and articles they author, the Web sites they manage, the blogs they maintain, the user groups they participate in, the chats they host or contribute to, the events and training sessions where they present, as well as through the questions they answer in technical newsgroups or message boards. - Microsoft MVP Award Nomination Email I guess I should start my nomination acceptance speech by profusely thanking Microsoft as well as everyone who nominated me. Unfortunately, I’m not completely certain who those people are. While I could guess (in no particular order: Bill J., Brian H., Glen G., and/or Rob Z.), I would much rather update this post accordingly after I know for certain who to properly thank. I certainly don’t want to leave anyone out! Please Help My next task is to provide the MVP Award committee with information and descriptions of my contributions during the past 12 months. For someone who has difficulty remembering what they did just last week, trying to remember something that I did 12 months ago is going to be a real challenge. (Yes, I should do a better job blogging about my activities. I’m just so busy!) Since this is an award about community, I invite and encourage you to participate. Please leave a comment below or send me an email. Help jog my memory by listing anything and everything that you can think of that would apply and/or be important to include in my reply back to the committee. I welcome advice on what to say and how to say it from previous award winners. Again, I greatly appreciate the nomination and welcome any assistance you can provide. Thanks for visiting and till next time, Mark A. Wilson      Mark's Geekswithblogs Blog Enterprise Developers Guild Technorati Tags: Community,Way Off Topic

    Read the article

  • NetBeans Podcast 62

    - by TinuA
    Download mp3: 49 minutes – 39.5 MB Subscribe to the NetBeans Podcast on iTunes NetBeans Community News with Geertjan and Tinu What's NEW? Recap of a SUCCESSFUL NetBeans Community Day at JavaOne2012! Want to know what you missed? Download slides for: NetBeans Community Keynote NetBeans and JavaFX panel NetBeans and Java EE panel NetBeans Platform panel Visit the JavaOne Content Catalog for slides, and audio and video recordings of all NetBeans sessions at JavaOne 2012. (Type in keyword "NetBeans".) NetBeans Governance Board elections are done. Congratulations to Anton Epple and Hermien Pellissier, the new members of the 20th Board! How would you grade the NetBeans team on NetBeans IDE 7.2? Take the NetBeans 7.2 Satisfaction Survey. NetBeans IDE 7.3 Beta 2 is available for download. The first beta debuted at JavaOne with support for HTML5. Watch videos of HTML5 support in NetBeans and visit Geertjan's blog for a beginner's guide to HTML5 development. It's a busy Fall on the NetBeans Calendar with stops at Devoxx 2012, JavaOne Latin America, Jay Day Munich, Jay Days Sweden  JavaOne 2012 Reflections NetBeans had a fantastic showing at JavaOne 2012--from the full-day lineup of NetBeans Community Day to the numerous BOFs, Labs, and sessions at the main conference. But better to hear it in these short interviews with members of the community who attended JavaOne 2012. Veteran attendees and first-timers, panel participants and award winners, the interviewees share their experience of the conference, from highlights and insights, to new discoveries and inspiration. Listen in to why attending JavaOne is a tech pilgrimage every Java developer ought to make.   07:50   Anton Epple - Eppleton Consulting (Germany); Recipient of 2012 NetBeans Community Recognition Award 17:10   Henry Arousell and Thomas Boqvist - Bjorn Lunden Information (Sweden) 24:45   Glenn Holmer - Weyco Group, Inc. (USA); Recipient of 2012 NetBeans Community Recognition Award 33:09   Timon Veenstra - Agrosense (The Netherlands); 2012 Duke's Choice Award winner (Agrosense in the Nov/Dec '12 issue of Java Magazine.) 40:19   Rob Terplowski, - Linden, Inc. (USA) More thoughts about NetBeans Day and JavaOne can also be found in two recent NetBeans Zone articles: "Reflections on JavaOne 2012 by the NetBeans Community: Part 1 and Part 2". *Have ideas for NetBeans Podcast topics? Send them to nbpodcast at netbeans dot org. *Subscribe to the official NetBeans page on Facebook! Check us out as well on Twitter, YouTube, and Google+.

    Read the article

  • Silverlight Cream for February 05, 2011 -- #1041

    - by Dave Campbell
    In this Issue: Peter Kuhn, Mike Ormond(-2-, -3-), WindowsPhoneGeek, Daniel N. Egan, Phil Middlemiss(-2-), Max Paulousky, Michael Washington. Above the Fold: Silverlight: "Designing for Browser-Zoom: Part 2" Phil Middlemiss WP7: "Talking about Converters in WP7 | Coding4fun toolkit converters in depth" WindowsPhoneGeek Lightswitch: "LightSwitch: Can We Handle The Truth?" Michael Washington Shoutouts: András Velvárt has a video up of some awesome changes he has planned for SurfCube, check it out: SurfCube V2 - 3D Web Browser for Windows Phone 7, now with tabs! From SilverlightCream.com: Silverlight for keyboard junkies Peter Kuhn has a post up talking about the issues surrounding trying to use the tab key to navigate between controls... and follows it up with a behavior that resolves it. Windows Phone 7 Content On Demand Mike Ormond has a batch of WP7 Videos up... this first is "Windows Phone 7: A Different Kind of Phone" with Andrej Radinger. Windows Phone 7 Content on Demand Pt 2 Mike Ormond's 2nd WP7 video is "Understanding the Windows Phone 7 Development Tools and Getting Started" with Maarten Struys Windows Phone 7 Content on Demand Pt 3 Mike Ormond's 3rd WP7 Content on Demand is "Games Programming on Windows Phone 7 with Silverlight and XNA" with Rob Miles Talking about Converters in WP7 | Coding4fun toolkit converters in depth WindowsPhoneGeek is discussing value converters in his latest post... value converters for WP7... and the ones in the Coding4Fun toolkit to be exact... everything you wanted to know about them but didn't know to ask :) WP7 Developer Tools–Jan Update Daniel N. Egan has information up about the new WP7 Developer Tools release. Designing for Browser-Zoom: Part 1 Phil Middlemiss has both parts of a series on Browser Zoom up... this first part covers the zoom and different pieces involved. Designing for Browser-Zoom: Part 2 Phil Middlemiss's part 2 shows us some design considerations and visual states, including an attached behavior you can use in Blend to respond to the zoom event. Windows Phone Copy-Paste: How It Looks and Works Max Paulousky has the first post I've seen on WP7 Copy/Paste up... of course it's still in the emulator, but hey... that's better than nothing, right? LightSwitch: Can We Handle The Truth? Have you been playing with Lightswitch? Well... Michael Washington has, and it's got his interest up far enough that he's waving the flags trying to attract everyone else over there as well... see if you agree. Stay in the 'Light! Twitter SilverlightNews | Twitter WynApse | WynApse.com | Tagged Posts | SilverlightCream Join me @ SilverlightCream | Phoenix Silverlight User Group Technorati Tags: Silverlight    Silverlight 3    Silverlight 4    Windows Phone MIX10

    Read the article

  • How to reset Bash on Mac OSX, .bash_profile corrupted and bash no longer works

    - by user1463172
    I am on a MacBook Pro, running the latest version of Mountain Lion. I really need some help, I have managed some how to damage my .bash_profile (I think) so that every time I open up the terminal I get the error listed below. -bash: export: `/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/go/bin': not a valid identifier -bash: export: `/Users/rob/Applications/sbt/bin:': not a valid identifier env: bash: No such file or directory env: bash: No such file or directory env: bash: No such file or directory env: bash: No such file or directory env: bash: No such file or directory -bash: tar: command not found -bash: grep: command not found -bash: cat: command not found -bash: find: command not found I am not sure what has happened, I have no sudo, cd or any normal commands. The only way I have been able to get to any of the main directories is through the go to folder command in finder and try to find the file to no avail. To top it all off I think I created a file that might be causing the issue, I wanted to edit the .bash_profile so I typed sudo nano ./bash_profile This open a new file in nano which I think was then saved. After this I opened the real .bash_profile to add in the path for node.js. If I can get to the .bash_profile I think I can get it back on track but I can't find it, should I reinstall bash? If so how would I do that on a mac, I tried using brew install bash to which I get -bash: brew: command not found I am really stuck if anyone can help I would be really appreciated. Many thanks

    Read the article

  • Windows 7 starts getting sluggish over a few days

    - by munrobasher
    Myself and the other developer are running Windows 7 Enterprise 64 bit with 8GB RAM on different Gigabyte motherboards with Quad core Intel CPUs. Most of the time, it runs like a dream. We use VMware workstation a lot (hence the 8GB) and that works well. Except... now and then, after the PCs have been on for a few days, the whole system starts getting really sluggish doing certain tasks. The other's developer's system is far worse than mine with it taking up to a minute to launch IE. Today, mine has gone sluggish but nowhere near as bad. For example, normally when I click on a new tab in IE, it's instant. Today, there's an obvious delay. Right-clicking in this window to trigger iSpell is normally instant, right now it takes about five seconds. I've got resource monitor open on my second monitor and when I did that right-click, there was no obvious peak in CPU, disk or memory. A reboot does fix it so it does sound like a resource issue but haven't a clue what might be to blame. The two computers have similarities (same spec) but also differences (like motherboard, RAM & CPU models). So I guess the question is, any pointers on diagnosing why a PC is sluggish? What could cause such a right-click slow down in IE for example? It sounds like such a simple operation. NOTE: whilst typing this message alone, it was fine performance wise. I can click around the page no problem but right-click still is noticeable slow. Will reboot over lunch... Cheers, Rob.

    Read the article

  • IIS7 can't read web.config on shared Mac filesystem

    - by RobG
    I'm running a VirtualBox virtualized Windows 2008 Server on my Mac, just finished setting it up today. On it, I have SQL Server 2008, IIS and ColdFusion 9. I want to serve websites from my Mac filesystem (for development purposes). So I created a new website in IIS and pointed it at the appropriate path using a UNC path: \vboxsvr\rob\Sites\testsite, which contains the ColdFusion code and a web.config file. When I attempt to modify the file at all, or view the site in a web browser, I get an error: HTTP 500.19 - Internal Server Error The requested page cannot be accessed because the related configuration data for the page is invalid. I did some Googling, and found several similar problems, but nothing exactly like I have. The closest one seemed to indicate permissions. So I recreated the site and set it up to allow the Administrator (in Windows) to access the stuff. That didn't help. I can read/modify the files just fine from within Windows, but IIS itself can't seem to do it. What do I need to do to fix this? Thanks!

    Read the article

  • Win 8.1 Hyper-v Full Screen and VPN problems

    - by tr0users
    I need to connect to my office using Cisco VPN software (RSA). Once connected all my internet traffic goes through the employer's VPN and this prevents me from listening to spotify. As a way around this I created a Win 2012 VM that I run in hyper-v from my Windows 8.1 Client. First I RDP to the VM, then I connect to the VPN. This forces the RDP session between my host laptop and the VM to close. I then open the hyper-v manager and double-click my VM to get a connection back (not great because I don't get the use of copy & paste this way). Previously when I opened my VM this way I would have full screen. I'm using a 1920x1080 monitor. Today when I re-open my connection to the VM it is displayed in a window that uses maybe 75% of the full screen. I have tried the menu option View\Full Screen Mode only centres the screen and apply black borders around the outside. Could anyone please suggest how I may solve the VPN or Full Screen problems? Thanks Rob.

    Read the article

  • SQL Server Replication Backup

    - by user18039
    Hi We have a new system that runs on SQL Server 2008 r2 64-bit. There is a primary on-line transactional processing (OLTP) database that accepts a high volume of updates from several thousand Point of Sale systems at stores around the country. In order to protect this vital function, I have decided to introduce a dedicated reporting database server - from which multiple users will run some pretty complex reports. I realise that there were a number of choices but I decided to use Transaction Replication as the mechanism for copying the data from the OLTP database to the new reporting database - one way replication. The solution has worked well in test. I'm now being asked what changes need to be made to the backup policy to cover the architectural changes. I have read pages such as MSDN:Strategies for Backing Up and Restoring Snapshot and Transactional Replication but I think these are overkill for my solution. In fact, my current thinking is that we simply need to continue making backups of the OLTP data and logs. If the Reporting db or any of the system replication (eg distribution) databases fail then it's no big deal - we can clear all down then re-create the replication. I realise that taking a complete snapshot of the OLTP would be time consuming (approx 5 hours) but I'd be more relaxed about this that trying to restore backups of the various data and log files in the correct sequence. My view is that the complex strategies set out in the MSDN article would only be the way to go for a more complex replication solution than I have, eg if there were multiple subscribers with 2-way replication. Would you agree? I'd be grateful for any advice. Many thanks, Rob.,

    Read the article

  • Toorcon14

    - by danx
    Toorcon 2012 Information Security Conference San Diego, CA, http://www.toorcon.org/ Dan Anderson, October 2012 It's almost Halloween, and we all know what that means—yes, of course, it's time for another Toorcon Conference! Toorcon is an annual conference for people interested in computer security. This includes the whole range of hackers, computer hobbyists, professionals, security consultants, press, law enforcement, prosecutors, FBI, etc. We're at Toorcon 14—see earlier blogs for some of the previous Toorcon's I've attended (back to 2003). This year's "con" was held at the Westin on Broadway in downtown San Diego, California. The following are not necessarily my views—I'm just the messenger—although I could have misquoted or misparaphrased the speakers. Also, I only reviewed some of the talks, below, which I attended and interested me. MalAndroid—the Crux of Android Infections, Aditya K. Sood Programming Weird Machines with ELF Metadata, Rebecca "bx" Shapiro Privacy at the Handset: New FCC Rules?, Valkyrie Hacking Measured Boot and UEFI, Dan Griffin You Can't Buy Security: Building the Open Source InfoSec Program, Boris Sverdlik What Journalists Want: The Investigative Reporters' Perspective on Hacking, Dave Maas & Jason Leopold Accessibility and Security, Anna Shubina Stop Patching, for Stronger PCI Compliance, Adam Brand McAfee Secure & Trustmarks — a Hacker's Best Friend, Jay James & Shane MacDougall MalAndroid—the Crux of Android Infections Aditya K. Sood, IOActive, Michigan State PhD candidate Aditya talked about Android smartphone malware. There's a lot of old Android software out there—over 50% Gingerbread (2.3.x)—and most have unpatched vulnerabilities. Of 9 Android vulnerabilities, 8 have known exploits (such as the old Gingerbread Global Object Table exploit). Android protection includes sandboxing, security scanner, app permissions, and screened Android app market. The Android permission checker has fine-grain resource control, policy enforcement. Android static analysis also includes a static analysis app checker (bouncer), and a vulnerablity checker. What security problems does Android have? User-centric security, which depends on the user to grant permission and make smart decisions. But users don't care or think about malware (the're not aware, not paranoid). All they want is functionality, extensibility, mobility Android had no "proper" encryption before Android 3.0 No built-in protection against social engineering and web tricks Alternative Android app markets are unsafe. Simply visiting some markets can infect Android Aditya classified Android Malware types as: Type A—Apps. These interact with the Android app framework. For example, a fake Netflix app. Or Android Gold Dream (game), which uploads user files stealthy manner to a remote location. Type K—Kernel. Exploits underlying Linux libraries or kernel Type H—Hybrid. These use multiple layers (app framework, libraries, kernel). These are most commonly used by Android botnets, which are popular with Chinese botnet authors What are the threats from Android malware? These incude leak info (contacts), banking fraud, corporate network attacks, malware advertising, malware "Hackivism" (the promotion of social causes. For example, promiting specific leaders of the Tunisian or Iranian revolutions. Android malware is frequently "masquerated". That is, repackaged inside a legit app with malware. To avoid detection, the hidden malware is not unwrapped until runtime. The malware payload can be hidden in, for example, PNG files. Less common are Android bootkits—there's not many around. What they do is hijack the Android init framework—alteering system programs and daemons, then deletes itself. For example, the DKF Bootkit (China). Android App Problems: no code signing! all self-signed native code execution permission sandbox — all or none alternate market places no robust Android malware detection at network level delayed patch process Programming Weird Machines with ELF Metadata Rebecca "bx" Shapiro, Dartmouth College, NH https://github.com/bx/elf-bf-tools @bxsays on twitter Definitions. "ELF" is an executable file format used in linking and loading executables (on UNIX/Linux-class machines). "Weird machine" uses undocumented computation sources (I think of them as unintended virtual machines). Some examples of "weird machines" are those that: return to weird location, does SQL injection, corrupts the heap. Bx then talked about using ELF metadata as (an uintended) "weird machine". Some ELF background: A compiler takes source code and generates a ELF object file (hello.o). A static linker makes an ELF executable from the object file. A runtime linker and loader takes ELF executable and loads and relocates it in memory. The ELF file has symbols to relocate functions and variables. ELF has two relocation tables—one at link time and another one at loading time: .rela.dyn (link time) and .dynsym (dynamic table). GOT: Global Offset Table of addresses for dynamically-linked functions. PLT: Procedure Linkage Tables—works with GOT. The memory layout of a process (not the ELF file) is, in order: program (+ heap), dynamic libraries, libc, ld.so, stack (which includes the dynamic table loaded into memory) For ELF, the "weird machine" is found and exploited in the loader. ELF can be crafted for executing viruses, by tricking runtime into executing interpreted "code" in the ELF symbol table. One can inject parasitic "code" without modifying the actual ELF code portions. Think of the ELF symbol table as an "assembly language" interpreter. It has these elements: instructions: Add, move, jump if not 0 (jnz) Think of symbol table entries as "registers" symbol table value is "contents" immediate values are constants direct values are addresses (e.g., 0xdeadbeef) move instruction: is a relocation table entry add instruction: relocation table "addend" entry jnz instruction: takes multiple relocation table entries The ELF weird machine exploits the loader by relocating relocation table entries. The loader will go on forever until told to stop. It stores state on stack at "end" and uses IFUNC table entries (containing function pointer address). The ELF weird machine, called "Brainfu*k" (BF) has: 8 instructions: pointer inc, dec, inc indirect, dec indirect, jump forward, jump backward, print. Three registers - 3 registers Bx showed example BF source code that implemented a Turing machine printing "hello, world". More interesting was the next demo, where bx modified ping. Ping runs suid as root, but quickly drops privilege. BF modified the loader to disable the library function call dropping privilege, so it remained as root. Then BF modified the ping -t argument to execute the -t filename as root. It's best to show what this modified ping does with an example: $ whoami bx $ ping localhost -t backdoor.sh # executes backdoor $ whoami root $ The modified code increased from 285948 bytes to 290209 bytes. A BF tool compiles "executable" by modifying the symbol table in an existing ELF executable. The tool modifies .dynsym and .rela.dyn table, but not code or data. Privacy at the Handset: New FCC Rules? "Valkyrie" (Christie Dudley, Santa Clara Law JD candidate) Valkyrie talked about mobile handset privacy. Some background: Senator Franken (also a comedian) became alarmed about CarrierIQ, where the carriers track their customers. Franken asked the FCC to find out what obligations carriers think they have to protect privacy. The carriers' response was that they are doing just fine with self-regulation—no worries! Carriers need to collect data, such as missed calls, to maintain network quality. But carriers also sell data for marketing. Verizon sells customer data and enables this with a narrow privacy policy (only 1 month to opt out, with difficulties). The data sold is not individually identifiable and is aggregated. But Verizon recommends, as an aggregation workaround to "recollate" data to other databases to identify customers indirectly. The FCC has regulated telephone privacy since 1934 and mobile network privacy since 2007. Also, the carriers say mobile phone privacy is a FTC responsibility (not FCC). FTC is trying to improve mobile app privacy, but FTC has no authority over carrier / customer relationships. As a side note, Apple iPhones are unique as carriers have extra control over iPhones they don't have with other smartphones. As a result iPhones may be more regulated. Who are the consumer advocates? Everyone knows EFF, but EPIC (Electrnic Privacy Info Center), although more obsecure, is more relevant. What to do? Carriers must be accountable. Opt-in and opt-out at any time. Carriers need incentive to grant users control for those who want it, by holding them liable and responsible for breeches on their clock. Location information should be added current CPNI privacy protection, and require "Pen/trap" judicial order to obtain (and would still be a lower standard than 4th Amendment). Politics are on a pro-privacy swing now, with many senators and the Whitehouse. There will probably be new regulation soon, and enforcement will be a problem, but consumers will still have some benefit. Hacking Measured Boot and UEFI Dan Griffin, JWSecure, Inc., Seattle, @JWSdan Dan talked about hacking measured UEFI boot. First some terms: UEFI is a boot technology that is replacing BIOS (has whitelisting and blacklisting). UEFI protects devices against rootkits. TPM - hardware security device to store hashs and hardware-protected keys "secure boot" can control at firmware level what boot images can boot "measured boot" OS feature that tracks hashes (from BIOS, boot loader, krnel, early drivers). "remote attestation" allows remote validation and control based on policy on a remote attestation server. Microsoft pushing TPM (Windows 8 required), but Google is not. Intel TianoCore is the only open source for UEFI. Dan has Measured Boot Tool at http://mbt.codeplex.com/ with a demo where you can also view TPM data. TPM support already on enterprise-class machines. UEFI Weaknesses. UEFI toolkits are evolving rapidly, but UEFI has weaknesses: assume user is an ally trust TPM implicitly, and attached to computer hibernate file is unprotected (disk encryption protects against this) protection migrating from hardware to firmware delays in patching and whitelist updates will UEFI really be adopted by the mainstream (smartphone hardware support, bank support, apathetic consumer support) You Can't Buy Security: Building the Open Source InfoSec Program Boris Sverdlik, ISDPodcast.com co-host Boris talked about problems typical with current security audits. "IT Security" is an oxymoron—IT exists to enable buiness, uptime, utilization, reporting, but don't care about security—IT has conflict of interest. There's no Magic Bullet ("blinky box"), no one-size-fits-all solution (e.g., Intrusion Detection Systems (IDSs)). Regulations don't make you secure. The cloud is not secure (because of shared data and admin access). Defense and pen testing is not sexy. Auditors are not solution (security not a checklist)—what's needed is experience and adaptability—need soft skills. Step 1: First thing is to Google and learn the company end-to-end before you start. Get to know the management team (not IT team), meet as many people as you can. Don't use arbitrary values such as CISSP scores. Quantitive risk assessment is a myth (e.g. AV*EF-SLE). Learn different Business Units, legal/regulatory obligations, learn the business and where the money is made, verify company is protected from script kiddies (easy), learn sensitive information (IP, internal use only), and start with low-hanging fruit (customer service reps and social engineering). Step 2: Policies. Keep policies short and relevant. Generic SANS "security" boilerplate policies don't make sense and are not followed. Focus on acceptable use, data usage, communications, physical security. Step 3: Implementation: keep it simple stupid. Open source, although useful, is not free (implementation cost). Access controls with authentication & authorization for local and remote access. MS Windows has it, otherwise use OpenLDAP, OpenIAM, etc. Application security Everyone tries to reinvent the wheel—use existing static analysis tools. Review high-risk apps and major revisions. Don't run different risk level apps on same system. Assume host/client compromised and use app-level security control. Network security VLAN != segregated because there's too many workarounds. Use explicit firwall rules, active and passive network monitoring (snort is free), disallow end user access to production environment, have a proxy instead of direct Internet access. Also, SSL certificates are not good two-factor auth and SSL does not mean "safe." Operational Controls Have change, patch, asset, & vulnerability management (OSSI is free). For change management, always review code before pushing to production For logging, have centralized security logging for business-critical systems, separate security logging from administrative/IT logging, and lock down log (as it has everything). Monitor with OSSIM (open source). Use intrusion detection, but not just to fulfill a checkbox: build rules from a whitelist perspective (snort). OSSEC has 95% of what you need. Vulnerability management is a QA function when done right: OpenVas and Seccubus are free. Security awareness The reality is users will always click everything. Build real awareness, not compliance driven checkbox, and have it integrated into the culture. Pen test by crowd sourcing—test with logging COSSP http://www.cossp.org/ - Comprehensive Open Source Security Project What Journalists Want: The Investigative Reporters' Perspective on Hacking Dave Maas, San Diego CityBeat Jason Leopold, Truthout.org The difference between hackers and investigative journalists: For hackers, the motivation varies, but method is same, technological specialties. For investigative journalists, it's about one thing—The Story, and they need broad info-gathering skills. J-School in 60 Seconds: Generic formula: Person or issue of pubic interest, new info, or angle. Generic criteria: proximity, prominence, timeliness, human interest, oddity, or consequence. Media awareness of hackers and trends: journalists becoming extremely aware of hackers with congressional debates (privacy, data breaches), demand for data-mining Journalists, use of coding and web development for Journalists, and Journalists busted for hacking (Murdock). Info gathering by investigative journalists include Public records laws. Federal Freedom of Information Act (FOIA) is good, but slow. California Public Records Act is a lot stronger. FOIA takes forever because of foot-dragging—it helps to be specific. Often need to sue (especially FBI). CPRA is faster, and requests can be vague. Dumps and leaks (a la Wikileaks) Journalists want: leads, protecting ourselves, our sources, and adapting tools for news gathering (Google hacking). Anonomity is important to whistleblowers. They want no digital footprint left behind (e.g., email, web log). They don't trust encryption, want to feel safe and secure. Whistleblower laws are very weak—there's no upside for whistleblowers—they have to be very passionate to do it. Accessibility and Security or: How I Learned to Stop Worrying and Love the Halting Problem Anna Shubina, Dartmouth College Anna talked about how accessibility and security are related. Accessibility of digital content (not real world accessibility). mostly refers to blind users and screenreaders, for our purpose. Accessibility is about parsing documents, as are many security issues. "Rich" executable content causes accessibility to fail, and often causes security to fail. For example MS Word has executable format—it's not a document exchange format—more dangerous than PDF or HTML. Accessibility is often the first and maybe only sanity check with parsing. They have no choice because someone may want to read what you write. Google, for example, is very particular about web browser you use and are bad at supporting other browsers. Uses JavaScript instead of links, often requiring mouseover to display content. PDF is a security nightmare. Executible format, embedded flash, JavaScript, etc. 15 million lines of code. Google Chrome doesn't handle PDF correctly, causing several security bugs. PDF has an accessibility checker and PDF tagging, to help with accessibility. But no PDF checker checks for incorrect tags, untagged content, or validates lists or tables. None check executable content at all. The "Halting Problem" is: can one decide whether a program will ever stop? The answer, in general, is no (Rice's theorem). The same holds true for accessibility checkers. Language-theoretic Security says complicated data formats are hard to parse and cannot be solved due to the Halting Problem. W3C Web Accessibility Guidelines: "Perceivable, Operable, Understandable, Robust" Not much help though, except for "Robust", but here's some gems: * all information should be parsable (paraphrasing) * if not parsable, cannot be converted to alternate formats * maximize compatibility in new document formats Executible webpages are bad for security and accessibility. They say it's for a better web experience. But is it necessary to stuff web pages with JavaScript for a better experience? A good example is The Drudge Report—it has hand-written HTML with no JavaScript, yet drives a lot of web traffic due to good content. A bad example is Google News—hidden scrollbars, guessing user input. Solutions: Accessibility and security problems come from same source Expose "better user experience" myth Keep your corner of Internet parsable Remember "Halting Problem"—recognize false solutions (checking and verifying tools) Stop Patching, for Stronger PCI Compliance Adam Brand, protiviti @adamrbrand, http://www.picfun.com/ Adam talked about PCI compliance for retail sales. Take an example: for PCI compliance, 50% of Brian's time (a IT guy), 960 hours/year was spent patching POSs in 850 restaurants. Often applying some patches make no sense (like fixing a browser vulnerability on a server). "Scanner worship" is overuse of vulnerability scanners—it gives a warm and fuzzy and it's simple (red or green results—fix reds). Scanners give a false sense of security. In reality, breeches from missing patches are uncommon—more common problems are: default passwords, cleartext authentication, misconfiguration (firewall ports open). Patching Myths: Myth 1: install within 30 days of patch release (but PCI §6.1 allows a "risk-based approach" instead). Myth 2: vendor decides what's critical (also PCI §6.1). But §6.2 requires user ranking of vulnerabilities instead. Myth 3: scan and rescan until it passes. But PCI §11.2.1b says this applies only to high-risk vulnerabilities. Adam says good recommendations come from NIST 800-40. Instead use sane patching and focus on what's really important. From NIST 800-40: Proactive: Use a proactive vulnerability management process: use change control, configuration management, monitor file integrity. Monitor: start with NVD and other vulnerability alerts, not scanner results. Evaluate: public-facing system? workstation? internal server? (risk rank) Decide:on action and timeline Test: pre-test patches (stability, functionality, rollback) for change control Install: notify, change control, tickets McAfee Secure & Trustmarks — a Hacker's Best Friend Jay James, Shane MacDougall, Tactical Intelligence Inc., Canada "McAfee Secure Trustmark" is a website seal marketed by McAfee. A website gets this badge if they pass their remote scanning. The problem is a removal of trustmarks act as flags that you're vulnerable. Easy to view status change by viewing McAfee list on website or on Google. "Secure TrustGuard" is similar to McAfee. Jay and Shane wrote Perl scripts to gather sites from McAfee and search engines. If their certification image changes to a 1x1 pixel image, then they are longer certified. Their scripts take deltas of scans to see what changed daily. The bottom line is change in TrustGuard status is a flag for hackers to attack your site. Entire idea of seals is silly—you're raising a flag saying if you're vulnerable.

    Read the article

  • Hidden Features of C#?

    - by Serhat Özgel
    This came to my mind after I learned the following from this question: where T : struct We, C# developers, all know the basics of C#. I mean declarations, conditionals, loops, operators, etc. Some of us even mastered the stuff like Generics, anonymous types, lambdas, linq, ... But what are the most hidden features or tricks of C# that even C# fans, addicts, experts barely know? Here are the revealed features so far: Keywords yield by Michael Stum var by Michael Stum using() statement by kokos readonly by kokos as by Mike Stone as / is by Ed Swangren as / is (improved) by Rocketpants default by deathofrats global:: by pzycoman using() blocks by AlexCuse volatile by Jakub Šturc extern alias by Jakub Šturc Attributes DefaultValueAttribute by Michael Stum ObsoleteAttribute by DannySmurf DebuggerDisplayAttribute by Stu DebuggerBrowsable and DebuggerStepThrough by bdukes ThreadStaticAttribute by marxidad FlagsAttribute by Martin Clarke ConditionalAttribute by AndrewBurns Syntax ?? operator by kokos number flaggings by Nick Berardi where T:new by Lars Mæhlum implicit generics by Keith one-parameter lambdas by Keith auto properties by Keith namespace aliases by Keith verbatim string literals with @ by Patrick enum values by lfoust @variablenames by marxidad event operators by marxidad format string brackets by Portman property accessor accessibility modifiers by xanadont ternary operator (?:) by JasonS checked and unchecked operators by Binoj Antony implicit and explicit operators by Flory Language Features Nullable types by Brad Barker Currying by Brian Leahy anonymous types by Keith __makeref __reftype __refvalue by Judah Himango object initializers by lomaxx format strings by David in Dakota Extension Methods by marxidad partial methods by Jon Erickson preprocessor directives by John Asbeck DEBUG pre-processor directive by Robert Durgin operator overloading by SefBkn type inferrence by chakrit boolean operators taken to next level by Rob Gough pass value-type variable as interface without boxing by Roman Boiko programmatically determine declared variable type by Roman Boiko Static Constructors by Chris Easier-on-the-eyes / condensed ORM-mapping using LINQ by roosteronacid Visual Studio Features select block of text in editor by Himadri snippets by DannySmurf Framework TransactionScope by KiwiBastard DependantTransaction by KiwiBastard Nullable<T> by IainMH Mutex by Diago System.IO.Path by ageektrapped WeakReference by Juan Manuel Methods and Properties String.IsNullOrEmpty() method by KiwiBastard List.ForEach() method by KiwiBastard BeginInvoke(), EndInvoke() methods by Will Dean Nullable<T>.HasValue and Nullable<T>.Value properties by Rismo GetValueOrDefault method by John Sheehan Tips & Tricks nice method for event handlers by Andreas H.R. Nilsson uppercase comparisons by John access anonymous types without reflection by dp a quick way to lazily instantiate collection properties by Will JavaScript-like anonymous inline-functions by roosteronacid Other netmodules by kokos LINQBridge by Duncan Smart Parallel Extensions by Joel Coehoorn

    Read the article

  • System.Web.Caching vs. Enterprise Library Caching Block

    - by ESV
    For a .NET component that will be used in both web applications and rich client applications, there seem to be two obvious options for caching: System.Web.Caching or the Ent. Lib. Caching Block. What do you use? Why? System.Web.Caching Is this safe to use outside of web apps? I've seen mixed information, but I think the answer is maybe-kind-of-not-really. a KB article warning against 1.0 and 1.1 non web app use The 2.0 page has a comment that indicates it's OK: http://msdn.microsoft.com/en-us/library/system.web.caching.cache(VS.80).aspx Scott Hanselman is creeped out by the notion The 3.5 page includes a warning against such use Rob Howard encouraged use outside of web apps I don't expect to use one of its highlights, SqlCacheDependency, but the addition of CacheItemUpdateCallback in .NET 3.5 seems like a Really Good Thing. Enterprise Library Caching Application Block other blocks are already in use so the dependency already exists cache persistence isn't necessary; regenerating the cache on restart is OK Some cache items should always be available, but be refreshed periodically. For these items, getting a callback after an item has been removed is not very convenient. It looks like a client will have to just sleep and poll until the cache item is repopulated. Memcached for Win32 + .NET client What are the pros and cons when you don't need a distributed cache?

    Read the article

  • Child objects in MongoDB

    - by Jeremy B.
    I have been following along with Rob Conery's Linq for MongoDB and have come across a question. In the example he shows how you can easily nest a child object. For my current experiment I have the following structure. class Content { ... Profile Profile { get; set; } } class Profile { ... } This works great when looking at content items. The dilemma I'm facing now is if I want to treat the Profile as an atomic object. As it stands, it appears as if I can not query the Profile object directly but that it comes packaged with Content results. If I want it to be inclusive, but also be able to query on just Profile I feel like my first instinct would be to make Profiles a top level object and then create a foreign key like structure under the Content class to tie the two together. To me it feels like I'm falling back on RDBMS practices and that feels like I'm most likely going against the spirit of Mongo. How would you treat an object you need to act upon independently yet also want as a child object of another object?

    Read the article

  • MonoDevelop: Addin generation issues

    - by calmcajun
    I am having problems creating the root.mrep file for a updated MonoDevelop Addin. The Addin was originally built for MonoDevelop 2.2. I am able to build the updated project but when I use mdrun.exe setup rep-build to generate the .mrep files(main and root) it only generates the main.mrep file and not the root.mrep file. Is there a new way of building the addin that I am missing? I used both setup pack and then setup rep-build. I have listed a snippet of the addin.xml file below: <Addin id = "Addin" namespace = "MonoDevelop" name = "Monobjc development" author = "Rob L" copyright = "" description = "Addin" category = "Mac Development" version = "1.0"> <Runtime> <Import assembly="MonoDevelop.Sample.dll" /> <Import assembly="MonoDevelop.MacDev.dll" /> <Import assembly="Sample.Tools.dll" /> </Runtime> <Dependencies> <Addin id="Core" version="2.4" /> <Addin id="Core.Gui" version="2.4" /> <Addin id="Projects" version="2.4" /> <Addin id="Projects.Gui" version="2.4" /> <Addin id="Ide" version="2.4" /> </Dependencies> <MoreStuffHere /> </Addin>

    Read the article

  • UIScrollView only works if the child views aren't hit

    - by dny238
    I have a scroll view that doesn't scroll right, I've simplified the code for below. It draws the view and some horizontal buttons that i add more stuff to in the real code. If you drag the whitespace between the buttons the view scrolls. If you happen to put your finger on a button, it won't scroll. After a related suggestion, I tried to add the delaysContentTouches = YES line, but it doesn't seem to make a difference. http://stackoverflow.com/questions/650437/iphone-uiscrollview-with-uibuttons-how-to-recreate-springboard What am I doing wrong? TIA, Rob Updated the code - (void)viewDidLoad { l = [self landscapeView]; [self.view addSubview:l]; [l release]; } - (UIScrollView *) landscapeView { // LANDSCAPE VIEW UIScrollView *landscapeView = [[UIScrollView alloc] initWithFrame:CGRectMake(0, 0, 320, 325)]; landscapeView.backgroundColor = [UIColor whiteColor]; landscapeView.delaysContentTouches = YES; NSInteger iMargin, runningY, n; iMargin = 3; runningY = iMargin; for (n = 1; n <= 38; n++) { //add day labels UIButton *templabel = [[UIButton alloc] initWithFrame:CGRectMake(iMargin,runningY,320 - ( 2 * iMargin),20)]; templabel.backgroundColor = [UIColor grayColor]; [landscapeView addSubview:templabel]; [templabel release]; runningY = runningY + 30; } landscapeView.contentSize = CGSizeMake( 320, runningY); return landscapeView; }

    Read the article

  • Using Lambda Expressions trees with IEnumerable

    - by Loathian
    I've been trying to learn more about using Lamba expression trees and so I created a simple example. Here is the code, this works in LINQPad if pasted in as a C# program. void Main() { IEnumerable<User> list = GetUsers().Where(NameContains("a")); list.Dump("Users"); } // Methods public IEnumerable<User> GetUsers() { yield return new User{Name = "andrew"}; yield return new User{Name = "rob"}; yield return new User{Name = "chris"}; yield return new User{Name = "ryan"}; } public Expression<Func<User, bool>> NameContains(string namePart) { return u => u.Name.Contains(namePart); } // Classes public class User { public string Name { get; set; } } This results in the following error: The type arguments for method 'System.Linq.Enumerable.Where(System.Collections.Generic.IEnumerable, System.Func)' cannot be inferred from the usage. Try specifying the type arguments explicitly. However if I just substitute the first line in main with this: IEnumerable<User> list = GetUsers().Where(u => u.Name.Contains("a")); It works fine. Can tell me what I'm doing wrong, please?

    Read the article

  • PCA extended face recognition

    - by cMinor
    The state of the art says that we can use PCA to perform face recognition. like this, this or this I am working with a project that involves training a classifier to detect a person who is wearing glasess or hats or even a mustache. The purpose of doing this is to detect when a person that has robbed a bank, store, or have commeted some sort of crime(s) (we have their image in a database), enters a certain place ( historically we know these guys have robbed, so we should take care to avoid problems). We came first to have a distributed database with all images of criminals, then I thought to have a layer of them clasifying these criminals using accesories like hats, mustache or anything that hides their face etc... Then, to apply that knowledge to detect when a particular or a suspect person enters a comercial place. ( In practice when someone is going to rob not all the times they are using an accesorie...) What do you think about this idea of doing PCA to first detect principal components of the face and then the components of an accesory. I was thinking that maybe a probabilistic approach is better so we can compute the probability the criminal is the person that entered a place and call the respective authorities.

    Read the article

  • Subsonic 3 ActiveRecord nested select for NotIn bug?

    - by Junto
    I have the following Subsonic 3.0 query, which contains a nested NotIn query: public List<Order> GetRandomOrdersForNoReason(int shopId, int typeId) { // build query var q = new SubSonic.Query.Select().Top("1") .From("Order") .Where("ShopId") .IsEqualTo(shopId) .And(OrderTable.CustomerId).NotIn( new Subsonic.Query.Select("CustomerId") .From("Customer") .Where("TypeId") .IsNotEqualTo(typeId)) .OrderDesc("NewId()"); // Output query Debug.WriteLine(q.ToString()); // returned typed list return q.ExecuteTypedList<Order>(); } The internal query appears to be incorrect: SELECT TOP 1 * FROM [Order] WHERE ShopId = @0 AND CustomerId NOT IN (SELECT CustomerId FROM [Customer] WHERE TypeId = @0) ORDER BY NewId() ASC You'll notice that both parameters are @0. I'm assuming that the parameters are enumerated (starting at zero), for each "new" Select query. However, in this case where the two Select queries are nested, I would have expected the output to have two parameters named @0 and @1. My query is based on one that Rob Conery gave on his blog as a preview of the "Pakala" query tool that became Subsonic 3. His example was: int records = new Select(Northwind.Product.Schema) .Where("productid") .In( new Select("productid").From(Northwind.Product.Schema) .Where("categoryid").IsEqualTo(5) ) .GetRecordCount(); Has anyone else seen this behavior? Is it a bug, or is this an error or my part? Since I'm new to Subsonic I'm guessing that this probably programmer error on my part but I'd like confirmation if possible.

    Read the article

  • Weird URL parse issue. (Android)

    - by Tarmon
    I am attempting to parse in a URL to a KML file from maps.google.com. When I try and use this link: http://maps.google.com/maps/ms?ie=UTF8&hl=en&msa=0&msid=112748174025829638330.000483ad6315714cc941d&z=13&output=kml` I am unable to overlay this KML file on my MapView. If I were to take the KML file that I get from following this link and upload it to my Dropbox it will work just fine. I think there may be something about the URL from Google that it doesn't like? Link from dropbox: http://dl.dropbox.com/u/1037184/Blue_original.kml Also it would be better if we could just save these KML files locally and pass them in the same way but I can't figure out a way to do this. Here is the code I am using: Intent mapIntent = new Intent(Intent.ACTION_VIEW); Uri uri1 = Uri.parse("geo:0,0?q=http://code.google.com/apis/kml/ documentation/KML_Samples.kml"); mapIntent.setData(uri1); startActivity(Intent.createChooser(mapIntent, "Test")); The URL used in this example also works. So to recap: I am curious as to why some URLs work and others don't. Is there a way to place this KML file locally on the device and pass it to a Uri object? Any other suggestions? Thanks, Rob

    Read the article

  • Multi-tenant Access Control: Repository or Service layer?

    - by FreshCode
    In a multi-tenant ASP.NET MVC application based on Rob Conery's MVC Storefront, should I be filtering the tenant's data in the repository or the service layer? 1. Filter tenant's data in the repository: public interface IJobRepository { IQueryable<Job> GetJobs(short tenantId); } 2. Let the service filter the repository data by tenant: public interface IJobService { IList<Job> GetJobs(short tenantId); } My gut-feeling says to do it in the service layer (option 2), but it could be argued that each tenant should in essence have their own "virtual repository," (option 1) where this responsibility lies with the repository. Which is the most elegant approach: option 1, option 2 or is there a better way? Update: I tried the proposed idea of filtering at the repository, but the problem is that my application provides the tenant context (via sub-domain) and only interacts with the service layer. Passing the context all the way to the repository layer is a mission. So instead I have opted to filter my data at the service layer. I feel that the repository should represent all data physically available in the repository with appropriate filters for retrieving tenant-specific data, to be used by the service layer. Final Update: I ended up abandoning this approach due to the unnecessary complexities. See my answer below.

    Read the article

  • What permissions do I need to grant to run RavenDB in Server mode?

    - by dalesmithtx
    I'm reading through Rob Ashton's excellent blog post on RavenDB: http://codeofrob.com/archive/2010/05/09/ravendb-an-introduction.aspx and I'm working through the code as I read. But when I try to add an index, I get a 401 error. Here's the code: class Program { static void Main(string[] args) { using (var documentStore = new DocumentStore() { Url = "http://localhost:8080" }) { documentStore.Initialise(); documentStore.DatabaseCommands.PutIndex( "BasicEntityBySomeData", new IndexDefinition<BasicEntity, BasicEntity>() { Map = docs => from doc in docs where doc.SomeData != null select new { SomeData = doc.SomeData }, }); string entityId; using (var documentSession = documentStore.OpenSession()) { var entity = new BasicEntity() { SomeData = "Hello, World!", SomeOtherData = "This is just another property", }; documentSession.Store(entity); documentSession.SaveChanges(); entityId = entity.Id; var loadedEntity = documentSession.Load<BasicEntity>(entityId); Console.WriteLine(loadedEntity.SomeData); var docs = documentSession.Query<BasicEntity>("BasicEntityBySomeData") .Where("SomeData:Hello~") .WaitForNonStaleResults() .ToArray(); docs.ToList().ForEach(doc => Console.WriteLine(doc.SomeData)); Console.Read(); } } } It throws the 401 error when on the line that makes the PutIndex() call. Any ideas what permissions I need to apply? And where I need to apply them?

    Read the article

  • How to move a symlink to the trash?

    - by neoneye
    I don't see any options for the FSPathMoveObjectToTrashSync() function for not following links. Here is what I have tried Create a link and a file [ 21:32:41 /tmp ] $ touch my_file [ 21:32:45 /tmp ] $ ln -s my_file my_link [ 21:32:52 /tmp ] $ la total 8 drwxrwxrwt 12 root wheel 408 17 Maj 21:32 . drwxr-xr-x@ 6 root wheel 204 9 Sep 2009 .. -rw-r--r-- 1 neoneye wheel 0 17 Maj 21:32 my_file lrwxr-xr-x 1 neoneye wheel 7 17 Maj 21:32 my_link -> my_file Move the link to the trash OSStatus status = FSPathMoveObjectToTrashSync( "/tmp/my_link", NULL, kFSFileOperationDefaultOptions ); NSLog(@"status: %i", (int)status); Output is status: 0 However the file got removed and not the link [ 21:32:55 /tmp ] $ la total 8 drwxrwxrwt 11 root wheel 374 17 Maj 21:33 . drwxr-xr-x@ 6 root wheel 204 9 Sep 2009 .. lrwxr-xr-x 1 neoneye wheel 7 17 Maj 21:32 my_link -> my_file [ 21:33:05 /tmp ] $ How can I move move symlinks to the trash? The Solution.. thanks to Rob Napier NSString* path = @"/tmp/my_link"; OSStatus status = 0; FSRef ref; status = FSPathMakeRefWithOptions( (const UInt8 *)[path fileSystemRepresentation], kFSPathMakeRefDoNotFollowLeafSymlink, &ref, NULL ); NSAssert((status == 0), @"failed to make FSRef"); status = FSMoveObjectToTrashSync( &ref, NULL, kFSFileOperationDefaultOptions ); NSLog(@"status: %i", (int)status);

    Read the article

< Previous Page | 46 47 48 49 50 51 52 53 54  | Next Page >