It was revealed today that early next year Congress will be considering revising wiretap laws to account for the rapid changes in communication technology http://www.msnbc.msn.com/id/39376949 .  As a law abiding citizen I’m glad the U.S. Government takes terrorism and crime seriously – misguided but seriously.  There is no doubt that society has an unalienable duty to do what’s necessary to protect us from terrorists and criminal elements; a duty that should be exercised within the bounds of commonsense and dignity.

However, let’s set aside the social impacts these proposed laws have and look at their technological aspects.  To begin, anyone with a little time and research will be able to circumvent these expanded laws using off-the-shelve encryption software by encrypting messages before they are sent down communication mechanisms such as email, Facebook or Twitter.  To reinforce this flaw in the law’s methodology its probably safe to assume that the U.S. Government’s need  to enlist the help of communication providers to decipher encrypted transmissions can lead one to believe that commercial grade cipher technology’s strength, namely asymmetric cryptography, must be to a point where cracking it is still not practical on a large scale.

While these new laws will seemingly target communication mechanisms we are left to ponder what these impacts will have on other services.  As a Cloud Service Provider our technology and security procedures have evolved to a point where permitting such clandestine easedrpping within our infrastructure would in itself defeat the purpose of maintaining encryption systems and processes built to protect data from such activity.  While we do not publicly disclose our operating procedures it is a standing policy within our own walls that data at rest and in transit within our infrastructure be encrypted and only deciphered by key employees and control systems that have a vested interest in protecting our clients from such activity.

As technologist I expect those in Congress with their expanded lexicons and mastery in the art of political theater not to understand the concept of conducting a Cost Benefit Analysis of the impacts these laws will have on business.  If they did I wouldn’t be arguing against it.

One of the biggest hurtles we encounter day in and out is explaining exactly what our technology does and the critical business computing problems it solves. You’d think this would be a natural process for us but it is not. This seemingly trivial exercise exists due, in most part, to the way people currently interact with their PC on a standalone computer or laptop. By no means is this surprising considering these computing methodologies have not changed much for the past thirty years.

Another prevalent issue we encounter is our industry’s confusingly similar acronyms and their interchangeable definitions and meanings. For example, while technically different, PaaS (Platform-as-a-Service) and SaaS (Software-as-a-Service) share the same characteristics but represent fundamentally different layers of services provided by a Cloud Service Provider such as us. The meanings of these terms go well beyond the scope of this post but I will attempt to address these next week.

In order to provide clarity for our clients and prospects I’ve put together what I like to term "Cloud-based Elevator Pitches". The following terms are areas of expertise we specialize in with a brief description of its meaning and role within our Cloud-based Solutions.

Cloud-based Desktops, Cloud-based Virtual Desktops and Hosted Virtual Desktops

The best way to describe what these terms mean is by explaining a user’s computing experience to that of "GoToMyPC" but the PC or Virtual Desktop, as we call it in the industry, is located in a secure datacenter instead of your home or office. For example, right now I’m currently finishing-up this blog entry written in Microsoft Word which is installed and running on "Windows 7 in the Cloud" from my in-law’s home computer which is running Windows Vista. Earlier in the day I was at home logged into my "Cloud-based Virtual Desktop" from a laptop running Windows XP. I’m able to access my Virtual Desktop anywhere I have an internet connection by utilizing a Remote Desktop Client which is program installed on each of these machines. By virtue of this software the keyboard, mouse, drives, USB ports and monitors connected to the device you are using to access your Virtual Desktop are automagically (yes, automagically, will be a word someday) redirected over the internet to the Virtual Desktop running in our datacenter.

There are numerous advantages to interacting with your Windows Operating System and productivity programs such as Microsoft Outlook, Word and Excel in this manner. To begin, system accessibility and security are vastly improved because the Virtual Desktop and its data is stored in a secured facility that is protected and monitored 24/7/365. Furthermore, whenever there is a problem we are able to address it much faster and more effectively behind the scene from our datacenter then in your home or when you are on the road.

Cloud-based Servers, Cloud-based Virtual Servers or Hosted Virtual Servers

For all intents and purposes Cloud-based Virtual Servers and Desktops are practically identical from a management and accessibility standpoint but serve fundamentally different roles within our clients’ Cloud-based Infrastructure. For instance, many of our clients utilize varying numbers of different Virtual Desktops and Servers on our network which all run within Virtual Local Area Networks in our Cloud. These Virtual Local Area Networks (VLANS) segregate our clients’ virtual assets from one another while providing connectivity between the Virtual Servers, Desktops and networks that bind them together.

While the Virtual Desktops provide our clients access to their sensitive work related data found in productivity software the Virtual Servers run server-side software and databases support other line-of-business applications such as Microsoft SQL Server, Dynamics, and Exchange to name a few.

Cloud-based or Cloud Computing

Whenever we use the term "Cloud" or "Cloud-based" we are talking about the hardware and supporting technology that underpin the Virtual Servers, Desktop and Network services we provide. This underpinning provides a layer of abstraction between a virtual computer’s operating system and its physical architecture (e.g., servers, storage, networks). Cloud services have five essential characteristics: on-demand self-service, broad network access via the Internet, resource pooling, rapid elasticity, and measured service.

Since my last post I had been working on a real annoying problem with a SQL Full-Text Search implementation I manage.   As anyone who has worked with MSSFTE knows the query results returned do not offer a mechanism to highlight what search tokens were hit within the search results.  I totally understand why this isn’t a feature in SQL from Micorosft’s standpoint but it’s still annoying nonetheless.

To address this issue I had conducted a fair amount of research and enlisted some insight from Jonathan Kehayias in this MSDN thread.  He and I both thought refactoring the http://www.codeproject.com/KB/aspnet/DotLuceneSearch.aspx project might be a avenue worth investigating. Needless to say, this did not turn out to be very practical so I ended up building a new highlighter from scratch.

Utilizing this highlighter is very straight forward as demonstrated below.  You simply need to provide it a optional list of stop words, your query and the content returnedby SQL Server and it will do the rest. The remaining properties should be self explanatory.

Search Result Highlighter for SQL Full-Text Search Results.zip (85.92 kb) 

Dim summaryGenerator As New QuerySummary()

summaryGenerator.StopWords =New String() {"the", "a","and"}

summaryGenerator.OpenHighlightMark= "<B>"

summaryGenerator.CloseHighlightMark= "</B>"

summaryGenerator.SummaryLength= 350

summaryGenerator.RemoveHTMLBeforeProcessing= False

Console.WriteLine(summaryGenerator.GenerateSummary(searchText, _

My.Resources.TestInputData.ResourceManager.GetString("TestInputData")))

This is the first version so there might be some terms returned that don’t look too pretty.  I’ll keep updating my blog with new versions as I refine the process.

As with all the code I provide you will need to add your own exception handling routines.  Also, this version wasn’t specifically designed to work with HTML content returned by SQL Server.  You will need to update the HTML removal method with a DOM implementation if you wish to highlight HTML content.

It was brought to my attention this morning (New Years Day) that some of our clients' Commerce Server 2002 deployments were spewing out cookies that were set to expire 1/1/2010.  Apparently, Microsoft hardcoded this date in their code (Commerce.dll to be specific).  Waiting on Microsoft to fix this problem on a holiday and go through their QA processes isn’t something we can wait for.

I was able to fix this problem for all our deployments after some DLL disassemblies, a little research and a HEX editor.  Unfortunately, I can’t legally just give you the DLL but I can tell you how to fix.  The steps below should get you back-up and running again.

Step One: Locate the Commerce.dll.  It can usually be found in C:\Program Files\Microsoft Commerce Server 2002\

Step Two: Make a backup of the DLL “Commerce.dll.old” should work just fine.

Step Three: Download and install Free Hex Editor Neo from HHD.  It can be found at http://www.hhdsoftware.com/Products/home/hex-editor-free.html .  It’s a safe program I’ve used it quite often in the past.

Step Four: Open the Commerce.dll.old file and run a find and replace for the following HEX Word 07da with the HEX Word 07e4.  This process changes the hardcoded year 2010 to 2020.  Hopefully you’ll be using another version by then.  There is more then one occurance of this hardcoded value so makesure you replace all instances. 

Step Five: Shutdown IIS and save the file off to the location you found it.

Step Six: Start IIS and Test.

We hope this helps everyone!