Is there trouble brewing in the land of DevOps?

Does your organization use Agile project management?  Are you deploying new capabilities on very short intervals to your infrastructure?   Does your organization use middle-ware ‘service’ layer to help standardize your software product line? Is your organization such that this middleware is provided by a separate team?

It may behoove you to ensure there is compliance with time-tested documentation and proper change control.  Any middleware subsystems created as components used on new technologies but are not well documented, packaged, or maintained may suffer in the future and negate the benefit of being componentized.  This is “technical debt” that eventually will fall upon your organization.  All systems that use this middleware will be tied to a system that eventually will be unable to be updated unless the talent that created them are keep employed. This technical debt can bring down a company with a ‘market leading product’ quickly when the competition brings a new product to market.  New products can industrialize your organization’s product.  Your organization is quickly put into the position of having a legacy product, and management will need to invest heavily to bring your product up to the level and quickly to the new generation of product.

I follow gardeviance’s blog pretty regularly because he is the only source I have found insightful in IT leadership and how prepared organizations are for future success. This blog is gold for any CIO.

It is worth the investment in time to read. You may want to reserve time to read related content, but once you do he brings a unique perspective on new technologies coming to market, such as Amazon’s dash button.

I’d love to hear your thoughts.

St.Louis Adult Easter Egg Hunt – Fun or Epic Fail?

Summary details they DON’T tell you upfront:

  • 2.7 mile walk – and that is only if you also know
  • The eggs are all at the FAR south end of the loop
  • Unless you are looking for the “golden eggs” with $50 / $100 in them (i heard of only one found on a trash can) walk the path only.  don’t bother with the woods or anything else
  • When you arrive, enter at the NORTH WEST end of the park.  GPS will take you to dead ends and it will take you another 20 minutes to figure out how to get there
  • Eggs have numbers on them.  you get to pick up ten only
  • when you return, you have to fight through lines to see if the numbers are winners
  • winning numbers you get to pick off a table of cleaning products, ketchup, coolie cups, envelops (mine were 15% off massage at xxx)
  • Apparently you can win grills, alcohol etc.  but we saw nothing of the sort
  • The only thing “adult” about it is they have liquor for sale, and you have to walk 3 miles in the dark, 5+ if you don’t know the above things also..

The path is the blue and red lines combined :



For many years, Jefferson Barracks have put on an adult egg hunt.   I have heard of it, but never knew anyone who went.  I decided to give it try this year, and although there are folks who swear it is a great time, I felt it seriously lacking.  It almost seems deliberate they don’t post some of the specifics on how it works.  Basically, you go to the starting area, trade your $8 tickets for new tickets, you are left to a 2.7  miles (Felt like 6 in the dark after going in circles)

After an hour of looking hopelessly, I decided I needed group/hive help.  Out of approximately 100 people I asked, no one knew how to find the eggs.  An hour into it, i finally found someone with eggs and they explained the items listed above.

We arrived late – the address on the website on my GPS took me to a closed road. After finding the place, the big group had left. we received red tickets and was sent off to hunt. We wandered for an hour around looking for eggs, and we and dozens of others never found any eggs. We finally found someone who had eggs, and found out you had to walk about 3-5 miles to It took us another hour to find the eggs, grab a few with numbers, to return to a huge crowd trying to get to a table of winning numbers. never found any golden eggs (with $50/100 in them apparently?) we pushed our ways in to check the eggs, we had a couple. you got to choose your winnings from a table of soaps, ketchup, 15% off coupons for massage, and a bunch of dfdsd from a dollar store. (part 1 of 2)

I am nearly disabled and the walk nearly killed me physically. there was a tent selling alcohol, that was the only thing ADULT about it.


Bottom line: this was a complete waste of an evening. Had there been something upfront on their website about having to walk the entire loop I would have known not to go.  The group that puts this on needs to explicitly state on their webpage this is a 3+ mile walk and be clear about the park entrance and NOT to use Google maps / GPS.


some views of the park, which i would recommend going during the day.  It was a nice walk, i just wasn’t physically ready as I am recovering from injury.

Widespread Y2k16 hits Windows Mobile

image Apparently tons of cell phone carriers are having a problem with SMS messages showing a 2016 date instead of 2010, mine included.  Interesting thing is 10 in HEX is 16 in decimal, so perhaps the date storing formula as a slight bug?  read more here:

TechNet Direct – Get most Microsoft Software for Cheap

image Yes this is legal.  Yes it is a good deal:  for example: get Windows 7 Ultimate, Server 2008 R2, Sql Server, Microsoft Office Ultimate 2007, etc for $349 – 28%  of the cost using this code: TMSAM07   so the total cost is $251.28.  If you already have TechNet Direct, use the code to renew, and pay only $179.28 plus tax. $186.86 for me) 

People: this is good for ~10 copies of Windows 7 Ultimate, plus 10 copies of Office 2007 Ultimate.  all for HALF the cost of one retail copy of Windows 7.


go to  and upgrade all your systems cheap.  Hurry, these codes don’t last long..



Duplicate SID problem? Nope.

For years the mantra has been you have to use sysprep or sidwalker if you make an image of a pc before deploying it to other servers/workstations.  It turns out that is true, but ONLY if it is a domain controller.    Otherwise there is no need, at least according to Mark:

RSAT – Remote Server Admin Tools for Windows 7 Released

Finally RSAT for Windows 7 released !  Don’t forget to go to add/remove programs, select windows components, and install the tools.
Remote Server Administration Tools for Windows 7

Version: 1.0
Date Published: 8/11/2009
Language: English
Download Size: 215.1 MB – 437.2 MB*
amd64fre_GRMRSATX_MSU.msu 222.1 MB

x86fre_GRMRSAT_MSU.msu 215.1 MB

Interplanetary Internet goes Live

imageThe international Space Station is the first hop / node in space to use the new Interplanetary Internet.  This first iteration has certain hours that it can be used, so it still has some growth, but at least it’s the first step in expanding out reach.  It uses Delay-Tolerant-Networking (DTN) to send the data instead of our standard TCP/IP, since it’s likely there data will come in waves and perhaps out of order.    The main difference with DTN is the node will store all information it receives until it finds another node to send the data.   The reason for this is a NAK (not acknowledged) message could delay transmissions for days, so a new method was needed.

Researchers create DVD with 17TB storage

image “Researchers at a University in Melbourne, Australia have come up with a "five dimensional" disc capable of storing 2000 times more data than a conventional DVD.”

Windows 7 – Release Candidate First impressions

imageI was impressed how easily my system upgraded without a hitch.  The only incompatibility was with ATI’s CCC, which it happily disabled.  System response feels much snappier than before, but I am running it on a quad with hyperthreaded 64-bit edition with 6 Gigs of RAM. 

The first large change is the start menu.  Quicklaunch is now gone; however, in a way it was combined with the tasks running.  As before you can create ‘quicklaunch’ icons on your taskbar, but these also double as an indication there is an open window.  It simply has a box around it, up to three.  When you hover over the icon, a small-preview of all windows with that task type are opened.  This includes multiple tabs in an IE session.  There is a way to add quicklaunch back, but it’s a little complicated.  Let me know and I can send you the instructions, but I think you will learn not to need it anymore

I miss Dreamscene; apparently the feedback was it was a feature that took up processing for a low-res moving desktop that was never seen.  Since I run multiple monitors, it was nice to have this moving background.

My system has been rock solid since I installed it, and performance is much improved.  Perhaps Microsoft got it right this time?

Microsoft Releases Windows 7 as RC

imageIf you are a TechNet or MSDN subscriber, you can download Windows 7 RC now.  I have it pulling down at the moment, and I’m looking forward to checking it out.  I’ll provide feedback when I’ve had a chance to use it.  Windows site on Windows 7 here:

Create Your Own Social Network – Ning

I stumbled upon Ning yesterday during my career search. Do you have a passion, profession or a hobby? There is most likely a group that shares your passion on Ning: or you can start your own in minutes without programming knowledge.  Check it out, or read more here:

Gartner predicts steep declines in PC shipments this year

Gartner is estimating a decline of nearly 12% drop in sales in 2009 over last year, due to the economy and other factors.  This is reported to be the biggest dip in sales in history.  This means windows 7 will be released in a recession just like its older brother Windows XP.


IE version 8 Beta 2 thoughts

I’ve been using IE 8 beta 2 since it’s September release.  There are a ton of features that make it a worthy upgrade, but it has it’s share of problems.   One bug that is particularly annoying is certain sites that want to do a pop-up due to a security change cause a flood of new IE windows.  The only resolution I have found is to open task manager, sort by CPU used, and kill the top IE process.  This closes all IE windows, which is a pain but at least the problem is resolved.   I’d wait for the next release if you haven’t already installed it, but if you want to, here is a link to try it.

The IE team posted an update saying a new release candidate is due in the first part of 2009.  I look forward to the release.  read more here:

Sprint Responds to the Depeering issue with Cogent

Original post:

Now what I don’t understand is why Sprint Didn’t notify it’s customers they were doing this?



Dear Valued Customers,

On Thursday, October 30th, Sprint Nextel completed a disconnection of its network from Cogent Communications. This action was taken by Sprint after Cogent breached its contract and failed to pay for its ongoing connection to the Sprint network, despite repeated collections attempts by Sprint.

Until this issue is resolved, Sprint will continue to work tirelessly to the extent within our control to mitigate the effects on customers. As part of an interim solution, Sprint initiated a temporary reconnection to the Cogent network on Sunday, November 2nd so that customers would have temporary access while longer-term alternate and permanent access options are explored.

We emphasize that this reconnection is temporary only, as the core issues in this dispute have not changed. Cogent was notified in advance of the November 2nd reconnection; therefore, any access disruptions occurring during this temporary period are the sole result of a negative reaction instigated by Cogent against the customers of both parties.

Sprint deeply regrets any inconvenience caused by this issue and we do not take our actions lightly given frustrations experienced by customers of both parties.


In 2006, Cogent sought a peering trial agreement in the hopes that it would lead to settlement-free peering status with Sprint. Settlement-free peering is a contractual relationship in which two companies exchange Internet traffic without charging each other. This arrangement is only fair if the two parties exchange roughly equal volumes of traffic across the two networks. Prior to this trial period, Cogent utilized third parties for full Internet connectivity.

Following a three-month commercial trial agreement during June – September 2007, the peering trial data indicated that Cogent did not meet the minimum traffic exchange criteria agreed to by both parties. As a result, settlement-free peering was not established and Cogent was notified in writing of these results. Despite this fact, and after repeated discussions, Cogent failed to disconnect itself from the Sprint network or compensate Sprint for the ongoing connection.

Sprint has repeatedly notified Cogent in writing of payment past due and our intent to take action if the issue was left unresolved. On September 2nd of this year, Sprint filed a lawsuit against Cogent for breach of contract. Sprint also notified Cogent in writing of our intent to begin disconnect procedures if Cogent did not pay for services or voluntarily disconnect and make arrangements with one of many alternate providers. Throughout this period, which includes the initial disconnect activities, Cogent did nothing to mitigate the potential effects of Sprint’s pending disconnect to its customers.

Fact and Fiction

On October 30th, Cogent issued a press release and has made subsequent statements to the media that contain a number of distortions regarding the relationship between Sprint and Cogent. The following is intended to clarify these misstatements:

Cogent press release: “On October 30 at 4:30 pm Sprint-Nextel severed its Internet connection to Cogent thereby partitioning the Internet.”

FACT: The events of October 30th related only to disconnection of the final two interconnects (of 10 original interconnections) between Sprint and Cogent. In addition to notifying Cogent 30 days in advance of our intent to disconnect, Sprint’s first disconnect action took place on October 7th, 2008. Between October 2nd and October 30th, Sprint disconnected one or two ports each week with Cogent’s full awareness. During this period, Cogent failed to take any action in support of its own customers’ ongoing Internet reachability even though such actions were fully under its control.

Cogent press release: “Sprint [severed its Internet connection to Cogent] in violation of a contractual obligation to exchange traffic with Cogent on a settlement free peering basis.”

FACT: At no time did Sprint and Cogent enter into a contract for settlement free peering. In 2006, Sprint and Cogent formed a commercial trial agreement that ended in September 2007. Cogent was unable to satisfy the agreed-upon traffic exchange criteria within the trial agreement, yet refused to pay Sprint or disconnect from Sprint’s network.

Cogent press release: “Sprint and Cogent are engaged in litigation over this matter. Cogent regrets that Sprint chose to take this unilateral action rather than await a determination by the court as to the rights of the parties.”

FACT: Sprint filed a lawsuit on September 2nd in Fairfax County, VA Circuit Court against Cogent for breach of contract due to Cogent’s refusal to pay Sprint for the ongoing connection to our network. Sprint also provided Cogent with 30 days advance written notice in the hope that Cogent would take action to mitigate the impact of this action on our respective customers.

Cogent press release: “Cogent remains ready to reestablish, on the same settlement free basis as previously existed, the connections that Sprint has severed.”

FACT: As noted above, Sprint and Cogent did not enter into a settlement free peering agreement. Instead, the two companies entered into a commercial trial agreement, upon which Cogent did not meet the minimum traffic exchange criteria agreed to by both parties.”

Sprint severs peering with Cogent – Tens of Thousands of Users Affected

Amazing! At 3:00pm Central Sprint broke legal agreement with Cogent and severed their peering. Folks on Sprint network are unable to get to Cogent IPs, and Cogent folks are unable to get to Sprint. Apparently talks broken down, and Spring is playing hard-ball.

You can see the outage clearly here:

Read more here:

Microsoft Releases Out-Of-Band Patch for Critical Flaw in RDP


“Patch Tuesday is the second Tuesday of each month, and that’s when Microsoft typically releases security and other updates for their products. Sometimes an emergency requires an “out-of-band” patch. And today, October 23rd, Microsoft is pushing out a critical Windows security patch.

Not much has been said about the release, however. They are planning to release the Windows patch at 10 AM PDT, with a Webcast to cover specifics of the patch at 1 PM PDT. However, Webcast registration is already full.

Microsoft hasn’t offered many details about the patch, other than to say it is critical and should be applied immediately to Windows 2000, Windows XP, and Windows Server 2003 systems. For Windows Vista and Windows Server 2008, the patch is only deemed (only) “important” rather than critical.

The last time Microsoft released an “out-of-band” patch was April 2007, according to a Microsoft representative.

Update: It’s this one and it looks pretty bad. Remote code execution could allow an attacker to take over your system.

Bulletin Identifier
Microsoft Security Bulletin MS08-067

Bulletin Title

Vulnerability in Server Service Could Allow Remote Code Execution (958644)

Executive Summary

This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.

Maximum Severity Rating


Impact of Vulnerability

Remote Code Execution


Microsoft Baseline Security Analyzer can detect whether your computer system requires this update. The update requires a restart.

Affected Software

Microsoft Windows. For more information, see the Affected Software and Download Locations section.

The Microsoft Security Response Center said the following:

This security update resolves a vulnerability in the Server service that affects all currently supported versions of Windows. Windows XP and older versions are rated as “Critical” while Windows Vista and newer versions are rated as “Important”. Because the vulnerability is potentially wormable on those older versions of Windows, we’re encouraging customers to test and deploy the update as soon as possible. To help you better understand the details around the vulnerability, my colleagues over at the Security Vulnerability Research & Defense blog have provided some more information here. Also, Michael Howard has provided some background on the vulnerability from the Security Development Lifecycle perspective here.

In addition, to releasing a security update to address the vulnerability, we’ve also taken steps to help enable broader protections for customers. Specifically, our colleagues in the Microsoft Malware Protection Center have released updated signatures that can enable Microsoft Forefront and Microsoft OneCare to protect against current attempts to exploit the vulnerability (Exploit:Win32/MS08067.gen!A). You can read about what they’re doing to help protect here. We have also provided information to our security partners in our Microsoft Active Protections Program and our Microsoft Security Response Alliance Program. We encourage all customers to update the signatures for their security protection products to help provide protections while they’re testing and deploying these updates.

We discovered this vulnerability as part of our research into a limited series of targeted malware attacks against Windows XP systems that we discovered about two weeks ago through our ongoing monitoring. As we investigated these attacks we found they were utilizing a new vulnerability and initiated our Software Security Incident Response Process (SSIRP). As we analyzed the vulnerability in our SSRP process, we found that this vulnerability was potentially wormable on Windows XP and older systems. Our analysis also showed that it would be possible to address this vulnerability in a way that would enable us to develop an update of appropriate quality for broad distribution quickly. Based on those two factors, we felt that it was in the best interest of customers for us to release this update before the regular November release cycle.”

DNS exploit – does your PC no longer connect to the Internet?

image If you have zonealarm installed, you should get the patch, or if you have no connectivity on another PC, uninstall the product.  The problem manifests itself as the ability to ping servers (I have always used, but IE or Firefox will not be able to connect to any website.  You should enable windows’ firewall at least if you choose to uninstall zonealarm, or get something to protect you in the interim, as it can take as little as four minutes to compromise an UNPATCHED windows box with no NAT or firewall.

Technorati tags: , , ,

Internet Design Flaw in DNS puts most systems at risk

image“Dan Kaminsky from IOActive Inc. discovered the flaw,  said he hopes the patches will be broad enough that hackers won’t be able to reverse-engineer them.”

What is even more interesting is the collaborative effort that was put into getting patches released for all platforms at the same time.  I don’t recall a collaborative effort going so far for anything on the Internet. Check out this link, and note on the sidebar is a way to check if your DNS cache is vulnerable to poisoning.

Technorati tags: , ,

Follow-up: AVG next release disables web-flooding

The initial release of AVG had a feature that would pre-scan websites you search. AVG finally agreed to disable the ‘feature’ which significantly image increased Internet traffic.  In a post from their team, “The latest update for AVG free edition has addressed and rectified the issue.” was one of the hardest hit, and their independent testing shows the latest release fixed the problem.  I for one am still unimpressed with the added bloat-ware AVG 8 is now.  I would recommend looking at Avast instead.

Technorati tags: ,