I’m back in business!

After nearly 2 months I finally have my blog back. Trying to sort it out has been frustrating and annoying for me – but I’m pleased to say that I stuck with it, though at times I did ask myself whether it was worth it, did I care enough to fix things or should I just wash my hands and walk away.

So what happened? I thought I’d upgrade from BlogEngine.Net 1.6.1 to one of the release candidates for BlogEngine.Net 2.0, I downloaded a build, compiled it – it ran locally, so I merged in the customisations I’ve made and also updated the theme I use slightly (I’ll probably do another post with this theme as a download soon). Everything was looking great, so I backed up my SQL database, copied all the files from my server to a folder on my desktop then deleted all my hosted files, uploaded the new site and… was left staring at an unhelpful YSOD. So I set my web.config to show me a bit more detail and was confronted by “The type or namespace name ‘BlogEngine’ could not be found” – this usually indicates a problem with how the Virtual Directory is configured, but I couldn’t find anything wrong with in the control panel. After a bit I decided to simply restore the old copy of the site and fix whatever was causing the issue on a sub-domain. That didn’t work, I was still getting the same error. Go Daddy support were not much help, I got generic advice on how to configure a virtual directory, something that looked like it had been copied then pasted into the response from their help pages. There was a bit of back and forth on this for the next couple of weeks, during which time, as I said, I thought about just giving up.

Fortunately for me, one of the BlogEngine.Net developers was kind enough to, not only write up how to compile for ASP.NET 4.0 and how to set things up on Go Daddy – but he also took a look at my account and managed to get BE.N 2.0 set up and working for me. Ruslan… thanks again!

After that I just needed to merge back in my customisations and make sure my theme worked and… well here I am again. I decided to take down my Photos page – it wasn’t getting many hits and is kinda off-topic anyway.

I am hoping to have something interesting to say this year – I’ll review in 12 months time and we’ll see what you thought!

Tags: rant | Categories: SiteNotice

I’m trying to keep the content on this site focussed on .NET and programming / developing software but every so often I feel compelled to speak up about something outside that arena – this post is one of those posts.

I don’t have much to do with hackers besides writing code that should keep them out of websites, as far as I know none of the sites I’ve written have attracted any attention from hackers – I suspect they’ve got their sites set on more interesting targets. However the recent decision by the British government to extradite computer hacker Gary McKinnon upset me enough that I’m posting about it here to vent my feelings.

To me this seems to sell out British citizens and I have to wonder to whom the government is answerable to, is it the British citizenship or the American government. I’m not condoning hacking, what Mr McKinnon did was wrong end of discussion. What secrets did he steal, what damage did he cause? Well besides hacking into US government computers, including those of NASA and the Pentagon… the only damage he seems to have caused is to reputation of the IT departments that set up the weak security ‘protecting’ those computers – access was gained using default administrator passwords! It is lucky that he wasn’t out to steal secrets or cause problems. According to Mr McKinnon he was on a “moral crusade” to prove US intelligence had found an alien craft run on clean fuel. I agree he should be punished but that can be done on British soil and by our own penal system; the US government has zero credibility for dealing with suspects after Guantanamo bay. America still has the death penalty for juvenile offenders, there is no moral high ground to be had there!

Mr McKinnon is a British citizen, the crimes he committed were carried out on British soil and he should be dealt with by the British legal system. Each country has its own set of laws and it is not right to enforce those laws outside the jurisdiction of that country, in the current global age is is wrong to assume that criminals will not look abroad to commit their crimes. However international laws should exist to deal with such situations as they do for other crimes.

Home Secretary Alan Johnson could block the extradition, he could stand up for a British citizen, he could recognise the unusual and cruel treatment of Mr McKinnon who has been in an heightened state of terror for almost eight years, he could recognise the mental vulnerability of Mr McKinnon and keep him on home soil. However he has chosen not to and seems to have fast tracked this case.

I hope the European Court of Human Rights can step in and apply some common sense here.

Tags: rant | Categories: Rant

Post by Karl Lynch

As with an increasing number of observers, I've come to worry about the steadily growing pile of data, personal and otherwise, that Google and various other authorities (such as Phorm) are gathering about the online activities of the denizens of the Internet.

Some are happy to accept the slurping of every word we type in to our web browsers as a small price to pay for better service. To them I say good luck.

I, however, have no interest in better adverts or in allowing reams of my private data to end up on the hard disks of shadowy, unaccountable organisations.

Hence why I have been very sceptical of Google's entry in to the web browser market with 'Google Chrome'. Complete with a search-meets-URL address bar, that very kindly sends all your URLs and search data away to Google for storage against a unique Chrome ID, Chrome represents a great way for Google to grow its vast empire of data collection mechanisms.

Recently many technology commentators have been writing about the virtues of Chrome- it's fast JavaScript engine, it's fine rendering abilities (based on Webkit) and it's speedy start up. I began hunting on the Internet to find out more about what powers Chrome, AKA the open-source Chromium Project.

What I found is a highly configurable piece of software which has great potential, if only we can stop it being a wire-tap for Google in to every email, news website, blog or dodgy URL we visit in our lives.

I've hunted through various forums and technical discussions, and come up with a definitive list of steps which can tame Google Chrome and render it as harmless as any other browser… which makes it absolutely superb. It's fast, slick, compatible, standards compliant and small. Whilst currently unavailable on Mac and Linux, its arrival is imminent and these same steps will help users (who wish to) remove it's fangs.

Step 1: Anonymise your Chrome Installation

As with all things Google, exactly how and why they do things is never explained. How much data do they collect? How is it used? Your guess is as good as mine. Their mission statements are vague and their user licenses very, very broad.

Your first step to removing Chrome's dependency on the Google monster is to anonymise it. Each installation of Chrome generates a unique ID, which can be used to exactly identify that browser in time and space.

Fancy that? Not I. It's a piece of software and can behave as such, if I want an ID card I'll ask for one.

To anonymise Chrome, download 'UnChrome' (a quick Scroogle for this will bring it up). UnChrome will remove this unique ID, leaving your installation of Chrome nice and unfettered. Just make sure to read the messages (and not click on the advert at the end unless you actually want the product it's selling).

Step 2:

Remove Google as the vast, data-munching, intergalactic slug at the waiting end of every URL and search item you type. You can do this by right-clicking the address bar in Chrome and choosing 'Edit Search Engines'.

If you want to replace Google with MSN, Ask (A front end for Google, be warned) or Yahoo you can pick these from a list.

I recommend Scroogle, a Google scraper. All the wonders of the Google search algorithm with none of the cookie-tracking, user profiling dubiousness.

You can add the SSL version of Scroogle (so nobody can intercept what you're searching for!) with this URL once you click on 'Add': https://ssl.scroogle.org/cgi-bin/nbbw.cgi?Gw=%s

From now on, all searches will be performed against your search provider of choice. Lovely!

Step 3: Turn off Google-friendly options!

If you click on Options, and then go to 'Under the Hood', you can turn off all of the various options that help Google slurp up your lovely, lovely data.
From 'Under the Hood', turn off:

• Show suggestions for navigation errors (since this involves sending your URLs to Google)
• Use a suggestion service to help complete searches and URLs (as above)
• Help make Google Chrome better
• and set cookies to be 'Restricted' (general good practice)

Your Google Chrome is now, essentially, just 'Chromium': the open-source browser which this software should be. But wait, there's more...

Step 4: Be careful where you type!

Everything you type in to the modern Internet is being recorded somewhere. This worries me, I like my privacy. Don't misunderstand this however- if you are a terrorist or some other variant of ne'er-do-well, the police and security agencies have various tools to catch you regardless.

What I'm talking about is casual snooping, like Phorm or other companies that want to take a gander at what I send and receive over the Internet for yucks and giggles (and not a small amount of profit on a service I already pay my ISP for).

How do we stop them?

Well, for starters, use a free and anonymous proxy service. I use Proxify. This service is free (although some website functions are disabled) and will encrypt all traffic between your PC and your ISP. No casual snooping for me!

Alternatives to this include Tor, which I don't have enough experience with to write about competently given their numerous configuration options, but these services will act like Proxify and ensure that no casual snooper can intercept your precious data.

Further more, although not available for Chromium right now, consider using tools like NoScript and AdBlock+. These tools will be coming very soon, and will not only ensure you never see another advert again they will also minimise the risks associated with JavaScript (such as Cross-Site-Scripting and removing the Google tracking gubbins that now turns up on almost every page on the Internet).

Also remember to make use of Chrome's ability to use Incognito mode (so nothing you type ends up in your history or cache) and also of the 'Clear Browsing Data' tool. Cookies pile up on web browsers very quickly so washing them out regularly is a good way to make sure you're not being tracked any more than necessary (although anywhere you log in on the Internet without disguising your IP or email will be linkable back to you somewhere along the line).

There you have it, four simple steps to keeping your Internet your own using a lovely, slick browser which boots up almost instantly. And don't worry about poor Google, enough suckers will queue up to hand over their personal data to keep the Mountain View Chocolate Factory well-oiled for many years to come.

Tags: rant, chrome, anonymity | Categories: Rant | Musings

Like many I was pretty excited when Microsoft announced IE8 would be much improved in terms of compatibility, standards and accessibility; foolishly I allowed myself to dream that soon support for IE6 would be a thing of the past. They seemed to listen when developers voiced their concerns over the way it would handle “Quirks” and so the dream continued.

However, as I’m sure you know unless you’ve been hiding under a big rock, Microsoft released IE8 recently and well the response has been… meh! Jake Goldman has written a post 3 simple examples: why Internet Explorer 8 disappoints web developers that explains some of the reasons this release hasn’t impressed many. Paul Thurrott has responded, albeit with his Microsoft hat on, and attempted to justify the short comings. I am not convinced that appealing to the “real users with real concerns” argument is entirely valid here. Sure not everyone cares whether a browser passes the Acid3 test, most people wont even know what it is and quite frankly that we need to have it at all highlights the fundamental problem here.

What “real users” (and developers for that matter) want is all browsers to behave the same, to interpret mark-up the same way so there is some consistency. That should be the starting point for any new browser (or new version) only when the browser correctly deals with the fundamentals should the bells and whistles be considered e.g. web slices, extensions, tabs or whatever. Note: I am not singling out IE8 here, this point is valid for all browsers.

Tags: ie8, standards, rant | Categories: Rant | Development