A buddy of mine was thinking to move some of his Linux-based website to Azure. If you're running a Web Site that this node.js, ASP, ASP.NET, or PHP, it's easiest to use Azure Web Sites. I showed how to do setup Azure Web Sites in minutes with Git in this post. They hide the underlying OS from you, are automatically updated, scale easily, and share disks.

However, he likes VMs and the control they give him, plus he can run whatever he wants, move things around and generally control his world.

I'll be using the open source (GitHub) cross platform CLI tools (command line interface) for Azure. If you have node package manager you can "npm install azure-cli --global" then import your subscription. You can also get the command line tools by downloading and installing from www.windowsazure.com.

Setting up a Linux VM

We'll create a the initial VM using the Portal (I'll show you how to do it from the command line in a minute). This virtual machine will be for setting up a template VM image. I'm going to create an Ubuntu 13.04 server, then add Apache and PHP. Then I'll capture a generic image of my now-set-up machine and use it to create copies that I'll add to a farm. This image will show up later in "My Images" in the Azure Portal.

NOTE: There's an amazing community-driven category of prepped and ready Virtual Machine images at the Open Tech VM Depot. It's like the Azure's best kept secret. I'll do a post on it later but it's really deep and broad and worth checking out.

From within the Azure Portal I'll go New | Virtual Machine | and select Ubuntu Server 13.04.

The name doesn't matter, but I'll setup a user name and password (or use a SSH key):

Note I'll create a stand-alone Virtual Machine:

TIP: If I didn't want to use the Portal at all to make this VM, I could even find a VM image programmatically, then create a VM instance, all from the command line. Using "azure vm list" would get me the list of VMs to choose from. The Ubuntu one I wanted is "Ubuntu-13_04-amd64-server-20130501-en-us-30GB" (with a guid in the name as well) so I'd just "azure vm create MyDNSName ImageName [options]" and then proceed from there.

Once this Linux VM has started up, I'll SSH into it. You can see that Azure has mapped a random high number public port to the VM's internal SSH port 22.

I SSH in. I'm gonna add Apache, PHP, restart apache, then add a test.php that will show PHP is working as well as output the current IP address so I can tell which machine served the request.

sudo apt-get install apache2
sudo apt-get install libapache2-mod-php5 php5

I'll add a test.php

sudo nano /var/www/test.php

and put in

<?php echo gethostbyname(trim(`hostname`)); ?>
<?php phpinfo(); ?>

Then I'll exit SSH. VMs are locked down by default, so to test this I need to add an endpoint. I can do that via the Portal but I'd like to see what I can do from the Azure command line.

Run vm endpoint create to map external 80 to internal 80.

azure vm endpoint create mylinuxtemplate 80 80

At this point I should be able to hit mylinuxtemplate.cloudapp.net:80/test.php and see it work.

Cool. So I've got my Linux VM template the way I want it. Now I want to "capture it" as an image so I can stamp out more of them. This "waagent" on Linux is like "sysprep" on Windows.

From within a SSH session, run waagent -deprovision.

~$ sudo waagent -deprovision
scott@mylinuxtemplate:~$ sudo waagent -deprovision
WARNING! The waagent service will be stopped.
WARNING! All SSH host key pairs will be deleted.
WARNING! Nameserver configuration in /etc/resolvconf/resolv.conf.d/{tail,originial} will be deleted.
WARNING! Cached DHCP leases will be deleted.
WARNING! root password will be disabled. You will not be able to login as root.
Do you want to proceed (y/n)? y

WINDOWS PEOPLE: If you're a Windows person, you can setup your Windows VM just as you like it, then run %windir%\system32\sysprep.exe on it, capture an image of the VM and do everything described in this post as well!

I could shut it down and capture an image from the Portal, but again, it's command line fun today. Note that shutting down can take a little while.

azure vm shutdown mylinuxtemplate
azure vm capture mylinuxtemplate hanselmanlinuxwebfarmimage --delete

The capture command will DELETE the Virtual Machine. Remember that it was just a template. However, how I have a reusable image! I can see the images available to me, both user images and gallery images with "azure vm list."

NOTE: When you delete Virtual Machines, you're just deleting the "configuration" of the VM. You're not deleting the disk that was associated with it, as it's possible you might want to start that VM up again. If you're really trying to remove things, make sure you delete the instance of the VM and then delete the disk, too.

Creating a Linux VM Farm from the command line

Now I have an image sitting in my storage account that I can use to make "n" VMs from. I'll make one VM to start. I can watch it startup with "azure site list" after making it. When it's ready, I can make more! Make sure you use the --ssh switch or you will NOT be able to SSH into the machine!

C:\> azure vm create hanselmanlinuxfarm hanselmanlinuxwebfarmimage scott MyPassword123 --location "West US" --ssh
info:    Executing command vm create
+ Looking up image
+ Looking up cloud service
+ Creating cloud service
+ Creating VM
info:    vm create command OK
C:\> azure vm list
info:    Executing command vm list
+ Fetching VMs
data:    DNS Name                         VM Name             Status
data:    -------------------------------  ------------------  ----------
data:    hanselmanlinuxfarm.cloudapp.net  hanselmanlinuxfarm  CreatingVM
info:    vm list command OK
C:\> azure vm list
info:    Executing command vm list
+ Fetching VMs
data:    DNS Name                         VM Name             Status
data:    -------------------------------  ------------------  ---------
data:    hanselmanlinuxfarm.cloudapp.net  hanselmanlinuxfarm  ReadyRole
info:    vm list command OK

WEIRD: Azure has a concept called a "Cloud Service" which is a lousy name, IMHO. For us, let's consider it a "container" for our VMs. It's a logical container that will hold and associate all our VMs (and other cloudy stuff) together. When you have one VM you have one cloud service associated with it, but you can't see it in the Portal but because it doesn't really provide value...yet. When you have TWO VMs in the same container, then you'll see that cloud service "container" appear in the Portal.

I've made a hanselmanlinuxfarm VM now so there's a hanselmanlinuxfarm cloud service 'container.' Now, I'm going to make a few more VMs but I'll connect them to the first VM. There's two ways to do this. First, the --connect option from the command line. Note that you don't have control over the name of your VM this way, if you care. If you have hundreds, you likely don't.

The command will find the existing cloud service (again, 'container') then make a new VM. I'm going to run this command twice so I'll have three VMs total.

SO IMPORTANT: It's the --connect used on this second call that is the key. It makes the second (and then n+1) VM and adds it to the same cloud service "container." It seems the VMs associated with each other. The name of the next VM will be whatever-2, then -3, etc but they will also use the same external name, like hanselmanlinuxfarm.cloudapp.net.

I'll do this twice, each time using a different high SSH port number that will map to 22 internally. If I don't want SSH expose externally, I can delete the public endpoint later.

C:\> azure vm create --connect hanselmanlinuxfarm hanselmanlinuxwebfarmimage scott MyPassword --ssh 12345
info:    Executing command vm create
+ Looking up image
+ Looking up cloud service
+ Getting cloud service properties
+ Looking up deployment
+ Creating VM
info:    vm create command OK

When creating a Linux VM you MUST add a --ssh flag to the command line or you'll not be able to SSH into the box. Make sure to add a high port number so you'll get a mapping from that port to 22, so maybe 12346 -> 22, etc. If you make these VMs from the Portal, it will pick a random port for you. When you do it from the command line, you need to choose.

At this point, azure vm list says I have three. Two are ready and the last is being created now. You can tell these VMs are running in the same Cloud Service "container" because the DNS name is the same. These VMs are officially a "farm."

C:\> azure vm list
info:    Executing command vm list
+ Fetching VMs
data:    DNS Name                         VM Name               Status
data:    -------------------------------  --------------------  ----------
data:    hanselmanlinuxfarm.cloudapp.net  hanselmanlinuxfarm    ReadyRole
data:    hanselmanlinuxfarm.cloudapp.net  hanselmanlinuxfarm-2  ReadyRole
data:    hanselmanlinuxfarm.cloudapp.net  hanselmanlinuxfarm-3  CreatingVM
info:    vm list command OK 

OK, now here's making a fourth VM from the Portal, just as an FYI.

Creating a Linux VM and adding to the Farm from the Portal

Just so you know, you can add VMs to your farm from the Portal also.

Give your new VM a name, then "connect it to an existing virtual machine." I don't like this phrasing, and I'm curious what you think. Basically it's "add this VM to this collection of VMs." It doesn't matter which one you select from this dropdown, as long as you pick one that's in the Cloud Service "container".

I won't click OK, but if I did, at this point I've would've a fourth VM, this one via the Portal.

Load Balancing my Linux VM Farm

I have three identical VMs running Apache and PHP and my test.php page.

C:\> azure vm list
info:    Executing command vm list
+ Fetching VMs
data:    DNS Name                         VM Name               Status
data:    -------------------------------  --------------------  ---------
data:    hanselmanlinuxfarm.cloudapp.net  hanselmanlinuxfarm    ReadyRole
data:    hanselmanlinuxfarm.cloudapp.net  hanselmanlinuxfarm-2  ReadyRole
data:    hanselmanlinuxfarm.cloudapp.net  hanselmanlinuxfarm-3  ReadyRole

info:    vm list command OK

Let me open up port 80 on all three.  Since I want them load balanced I can't do this, as this is how you map single non-load-balanced ports.

azure vm endpoint create hanselmanlinuxfarm   80 80
azure vm endpoint create hanselmanlinuxfarm-2 80 80
azure vm endpoint create hanselmanlinuxfarm-3 80 80

For load balanced ports I need to use "create-multiple." Not only may I want to open multiple ports all at once, but also since I want load-balancing, I also may want a probe set up. For example, since I'm using HTTP, if there's a result other than 200 returned from test.php then I'll want that VM pulled out of the farm. It will also pull the VM out of rotation if it doesn't hear back in 30 seconds.

Here I'm creating those 80 to 80 maps, but also watching test.php for anything other than an HTTP 200.

azure vm endpoint create-multiple hanselmanlinuxfarm   80:80:HttpTrafficIn:http:80:/test.php
azure vm endpoint create-multiple hanselmanlinuxfarm-2 80:80:HttpTrafficIn:http:80:/test.php
azure vm endpoint create-multiple hanselmanlinuxfarm-3 80:80:HttpTrafficIn:http:80:/test.php

In this case "HttpTrafficIn" is what I am calling the Load Balancing Set Name.

NOTE: I'm doing a pull request now to add the ability to see the ProbePath from the endpoint command but for now you can see it with "azure vm show" like this:

C:\>azure vm show hanselmanlinuxfarm
info:    Executing command vm show
+ Fetching VM
data:    DNSName "hanselmanlinuxfarm.cloudapp.net"
data:    VMName "hanselmanlinuxfarm"
data:    IPAddress "100.68.xx.xx"
data:    InstanceStatus "RoleStateUnknown"
data:    InstanceSize "Small"
data:    InstanceStateDetails ""
data:    OSVersion ""
data:    Image "hanselmanlinuxwebfarmimage"
data:    DataDisks ""
data:    Network Endpoints 0 LoadBalancedEndpointSetName "HttpTrafficIn"
data:    Network Endpoints 0 LocalPort "80"
data:    Network Endpoints 0 Name "endpname-80-80"
data:    Network Endpoints 0 Port "80"
data:    Network Endpoints 0 LoadBalancerProbe Path "/test.php"
data:    Network Endpoints 0 LoadBalancerProbe Port "80"
data:    Network Endpoints 0 LoadBalancerProbe Protocol "http"
data:    Network Endpoints 0 Protocol "tcp"
data:    Network Endpoints 0 Vip "137.135.xx.xx"
info:    vm show command OK

Cool, so now let's see if I have a load-balanced farm.

PERF NOTE: In order to get the best performance from your Azure VMs (or any cloud VM) considering putting things like MySQL/PostgreS databases on a separate disk with different caching semantics. You want the OS disk and the Data Disks to be separate. For example. I have a Windows VM running MySQL. The OS is on a standard 30 gig disk, but the MySQL Database is alone on a 5 gig disk that's attached. It keeps things separate and tidy, plus it performs better

Checking on my new Farm

If I log into the Portal, I can look at each individual VM or I can look at the farm as if it's one 'cloud service.' Get it?

Making my Farm more reliable

I want to make sure my new VMs are all on different racks in the Azure Data Center. I know they are in "West US" because I put them there, but I'm not sure if they are together on the same rack or near each other or what.  Since a rack is within a "fault domain" meaning that a Rack could, I dunno, spontaneously explode, then I want to tell Azure that all these VMs are part of an "availability set." This is a name I apply to the VMs that says "make these more available by keeping them apart."

From the Portal I'm going to pick the first VM and select Configure, then Create an Availability Set. I'll name it "hanselmanlinux" but it can be anything.

Adding an Availability Set can involve Azure moving my VM somewhere else within the Data Center and it may need to restart it if it does. Sometimes this is fast, other times it takes a minute or 10 as it's a big deal initially, so be aware. Once everyone's in the set, it's less of a big deal.

When it's done, head over to the other VMs and add them one at a time to the same availability set. The result looks like this in the Portal, and now I'm assured that my three VMs are all in different Fault Domains (and racks).

Hitting my Web Farm

Now I can hit hanselmanlinuxfarm.cloudapp.net/test.php and see the IP changing (as well as the CPU% changing in my portal!) or even watch HTOP over SSH and get a live view. Hey, I've got a little Linux farm!

Here's my SSH'ed into one of them, looking at htop (it's better than top!)

My Complete Script, Summarized

Here's my complete script. I used azure vm image list | find /I "13_04" to find an Ubuntu image. I could have done this with bash as well.

C:\>azure vm image list | find /i "13_04"
data:    b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-13_04-amd64-server-20130423-en-us-30GB
data:    b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-13_04-amd64-server-20130501-en-us-30GB
data:    b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu_DAILY_BUILD-raring-13_04-amd64-server-20130511-en-us-30GB
data:    b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu_DAILY_BUILD-raring-13_04-amd64-server-20130515-en-us-30GB
data:    b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu_DAILY_BUILD-raring-13_04-amd64-server-20130517-en-us-30GB
data:    b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu_DAILY_BUILD-raring-13_04-amd64-server-20130518-en-us-30GB
data:    b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu_DAILY_BUILD-raring-13_04-amd64-server-20130521-en-us-30GB

Once I've found an image, I create my first VM from the command line in a location of my choice. Again, it's Linux, don't forget the -ssh.

azure vm create mylinuxtemplate b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-13_04-amd64-server-20130501-en-us-30GB scott MyPassword --location "West US" --ssh

Get it how you like it. SSH in, set it up, run the waagent to prep it. Shut it down and capture it.

azure vm shutdown mylinuxtemplate
azure vm capture mylinuxtemplate mylinuxfarmimage --delete

Finally, here's a basic batch file to make 5 VMs. Note the first command is different from the Nth. Of course, with bash you could make a script like "spinup 5" and automate to your heart's content. The HTTP probe is optional on the endpoint creation.

azure vm create hanselmanlinuxfarm hanselmanlinuxwebfarmimage scott password --location "West US" --ssh
azure vm create --connect hanselmanlinuxfarm hanselmanlinuxwebfarmimage scott password --ssh 12345
azure vm create --connect hanselmanlinuxfarm hanselmanlinuxwebfarmimage scott password --ssh 12346
azure vm create --connect hanselmanlinuxfarm hanselmanlinuxwebfarmimage scott password --ssh 12347
azure vm create --connect hanselmanlinuxfarm hanselmanlinuxwebfarmimage scott password --ssh 12348
azure vm endpoint create-multiple hanselmanlinuxfarm   80:80:HttpTrafficInLhttp:80:/test.php
azure vm endpoint create-multiple hanselmanlinuxfarm-2 80:80:HttpTrafficInLhttp:80:/test.php
azure vm endpoint create-multiple hanselmanlinuxfarm-3 80:80:HttpTrafficInLhttp:80:/test.php
azure vm endpoint create-multiple hanselmanlinuxfarm-4 80:80:HttpTrafficInLhttp:80:/test.php
azure vm endpoint create-multiple hanselmanlinuxfarm-5 80:80:HttpTrafficInLhttp:80:/test.php

After it ran, I went in to the Portal and set up Availability Sets manually. That's only available in PowerShell today, but setting availability sets is coming soon to the cross-platform tools!

Next time, maybe I'll try"azure vm scale" to move these tiny VMs into 8 processor 56 gig monsters.

Sponsor:Big thanks to SoftFluent for sponsoring the feed this week! Less Plumbing, More Productivity! Generate rock-solid foundations for your .NET applications from Visual Studio and focus on what matters!

I'm always on the lookout for the perfect mouse. I don't think it exists, yet, frankly, but we're getting close. I've got two notebook mice I'm bouncing between while using my new ultrabook, the Lenovo X1 Carbon Touch. I'm using the Microsoft Arc Touch Mouse and the Microsoft Wedge Mouse.

I'm classifying both of these mice as "weird" because, well, they are. They aren't classic-looking mice and each one has garnered the occasional double-take from passersby. Each has an unusual design for a reason: portability.

The Wedge Mouse

The Wedge is tiny. Like, really tiny. The idea appears to have been to remove the back half of the mouse completely (the part that usually gets cupped in your palm) and instead make just the fingertips part. There's a AA battery that goes in the round part (the butt) and underneath there's a single button for on/off/Bluetooth sync and a battery door switch. Oddly, the battery door switch looks like an on/off switch also so I ended up flicking that a few times before I learned.

The Wedge is a Bluetooth mouse, and getting a good Bluetooth mouse was my goal. This Ultrabook only has two USB ports and that's one port too few. I'll often find myself with a hard drive plugged in, then want to add one more item (USB key, presenter remote, smart card) and with most mice I'm stuck because the other USB port already has that mouse's transmitter.

The mouse uses the capacitive touch technology that we're seeing in a lot of mice lately. See that vertical line that separates the two mouse "buttons?" Stroke that and it's the "scroll wheel." It feels odd initially but ends up quite comfortable. Speed of scrolling is also easily changed. There's no middle mouse button, but that hasn't been an issue for me.

My Right-Clicking Issues

Now here's an odd one. Every once in a while I do what, in my mind is a CRYSTAL clear right-click and it registers as a left-click. I've tested it. Click hard with the right and it got picked up as a left. What the heck? I searched around and found a few people in the forums with the same issue so I assumed it was a driver issue. However, I have the latest drivers. What's going on?

Well, it's actually obvious and a little funny if you give it some though. Occasionally when I right click I end up right-clicking the FAR TOP EDGE on the right. Looking at the picture below, I'm pushing with my finger ABOVE the right-side blue square. This is outside the touch area but is registered with the mouse's mechanical click. Since there's no right-touch, there's no right-click.

Stated differently, there's a touch area with clear left and right areas delimited. If I mechanical click the mouse - remember, there's just one click...the whole mouse goes down - then the mouse decides if it's a left or right by seeing where your finger is that moment. If it's on the far top edge then it can't see your right finger, so....left click from the right.

Call it an oddity, call it a design flaw, call it "you're holding it wrong." Regardless, as soon as I figured this out, it stopped happening. I just assumed initially that the touch area wrapped around the front of the mouse. It doesn't. Once my subconscious heard about this from my conscious mind, I can right-click like a champ, but it was quite confusing for a minute there. Be aware.

Bluetooth Disconnecting

I thought that Bluetooth aspect of this mouse would be pure win, but even after using it for a few hours it stopped responding at least a half dozen times. I would have to lift the mouse up and put it down again. The word on the street and in the forums is that this a power management issue and that you should go into Device Manager and check the properties of the mouse and change the setting that allows the operating system to, well, turn it off. Of course, this setting is not checked and not available.  The takeaway here as far as I'm concerned is that while the dream of a Bluetooth mouse is a great and valid one, it's just not ready. Whether is it's the tech or the stack or the mouse itself, I dunno. I tried an Apple Magic Mouse for a day this week and had the same issue, but worse. The Magic Mouse wouldn't go 10 minutes without just stopping - and this was with new batteries. The Wedge has turned off maybe twice a day, so enough to be annoying but not enough to kill the deal. That said, there's lots of anecdotes from folks who LOVE this mouse and haven't had this issue, so I'm assuming it's my Bluetooth driver stack.

All in all, I haven't decided if I'm going to keep this mouse. It's small, which is great. It's Bluetooth which is super great until it's totally not-great. I will give it a 7 out of 10. It's small. So, um. Ya

The Arc Touch Mouse

I love this mouse. It's darn near perfect. The only mouse I love even more is the original Microsoft Arc Mouse which is equally brilliant in different ways.

The gimmick of the Arc Touch Mouse is that it folds flat. This isn't a cute gimmick, it actually works and works well. Given that my Lenovo is so small and flat, it's nice to have this mouse slide into my backpack and lay flat against the laptop. They kind of match, too.

It arcs with a reliable and satisfying snap. The back is rubber and the top is glossy plastic.

The scroll area has a wonderful haptic feedback (that's geek for "it vibrates when you scroll with it") that is adjustable with drivers. This attempts to simulate the "scroll-wheel nubbins" that regular mice have. It's a great little feature and I appreciate it. It gives you a sense of "it's working" without having to look at the mouse.

The Arc Touch Mouse is also a very comfortable size even for my giant lobster hands. It is tiny and portable, but it supports and cups the inside of your palm in a stable and reliable way.

The only thing this mouse needs is optional BlueTooth. Instead the Arc Touch Mouse uses a nano-transceiver which I just keep plugged in all the time. When it's not plugged in, it attaches rather sturdily to the base of the mouse with a magnet. It just snaps into place and stays there. Very cool.

While it's not Bluetooth, it's absolutely reliable. I haven't had any communication issues with the transceiver and it never loses connection with the mouse.

For now, the Microsoft Arc Touch Mouse is my travel mouse of choice and I get give it a 9.5 out of 10.

Some years ago I said that JavaScript is the Assembly Language of the Web. In fact, lots of people said it, because it's true. Later, some folks disagreed, saying that this is an inaccurate analogy. Of course, it is inaccurate because it's an analogy. That said, as analogies go, it's pretty good. Sure, assemblers are architecture and processor specific. Maybe "JavaScript is the Web's Bytecode" is better. At the very least, JavaScript is a totally reasonable compile target.

Given that (using Wikipedia as a dictionary here and has a decent definition:

An assembly language is a low-level programming language for a computer, or other programmable device, in which there is a very strong correspondence between the language and the architecture's machine code instructions.

It's initially not clear that JavaScript is a good assembly language as it's a high-level programming language that is itself interpreted, then JIT-ted, then turned into machine instructions. Phrased differently, JavaScript floats pretty high in the stack. Certainly every processor has its own assembler and they are very specific, but the browser's JavaScript VM is what runs the "new machine code." There's only one processor architecture. The Web. (again, analogy!)

JavaScript remains a popular transpilation/compilation target. From Google's GWT to Clojure to TypeScript to CoffeeScript, it all stops at JavaScript because JavaScript is the ubiquitous virtual machine that we already have installed on our machines.

Google Native Client (NaCl) is great and will likely have a role to play, but there's only one language that works everywhere without installation or trouble and that's JavaScript.

We don't all have x86 machines. We don't have have machines that we could feed assembler or C. Certainly not in a portable way. JavaScript is the great portable equalizer.

There's languages that transform to JavaScript like TypeScript and CoffeeScript and HAXE and so many more, but many of these are arguably transformations, not compilations. They also tend to compile to lots of different kinds of JavaScript.

Enter asm.js. Why not take the sprawling language that is JavaScript and pick just the subset that one would want if one were to compile something to it? Why not take the assembly-esque parts of JavaScript and formalize it? Mozilla is doing this with the clear goal to compile things to JavaScript and make it perform well. Their FAQ says they're seeing slowdowns around a factor of two, which is amazing, in case you're wondering. It's also worth noting that I, as a user, don't care if you compile your C to JavaScript. I just want a great experience on the open web, and that's anther reason that targeting JavaScript moves the web forward.

Working in tandem, there's emscripten, a LLVM bitcode to JavaScript compiler. We can take C/C++ and compile it to JavaScript. Don't buy it? They ported Unreal Engine 3 in 4 days with asm.js as the target.

You can argue that JavaScript isn't the x86 or Assembly of the web. You can argue all you want. It's still happening.

As our great philosopher Kosh from Babylon 5 once said: "The avalanche has already started. It is too late for the pebbles to vote."

It's not clear that JavaScript is the end state. In fact, if anything it's clear there is no end state. But along the way we will - actually are - passing though the JavaScript as Assembler part of the trip.

Sponsor:Big thanks to SoftFluent for sponsoring the feed this week! Less Plumbing, More Productivity! Generate rock-solid foundations for your .NET applications from Visual Studio and focus on what matters!

What it does

Chocolatey lets you install Windows applications quickly from the command line via a central catalog of installation scripts. You could install Git, 7Zip or even Microsoft Office (given a key.) The idea is seamless and quiet installations using a well-known key.

For example, once installed you can do this from and command line:

• cinst git
• cinst 7zip
• cinst ruby
• cinst vlc

That's basically it.

The catalog has grown so complete, in fact, that I recently wanted to install DosBox so I could play Zork. I took and chance and just "cinst dosbox" and it worked. THAT is a the promise that Chocolatey makes.

Getting Started with Chocolatey

You can get started by first installing the Chocolatey package manager. Copy paste this line to your command line and run it. (More on the fearfulness of this first step in a moment).

@powershell -NoProfile -ExecutionPolicy unrestricted -Command "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))"&& SET PATH=%PATH%;%systemdrive%\chocolatey\bin

Presumably you like to know what command line stuff is going to do to your computer before you do it, so parse this line out. It's going to launch PowerShell to do the hard work. Nearly every Windows machine has PowerShell these days, and it's PowerShell that makes Chocolatey work.

Some folks have custom profiles so the -NoProfile switch suppresses custom profiles to prevent conflicts during installation. It launches a chunk of PowerShell script that it downloads from https://chocolatey.org/install.ps1/ then executes. Note that it's setting execution policy to unrestricted to do this. To be clear, it's executing code downloaded over the web, so there is a non-zero risk there. It then adds Chocolatey to your path (for this one prompt) so you can use it immediately. It'll be added to future instances of prompts automatically.

Look at https://chocolatey.org/install.ps1 now. It's a very clean and easy to read script. It downloads the Chocolatey installation zip file (which is actually a NuGet package), unzips it and continues the installation by running a scripts in the tools section of the package.

How it works

Chocolatey is a bootstrapper that uses PowerShell scripts and the NuGet packaging format to install apps for you. NuGet is the package management system that Windows Developers use to bring libraries down at the project level. Chocolatey (get it? Chocolatey Nu-Get?) extends that concept to bring applications down at the system level.

Today if you want to get 7Zip, you usually google for it, find the site, figure out the latest version or right version for your system, download it, run it, next next next finish and maybe add it to your path. Chocolatey does that for you.

Again, NuGet is libraries installed locally for projects, Chocolatey is applications installed globally for your whole system.

Chocolatey uses PowerShell scripts (that you never have to think about) that package developers use to chain installations and build dependency trees. Take the internals of a Git installation script for example:

try {
  Install-ChocolateyPackage 'git.install''exe''/VERYSILENT''http://msysgit.googlecode.com/files/Git-1.8.1.2-preview20130201.exe'

  #------- ADDITIONAL SETUP -------#
  $is64bit = (Get-WmiObject Win32_Processor).AddressWidth -eq 64
  $programFiles = $env:programfiles
  if ($is64bit) {$programFiles = ${env:ProgramFiles(x86)}}
  $gitPath = Join-Path $programFiles 'Git\cmd'

  Install-ChocolateyPath $gitPath 'user'

@"

Making GIT core.autocrlf false
"@ | Write-Host

  #make GIT core.autocrlf false
& "$env:comspec"'/c git config --global core.autocrlf false'

  Write-ChocolateySuccess 'git.install'
} catch {
  Write-ChocolateyFailure 'git.install' $($_.Exception.Message)
  throw
}

The most important part for you to take away here is the first line. Note that this Chocolatey script is downloading Git from the MySysGit Site. Chocolatey is not changing installers, making installers or hosting installers. It's automating the boring parts of getting software, but it's still getting that software from the same location as always.

Advanced Stuff

Once you learn the basics - and they're pretty basic - there's more depth to Chocolatey to explore. Beyond the cinst and cuninst there's other commands to make installing stuff on Windows easier. Remember, they're all in your PATH so you can call these commands anytime.

Each of these major sources can be called with cinst using the -source parameter like "cinst IISExpress - source WebPI" or using their own aliases for simplicity as shown below.

• cwindowsfeatures - If you've ever opened Add/Remove programs then click Install Windows Features in order to setup IIS or Hyper-V then this command is for you. Some examples:
  • cwindowsfeatures  IIS-WebServerRole
  • cwindowsfeatures Microsoft-Hyper-V-All
  • cwindowsfeatures TelnetClient
    • Plus, you can always clist -source windowsfeatures for the complete list.
• cwebpi - The Web Platform Installer is a great GUI for downloading any development tools you might need for Web Development on Windows. It's a catalog, an installer, and a chainer. There's also a command-line version of WebPI that Chocolatey integrates with so you can:
  • cwebpi IISExpress
  • cwebpi VWDOrVs11AzurePack_2_0
    • And again, clist -source webpi gets you a list of what you can do.

There's a more complete list at the Chocolatey Commands Reference including how it integrates with Cygwin, Gems and Python.

Security Issues

This is a prickly one. How do you make a system that lets you install anything directly from the Internet quickly, cleanly, and easily without, well, installing something evil directly from the Internet? You'll want the communication with the server to be secure and the packages trusted, but you'll also want to make sure the packages haven't been tampered with since they were uploaded. There's the inevitable threat of a man-in-the-middle attack. You'll want to watch for malicious packages and enable quick takedowns if one sneaks by.

Security concerns aren't unique to Chocolatey, of course. They are a part of package repositories since their inception. The node npm repository had a security breach in March of 2012, and the folks at andyet explored the issues surrounding it, but also pointed out that personal responsibility has to have a role as well.

Linux's apt-get solves much of this with appropriate uses of cryptography and best practices that can (and should) be emulated. Packages in apt repos are signed with SecureApp, there are warnings if you're using a 3rd party repo or installing an unsigned package.

The Chocolatey team has been very quick to jump on security issues and they are very approachable. They've added SSL where appropriate and are aware of the work to come. If Chocolatey gets big (bandwidth and costs is a question in my mind) perhaps a non-profit organization would step in to help with not only costs, but also security audits and best practices.

Here's some points (edited for length by me) from a post from Chocolatey's lead, Rob in a post on their mailing list, also in march of 2012:

Security has a big future aspect of chocolatey. At the present I am the curator and I every day I get an email showing me all of the new packages that went in the day before. I look at all packages from new authors and I typically look at the first version of most new packages from authors I have good contacts with.

I've talked at length with others about having a moderated feed in the aspect of every package, every new version would be approved prior to showing up on the main feed. I am paying attention to how debian does things with multiple feeds and there are thoughts to move in that direction as well.

Security? In the future we are looking at a small group of folks be an approving body for nupkgs. We also talked about showing the hash for the nupkg, and possibly letting folks specify a hash for the installers so chocolatey can verify the things it downloads prior to execution.

Could I make a Chocolatey package called "FormatMyHardDrive?" Sure I could, just like I could ask you to open an admin prompt and format c: /q, but you won't, right? ;)

What's next?

Chocolatey is clearly not meant to be used by your "Gender Non-Specific Non-Technical Parent" and it does have some "competition" in the form of the Ninite GUI installation utility. While still not for the average Joe/Jane and having only a limited catalog, Ninite does fill a gap for the super-user to quickly get the common apps and utilities they want.

Additionally, is Chocolatey really apt-get? It's not installing libraries system-wide, although there's no reason it couldn't. Other open source projects like CoApp would like to be the Windows app-get although CoApp is more of a "system-wide libraries, C++ support, and Unix-like utilities" and Chocolatey is more of a "developer and poweruser utilities and their dependencies."

Chocolatey does install dependencies and you can see that happen yourself by trying out "cinst gitextensions" which itself has a dependency on git. Chocolatey will walk the graph and install what it needs before finally installing gitextensions.

Where Chocolatey, and ultimately Windows itself, falls down is with odd PATHing and install locations. Because Windows doesn't have formal install locations for things and because Chocolatey puts itself first in the PATH, it's possible to get one's self into odd situations where apps that were installed outside of Chocolatey don't line up with apps installed inside. For example, I installed Git with Chocolatey some months ago, then forgot about that version and installed a newer version of Git on my own. However, I kept hitting an old git bug because the Chocolatey version of Git was "first." I believe issues like this have changed with recent builds of Chocolatey, but the point remains: it's hard on Windows today to who installed what low-level utility, when, and where it ended up.

Branding

Now, by no means to I want to take away from the hard work done by Rob and the team, but (and I've said this to Rob before) I really have trouble getting past the name Chocolatey. Sure, there are two ways to spell "Chocolaty," which make it hard at least for me to type "Chocolatey" reliably. The -ey is a theoretically a valid variant spelling, but you can tell that that to the red squiggled underline in Word. But it's less the spelling and more the name itself. It lacks the nerdiness of an "npm," the gravitas of an "apt-get," or the poetic terseness of a "gem."  I realize that we are living in a world with companies called Hulu, Yahoo, Microsoft (seriously, MICRO SOFT, what is that?) and Google, but it's worth pointing out that a good name can really take a project to the next level. I'm not sure Chocolatey is the right name for this project, but that's 100% my opinion.

I encourage you, technical reader, to check out Chocolatey for yourself! It's a powerful tool, an engaged and growing community and an interesting piece of tech in its own right.

Is Chocolatey the apt-get Windows users have been waiting for? Sound off in the comments.

Sponsor: Big thanks to SoftFluent for sponsoring the feed this week! Check out their slick code generation tools: Less Plumbing, More Productivity! Generate rock-solid foundations for your .NET applications from Visual Studio and focus on what matters!

I have a "whenever I get around to doing it" Newsletter of Wonderful Things. Why a newsletter? I dunno. It seems more personal somehow. Fight me.

You can view all the previous newsletters here. You can sign up here Newsletter of Wonderful Things or just wait and get them later on the blog, which hopefully you have subscribed to. Email folks get it first!

Here's the newsletter that I sent out May 13th.

Hi Interfriends,

Thanks again for signing up for this experiment. Here's some interesting things I've come upon this week. If you forwarded this (or if it was forwarded to you) a reminder: You can sign up at http://hanselman.com/newsletter and the archive of all previous Newsletters is here.

Remember, you get the newsletter here first. This one will be posted to the blog as an archive in a few weeks.

• Tony Stark is the new Captain America, they say.
• I bought a Pebble Watch. I think smartwatches are finally going to happen.
• Fascinating writup by John Carmack of Doom fame about porting Wolfenstein 3D to the iPhone.
• f.lux free software will change the color temperature of your monitor to match the ambiant light and time of day based on your location and the season. What is this sorcery?
• This guy is dancing on a treadmill.
• Should you feel guilty when you over-sleep? Here's one person who says no, and explains why.
• What does economic inequality look like when charted against transit lines in the Bay Area?
• Potentially amazing 2D drawing API for JavaScript called two.js.
• It's all about the lighting, not your camera.
• This video of a dude's 90 year old grandma trying a VR helmet has sold me on it. TAKE MY MONEY.
• Here's a lovely monospaced font called Mensch that looks good for coding.
• Are you watching Scandal? It's must-Tweet TV.
• Why do Animated Gifs work like they do? 
• Speaking of Gifs, did you know you can make a gif with more than 256 colors? Each frame of an animation can be a different 256!
• It's been 10 years since "Star Wars Kid" went viral. Is he OK?

Scott Hanselman

(BTW, since you *love* email you can subscribe to my blog via email here: http://feeds.hanselman.com/ScottHanselman DO IT!)

P.P.S. You know you can forward this to your friends, right?

I recently discovered that a blog called (seriously) "Google Chrome Browser" was reblogging my site. (It of course has NO relationship to Google or the lovely folks on the Chrome team.)

This is a splog or "spam blog." It's less of a blog and more of a 'suck your feed in and reblog it.' Basically every post is duplicated or sucked in via RSS from somewhere else.  I get this many times a week and have for years.

However, this particular site started showing up ahead of mine in searches and that's not cool.

Worse yet, they have almost 25k followers on Twitter. I've asked them a few times to stop doing this, but this time I got tired of it.

They're even 'hotlinking' my images, which means that all my PNGs are still hosted on my site. When you visit their site, the text is from my RSS but I pay for the images bandwidth. The irony of this is thick. Not to mention my copyright notice is intact on their site. ;)

When an image is linked to from another domain the HTTP_REFERER header is populated with the location that the image is linked from. That means when my web server gets a request for 'foo.png' from the Google Chrome Browser blog I can see the page that asked for that image.

For example:

Request URL:http://www.hanselman.com/blog/content/binary/Windows-Live-Writer/How-to-run-a-Virtual-Conference-for-10_E53C/image_5.png
Request Method:GET
Referer:http://google-chrome-browser.com/penny-pinching-cloud-how-run-two-day-virtual-conference-10

Because this differentiates the GET request that means I can do something about it. This brings up a few important things to remember in general about the web that I feel a lot of programmers forget about:

• The Internet is not a black box.
• You can do something about it.

That said, I want to detect these requests and serve a different image.

If I was using Apache and had an .htaccess file, I might do this:

RewriteCond %{HTTP:Referer} ^.*http://(?:www\.)?computersblogsexample.info.*$
RewriteHeader Referer: .* damn\.spammers

RewriteCond %{HTTP:Referer} ^.*http://(?:www\.)?google-chrome-browser.*$
RewriteHeader Referer: .* damn\.spammers

#make more of these for each evil spammer

RewriteCond %{HTTP:Referer} ^.*damn\.spammers.*$
RewriteRule ^.*\.(?:gif|jpg|png)$ /images/splog.png [NC,L]

Since I'm using IIS, I'll do similar rewrites in my web.config. I could do a whitelist where I only allow hotlinking from a few places, or a blacklist where I only block a few folks. Here's a blacklist.

<system.webServer>
<rewrite>
<rules>
<rule name="Blacklist block" stopProcessing="true">
<match url="(?:jpg|jpeg|png|gif|bmp)$" />
<conditions>
<add input="{HTTP_REFERER}" pattern="^https?://(.+?)/.*$" />
<add input="{DomainsBlackList:{C:1}}" pattern="^block$" />
<add input="{REQUEST_FILENAME}" pattern="splog.png" negate="true" />
</conditions>
<action type="Redirect" url="http://www.hanselman.com/images/splog.png" appendQueryString="false" redirectType="Temporary"/>
</rule>
</rules>
<rewriteMaps>
<rewriteMap name="DomainsBlackList" defaultValue="allow">
<add key="google-chrome-browser.com" value="block" />
<add key="www.verybadguy.com" value="block" />
<add key="www.superbadguy.com" value="block" />
</rewriteMap>
</rewriteMaps>
</rewrite>
</system.webServer>

I could have just made a single rule and put this bad domain in it but it would have only worked for one domain, so instead my buddy Ruslan suggested that I make a rewritemap and refer to it from the rule. This way I can add more domains to block as the evil spreads.

It was important to exclude the splog.png file that I am going to redirect the bad guy to, otherwise I'll get into a redirect loop where I redirect requests for the splog.png back to itself!

The result is effective. If you visit their site, I'll issue an HTTP 307 (Moved Temporarily) and then you'll see my splog.png image everywhere that they've hotlinked my image.

If you wanted to change the blacklist to a white list, you'd reverse the values of allow and block in the rewrite map:

<rewriteMaps>
<rewriteMap name="DomainsBlackList" defaultValue="block"> 
<add key="google-chrome-browser.com" value="allow" />
<add key="www.verybadguy.com" value="allow" /> 
<add key="www.superbadguy.com" value="allow" />
</rewriteMap>  
</rewriteMaps>

Nice, simple and clean. I don't plan on playing "whac a mole" with sploggers as it's a losing game, but I will bring down the ban-hammer on particularly obnoxious examples of content theft, especially when they mess with my Google Juice.

Get Involved - The Video

My friend Rob Conery and I work on the This Developer's Life podcast together. You should check it out, we work well together. Last year we created a Technical Speaking Tips Video and launched http://speakinghacks.com on Rob's TekPub site. 

Since then I've done a little more moonlighting on the side with Rob and release not just The Art of Speaking but also done other episodes with Rob including a regular show called "The Source" where we explore the source of popular open source frameworks. Again, you get all of this with a yearly or monthly subscription.

Today we're launched our most ambitious project yet. A meticulously edited episode that's almost TWO HOURS of video content where we cover everything we think a developer should know to "Get Involved" in the developer community.

Announcing "Get Involved"

If you're a fan of This Developer's Life you know how tightly we like to produce things - this video is no exception. Filmed on the streets of Portland and at a Portland user group, we talk about Blogging, Twitter, Github, StackOverflow, Open Source, Speaking, User Groups and Conferences - all of this hoping to make you a happier, more productive, more connected developer. We want to inspire you and perhaps to take your career to the next level.

Additionally, we stretched far beyond Portland to seek out the other people who are very active and well known in the social arena like Jon Skeet and Jeff Atwood:

• Jeff Atwood and I talk about blogging, writing, and "working your voice free" so people who read your posts hear you loud and clear.
• Jon Skeet joins us to talk about what a Good Question is on StackOverflow - and also how you can gain reputation by providing Good Answers - and edits to Good Questions!
• We venture out to the Portland Area DotNet Users Group (PADNUG) and meet a few developers who have just started going - as well as people who have been there for years.
• While we were there, I gave a 10-minute lightning talk on Azure - a great way to get started speaking if you're not a fan of public speaking. Rob filmed the whole thing.

We put an immense amount of work into this production and I really think you'll enjoy it. You can buy it "ala carte" or as with all Tekpub productions you can get a one year subscription and get access to everything on Tekpub including this video, my speaking video, my show The Source as well as my episodes of Full Throttle with Rob PLUS dozens of other videos on new tech like Backbone, Async C# 5.0 with Jon Skeet, ASP.NET MVC with Sam Saffron, RavenDB with Ayende Rahien, Mastering jQuery, and on and on.

I hope you enjoy this show. We poured our hearts into it.

P.S. Here's a 10% discount coupon if you only want the video alone: KQWFCJUE0SPO

For the most part I'm happy with Windows 8 but one feature was removed that makes no sense to me - the wireless networks dialog.

Sure, you can "Forget this network" by right clicking on a Wi-Fi Connection, but only when that network is in range. The old Wireless Networks dialog where you could add and remove networks is gone. Who knows how many saved Wi-Fi hotspot profile I have littering my system?

So, The Problem: I want to remove saved Wi-Fi Profiles whenever I feel like it. I wrote a command line util that will work in Windows 7 and Windows 8.

TL;DR Version

There's a build zipped up of Wifi.exe available here and the source is on GitHub.

UPDATE: I've put Wifi-Manager up on Chocolately so you can now "cinst wifi-manager." Thanks to Brendan Forster for the heavy lifting! Learn more about the Chocolatey package manager here!

Caveats and "Ya I know."

First, let me be clear that I have written a command line utility to replace another command line utility. I get it. I knew it when I did it. Others smarter than I have done similar things and written utilities that match their way of thinking rather than learning an unintuitive syntax. Don't hate the playa, hate the Regular Expression.

Aside: This is also a problem with my iPhone. I likely have 50+ saved Wi-Fi spots on my phone and no way to delete them without jail-breaking.

You can access Wi-Fi profiles with the netsh.exe that comes with Windows, so you could list out profiles like this:

c:\>netsh wlan show profiles

Profiles on interface Wi-Fi:

User profiles
-------------
    All User Profile     : Wayport_Access
    All User Profile     : HANSELMAN
    All User Profile     : HANSELMAN-N
    All User Profile     : HanselSpot
    All User Profile     : EliteWifi
    All User Profile     : Qdoba Free Wifi

Then, for each one, call

c:\>netsh wlan show profile "Qdoba Free Wifi"

Profile Qdoba Free Wifi on interface Wi-Fi:
=======================================================================

Profile information
-------------------
    Version                : 1
    Type                   : Wireless LAN
    Name                   : Qdoba Free Wifi
    Control options        :
        Connection mode    : Connect manually

Connectivity settings
---------------------
    Number of SSIDs        : 1
    SSID name              : "Qdoba Free Wifi"
    Network type           : Infrastructure

For each of these profiles, check if they are secure or open, and if you are connecting manually or automatically. Then, if you wanted, you could netsh wlan delete profile name="Qdoba Free Wifi" and remove a profile, even when it's not near you.

In my recent podcast with security expert Troy Hunt, he pointed out that it's easy to create a fake honeypot Wi-Fi spot that has the same name as a common open network, like Starbucks, for example.

• Given: If my PC or phone is set up to automatically connect to any open hotspot named "Starbucks" then it will just connect to one...even an evil hotspot.
• Therefore: it would be nice to automatically delete profiles for Wi-Fi spots that are both open (no security) and set to automatically connect.

I was tired, so I thought I'd bang out a little utility to do this. I could have used PowerShell or something but I felt like using C#. It's exercise.

UPDATE:Lee Holmes went and wrote it in PowerShell! Amazing.

Wifi.exe and it's Usage

Tired of reading? There's a build zipped up of Wifi.exe available here and the source is on GitHub. You may need to Right Click | Properties | Unblock the zip.

There's no warranty. The code sucks and I'm a horrible person and you're running a util you found on my blog. However, it works awesome on my machine. Issues appreciated, tidy PRs appreciated more, running Resharper and doing a PR, less so. I'll update the build if good bugs require it.

If you run Wifi.exe (I put it in my path) you'll see something like this:

c:\>wifi
AP-guest                 manual    WPA2PSK
HANSELMAN-N                auto    WPA2PSK
HANSELMAN                  auto    WPA2PSK
HanselSpot                 auto    WPA2PSK
Qdoba Free Wifi          manual       open
Wayport_Access             auto       open Warning: AUTO connect to OPEN WiFi

Delete WiFi profiles that are OPEN *and* AUTO connect? [y/n]
n

Notice the columns, and the prompt. There's a warning when a hotspot is both open and set to auto-connect. If you answer Y to the prompt, the utility will delete that profile. You can also type 'wifi /deleteautoopen' to bypass the prompt and auto-delete just profiles that are auto and open.

A pull request a few minutes after I pushed this code also added the ability to

wifi delete "HOTSPOTNAME"

which is nice also. Thanks!

The Code

One of the great things about writing command line apps like this is that there's literally a dozen ways to do everything. They are trivial and silly but also useful and used daily. In this case I've got command line argument processing to think about, parsing output from a spawned process, doing the parsing in a clean way, making sure it works on a non-English machine (which I thought about but didn't test), as well as cleaning up of generated temp files.

It's hardly impressive code, but some of it was fun or interesting. Here's a few bits I liked.

Making Columns with Console.WriteLine and String.Format

Did you know that you can right- and left-align columns within a fixed with using String.Format? Few people know about this and I've seen whole libraries written custom to do the work that's built right in.

Console.WriteLine(String.Format("{0,-20} {1,10} {2,10} {3,30} ", a.Name, a.ConnectionMode, a.Authentication, warning));

Note the {0,-20} (left aligned) and the {1,10} (right aligned). Those are just like {0} and {1} in a String.Format but they include alignment and width.

Gratuitous use of Linq

It wouldn't be a silly utility without in crazy LINQ, eh? Who needs Regular Expressions when you can when you can do a SQL query over your string? ;) Actually, I don't know if this is a good thing or not. It was fun, though, and it works. Your thoughts?

This takes the output from wlan show profiles (seen above) and parses it into a list of just the AP Names. I think it should work in any language, assuming the : colons are there.

string result = ExecuteNetSh("wlan show profiles");
var listOfProfiles = from line in result.Split(new string[] { "\r\n" }, StringSplitOptions.RemoveEmptyEntries)
                     where line.Contains(":")
                     let l = line
                     where l.Last() != ':'
                     select l.Split(':')[1].Trim();

foreach (string profile in listOfProfiles)
    ExecuteNetSh(String.Format("wlan export profile \"{0}\" folder=\"{1}\"", profile, Environment.CurrentDirectory));

Cleaning up the temp XML files

I export a bunch of very specific XML files with a VERY non-specific extension. I can't control their file name and I don't want guess what their name is because I would need to recreate their AP Name encoding scheme. Instead, I look for any XML files in the current folder (given the rare chance that YOU, the utility runner, have XML files in the same folder already) and only delete the ones with the namespace that I know to be present in Wi-Fi profiles. I patted myself on the back for this one, but just lightly.

static XNamespace ns = "http://www.microsoft.com/networking/WLAN/profile/v1";

//Delete the exported profiles we made, making sure they are what we think they are! 
foreach (string file in Directory.EnumerateFiles(Environment.CurrentDirectory, "*.xml"))
    if (XElement.Load(file).Name.Namespace == ns)
        File.Delete(file);

Capturing Command Line Output

Finally, here's how you get the output of a command line process you started:

Process p = new Process();
p.StartInfo.FileName = "netsh.exe";
p.StartInfo.Arguments = arguments ?? String.Empty;
p.StartInfo.UseShellExecute = false;
p.StartInfo.RedirectStandardOutput = true;
p.Start();

string output = p.StandardOutput.ReadToEnd();
return output;

Pretty basic, but useful to bookmark.

Alternatives

After I wrote this I noticed there are some WinForms utilities to do this. That's great. I wouldn't mind making may own, except I'd want it to look exactly like the Windows 7 dialog. It'd be fun just to see if I could get it pixel perfect.

Feel free to go check out the code, play with it and make fun of me. https://github.com/shanselman/Windows-Wifi-Manager

Get Involved! Check out my latest production with TekPub. A meticulously edited TWO HOURS of video content where we cover everything we think a developer should know to "Get Involved" in the developer community.

A customer emailed me a weird one. I tend to have a sense for when something is up and when an obscure thing will turn into something interesting.

The person says:

...mysteriously most of my projects refuse to build.  "The build stopped unexpectedly because of an internal failure... something about unicode... blah blah"

There are a few messages out there on the web about it -- even a really old hot fix.  What's the best way to proceed with the VS team / MS?  Is there anyone actively interested in glitches like this?

My spidey-sense is tingling. First, when something says "internal failure" it means some fundamental expectation wasn't met. Garbage in perhaps? He says "most of my projects" which implies it's not a specific project. There's also the sense that this is a "suddenly things stopped working" type thing. Presumably it worked before.

I say:

"Have you checked all the source files to make sure one isn't filled with Unicode nulls or something?"

And says no, but sends a call-stack (which is always nice when it's sent FIRST, but still):

Error    1    The build stopped unexpectedly because of an internal failure.
System.Text.EncoderFallbackException: Unable to translate Unicode character \uD97C at index 1321 to specified code page.
   at System.Text.EncoderExceptionFallbackBuffer.Fallback(Char charUnknown, Int32 index)
   at System.Text.EncoderFallbackBuffer.InternalFallback(Char ch, Char*& chars)
   at System.Text.UTF8Encoding.GetByteCount(Char* chars, Int32 count, EncoderNLS baseEncoder)
   at System.Text.UTF8Encoding.GetByteCount(String chars)
   at System.IO.BinaryWriter.Write(String value)
   at Microsoft.Build.BackEnd.NodePacketTranslator.NodePacketWriteTranslator.TranslateDictionary(Dictionary`2& dictionary, IEqualityComparer`1 comparer)
   at Microsoft.Build.Execution.BuildParameters.Microsoft.Build.BackEnd.INodePacketTranslatable.Translate(INodePacketTranslator translator)
   at Microsoft.Build.BackEnd.NodePacketTranslator.NodePacketWriteTranslator.Translate[T](T& value, NodePacketValueFactory`1 factory)
   at Microsoft.Build.BackEnd.NodeConfiguration.Translate(INodePacketTranslator translator)
   at Microsoft.Build.BackEnd.NodeProviderOutOfProcBase.NodeContext.SendData(INodePacket packet)
   ...

OK, so it doesn't like a character. But a character in WHAT? Well, we'd assume a source file, but it's important to remember that there's other pieces of input to a compiler like path names, environment variables, commands passed to the compiler as switches, etc.

It says Index 1321 which seems pretty far into a string before it gets mad. I asked a few people inside and Sara Joiner says:

We aren’t doing substrings or anything – just transferring a dictionary, which involves writing first the size, then each key and value.  So if the data is bad, I don’t think it’s due to anything MSBuild has done to it.  That said, it looks like the only place in BuildParameters that we call TranslateDictionary is when transferring the state of the environment [variables] across the wire. 

Ah, so this is splitting up name-value pairs that are the environment variables! David Kean says "ask him what his PATH looks like." I ask and I get almost 2000 bytes of PATH! It's a HUGE path, it looks like it may even have been duplicated and appended to itself a few times.

Here's just a bit of the PATH in question. See anything?

\;C:\PROGRA~1\DISKEE~1\DISKEE~1\;C:\Program Files (x86)\Windows Kits\8.0\Windows
Performance Toolkit\;C:\Program Files\Microsoft SQL
Server\110\Tools\Binn\;C:\Program Files\Microsoft\Web Platform
Installer\;C:\Program Files\TortoiseSVN\binVN\???p??;C:\Program
Files\TortoiseSVN\bin;C:\PHP\;C:\progra~1\NVIDIA
Corporation\PhysX\Common;C:\progra~2\Common Files\Microsoft Shared\Windows
Live;C:\progra~1\Common Files\Microsoft Shared\Windows
Live;C:\q\w32;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;
C:\Windows\System32\WindowsPowerShell\v1.0\;C:\progra~2\WIDCOMM\Bluetooth
Software\;C:\progra~2\WIDCOMM\Bluetooth 

See those ??? marks? That doesn't feel like question marks to me. I open the result of "SET > env.txt" as a binary file in Visual Studio and it looks like it's 3Fs, which are ? marks.

This makes me think that there's unicode goo in the PATH that was converted to ANSI with it was piped. Phrased differently, this text file isn't reality.

However, elsewhere in the Windows UI his PATH variable looks like different.

C:\Program Files\TortoiseSVN\binVN\�侱ᤣp䥠؉;

Sometimes that corruption in the path looks like this and you might assume it's Chinese. No, it's corruption that's getting interpreted as Unicode. Interestingly the error said the naughty character was 0xD97C which is &#0xD97C; � which implies to me that something got stripped out at some point in processing and turned into the Unicode equivalent of 'uh...' Regardless, it's wrong and it needs to be removed.

I ask him if cleaning his PATH worked and the customer just send me a one line response via email...the best kind of response:

========== Build: 12 succeeded, 0 failed, 0 up-to-date, 0 skipped ==========

Yay! I hope this helps the next person who goes aGoogling for the answer and thought they were alone. Thanks to David Kean, Sara Joiner and Srinivas Nadimpalli for looking at the call stack and guessing at solutions with me!

Any insights, Dear Reader?

Sponsor: Big thanks to RedGate for sponsoring the feed this week! Check out Deployment Manager– app deployment without the stress. Deploy .NET code & SQL Server databases in one simple process from a web-based UI. Works with local, remote and cloud servers. Try it free.

If you can hear well, you may have never thought about Closed Captioning or Subtitles. Perhaps you've used it once or twice to catch a missed word in a movie, or perhaps you've only read subtitles in foreign movies. But if you're one of the nearly 10M hard of hearing folks in the US or one of as many (estimates vary widely) 70M profoundly deaf people in the world, it's not the subtitles you're concerned with...it's the lack of subtitles.

Automatic transcriptions are a start, but they are about as useful as automatic translation services. If you speak more than one language you'll agree that computer translation just isn't quite here yet. It's awesome that YouTube can attempt to auto-transcript English and it's an amazing piece of tech, but the results are sometimes ridiculous for any video content that isn't a news reader. Ultimately, today, automatic transcriptions are NOT a good answer.

Here's an example of some automatic captions from my 3 minute Windows 8 video:

Hanselminutes, my "fresh air for developers" podcast has long had transcripts available. Our transcription has been championed by Carl Franklin, my producer, and it IS appreciated. When a show is missed or we lag behind, people notice. You can head to our archives page, and the search supports a live-filter with an * as I've marked all transcript shows with an asterisk.

Transcripts aren't just for the hard of hearing, they are also great for folks who are learning English or people who would rather learn by reading than by listening. Not everyone has an hour to listen to a show, but they can check out the transcripts and decide if they want to bother. It also helps for SEO by allowing keywords in your podcast or video to be picked up by Google, Bing and other search engines. Often people at work want to watch a YouTube video without the volume on.

Hiring a Transcription Service

Transcribing isn't as easy as you'd think. People talk WAY faster than the average typist. Feel feel to try transcribing the news or a podcast yourself. You'll quickly find that it's hard damn work. The service that I use the most,with success, has been Rev.com. They used to be called FoxTranscribe and changed their name.

Ordering is easy, you can upload files or just paste in URLs. I recently had them transcribe my Productivity Talk by just giving them the Vimeo link.

Recently Rev transcribed both of my Windows 8 videos! Having good closed captioning is super important with YouTube videos, and people who are looking for subtitles are REALLY happy when they find good ones.

You can turn on Closed Captioning for YouTube videos as a permanent setting as well.

1. Go to your Account Settings page
2. Select Playback from the left-hand menu
3. Check or uncheck Always show captions
   (Check Show automatic captions by speech recognition (when available) to enable automatic captions for videos that don't already have captions provided)

YouTube lets you add captions in a few ways.

Upload a Caption File and Auto-Sync

This is the easiest thing to do because it doesn't include time stamps. YouTube knows what video you're trying to caption so it can make educated guesses as to what words line up where. Time moves forward, so the guesses are usually VERY good if your transcript is a good one. That's what Rev.com provided me.

Here's the first section of what Rev.com gave me for the 25 minute Windows 8 Video:

Scott>> Hi. I'm Scott Hanselman. This is the Missing Windows 8 Instructional Video. I've got another video where I show you basically everything I'm going to show you in this video, except I do it in only four minutes. That might be great for techies or people who are kind of advanced. But for the rest of us, it's pretty intense and it looks a little frantic. I thought it would take some time to go through a number of things within Windows 8, like “What changed?”, “Who moved my cheese?”

See the double >> mark? That's where you indicate who is talking. And that's it! It's worked great and I'm thrilled with the result.

Upload a Caption File with Timestamps

If your video has fast cuts, lots of speakers or needs more precision, you'll want to make a a formal caption file in one of a variety of formats. A .srt file is what I see the most, but there's a number of options.

Here's a .srt example from Google:

1
00:00:00,599 --> 00:00:04,160
>> ALICE: Hi, my name is Alice Miller and this is John Brown
2
00:00:04,160 --> 00:00:06,770
>> JOHN: and we're the owners of Miller Bakery.

These files should be created by a captioning software package, in my opinion.

Regardless of how you create it, once the file is uploaded to YouTube, it works just as it should and can be turned on and off by the user.

Crowd Sourcing Transcripts

You may also be able to Crowd Source your transcripts. That's what I'm trying with This Developer's Life, the other podcast that I do with Rob Conery.

Yes, we are working on the next episode. I promise. The theme is "Space" by the way. Coming soon.

Since we have a primarily technical developer audience, I chose to use GitHub to manage things. It's very open, collaborative and clean...for a programmer. We're using Mark Down files and I hope to generate HTML and link to them directly from the This Developer's Life site. You're more than welcome to get involved and help out. There are still transcripts that need help! Check out https://github.com/shanselman/ThisDevelopersLife-Transcripts

We've just received the complete transcript from the TDL episode where my wife and I talk about our Cancer Year. That one is currently here and the actual episode is still on the TDL site.

We used a more casual layout, but I think the result will be easy to read.

Scott: What happened yesterday, dear?

Mo: Yesterday, I was told that I have cervical cancer.

S: That sucks.

M: Yeah. That REALLY sucks. [Silence] Yeah. It does. It does. Yeah.

S: We spent most of yesterday surprisingly not crying and wailing or gnashing our teeth... but rather with quite a bit of black humor. Wouldn't you say?

M: [Laughing] Yeah, I would. I would say that. But I think what is still true is that it’s a pretty heavy thing to hear. What was particularly frustrating in our case was how we found out about it. It was just not the way that one should ever find out that you have cancer. I don’t care what kind that it is.

S: It was definitely, as I like to say, sub-optimal.

M: Sub-optimal is a very delicate way of putting it. Yes, it was sub-optimal.

I REALLY appreciate all the love that the community has given Rob and I on This Developer's Life. It's a labor of love, it takes hours and hours to make an episode and I hope you know that we are still having fun making it. We thank YOU for helping with the captions! As they get closer to being done, I'll update the site and make them easier to find.

Collaborative Subtitling Systems

There is a great online community and series of tools called Amara that is explicitly for enabling captions for media. You can order transcription services outright, but you can also crowdsource your captions directly from the tool. If you're using YouTube you can give them access to your account via OAuth and they'll update your video's captions automatically. You can volunteer and transcript videos yourself and be a part of the crowd and make someone's video more accessible!

There are also some startups in the space like EnhanceCast and 3PlayMedia that you should also take a look at.

Regardless of what you choose, I really encourage you to consider captioning your content. We're working on doing this for ASP.NET videos now as well.

If you appreciate closed captioning and subtitles, please sound off in the comments!

Sponsor: Big thanks to RedGate for sponsoring the feed this week! Check out Deployment Manager– app deployment without the stress. Deploy .NET code & SQL Server databases in one simple processfrom a web-based UI. Works with local, remote and cloud servers. Try it free.

Some days...some days it's frustrating to be on the web. We're compiling C++ into JavaScript and running Unreal in the browser but at the same time, here in 2013, we're still making the same mistakes. And by we, I mean, the set of web developers who aren't us, right Dear Reader? Because surely you're not doing any of these things. ;)

All of these are solvable problems. They aren't technically hard, or even technically interesting. I consider these "will-required" problems. You need the knowledge that it's wrong and the will to fix it. As users - and web developers - we need to complain to the right people and help fix it.

Redirecting a deep desktop link to a mobile home page

Google has decided that the practice of taking perfectly good deep links like foo.com/something/deep, detecting a mobile device, then redirecting to m.foo.com is user-hostile. In fact, the GoogleBot is going to declare these "faulty redirects" and ding sites in the search result ranking. Stated simply:

Avoiding irrelevant redirects is very easy: Simply redirect smartphone users from a desktop page to its equivalent smartphone-optimized page. If the content doesn't exist in a smartphone-friendly format, showing the desktop content is better than redirecting to an irrelevant page.

For example, if I want to go to the http://www.mcmenamins.com/Pubs page, but I do it on mobile, they ALWAYS redirect me to /mobile. Always. Even though I have a quad-processor pocket supercomputer with gigs of space I've still surfing a second-class internet.

I don't want your crappy app

That means you Quora. I am in my browser, unless I'm going to the App Store, let's assume if I'm in the browser, I want to be on the web.

Giant Interstitial Ads

I'm looking at you, Forbes.com. I GET IT. YOU HAVE ADS.

Stay classy.

Labels for Input Forms

I hate seeing a checkbox and only being able to click on that exact checkbox.

<p>Which fruit would you like for lunch?</p>
<form>
<input type="radio" name="fruit" id="banana" />
<label for="banana">Banana</label>
<input type="radio" name="fruit" id="None" />
<label for="none">None</label>
</form>

It's so easy to just associate a label with an input. Please do  it, then we can all have something larger to click on.

Breaking Hyperlinks

We're still doing this. Haven't we learned that Cool URIs Don't Change? It was true in 1998 when that was written and it's true now. The web as we know it was created in 1990 and made truly open in 1993 and the link to the First Web Page (yes, Capital Letters) is still http://info.cern.ch/hypertext/WWW/TheProject.html. I love that they've done the work to keep that link alive.

There's just no excuse for this. With .htaccess files and web.config files, maintain a list of redirects and do your best to test them. Maintaining deep and complex links can be complex, but if you're companyname.com/about link dies because you switch from PHP to Rails, there's just no excuse for that. I'm your User and I have always typed /about. Don't' give me a To Do like "Update your bookmarks!" I didn't come here for a To-Do, I came her for your damn about page. YOU figure it out.

Click the Flag that represents your Language

I've often been asked to "select my language" from a list of country flags, and ended up clicking on the Union Jack to represent "English." I'm sure the actual English don't appreciate an American declaring they speak English. ;)

but I know I'm not the only one who realizes that a Flag is a lousy representation of a language, especially since your browser is announcing what languages you speak with every web request.

Accept:text/html
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8

There can be a whole list of languages in the Accept-Language header, in the order the user prefers them!  Use that data, it's there for you to use.

You know my Zip Code, why am I entering my State?

For folks living in the states, we're always asked to enter our postal code (ZIP code) and our city and state, even though there are dozens of great APIs and Databases that can give you that information.

The meta-point is this: If you can reliably determine something from the user (language, location, country, preference) without invading their privacy, do it! Save them a little time!

Resizing Giant Images with width and height attributes

Perhaps take a moment and remind your boss that the 6 megapixel photo that he or she took with their new Canon EOS is not a good background image for your corporate site...especially if it's a 4 megabyte JPGs.

Oh, that's OK, we can just <img src="bigassfile.jpg" width="100" height="100"> and that will make it smaller. No, that just downloads the giant file and then makes your browser to the work to resize it on the client.

Resize first, and squish often. Also run all your PNGs through PNGGauntlet or PNGOut.

Serving pages from both www. and naked domains

If you've got example.com/something AND www.example.com/something both serving up the same content, consider "canonicalizing" your URLs. You can do this with rel="canonical" in your META tags, but that only hides the problems and makes the Googlebot happy. Instead, why not PICK ONE and serve a 301 redirect to the other? Did you know that there are rules built into IIS7 that will set this up for you? You can even remove your .aspx extension if that makes you happy. You can do it!

The same is true if you do the same thing for / and /default.html. Pick one if you can, and redirect the other.

<system.webServer>
<rewrite>
<rules>
<rule name="CanonicalHostNameRule1" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTP_HOST}" matchType="Pattern" pattern="^hanselman\.com$" ignoreCase="true" negate="false" />
</conditions>
<action type="Redirect" url="http://www.hanselman.com/{R:1}" redirectType="Found" />
</rule>
<match url="blog/default.aspx" />
<action type="Redirect" url="blog/" redirectType="Found" />
</rule>
<rules>
<rewrite>
<system.webServer>    

Others?

What are some great examples that you think Break The Internet...but that are easily fixed if we have the will?

Sponsor: Big thanks to RedGate for sponsoring the feed this week! Check out Deployment Manager– app deployment without the stress. Deploy .NET code & SQL Server databases in one simple processfrom a web-based UI. Works with local, remote and cloud servers. Try it free.

I'm totally geeked out about Smart Watches. I always have been, from the original Microsoft SPOT watch (from 10 years ago!) to the Pebble, and now the AGENT Smart Watch from Secret Labs. Secret Labs are the folks that brought us the Netduino open source electronics platform that uses the .NET Micro Framework. It's pretty awesome that you can write C# and run it in 64k or in 64gigs, from the wrist to the cloud.

Upcoming Conference: If you're in or around Chicago in July 2013, consider joining Chris Walker from SecretLabs and I at the MonkeySpace conference! We'll be speaking about developing for embedded systems and the AGENT Watch with C#. What are the power considerations? How low-level is this kind of coding? Can one kind of app cause battery drain while another keeps the watch going for a week? What about notifications and bluetooth? We'll cover all this and lots more, join us.

The AGENT Smart Watch was trying to raise $100k to build a watch and as of the time of this writing they are within spitting distance of a MILLION dollars! There's just hours to go to get in on this cool Kickstarter. (Remember, Kickstarter is an investment, not a store.)

Not only is this a .NET Microframework Device, but we can start writing apps now using the AGENT Watch Emulator. From their Kickstarter site:

Traditional smartwatches run apps in an unrestricted environment.  AGENT's OS includes a managed runtime, optimized for our low-power architecture.  It is called the .NET Micro Framework and it makes watch apps trustable.

This feature-rich managed runtime also offers developers modern features they crave: event-based programming; multi-threading; garbage collection; lambda expressions; exception handling; automatic power management; and much more.

You can install VS2012 and the .NET Micro Framework 4.3 and write an app for your wrist! I alluded to this a little in my Xamarin talk "How C# Saved My Marriage." You can write .NET apps for embedded systems, a watch, tablets, desktops, web sites, large cloud systems and more.

Full disclosure: I have no financial stake or business relationship with SecretLabs, but we are friends and I'm a fan. I helped Chris with some copy writing on the Kickstarter page, its text and reviewing the video as a favor. I have received no money from SecretLabs and I backed the Kickstarter with my own money.

I got a preview of the AGENT Smart Watch emulator, and some code from Kickstarter backer Esben Bast who created a binary clock face. I loaded up VS2012 and the binary clock emulator. This initial code is just about 100 lines. You can see the references in Solution Explorer here. SPOT means "Smart Personal Object Technlogy."

The fact that there is an emulator is huge. No worries about breaking a watch or even having a watch! The Agent Watch SDK puts a reference to the AGENT Emulator in my registry, so it shows up directly in Visual Studio:

Then I can debug my watch app without a watch, just as if I were writing a Phone App or Web Site. It's a first class experience inside of VS. This makes me feel particularly empowered as a .NET developer because it means I already know how to write apps for this watch and I've never even seen it before..

The code is pretty straightforward, if appropriately low-level. This IS a small device we're talking about!

You've got total control over the screen and what can be displayed. You could create any watch face that you could imagine (that would fit on the screen) because you have a Bitmap to draw to.

The .NET Micro Framework has no fonts loaded by default, but I can include them as resources. There's some "tinyfnt" files in C:\Program Files (x86)\Microsoft .NET Micro Framework\v4.3\Fonts or I could download or make some myself. Even better I can use the TinyFontTool from Miloush.

I can load a font from a resource like this:

font = Resources.GetFont(Resources.FontResources.small);

and then later in my UpdateTime() method, Draw the time on my binary clock screen.

_bitmap.DrawText(DateTime.Now.ToString("HH:mm:ss"), font, Color.White, 45, 15);

Run my emulator again and I have the time printed as well!

The only real "microframework-ism" in the code is that the watch face doesn't want to use a lot of power, so you should "go to sleep." It's the same as if you were writing a console app. If your main() function ends, then your app will end! But, since this is a watch face, we want it to run all the time, so, we start a 1 second timer, then sleep the main() forever. Everything interesting happens as an event on a background thread. (The watch can control the lifetime and tombstone or kill the watch face if you're doing other things.)

public static void Main()
{
    _bitmap = new Bitmap(Bitmap.MaxWidth, Bitmap.MaxHeight);
    _font = Resources.GetFont(Resources.FontResources.small);

    // display the time immediately
    UpdateTime(null);

    // set up timer to refresh time every minute
    DateTime currentTime = DateTime.Now;
    TimeSpan dueTime = new TimeSpan(0); // beginning of next minute
    TimeSpan period = new TimeSpan(0, 0, 0, 1, 0); // update time every minute
    _updateClockTimer = new Timer(UpdateTime, null, dueTime, period); // start our minute timer

    _button = new InterruptPort(HardwareProvider.HwProvider.GetButtonPins(Button.VK_SELECT), 
        false, 
        Port.ResistorMode.PullDown, 
        Port.InterruptMode.InterruptEdgeBoth);
    _button.OnInterrupt += _button_OnInterrupt;
    // go to sleep; time updates will happen automatically every minute    
    Thread.Sleep(Timeout.Infinite);
}

That last part is interesting. You've got two event handlers here, the one to UpdateTime every second and then one to watch for the Button getting pressed. You want the watch app to be event-driven...it needs to do as little as possible NOTHING until it's time to do something. This InterruptPort is watching for the the middle button (the VK_SELECT button). ResisterMode.PullDown means the button will show "1" or true when it's pressed. InterruptEdgeBoth means I get events when the button is pressed AND when it goes up.

Go make Watch Apps!

Here's another cool watch face from Dylan Mazurek next to the Big Digits example:

And finally, here's an animated concept for a World Time face that Steve Bulgin made for Pete Brown as well as another Steve concept below:

The next step will be more than watch faces, it will be watch utilities and apps. Maybe an app for my FitBit, or an app to manage Blood Sugar? Perhaps a Nest app to control my thermostat?

The AGENT Watch Emulator emulator will be available to download this Thursday at www.agentwatches.com. You can get ready by installing the .NET Micro Framework today.

Watch apps can be written in C# using Microsoft Visual Studio 2012 (including the free Express edition). Deploy your apps over Bluetooth and debug them interactively.

Download Visual Studio Express 2012
Download .NET Micro Framework SDK v4.3

Developers can also use AGENT as a secondary display, interacting with it remotely via Bluetooth from their Objective-C, C#, or Java smartphone app.

Even though the watch ships in December, I'm going to start writing apps now so I'm ready for the Watch App Store (coming soon)!

This is hardly a tragic story and it's not even a good photo, but it's interesting because it happens a few times a year. Perhaps it's happened to you! (Share in the comments)

A buddy noticed a story in Business Insider Australia that was picked up off Reuters called "Microsoft says they've disrupted a global cybercrime ring responsible for $500 Million Theft." It was syndicated to OZ by Business Insider US who pulled it from Reuters, and it seems they each pick their own illustrative picture.

And apparently they did it in my damn office. That's my big head, my three monitors and I am, in fact, hacking on CoffeeScript in this picture, not fighting cybercrime. How do I know? Because I was there when this photo was taken by Rob Conery. We used it for my Speaking Hacks educational video.

Rob Conery and I made a video called Speaking Hacks...here's a screen capture.

It got used on a post a CoderWall.com where I describe my system setup. I love that they crop the pictures they so carefully Google Image Search for.

I try to use search.creativecommons.org for my image searches on this blog. Raphael Rivera turned me on to this and reminded me of the importance of respecting image copyright. Just googling for a picture and slapping it on your blog isn't cool.

Usually when this kind of thing happens I'll just email a kind note to the owner of the site and mention it and it gets handled. (I've just emailed Business Insider now) Most people are very nice. Folks at Gizmodo and LifeHacker almost always have a real human behind their stories with a real Twitter account and they've always been accommodating about little things.

Ah, but sometimes it's not just a nameless-faceless newspaper but it's a nameless-faceless newspaper article originally published by Reuters on "put on the wire" which means it can spread literally everywhere, and fast.

Do I care? Not really, but it's the principle of the thing. I mention it because it's a teachable moment for us all.

When you put an image on the Internet, it's on the Internet.

It can be used for anything, anytime, by anyone. You can assert copyright, but usually depending on how big the site is (or how obtuse their Contact Us page is) you'll be lucky to find a human, much less a nice one.

At least I have my hair. So far.

Think about signing that Photo Release

It matters to me when it's big and public and involves my kids. Some friends were driving down the freeway recently and noticed something. They called and said "Is that your son on a billboard off I-5?"

This was my reaction: O_o

Turns out that years ago in our school's day care we signed a photo release. I assume we thought it was for their blog, or a pamphlet, but in retrospect even that was a bad idea. We never thought my kid would end up on a 30 foot paper billboard advertisement, with little recourse. Fortunately in the billboard case, the head of the school wasn't aware either! Their marketing folks were just pulling the photos from a shared folder, treating them as stock images. In the end, the school was extremely accommodating and apologetic and it's since been handled. Still, a wake up call to us, and I hope, to you, Dear Reader.

Happy Resolution

This email showed up literally as I was/am writing this post.

Hi Scott

Thanks for getting in touch. I’m the editor at Business Insider Australia.

I’ve removed that image, which was syndicated from the US edition. I’ve also alerted them to your complaint.

http://au.businessinsider.com/microsoft-cybercrime-500-million-theft-2013-6

Hope this addresses the matter for you.

Best wishes,

Paul

Awesome. And sometimes your kind letter reaches a kind human and gets handled. Thanks Paul, much respect!

Now, about this NEW picture...;)

(Yes, I realize the thick irony of me blogging it, and thereby putting the image "back out there" but it's for educational purposes.)

My friend Luvvie and I were speaking at Blogging While Brown this last weekend in New York City, amongst other things and events. Luvvie and I host a podcast called Ratchet and The Geek. I produce three podcasts - Hanselminutes, This Developer's Life, and Ratchet and The Geek. I do all of these on the side, for fun.

Context in NPR terms: If the Hanselminutes podcast is "Fresh Air for Developers", then Ratchet and The Geek is "Car Talk for Techies," while This Developer's Life is a loving homage to This American Life.

At the conference, Luvvie and I hosted a one hour talk about "Taking Your Blog to the Next Level with Podcasting." All the links to the equipment we recommend is at this Bit.ly Bundle: bitly.com/bwbpodcasting

We did a 5 minute "mini-podcast" live on stage at the beginning of our talk, then talked about how we produce the show and how it goes from concept to topics to a produced and published MP3.

For this post I'm focusing on what you'll need for a podcast in terms of Equipment and Publishing. I'm assuming you're able to decide on your own topic/theme and spread the word about your new show.

Podcasting Equipment: Good, Better, Best

Let's take a look at your options, ranked from Meh, through Good, Better, and Best.

Meh

You could use BlogTalkRadio as a super-quick way to jump-start your podcast, but there are some limitations. The benefits are that there's no software to use. It's basically a recorded conference call. They handle call-ins for guests, archiving, delivery and bandwidth. However, it goes up from Free to $39 a month or more quickly.

If you are serious about the future of your podcast I recommend that you put a little more work into and and you'll have lots more control and flexibility.

Good

If you are going to do Skype-based recordings or online interviews, get yourself a decent USB microphone/headset. These are NOT audiophile or good quality headphones - to be clear - but they are good enough for Skype and they are guaranteed to sound better than talking in to your laptop's tiny microphone hole.

Remember, your laptop may have cost $1000 but that tinny microphone hole was only $1 of the price. Have low expectations when using a laptop mic for a podcast.

If you get a microphone/headset, get one that's USB to keep the audio digital all the way into the laptop. Don't use 1/8" analog headphone jacks for recording.

For Skype interviews I use CallBurner to record the interviewee. Ideally your guest will also have a good USB microphone. Even better if your guest records a local file while you also record the Skype call. More on this technique further down in this post.

Better

You may be able to get more flexibility if you move to a portable recorder. You can do interviews with these without carrying your laptop. You can also use your phone or tablet if you like. Ideally you'll want to make WAV files rather than MP3s. If you're editing your podcast later a WAV file will sound better while editing and won't lose quality. An MP3 is already compressed and then will get compressed again when you save your final podcast.

Consider a WAV file like a PNG, RAW file or BITMAP and an MP3 is like a JPEG. Edit in high quality files and export your final as a compressed MP3.S

You can also add a small Lavalier (clip on) microphone if you like, then plug it into the portable recorder to better isolate sound for your interviews.

Better++

If you've got $80, consider a Samson C01UCW USB Mic or similar. This is an extremely competent mic that plugs directly into your computer's USB port. You can record into Audacity or Adobe Audition or even iMovie or Garage Band directly. For one or two person talk shows this is a great mic to start with.

Also consider your room configuration. If you have a square room with stone walls and wood floors, your listeners will be able to hear every bump in that echo-y environment. I use a Portable Vocal Booth from RealTraps when sound quality really counts. This is useful for screencasts and voice-over work in a noisy environment.

Best

I say "best" but I'm assuming you don't have an actual recording studio available to you. This is the setup that I use on all my podcasts. I use a Zoom H4N portable recorder. It uses an SD card to store the WAV files. It comes with two small mics at the top for starters, but then lets you grow by adding either microphones with 1/4" jacks or studio quality mics with XLR connectors.

I recommend Shure microphones. Two Shure PG48-XLRs with cables paired with the Zoom H4Nwill make great sounding podcasts. All the very best episodes of This Developer's Life were recorded like this. All the episodes of Hanselminutes where the guest wasn't on Skype were recorded in person with this very setup.

The Zoom also has the benefit of improving your YouTube videos. You can mount it directly to a DSLR camera with video capabilities and greatly augment the resulting video's sound quality. Again, the components in a DSLR are optimized for visuals, not audio.

Editing

Luvvie and I live in different time zones so we record local files with our portable rigs PLUS we Skype each other and record the call with CallBurner. This gives me THREE files.

Why three files? Well, one high quality of my recorded locally as a WAV. One of my co-host recorded in high quality as a WAV and one of BOTH of us. The trick is that we don't use the phone/Skype track.

The phone track is just for lining up the two other tracks. This makes it sound like my co-host and I are in the same room together. See the three files below. My co-host is on top - notice her track is quiet. I'm on the bottom. The phone track is in the middle. Since these are separate tracks I can adjust Luvvie's track to make it louder and better match my track's volume.

I move our tracks around using the phone/Skype track as a guide. It tells me what we're supposed to sound like and gets our conversation in Sync. When I feel we are in sync, I mute the Skype track and listen to us talk.

For complex show I'll use Adobe Audition and use the Effects Rack. I use a Speech Volume Leveler and a "Hard Limiter" to keep the voices at a strong, but not overpowering level. There are LOTS of great Tutorials online to show you how to use tools like Audacity and Audition.

It's like PhotoShop for sound! There are layers and filters and effects. Thinking about it this way greatly helped my mental block.

Publishing

We recommend using LibSyn for your hosting and publishing your podcasts. If you are more technical you can certainly use Amazon S3, Azure Blobs or just your own existing host if you like. For shows like Hanselminutes that have almost 30,000 megabytes of shows, we use S3. Both Ratchet and The Geek and This Developer's Life use LibSyn.

LibSyn offers a simple platform for publishing and feed creation. It also has fantastic stats and can even make mobile apps for your shows if you want.

Your Feed

Podcast feeds are just like RSS feeds except they also include an "enclosure" tag. Services like FeedBurner and FeedBlitz can add this tag for you if your blog doesn't support it directly. While it's unclear how long FeedBurner will last, We use it for its easy podcast creation ability.

Make sure you submit your Podcast to iTunes and Windows Phone/Zune. I also suggest telling Rob Greenlee (the manager of the Windows Phone/Xbox/Zune podcasts) on Twitter about your show).

Here are some other podcast directories you should be sure to target:

• BlackBerry - You can submit your podcast by going to thePodcast submission page and creating a RIM podcast account.
• Stitcher
  Stitcher - is a radio-like service that allows you to submit your audio podcast to. Submit your audio only podcast at the Content Partner page.
• Tunein Radio - You can submit your Podcast to Tunein by sending an email to Broadcast Support.
• DoubleTwist - Submit your show by emailing Support with your show's name, RSS, and description.

Conclusion

Ultimately you need an MP3 that shows up in a feed and a website to promote it. Everything you can do on top of this will only help you! Think about sound quality, topic quality, consistency, website quality, and technical details.

Sponsor: Big thanks to CodeProject for sponsoring the feed this week! What you can do with 215+ million business records? Dig into the data in the D&B Developer Challenge and post an article on CodeProject about what you could do with the data. Over $40,000 in prizes total are up for grabs. Check it out!

I just bit the bullet and installed the Windows 8.1 Preview on my Surface RT. It's a one-way upgrade (meaning you won't be able to go from this Preview Build to the final) so make a Recovery Drive with a USB drive you have lying around. You'll need at least a 4GB USB key for this backup and the drive will be erased. Then go to http://preview.windows.com and follow the instructions. Basically you download an update, install, reboot, and then the Windows Store says Windows 8.1 Preview is available. You install for a while (took a few hours) and assuming you're signed in with the same Microsoft Account it will redownload all your apps.

Warning: Installing anything called "preview" is for advanced/enthusiast folks. Expect nothing and you'll never be disappointed. Backup your crap. Be prepared to torch your machine to get back to the mainline.

I honestly didn't use my Surface RT that much, mostly just for Movies and Stuff, but this new 8.1 update adds some stuff that will have me using it around the house more.

Here's 10 features that are making me look harder at Windows 8.1.

Being able to use your Desktop Wallpaper as your Start Menu background

The Start Button is back, down there in the corner. But that's not as interesting to me as the ability to use your Desktop wallpaper as your Start Menu background. This might be hard to visualize, but the point is that if you hit the Start Button (or the Windows Key) you'll immediately move to the big Start Menu. When the background of that menu is your same desktop wallpaper, the result is much less jarring than a bright background and makes the whole Windows 8.x experience much more comforting.

From the Start Menu, hit Windows-C, click Settings, then Personalization. You'll see the menu fly out as in the picture below. Select the tiny thumbnail of your wallpaper. It's the square with the birds in my picture here.

This little change is a huge difference. I wish this was the default experience, myself.

Search Everywhere

If you are in the Start Screen and you start typing it will search everything. Apps, Files and the Internet if you want. If you search for a Well Known Thing (caps mine) then it will give you detailed results that include (possibly) music, big pics, videos, etc. I searched for Daft Punk below.

Freaking Outlook 2013

Since my Surface RT includes Office RT (Word, Excel, PointPoint, etc) it looks like Windows 8.1 adds Outlook 2013 RT to the mix! This was a total surprise to me, and is the #1 reason I'll start using my Surface for work stuff. I'm surprised this hasn't been noticed by some of the tech sites I read. It's an awesome addition.

Smarter Windowing

Windows 8.1 seems much smarter about making decisions about window management. Here I've launched the Games app while running the Mail app on the left and the Desktop on the right. it's hovering (teetering, even) in the middle, waiting to be pulled from one side to the other, rather than just taking over one of my existing apps.

Apps can be 50/50 split on the Surface RT, as well as the other 70/30 options.

Way easier customization

Icons are moved more like on my other tablets, with a push and hold gesture. Except you can select multiple icons, start dragging them with one figure while scrolling with the other finger. Grouping and customizing is way easier.

Here is me starting to move things around. I've got the Office stuff tiny, and the News app largest.

Better All Apps View

Apps that are newly installed get marked "new" in the All Apps few. You swipe down from the Start Menu to get here, and can sort by Recently Installed as well. I found a bunch of new apps I hadn't seen before like Calculator, Sound Recorder, Health and Fitness and Alarms.

More Comprehensive Settings

The Settings area has a LOT more info than before, including some rather deep pages (you may have to hunt) like this one on my Wi-Fi Router. Note that it's marked as a Meter Connection. I thought it was cool that Outlook didn't connect automatically when this was marked as Metered (this means my router has limited data and I could be charged for big downloads). I have personally downloaded gigs of mail while overseas and gotten nailed by big bills, so this was cool.

The Metering is an existing feature, but the deeper details into my Wi-Fi and devices is new.

Removable Disks in your Music and Video Libraries

I'm pretty sure this wasn't there before. I added a 64gig micro-SD to my Surface RT with the plan to watch Videos and store Photos on it, but it wasn't very seamless in Windows 8. I took a chance and right clicked on my SD card folders and said "Include in Library" and now my videos show up in the Videos app! Suddenly my 32-gig Surface has become a more useful 96 gig machine (well, 64-gig, as I'm going to change the defaults to store everything on my SD card.)

Here's my videos listed, some in the cloud and some on my micro SD card.

Here I am looking at Outlook while watching Harry Potter in Split-Screen.

Smarter Notifications and Quiet Hours

My wife is NOT a fan of my Surface RT for one basic reason. It won't stop beeping. I installed Twitter and Twitter "pops toast" - meaning, it uses notifications - and it's forever going off and beeping at night. Yes, I could turn off notifications, or sleep it, and I do, but when I'm using the thing I want it on. The Notifications options have been expanded to include "quiet hours," which is a nice touch.

The Reading List

I'm a big fan of Instapaper and the idea of a "Read It Later" gesture. This is different from simply bookmarking. This is a queue of long-form reading material. From apps like Internet Explorer you can invoke the "Share" action. I could share to Twitter, Mail, some People, or the new Reading List.

Then I click to Share, and later on go to my Reading List (now pinned to my Start Screen) and go read my long form articles. I haven't checked but I'm presuming this list would be persisted transparently across all my machines.

Sponsor: Big thanks to CodeProject for sponsoring the feed this week! What you can do with 215+ million business records? Dig into the data in the D&B Developer Challenge and post an article on CodeProject about what you could do with the data. Over $40,000 in prizes total are up for grabs. Check it out!