All posts by phynds

IBM Cloud Data Center in China = Epic Blunder

IBM has decided to build the mother of all Cloud Computing data centers in of all places, China. I will advise all that will listen that this is a fantastic blunder since China is the absolute worst choice for such a resource. I do not want any of my corporate code and data or the data from customers housed inside China.

Don’t get me wrong, I am not xenophobic by any means and am even not violently opposed to offshore development or data centers. The problem is that China is the capital of corporate espionage and the worst offender in the world of not respecting the intellectual property of others.

This is a big win for Microsoft Azure and Amazon unless I missed similar announcements from them (which I doubt).

The first mission of a Cloud Computing provider is to provide security of the data and I just don’t see that happening if the data is in China.

Look at Azure Now / Again

If you looked into playing with Azure in the past, but did not jump in then it is time to take another look. Microsoft has added options over the last year that really remove objections to trying it out. If you have an MSDN subscription then you pretty much get a free playground in Azure that is going to waste if you don’t use it and if you don’t there is still the Introductory Special that goes through the end of March that gives you access to the basics of the service at no cost.

To look it over go to the Windows Azure Offers page at and get going. You might not have a project that fits the Azure model currently, but you will. I am working on a new product for DTS that will have an Azure component and while it is still off in the horizon the time to jump in is before you are behind.

To Egypt and All My Friends There

I have talked to many of you over the course of the past week and have been cautious due to the fact that I was concerned for your safety. A failed rebellion is a painful thing especially when it is not known who will lead the aftermath.

Now that I see the resolve in my friends there I know that this is not a rebellion, but a revolution that deserves the support of all of us who have ever had their country ruled without democracy.

I wish I was there and could stand in the streets with you, but know that you are in my prayers and I am proud of each and every one of you. Good luck and may you win the day and your destiny In Sha Allah!

Good Advice – Setup Edition

My friend and collegue Adam Cogan is a big proponent of documenting best practices. In fact his company, SSW puts all kinds of lists of these best practices up on their website.

Recently Adam chimed in on a list we are both on with a link to the best practices (Rules) around setup and I realized that even if you know a topic well you should go back to the well from time to time to ensure you are still on the right path. I think back to the days when coding by stringing together user input to make a SQL statement was accepted as the way to build a login form (before the first SQL Injection attacks). You have to seek out other sources even (maybe especially) on things that you hold yourself to be an expert with. I now find myself reviewing how we do setups at DTS to make them better and finding Adam’s advice to be a very good source of points to contemplate.

SQL Myths – Must Read

Paul Randall has a compiled document with all his blog posts on SQL Myths that I think is a must read if you consider SQL Server part of your core competence. It is probably not very interesting to pure devs, but I would still suggest you take a scan of this so you can avoid making assumptions that are either out of date or just plain wrong.

Find the link to the PDF here:

Crisis Management

We have a saying in the various companies with which I associate and it is “Any fool can manage success, but it takes talent to manage a crisis”. The leader, project manager, team leader, or whatever you call the person in charge has to not be wishful. This sounds easy, but in my experience it is one of the hardest things to do for any individual. We tend to be hopeful and that is the slippery slope / gateway drug to wishfulness.

The reason I say this is that my own biggest screw ups are almost all tracable to some point in the past where I assumed that something would happen more positively than it actually did. This sounds like the classic admonishment against assumption and to some extent it is, but wishful is more of the root cause and assumption the symptom.

As an infantry platoon leader in Iraq many years ago, I learned that you are never done planning for and defending against the things that can go wrong. When you envision contact with the enemy it is easy to expect that things will follow the simplest route and flow like water, but since there are humans involved this is highly unlikely to be the case. You might even get lucky and survive this way once or even twice, but that just means you are more likely to get killed when your luck runs out. I try to run projects the same way. What if the components that should work fine together don’t? What if the client changes the deployment server to run a 64 bit OS instead of the 32 bit OS on the test server? What if there is an illness or death in the family of my key developer the week before delivery? You can drive yourself crazy with these things and I am here to say that you should. That is the job.

The first place to start is by making plans and schedules with milestones. If you are collaborating with others it flushes out wide variations in viewpoint quickly. Either I accept your timeline or propose another (assuming I am not totally whacked). If I propose another you might discover that it just won’t work early enough to do something about it. I have seen good resources fail to deliver items well within their ability due to time wasted assuming everyone has the same, sane view of what needs to be done by when.

And to top it all off if you follow this advice and try to plan for all possible outcomes, there will still be surprises and things that you did not count on which is good because otherwise we could write a program to replace your part in the show…

New Security Podcast Coming Soon

Michele Bustamante and I have started recording the first episodes of our new security focused podcast LockDown. While the website is up, it has place holder content describing Carl Franklin of .Net Rocks fame as our first guest (that was the original plan). However as usual Carl was flying around the globe when we started and we all agreed to save him for later.

If you are interested watch the podcast url or my blog (here) for the first show when it releases.

Windows Identity Framework Training Kit available

The Microsoft Identity story has matured quite a bit in the last couple of years and now would be a good time to get up to speed if you have been waiting for the train to get some speed. Vittorio Bertocci has pulled together the training he has been delivering around the world into a training kit including videos of the Redmond versions of the presentations. Check out the June 2010 edition of the Identity Training Kit

In wielding power Apple has hurt itself

I have noticed a very interesting reaction recently to the way Apple has been throwing their weight around controlling who and what can be put in the appstore. Until a month or so ago there was a legion of companies and developers in my own circle, figuring out how they would enter the market and what they would develop, but that has changed dramatically in light of Apples series of what I consider large mistakes if not outright blunders. Pulling the storm trooper card on the guys that got the prototype phone, pulling the rug out from under Mono Touch, going to war with Adobe and also seeming to persecute all those that raise a voice in protest has put an enormous chill on most of those that I know that were looking to build applications for the iPhone and iPad. I own an iPhone and have bought an iPad so I am not a hater, just not a blind supplicant. I do not have any products launched or targeted to the AppStore (and have shelved those plans myself for the reasons many others I talk to are), so I really don’t see how I can be punished for speaking my mind (Sad that I now believe that if Apple had a way of punishing me, I now fully believe they would use it).

I think this is an example of Absolute Power Corrupts Absolutely. If you grip power too tightly you lose it and unless the groupies really do outnumber the rest of us this is a dangerous way for Apple to do business. How can we trust developing on a platform where the rules seem to change on a whim and which is controlled by those whose friends are treated no better than enemies…

Advice for Small Org Backup on a Budget

I was recently asked how to cost effectively do backup and Disaster Recovery (DR) for a 50 or so person organization.

Here is what I have found to be a pretty good way to go that won’t break the bank.

For an organization this size I use Backup Assist ( It leverages Windows Backup and has agents for Exchange and SQL.

I then break things into three categories and treat each slightly differently.

Level 1
The things you call critical such as active email, source code, CRM, financial data, etc.

This stuff gets backed up daily and depending on my level of paranoia (how screwed we are if we lose X days) I copy it offsite either to an alternate office or if none exists (your scenario) to either a hosted server at a datacenter somewhere (max on the disk and bandwidth and min on all else which is much less than you $750 per month) or to a server connected via VPN to the company principle’s house (poor man’s hosted server).

Level 2
The things that change often, but just aren’t level 1 such as home directories, business shares and other data.

Data in this category gets weekly backups and usually gets posted monthly to a large USB drive which gets rotated with its twin monthly. The drive with the current data is brought offsite for storage (again maybe to the company principal’s house or maybe a safe deposit box). When the new drive is delivered the old one comes back to be used for the following month’s backup.

Level 3
These are the unchanging files like images, email archives and stuff.

You can either burn these to optical media (if you do muliple copies with one going to the company principal’s house(s) and a copy to the safety deposit box if you got one) or you can lump this onto the USB drive shuffle.

Hope this helps those who might be looking for this kind of insight.