NullifyNetwork

Microsoft UK have a blog about MS tech in UK schools (which is indirectly related to my current job as we do a lot of work for the education sector).

Some of their examples are actually heavily related to what I actually implement (although the products I've built for my employer are here right now rather than theorhetical!!) - particularly the cashless and registration systems one presentation shows off.

Permalink 

http://www.microsoft.com/downloads/details.aspx?FamilyId=A13CAE3D-8EC1-4D84-8620-D82E832391D7&displaylang=en

Microsoft have just released beta 1 of Orcas, let the testing begin!

Permalink 

(Warning: Boring legal bit of news!)

A limited precedent has been set by the European court of human rights which just found in favour of the complainant in a case against the UK government regarding the unlawful monitoring of private communications at work.  (Covered by numerous news outlets)

Effectively this overrides UK law and any contracts implicitly in respect to human rights cases - statute law automatically trumps contract law; and means that employers and the government will have to respect article 8 of the human rights act.

What does that mean?  The specifics are available on the this UK government site http://www.opsi.gov.uk/acts/acts1998/80042--d.htm - just scroll down to article 8.

It will be interesting to see if this precendent is able to be called upon in UK courts themselves, where there is a law that permits employers to monitor employees communications for the purposes of detecting things like viruses and seeing how employees interact with customers however that law itself could breach the data protection act in several situations.

With such a contradictory situation a precedent is actually needed to decide how to interpret the 'grey area' - and this could well be the one used in that situation.

Permalink 

using System.Collections.Generic;
using System.Text;
using System.ServiceModel;
using System.ServiceModel.Description;
using System.Runtime.Serialization;
using System.ServiceModel.Channels;

A self hosting service example mostly so I don't forget how.  Remember to add references to System.ServiceModel and System.Runtime.Serialisation!

Permalink  3 Comments 

If you are getting the following error on its own in a message box:

Exception from HRESULT: 0x80041001

Whilst trying to update your WCF service reference then it can't access either the .map file or the C# source file.  I happened to have them open in visual studio whilst trying to update the reference!!

Oddly if you open them after running the program then it doesn't moan...  For some reason I think it may be to do with clickonce locking the files.

Permalink 

I very rarely write about anything to do with work, usually I intentionally avoid topics that would relate to it but I feel that it is my moral duty to provide information should people look for it.  I’d also like to defend the system I wrote which doesn’t seem to be happening in the media.

 

Firstly I feel people should know a little about the background before they read the actual article:

 

1) I disagree with ID cards and biometrics as a requirement for things, there should be no reason you need to constantly prove who you are and you should always have a choice to avoid needing to prove your identity.  Maybe you will loose some benefits that you would have gained, but there should never be an infringement of your rights or make something more difficult than it is now.

 

2) I’m the programmer of a cashless catering system that allows fingerprinting students and using their finger instead of carrying the equivalent of a debit card.  I’m responsible from a technical standpoint for how it works technically underneath (although we do buy in the algorithm to analyse the image of a fingerprint that comes from the reader and work out what bits we’re interested in).  Yes, I write one of those systems that is being both criticised and is massively in demand right now for various reasons.

 

Okay now that’s out of the way I see a lot of publicity about the fingerprint systems in use today and I will leave the other companies and people involved to defend their own systems, but more than likely they are using a similar technique to what I have used simply because it’s easier.

 

I’ll start by explaining why I believe the system I wrote isn’t a threat to privacy, then I’ll add what we’re going to provide shortly to ENSURE it isn’t a threat to privacy where the customer (the student usually) wants and we’ll cover why I think our system benefits from having support for fingerprints.

 

How the System Works, and How it Protects the Fingerprint

 

The system I developed does not store a fingerprint.  We really don’t want to store one - we don’t want to have to comply with police requests for a forensically valid database of fingerprints.  It shouldn’t be our responsibility and the student didn’t give us their fingerprint for that reason.  What is needed for criminal forensics is a picture of the fingerprint otherwise there’s doubt, and our system deliberately introduces doubt in favour of:

-         Speed

-         Lower storage requirements

-         Lower memory requirements

-         Accuracy of detecting the closest fingerprint (note: not the exact person, but just the most similar)

-         A degree of privacy.

 

To achieve this we store relative points on the fingerprint and discard data that applies specifically to the persons fingerprint.  Techie bit: We also cryptographically hash the details where possible so there’s no way to get back to the original ones to allow generating a fingerprint that would pass as the original from the data, but you can read up on irreversible encryption at wikipedia or somewhere else.  Basically if you don’t have the data the hash is made from it makes the data useless (that being the person’s real fingerprint).

 

So what we have is a map that says something like this: “left one unit and up one unit there’s an interesting point that goes up, right two of those distances there’s an interesting point that goes down” – that’s two points but you get the picture.  It’s like street directions only we add in that the directions are actually stored in a one way method.  The unit of distance is actually not specified in any way other than the relative distance either, so what you end up with is a set of street directions that is like “Turn left, then turn right then right again.  Turn right, turn left, turn right.”  Could you work out what city those directions are for?  I hope not.  But if you were given a bunch of maps and tried them all, it would only be possible on a few.

 

So it is my belief that our system stores sufficiently little of the fingerprints they can’t be used anywhere else.  In reality it causes us business problems as schools would like to have a single fingerprinting session for all their students but that’s a trade-off we willingly make.

 

I won’t go into the protection we apply to the database, if someone wants that just e-mail me and I’ll cover it.  Needless to say if you turned up on site you shouldn’t be able to just stick a USB key in and copy it without physically getting to the server and entering valid usernames and passwords.  Which in most circumstances we as a company don’t have and only the school have.

 

And finally, the last step is that (as far as I’m aware) we require both the students and parental permission prior to fingerprinting.  In many cases our projects department has helped draft the consent letters the schools send out, and we will provide assistance should anyone not wish to be fingerprinted – or indeed change their mind and want their fingerprints removed from the system!!

 

Measures Being Taken and Who Benefits

 

To buy a meal you would either pay cash (we provide full support for cash by an account, or cash from anyone without an account in our system) or swipe a card/place your finger on the reader and the till operator sees your picture on screen and selects the food you have on your tray.   They then press confirm sale and you walk off having paid for the meal.  If the person is on free school meals (low income family) then there’s nothing said, the money is just there as if it were loaded on by the student earlier in the day.

 

Kids love it!  Bullying gets reduced a little!  Till staff love it as it’s quick and easy!  Catering companies love seeing how much of something they are selling easily, how much it changed during the year (who would guess that sandwiches get more popular in the summer?).  The schools love the fact they don’t handle as much cash – it all goes through an ATM like machine that eats the money and counts it up for them, or an online service that the parent uses.  Parents love it as they can ask for what their son/daughter has been eating and see their balance online!

 

Privacy advocates hate it!  Kids that steal dinner money really do hate it (they pass a card over to the till operator and a different picture appears and it’s known they stole the card), and anyone that was stealing from the tills must hate it.

 

Occasionally the two ends up as the same thing, so in this case we can offer a few options:

-         The tills accept cards (proximity and magnetic stripe) as well as biometrics, so we can give the students cards if that satisfies their discomfort with using their fingerprint.

-         The person can always opt out of the entire system and pay cash, as long as they aren’t free school meal.  If they are free school meal they need to pay cash and use a voucher (we support the idea of a voucher sale in our software).

But we just had a request from a parent to not store data about a student.  And the school don’t want them to just use cash; they want the system to still behave as it does now.  But the government need us to be able to back up our financial transactions!!

 

Talk about contradictory requirements.  How do we do this?  I’ve not finished the work to do it yet, but I fully intend to find a solution that makes the transaction of the individual totally anonymous:

-         We will not store who the sale was made to.

-         Or by, because we don’t want the human operator being asked.

-         Or on what till.

-         We still need to store their name and balance, and financial transactions.  So we’ll flatten the financial transactions and have just one transaction for how much they loaded and one for how much they bought.

-         If the person is free school meals they will need to use a voucher and say they are free school meals at the till.  We can give them some paper vouchers they can give to the till operator then.  If the person that is marked uses a voucher, we’ll make two separate entries, one for the voucher purchase and one for the items they were sold.  We won’t store the time on the voucher purchase.

 

If anyone can think of anything else I need to do, please e-mail me.  Also if you have any questions about biometrics or indeed anything to do with the system I write (or want contact details of our sales people to buy it!!) please feel free to e-mail me.  My contact details are on the right.

 

I would rather not have my name posted on sites like http://www.leavethemkidsalone.com/ and my employer already is, so please respect my privacy as much as I do others.

 

This article is being posted publicly though so anyone can feel free to link to this.  If you have any criticism, please feel free to comment (sign up with fake details if you wish) or e-mail me!

Permalink 

Jen Frickell needs to restore her site, it was about a year ago I last visited and it was down then too.

Why I keep remembering to check her site though for no apparent reason is extremely odd...  Maybe it was that her site used to brighten my day when I did network admin?

Permalink 

It's all in here:

http://www.microsoft.com/technet/community/columns/cableguy/cg0902.mspx

Though there seems to be no way to make it auto-generate routes and issue them to interfaces, so if you're on DHCP you are relatively stuffed :(

Edit: Nothing a simple app to generate the appropriate netsh commands can't solve.

netsh interface ipv6 set interface "Internet" forwarding=enabled advertise=disabled
netsh interface ipv6 set interface "LAN" forwarding=enabled advertise=enabled
netsh interface ipv6 6to4 set state enabled
netsh interface ipv6 set interface "6to4 Tunneling Pseudo-Interface" forwarding=enabled
REM WWXX:YYZZ = decimal to hex conversion of WWW.XXX.YYY.ZZZ with two hex digits per byte
netsh interface ipv6 add route 2002:WWXX:YYZZ:1::/64 "LAN" publish=yes

Permalink 

Getting a long PageRequestManagerParserErrorException error with some HTML in it when using ASP.NET Ajax with something like a Gridview?  Does the error only happen once in a while, usually the first time you do something specific after a long delay?

Know you're not actually using Response.Write and only using MS controls?

Well, maybe asp.net is trying to do a postback for you to create a cookie when you are using the session variable.

Solution: A dirty solution was calling Session["IWantASessionCookie"] = true; on a page load, after this the problem went away as ASP.NET didn't need to create the local cookie when doing things in the UpdatePanel as it had already done it.

Anybody have a neater solution to extend ASP.NET Ajax to create the cookie automatically using client side Javascript instead of ASP.NET trying to do it normally?

Permalink 

Just a handy little method I chucked together that might be useful when prototyping stuff in command line applications:

/// <summary>
/// Draw a progress bar at the current cursor position.
/// Be careful not to Console.WriteLine or anything whilst using this to show progress!
/// </summary>
/// <param name="progress">The position of the bar</param>
/// <param name="total">The amount it counts</param>

private static void drawTextProgressBar(int progress, int total)
{
 //draw empty progress bar
 Console.CursorLeft = 0;
 Console.Write("["); //start
 Console.CursorLeft = 32;
 Console.Write("]"); //end
 Console.CursorLeft = 1;
 float onechunk = 30.0f / total;
 
 //draw filled part
 int position = 1;
 for (int i = 0; i < onechunk * progress; i++)
 {
  Console.BackgroundColor = ConsoleColor.Gray;
  Console.CursorLeft = position++;
  Console.Write(" ");
 }

 //draw unfilled part
 for (int i = position; i <= 31; i++)
 {
  Console.BackgroundColor = ConsoleColor.Black;
  Console.CursorLeft = position++;
  Console.Write(" ");
 }

 //draw totals
 Console.CursorLeft = 35;
 Console.BackgroundColor = ConsoleColor.Black;
 Console.Write(progress.ToString() + " of " + total.ToString()+"    "); //blanks at the end remove any excess
}

Permalink  2 Comments 

This is just a quick example so I don't forget how to search generic lists easily and have to hunt for it again, but I've fleshed it out so it will hopefully be of help to someone else!

//Set up our example generic List
List<string> myItems = new List<string>();
myItems.Add("This isn't going to be found");
myItems.Add("Nor this");
myItems.Add("But it will find this example for nullify!");
myItems.Add("And it will find this nullify example too!");
//This is our search term, it is a local variable
string localVariable = "nullify";

//Do the search using a Predicate<> delegate here.
//
//This can point to a method that takes a parameter of the type, but
//doing that will result in not being able to pass parameters to the
//method (its parameters are predefined as the type, with a boolean
//return as far as I can see). We get around this by using an
//anonymous delegate, so it is inline and can access local variables

string[] matches = myItems.FindAll(delegate(string searchItem) {
    //this is an anonymous delegate, that
    return searchItem.IndexOf(localVariable)>-1;
}).ToArray();

 

Updated 7/2/2010: You could also use a Lambda expression to do this with a few less characters:-

string[] matches = myItems.FindAll(searchItem => {
    //this is an anonymous delegate, that 
    return searchItem.IndexOf(localVariable)>-1; 
}).ToArray();

Permalink 

I have played around with plasma pong a few times in the past, and am always impressed by how spectacular the fluid dynamics are... It's a great game! Check it out: www.plasmapong.com.

Permalink 

I have had a typematrix 2030 for some time, and found that it reduces the pain in my hands when typing - but that it is missing the key that is a backslash/pipe when used with a UK layout... And if you don't use a UK layout you loose several other keys.

So I eventually put the effort in and made a new keyboard layout for it!  This is mostly just so I don't lose it :)

TypeMatrix 2030 UK keyboard layout with the back-slash, pipe and tilde keys reinstated to their US keys.

Permalink 

Well, in addition to the high profile slew of products Microsoft also released Windows Powershell for XP and Windows 2003!

I've been looking forward to an improved shell for Windows for some time as I like using Bash on Linux (and refuse to run it on Windows using Cygwin for anything more than just testing).

Permalink 

Well, it is out, although at 50MB clients will be even less inclined to install it. I'll hold judgement on how awesome it is till I've played with it....

http://www.netfx3.com/blogs/news_and_announcements/archive/2006/11/06/.NET-Framework-3.0-has-been-released_2100_.aspx

Once installed you can now happily* watch a true 3d accelerated cube spin in your browser...!

I am actually really looking forward to the Windows Communication Framework - ever since I first saw C# and .NET (well they were showing Longhorn really) demonstrated by Chris Anderson and Don Box.

Permalink 

To fix the error:

Unable to obtain a server-assigned IP address. Try again later or enter an IP address in Network settings.

Fire up your registry editor then head to:

[HKEY_LOCAL_MACHINE\Comm\RNDISFN1\Parms\TcpIp]

Set AutoCfg to 1

Set EnableDHCP to 0

Soft reset the device and there should be no further errors!

Permalink