DarenHan's Blog

Dot Net Video Learning Websites

2008-12-26T17:10:00Z

I found some sites in a forum post somewhere and decide to share these links.

MSDN WEBCASTS
http://www.microsoft.com/events/webcasts/ondemand.mspx

DNR TV
http://www.dnrtv.com/

MSDN UK NUGGETS
http://www.microsoft.com/uk/msdn/nuggets/

HANSEL POSCAST
http://www.hanselminutes.com/

CHANNEL 9 SCREEN CAST
http://channel9.msdn.com/ShowForum.aspx?ForumID=38

DAVID HAYDEN'S SCREEN CAST
http://www.pnpguidance.net/Screencasts.aspx

WONDERHOWTO
http://www.wonderhowto.com/computer-programming/asp-net-video/

DimeCasts Learn something New
http://www.dimecasts.net/Home

Best Tech Videos
http://www.bestechvideos.com

Videos of Asp.net, C#
http://aspdotnetsolutions.blogspot.com/search/label/Video%20Tutorials

DotNetVideos
http://www.dotnetvideos.net

The amount of time for a script to execute was exceeded error.

2008-12-23T06:03:00Z

I recently got lots of this following error in the event viewer and on my classic asp pages / asp.net pages for some applications that are under maintainance:

"The amount of time for a script to execute was exceeded. You can change this limit by specifying a new value for the
property Server.ScriptTimeout."

I google for it and the best explaination is found in

http://www.eggheadcafe.com/software/aspnet/32876212/script-timed-out-error.aspx

It explains that the sql scripts / stored procedures are executing very slowly, hence the error.

I have also checked Microsoft FAQ about ScriptTimeout.

"An increase in timeout value can have a negative effect on server performance. You should design scripts that run within the default timeout settings. For example, an increase in script timeout value can keep IIS threads occupied and reduce the number of users that the server can serve."

http://support.microsoft.com/kb/268364

So the best solution is to fine-tune the sql / stored procedure before executing it again. Increasing the value of Server.ScriptTimeout is not a solution as explained by Microsoft as above.

zero day vulnerability for Internet Explorer

2008-12-20T12:30:00Z

Microsoft issues an out-of-band patch for the zero-day flaw affecting Internet Explorer. The IE security fix comes in response to reports hackers have been targeting the Web browser data binding vulnerability for at least a week.

Microsoft released a patch Dec. 17 for a zero-day vulnerability affecting Internet Explorer that has been making headlines recently.

The vulnerability, which affects every version from IE 5 to IE 8 Beta 2, lies in the browser's data binding function. According to Microsoft, when data binding is enabled—which it is by default—it is possible under certain conditions for an object to be released without updating the array length. This makes it possible to access the deleted object's memory space and cause the browser to exit unexpectedly in a state that is exploitable.

An attacker can exploit the vulnerability via a specially crafted Web page. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user, according to the Microsoft advisory.

Read how hackers are using legitimate sites to exploit the Internet Explorer flaw.

http://www.eweek.com/c/a/Security/Hackers-Compromise-Legit-Web-Sites-to-Target-Microsoft-IE-Flaw/

"This out-of-band security update is not cumulative," Microsoft officials stated in the advisory. "To be fully protected, customers should apply this update after applying the most recent cumulative security update for Internet Explorer. This update, MS08-078, will be included in a future cumulative security update for Internet Explorer."

Reports of attacks targeting the vulnerability began to surface the week of Dec. 8, and over the weekend, hackers were found to be compromising legitimate Web sites as part of their efforts to infect vulnerable users. McAfee reported Dec. 17 that a number of variants of the exploit are circulating, including one that uses malicious Word document files.

For those who cannot quickly deploy the patch, Microsoft has made information available about a number of workarounds and mitigations, including restricting Internet Explorer from using OLEDB32.dll with an Integrity Level ACL and disabling X M L Island functionality.

Get the patches here:

http://www.microsoft.com/technet/security/bulletin/ms08-078.mspx

Next Gen of TV on your computer

2008-12-07T08:58:00Z

I been looking in some forum lately and discover Boxee TV.

Boxee gives you a true entertainment experience to enjoy your movies, TV shows, music and photos, as well as streaming content from websites like Hulu, Netflix, CBS, Comedy Central, Last.fm, and flickr.

You have to sign up to get an invite.

http://www.boxee.tv/index.php

Virus that disable cmd prompt and regedit

2008-12-07T01:03:00Z

I was at my uncle place fixing his computer due to virus infection in his computer and laptop.

I discover command prompt was disabled and regedit too. The error message was "The command prompt / regedit was disabled by your administrator".

I was puzzled because I am already using the admin user account in XP to login.

Nowadays the virus writers disable the command prompt and regedit so you cannot troubleshoot the problem.

So i use google and found symantec tool 's UnHookExec.inf to unlock the regedit.

http://www.pchell.com/support/registryeditordisabled.shtml

For command prompt unlock (after setting the regedit problem),

I used method 2 on this website: http://windowsxp.mvps.org/disablecmd.htm

Open Registry Editor (Regedit.exe) and navigate to:

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System]

In the right-pane, double-click DisableCMD and set it's data to 0

and there is a virus WinSit.exe which i disable using msconfig.

http://www.frihost.com/forums/vt-77939.html

After that, I use Trendmicro to remove traces of the virus.

It is a pity that virus scanners cannot undo the setting of priviledge settings of command prompt and regedit, so I have to DIY.

All thanks to Google for providing me the help. :)

save $$ on your mobile with callback service from Hoiio

2008-11-14T01:12:00Z

Hoiio is an service that lowers your phone bill, especially if you are always exceeding your bundled talktime, or if you are always making international call or SMS.

Hoiio is a must have app for a windows mobile phone! Whats more, it is free to register, prepaid based (no monthly subscription) and it is giving $1 bonus credits upon registering!

http://content.hoiio.com/localmobilecall.html

videos:

http://www.youtube.com/watch?v=G_tCZjIOhN8

http://www.youtube.com/watch?v=jwFJMaxkG_8

just tried it on samsung omnia and it works!

Related MS virtualisation downloads

2008-10-31T07:15:00Z

http://www.microsoft.com/virtualization/downloads.mspx?CR_ID=-1&CR_TC=9OSUHTEXXE95SOS

For those people who are keen to try out hyper-v and virtualisation. :)

CrossOver Mac for free while stock last

2008-10-28T12:56:00Z

CrossOver Mac allows those people using Mac Laptops (yes MacBook and MacBook Pro) to use Microsoft Applications including Office etc.

This offer is only for 2 days (today and tomorrow), get it while stock lasts.

http://lameduck.codeweavers.com/free/

windows mobile 7 set to released next year 2009

2008-10-27T13:58:00Z

I got mixed feelings about this. Sources said when windows mobile 7 released, skymarket will be released too. It will compete with Apple appstore . Only time will tell who will emerge the winner.

screenshots and review: http://microsoft.blognewschannel.com/archives/2008/01/06/exclusive-windows-mobile-7-to-focus-on-touch-and-motion-gestures/

SkyMarket: http://www.guardian.co.uk/technology/blog/2008/sep/01/microsoftskymarketcomingfor

Microsoft Security Bulletin MS08-067 – Critical

2008-10-25T14:54:00Z

From windows secrets:

With little warning, Microsoft released yesterday an unscheduled or "out-of-cycle" patch for a highly critical vulnerability that affects all versions of Windows.

Security bulletin MS08-067 (patch 958644) was posted to warn of a remote-code attack that could spread wildly across the Internet. Microsoft says it found evidence two weeks ago of an RPC (remote procedure call) attack that can potentially infect Windows machines across the Net with no user action required. Windows Server 2003, 2000, and XP (even with Service Pack 2 or 3 installed) are particularly vulnerable.

Vista and Server 2008 gain some protection via User Account Control, data-execution protection, and other safeguards, as explained in an article by Dan Goodin in the Register. While firewalls are a first line of defense against this attack, don't think you're secure just because you have a firewall. Malware and viruses use many different techniques to wiggle their way into our systems. For example, my office's networks are protected by firewalls on the outside, but inside the network, PCs have file and printer sharing enabled. If a worm got loose inside the office network (and the patch hadn't been installed), the attack would spread like wildfire. Many antivirus vendors have already issued definition updates that protect against this attack. Your antivirus program, however, may not protect you completely even if your AV definitions are up-to-date.

Early reports indicate that there are already nine different strains of viruses trying to take advantage of this vulnerability. We can expect more to come, so even the best AV application may not be able to update fast enough. I've tested this patch and have had no problems applying it. I strongly urge you to download and install this patch manually. Restart your PC before installing any patch to verify that your machine is bootable.

Then be sure to reboot again after installing the patch, so the patched binaries completely replace the vulnerable components. Microsoft has posted several versions of the patch that apply to different operating systems: Windows XP with Service Pack 2 or 3 patch

download http://www.microsoft.com/downloads/details.aspx?familyid=0D5F9B6E-9265-44B9-A376-2067B73D6A03&displaylang=en

More information: Please read security bulletin MS08-067. For an excellent technical explanation of the vulnerability and possible mitigations, read TechNet's Oct. 23 description. (TechNet incorrectly refers to MS08-067 as "out-of-band," but the patch is simply out-of-cycle, because it wasn't released on Microsoft's usual Patch Tuesday monthly cycle.)

More info: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

Strange System Volume Information folder on WinXP

2008-09-25T23:30:00Z

Recently, I saw a trojan able to sneak itself into my f drive "System Volume Information" read-only folder without my knowledge. However when i tried to access this folder to delete the trojan, it prompts me access denied on this folder.

Why this folder is so special?

This folder is actually a part of System Restore; the tool that allows you to set points in time to roll back your computer. The System Volume Information folder is where XP stores these points and associated information that makes them accessible.

Read more about it here to change the access permission of the folder:

1. http://www.theeldergeek.com/system_volume_information_folder1.htm

2. http://support.microsoft.com/kb/309531

No wonder Microsoft wants people to upgrade to Vista...WinXP is not safe by itself.

I managed to clean this trojan by using NOD32 antivirus. Yeah!

Pitfall of storing dataset in a session variable

2008-09-24T09:50:00Z

1. Session("dataSetXXXX") = dsSelect

2. dsSelect = CType(Session("dataSetXXX"), DataSet)

In (1), what if your dataset contain 60,000 rows of data?

(2), the conversion of a big session variable to a dataset will take up resources (memory usage).

The above is a WTF example of bad coding standard which I saw recently when I was doing a code review of someone's else code.

Microsoft PC vs Mac advertisements

2008-09-20T06:36:00Z

Recently, I just found some interesting ads from microsoft advertising PC vs Macs. Just sharing the links as of below.

I am PC Ads

http://www.youtube.com/watch?v=oWk8ouioXgE

http://www.youtube.com/watch?v=7hhVjSbV_oQ

Mac vs PC Ads

http://www.youtube.com/watch?v=lgzbhEc6VVo

http://www.youtube.com/watch?v=YXg7ddiR7nw

http://www.youtube.com/watch?v=1EbCyibkNB0

PS3 VS WII Ads
http://www.youtube.com/watch?v=x7PhJp3ciRQ

Cloud computing may expose your health records.

2008-09-19T06:20:00Z

I got this from windowssecrets.com in my email today, just sharing the info...

Your private health information is migrating wholesale onto the public network with the advent of online health-care records stored in massive data centers around the world.

While the services aim to make it easier for consumers to access and manage their personal health information, the ready availability of this data also makes it much easier and less expensive for insurers to put your medical history under the microscope.

Surprised? You shouldn't be. You voluntarily grant access to that sensitive information every time you sign a waiver so that your health insurer can decide whether to pay for a doctor's visit, a prescription, or an expensive medical test.

What's more, most of the gathering and collating of this information is legal. In fact, the number of companies that have access to this information runs into the millions, say privacy advocates.

As recently as last year, only 1% to 3% of U.S. consumers had electronic versions of their health records, according to market research firm Health Industry Insights, an IDC company.

That is about to change.

The fact that two of the biggest players in the emerging world of cloud computing services — Microsoft and Google — are jumping into that arena with both feet will likely accelerate the shift to online medical records.

Microsoft kicked off the beta test of its HealthVault service almost a year ago, while Google announced its Google Health service last February and launched a beta in May. While both services are still in beta, each company has partnered with large health-care providers for pilot tests: Microsoft with Kaiser Permanente and Google with the Cleveland Clinic.

Private health data goes public by mistake

Part of consumers' reticence to sign up for electronic personal health-care records — with or without services "in the cloud" — has to do with a handful of recent high-profile data breaches. In April, the largest health insurer in the U.S., WellPoint, disclosed that records on as many as 130,000 of its customers had leaked out and become publicly available over the Internet.

To be fair, so-called cloud services aren't at fault, at least not so far. Microsoft, Google, and other companies that put your medical records online are adamant that their security is top-of-the-line. Their services are intended to give consumers greater, not less, control over who sees what by giving consumers personal ownership of their information, according to the services.

"[As a consumer], I control release of that information," Grad Conn, senior director of the Microsoft Health Solutions group, told me in describing HealthVault. A Google spokesperson expressed virtually the same assurance about Google Health. Neither company is disclosing how many users it has signed up thus far.

Indeed, consumers' control of their health data is not the core problem. It's what happens to your information after its initial release that worries privacy advocates — and with good reason. Once the data leaves the safe harbor of a secure cloud service, it's fair game for companies in several different industries.

Take, for example, prescription records.

"All 51,000 pharmacies in the U.S. are wired for data mining. Selling prescription records is a multibillion-dollar-a-year industry," states an FAQ published by Patient Privacy Rights, a major consumer-health and privacy-rights organization.

This data mining of prescription records can cost consumers big-time.

For instance, a July article in Business Week cited the case of a Louisiana couple denied health insurance because the wife took two medications that set off red flags for a prospective insurer.

Ironically, both were for "off-label" uses — that is, they were prescribed not for the maladies that the drugs were originally designed to treat. The woman's doctor prescribed an antidepressant to help her sleep due to symptoms of menopause and a hypertension drug to reduce swelling in her ankles.Although clinically she was neither depressed nor had high blood pressure, the couple's application for health insurance was denied, the article stated.

Or take the case of supermarket customers who use so-called "affinity" cards to obtain discounts at their favorite grocery. Data showing that a customer regularly buys cigarettes might be obtained by an insurer or employer and combined with a health record where the customer claimed to be a nonsmoker.

"It's interesting how they can tie all of that [information] together," Lynne Dunbrack, program director at Health Industry Insights, told Windows Secrets.

Consumer privacy may get lost in the clouds

Cloud computing is the latest buzz phrase for putting the massive processing power and storage capacity needed to provide ubiquitous computing out on servers located on the public network, or "in the cloud." Microsoft, Google, and many other online companies have embraced the idea.

Most observers — including privacy advocates — state that the move to store our health records in the cloud is inevitable. In fact, there are many benefits to consumers for having that information available virtually instantly. For example, if you were in a different city and needed to be rushed to the emergency room, your health history would be immediately available to the physicians on call.

Or, Dunbrack added, having access to a patient's commplete prescription information can help displaced persons stay alive in a hurricane-ravaged area, for example.

In fact, a survey conducted last spring for the Markle Foundation found that, of nearly 1,600 respondents, four out of five see electronic health records as useful, but many indicated that protecting the confidentiality of that information is crucial. "Nearly half called specific privacy practices 'critical' in their decision to try one out," a foundation statement said.

The downside is that storing health records online makes it easier for insurers to calculate the odds that you will be more expensive to insure than the next person. That's the rub, say privacy advocates.

Wait, you say. Isn't there a law that keeps your data from being misused? Yes and no.

It's called the Health Insurance Portability and Accountability Act, or HIPAA. Moreover, there are many exceptions to the law. Additionally, both Microsoft and Google claim their health services are not subject to HIPAA regulation, since they don't offer health-care services themselves.

Pam Dixon, executive director of the World Privacy Forum, says HIPAA is far from perfect but better than no protection at all. "Before HIPAA, it really was much worse," she said. However, she agrees that "secondary use" of patient data has become an industry unto itself — a genie that will be difficult or even impossible to get back into the bottle due to the billions of dollars that can be made from it.

"Right now, disclosure of health information is out of control," Dixon said, adding ruefully, "Technology is not going to go backwards."

How to safeguard your health-care records

So, what can you do to protect yourself? Patient Privacy Rights offers these recommendations and questions to ponder as you navigate the sometimes-perilous world of electronic health records:

• Don't even think about using a personal health record (PHR) that's offered by an employer or insurer. These are the last companies with which you want to share all your personal health and daily activities.

• Don't simply rely on a "HIPAA-compliant" PHR. HIPAA has more loopholes than the tax law; millions of businesses can legally access your information without your consent.

• How do you authorize access to the information? If gaining access requires nothing more than having someone guess your password, say "no, thanks."

• Does the PHR provider have the right under its "agreements" to take, sell, or share your information?

• What security does the PHR provide?

Finally, a little personal advice: hold off signing up for any electronic health-records system for the time being. So few people have joined to date that there are bound to be problems to work out, not to mention the potential for identity theft. Let somebody else play the role of pioneer.

Just got an Iphone ? want to prevent lost iphone?

2008-09-01T13:34:00Z

I found this url http://www.aphonetracker.com/Register to track your iphones toprevent lost. You can see the location of your lost iphone online at the web site.