Josh Wieder

I am a data center guy. Layer 7 is the bees knees and all, but work doesnt really feel like work unless you can get electrocuted, yknow? So please watch the video above as Microsoft explains one of their first POC's for their DC cubes and share in the excitement with me. 2009 was a big year for modular data centers, and so the above video of Patrick Yantz (former Microsoft DSS Smarty Pants, c/o Hanselminutes on 9) is a bit on the older side. The industry as a whole hasn't caught up with this technology yet; we are still at the very beginning of the curve here. There is a lot of Business Nerd reasons for this - my intuition tells me that adoption will be in bursts driven largely by regulation not necessarily *preventing* the building of new DC's but slowing it down and uneasiness about long term demand paying off capitol outlays with whole DC buildouts - for the time being its still a very elite market, as most Normal folks will still simply lease and muscle DC providers

Windows Server 8 set loose in the Cloud

Phil Zimmerman of PGP Encryption fame is launching a new project, Silent Circle -  The idea is an application suite complete with encrypted VOIP, email and IM. Exciting stuff! Lets hope it works out better than Hushmail !

Latest Update from Basement Dweller News: A great primer on random number generation from a few smart cookies at Intel, by way of IEEE: http://spectrum.ieee.org/computing/hardware/behind-intels-new-randomnumber-generator/0 On a very related note, let's keep our eyes on systemic issues with encryption keys in the wild: http://eprint.iacr.org/2012/064.pdf I have yet to formalize an opinion as to the validity of any systemic key issues intrinsic to RSA (because I was a "D" math student I have to wait for the grown-ups to weigh in on these Deep Thoughts. I would like to see larger keys in use standardized and don't see any good reason not to) A compelling critique of the survey, urging for additional data before judgment is reached: http://dankaminsky.com/2012/02/14/ronwhit/

So its been about 5 months since the IETF released the RFC 6455 proposal for websockets: http://tools.ietf.org/html/rfc6455 The websocket API is a protocol that allows for the bidirectional transfer of http/https data. This breaks down to a single initial handshake and then autonomous communication from both the server and client concurrently. With it comes a significant performance improvement (as only one handshake is needed, and client-side implementation gets much simpler) and a number of practical applications - I always think chat clients, but the applications are endless for web driven applications that require real time data transfer (HTML5 games that don't suck!) Its no secret that websockets will not work with a standard IIS7 implementation. Http.sys is a greedy bugger, and gobbles up all connections listening on port 80. Even with WCF, there is no formally recognized workaround besides "wait for 8" and the native websocket/SOAP functionality that it

I saw a lot of misinformation about this on the inter-tubes recently, some of it intentional misleading of customers, some of it unintentional, so it might be remedial for a lot of readers but posting a clarification here because its worth it to help clear up the confusion. Here are some facts that should help people when first making the leap to securing multiple server environments: Servers are domain and private key specific. They are not machine specific. You are welcome to generate multiple SSL certificates for the same domain to host on separate servers. Think for a bit, this *has* to be true. When everyone goes to https://google.com, are they hitting the same web server or SSL caching server? Of course not.* The most common scenario where this would be valuable is with a load balanced web cluster, but I recently came across this in a deployment with web and mail component where the mail admin neglected to give their MTA a unique FQDN *and* the organization is using SSL/TLS f

Microsoft Access Data Components are usually fairly stable. They tend to be updated with significant OS related updates (I'm looking at you, Service Packs).  That being said, issues do happen. Today I encountered an issue following a P to V migration using Hyper-V for a Windows 2000 server with an ADO connection to a MSSQL database. Somehow MDAC versions become mismatched during this process. Your actual error may vary. Your application may throw an error 429 " Active-X component can't create object", you might get a  IPP_E_MDAC_VERSION error. In the case today, a line in the website's general.asa was mentioned as an invalid object. Download and execute the Microsoft Component Checker to verify a mismatch against your required Component versions - Use this for 2003   and this for 2000 . For Windows Server 2003 and 2008 systems, I would typically advise an in-place upgrade as outlined here . You can try a manual install on these OS' but frankly it is no