Philip Lippard

Please say it ain't so

The Windows 8 Start Menu

Windows8I have installed pre-release Windows 8 on a couple of occasions and it would appear that I am not the only one who does NOT like the new user interface (UI).

Here is a comment from PC World….and also here is an observation from a gentleman on the similar Windows Server 2012 UI:

......".....To open the Start screen, click the Windows icon in the middle of the Charms bar. This will open a screen like the one shown in Figure B. This is the new Start screen, which replaces the eminently usable Start menu from older versions of Windows. Now, rather than a single click on an obvious screen location to open it, it requires multiple mouse movements into what seem to be random portions of the screen before that single click opens a Start screen for administrators to use.

It will be interesting to see just how Windows 8 is received in the marketplace…

MacBookPro–Using Boot Camp & Windows 7

apple-boot-campI have a 13” MacBookPro laptop which I use for native iPhone/iPad iOS software development.    Unfortunately, that is about all I use the MacBookPro for.   Since my requirements for iOS development come and go, the MacBookPro stays turned off much of the time.  Almost 100% of my time is spent developing web sites using ASP.NET MVC4, jQuery, jQuery UI, jQuery Mobile, HTML5, etc…and in fact more and more of my clients prefer a web based mobile interface using offerings like jQuery Mobile.

So I decided to put the MacBookPro to better use.  I actually own some Mac based virtualization software, however I was not pleased with its poor performance, so I decided to try out Boot Camp, which simply enables a dual boot of the Intel based MacBookPro processor.  It sounded like a great idea, however it does have a few limitations.

I recently upgraded the MacBookPro to Mountain Lion and Boot Camp comes installed in the Utilities directory.   The biggest Boot Camp limitation is the partition sizes; you have the choice of using 50% of the hard disk or 20gb of the hard disk, a strange combination to choose from.  I could not give up 50% of the entire hard disk, so I opted for the 20gb.

After installing Windows 7 with Boot Camp’s assistance and taking the time to install approximately 150 windows updates I found out pretty quickly that I only had about 1.5gb of free space out of the original 20gb.  I found a trick on the Internet on how to disable hibernation, however this still did not yield enough space.

There are a number of third party utilities that will decrease the Mac partition so you can then use Windows disk management to increase the Windows NTFS partition, however it was not that important enough to me to staret this effort.   What I ultimately ended up doing was to use the Windows COMPACT command to compress the entire Windows partition.   This yielded enough space for me to get by.   After all, I will probably only use this Windows partition when I am at some future meeting and I need to boot into Windows for whatever reason.

My Mac mouse still does not work with Windows, however from poking around on the Internet it appears that when I find time, I will be able to get this to work.  That is it…..dual booting with Boot Camp does work, but I would not try using it as a development Windows machine.

The NEST Thermostat

NEST1I recently purchased one of the NEST thermostats and was delighted with its functionality.  The NEST communicates with one’s WIFI router for purposes of enabling remote access via the NEST web site from a PC or Mac desktop browser or from an iPhone or Android native application. 

Just another reason why it is difficult to make the move towards Windows Phone….it is simply not as widely accepted.   If a product provider has nothing but time on their hands then they may elect to invest in Windows Phone development.

I have been waiting on a device like this for away.  What made this thermostat the tie-breaker is the no-monthly fee for remote access.NEST2

An absolutely great product.

My Favorite Dozen jQuery Plug-Ins

When we least expect it, an open source component like jQuery revolutionizes client-side software development, which is exactly what has happened since the initial jQuery release in Jan-2006.  I have worked with jQuery since 2008 and over the past two years I have also converted my Socrates content management framework from a ASP.NET web forms model to a ASP.NET MVC model; MVC being an excellent complement to jQuery.  The use of jQuery and jQuery UI have now become all too important.

jQuery includes a robust jQuery plug-in architecture.  3rd party jQuery plugins seem to be endless in numbers, equivalent to trying to select a suitable iPhone App from the iTunes App Store.   My favorite jQuery plug-ins include the following dozen (not necessarily in order of importance):

  1. jQuery-AD-Gallery – Photo gallery management.
  2. jQuery-Booklet – A wonderful magazine or document page flipper.
  3. jQuery-ContextMenu – And you thought right click context menus were not available.  I use it on my TreeView.
  4. jQuery-Download – Easily download files.
  5. jQuery-FancyBox – A LightBox type of plugin, however much nicer than LightBox.
  6. jQuery-TableDnD – Drag and drop rows from within a HTML table.
  7. jQuery-tmpl – Of course this is everyone’s favorite for populating content in tabular form, or in any templated form for that matter.
  8. jQuery-URL-Parser – Great when in need for a URL object.
  9. jQuery-validate – no doubt the leader in form field validation.
  10. jQuery-MeioMask – Useful form input field masking plugin.
  11. jQuery-MaskMoney – Another useful form input field for masking of currency values.
  12. jQuery-TinyMCE – The leader in client-side HTML editors.  Actually comes in non-jQuery and jQuery plugin versions.
  13. jQuery-QTip – Great for jazzing up those tooltips.
  14. jQuery-PLUPLOAD – Developed by the same people who bring us TinyMCE, PLUPLOAD is simply incredible for uploading files in a Silverlight, Flash or HTML5 environment.   Also comes in both jQuery and non-jQuery flavors.

Yes, I can count.  I promised my favorite dozen jQuery plug-ins, however I simply could not leave out two others, so I end up with a favorites list of fourteen.

One USB3 External False Start

One USB3 external hard drive candidate that was especially disappointing was the Sans-Digital TowerRAID TR4UT-BP.   I used Sans-Digital quite successfully for USB2/RAID Thinkpad backups, however I simply could NOT get their USB3 based product to work, and the problem was clearly not with the Thinkpad W520.  There appear to be problems with a number of emerging USB3 products, however the Thermaltake product, mentioned in the earlier post, I have had good success with.   To make matters worse with the Sans-Digital product; I was promised a refund, however I finally had to have the bank issue me a credit for the Sans-Digital charge.   Due to this experience, this is probably the last time I will purchase a Sans-Digital product.

USB3 External Storage for new Thinkpad W520

For external USB 3 storage I found that many of the emerging USB 3 products are not yet ready for prime time; in other words they are simply not working.  I initially wanted an external RAID unit, however none of the RAID units I evaluated worked adequately.  I settled on the Thermaltake Max 5G Active cooling enclosure without RAID capability and then purchased a server grade 2TB drive from Western Digital.

New Thinkpad W520 Performance Trivia

The new Thinkpad W520 came with a 150GB solid state hard drive.   I use the SSD for the HOST OS; Windows 7 64 bit Professional.   I ran a few disk performance runs against the SSD, as well as my secondary Seagate 500GB hybrid drive; where all of my virtual machine reside.   I am using the Crystal Disk performance tool.  here are some results.


Here are the results for the primary hard drive; the 150GB solid state drive.


Here are the results for the secondary internal hard drive; the Seagate 500GB hybrid drive, which I also used over the past year in my older Thinkpad T41p.

New Thinkpad W520

My new Thinkpad W520 has been a great investment for multiple virtual machine software development purposes.  Configured with an INTEL CORE I7-2920XM processor, solid state primary drive and 16GB of memory the multiple virtual machines run about twice as fast as my older Thinkpad T41p.

I still use my Seagate 500GB hybrid drive as my secondary drive, where I have all of my virtual machines located; the primary hard drive being used for the HOST OS only.

vmwareI am still using VMWare for virtualization, as was the case for the older Thinkpad T41p.  No need to consider a move away from VMWare Workstation 7.  I have been quite pleased with VMWare, after switching from the Microsoft Virtual PC product in 2009.   I also use VMWare ESXi Server for the hosting environment offered to my clients.

The primary reasons I purchased the W520 include the faster processor, as well as the solid state primary drive and of course the availability of USB3.  The faster processor plus USB 3 has reduced my full backup time from nine (9) to two (2) hours.

Twitter Authentication, OAuth and Discontinued Support for Basic Authentication

I was recently excited when I learned that the ELMAHopen source component (which I use as one of many components to monitor web site behavior) had the ability to send alerts to a twitter account.  I was then disappointed to learn that it no longer worked, because ELMAH was using Basic Authentication with the Twitter account’s user ID and password; and Twitter had disabled Basic Authenticationsince around 1-Sep-2010.  Twitter has opted to implement the more secure OAuth authentication scheme.   OAuthis a new open standard for providing delegated secure access to private resources, better defined as follows:

“…OAuth allows you to share your private resources (photos, videos, contact list, bank accounts) stored on one site with another site without having to hand out your username and password. There are many reasons why one should not share their private credentials. Giving your email account password to a social network  site so they can look up your friends is the same thing as going to dinner and giving your ATM card and PIN code to the waiter when it’s time to pay. Any restaurant asking for your PIN code will go out of business, but when it comes to the web, users put themselves at risk sharing the same private information. OAuth to the rescue.


After reading several articles on the web regarding OAuth, I learned quickly that replacing Basic Authentication with OAuth would be more involved than changing a few lines of code.  In fact, it would probably be necessary to find a suitable open source OAuth library to do the heavy lifting.  I found a couple of solutions from Shannon Whitley and also one called

In so much as I was only looking to re-enable ELMAH Twitter support, I simply wanted to authenticate myself with Twitter and send an occasional direct user message. provides support for the Consumer (client) requiring authentication as well as the Service Provider for web sites needing to implement secure delegation of credentials.  On the other hand the Shannon Whitney open source solution primarily addressed the needs of the Consumer (client).

After much downloading, assembling and debugging I settled on the Shannon Whitney open source solution, however parts of it were out of date and/or not working; such as the Twitter URLs being used.   I have enhanced and extended the Shannon Whitney solution to more than adequately meet my requirement of authenticating myself with Twitter.

To get startedone needs to register their applicationwith a Twitter user account from which one expects to authenticate on behalf of.   The output of this application registration will be a Consumer Key string value and a Consumer Secret value.   Using my enhanced and extended OAuth library the Consumer Key and Consumer Secret are used as the minimum requirements to obtain an Access Token Set; consisting of an Access Token string value and an Access Token Secret.  This Access Token Set are the base credentials to be used by one’s third party application to authenticate with Twitter.  This Access Token Set should be securely stored as is the case with any set of credentials.  The owning and delegator Twitter user can change his/her password at any time without compromising the ability of the third party application to authenticate.  The owning and delegator Twitter user can also revoke the privileges of the third party application without compromising his/her Twitter account for continued use.

What is needed for demo purposes is a program to request the Access Token Set and store it for future use and then another program to demonstrate how the Access Token Set can be used repeatedly for authentication.

At the end of this article is a download link to download a project which contains all sample programs and supporting libraries.  The sample web transaction below from this project shows the process of taking a Consumer Key and Consumer Secret, using the enhanced OAuth library and obtaining the Access Token Set (Access Token and Access Token Secret).

   1:  using System;
   2:  using System.Data;
   3:  using System.Configuration;
   4:  using System.Collections;
   5:  using System.Web;
   6:  using System.Web.Security;
   7:  using System.Web.UI;
   8:  using System.Web.UI.WebControls;
   9:  using System.Web.UI.WebControls.WebParts;
  10:  using System.Web.UI.HtmlControls;
  11:  using System.IO;
  12:  using System.Text;
  14:  namespace oAuthExample
  15:  {
  16:      public partial class _Default : System.Web.UI.Page
  17:      {
  18:          protected void Page_Load(object sender, EventArgs e)
  19:          {
  20:              string url = string.Empty;
  21:              string xml = string.Empty;
  22:              oAuthTwitter oAuth = new oAuthTwitter();
  24:              if (Request["oauth_token"] == null)
  25:              {
  26:                  //Redirect the user to Twitter for authorization.
  27:                  //Using oauth_callback for local testing.
  28:                  oAuth.CallBackUrl = this.Request.Url.AbsoluteUri;
  29:                  Response.Redirect(oAuth.AuthorizationLinkGet());
  30:              }
  31:              else
  32:              {
  33:                  //Get the access token and secret.
  34:                  oAuth.AccessTokenGet(Request["oauth_token"], Request["oauth_verifier"]);
  35:                  if (oAuth.TokenSecret.Length > 0)
  36:                  {
  37:                      // Save my Access Token Set - place in Web.config for use with
  38:                      // DefaultWithToken.aspx
  39:                      using (StreamWriter sw =
  40:                          new StreamWriter(Request.MapPath("~/TwitterCredentials"), false))
  41:                      {
  42:                          sw.WriteLine("Token=" + oAuth.Token);
  43:                          sw.WriteLine("TokenSecret=" + oAuth.TokenSecret);
  44:                          sw.Flush();
  45:                      }
  47:                      url = "";
  48:                      string postData = "user=@MyTwitterAccount" +
  49:                          "&text=" + 
  50:                          oAuth.UrlEncode("D @MyTwitterAccount - Access Token Obtained");
  51:                      xml = oAuth.oAuthWebRequest(oAuthTwitter.Method.POST, url, postData);
  52:                      apiResponse.InnerHtml = Server.HtmlEncode(xml);
  53:                  }
  54:              }
  55:          }
  56:      }
  57:  }

The above web transaction will essentially record the Access Token Set to the TwitterCredentials file of the root directory.  The Access Token and Access Secret from the TwitterCredentials file should now be placed into the AppSettings of the web.config and then the next web transaction will demonstrate using such credentials for repeated use:

   1:  using System;
   2:  using System.Data;
   3:  using System.Configuration;
   4:  using System.Collections;
   5:  using System.Web;
   6:  using System.Web.Security;
   7:  using System.Web.UI;
   8:  using System.Web.UI.WebControls;
   9:  using System.Web.UI.WebControls.WebParts;
  10:  using System.Web.UI.HtmlControls;
  12:  namespace oAuthExample
  13:  {
  14:      public partial class DefaultWithToken : System.Web.UI.Page
  15:      {
  16:          // Direct Message API -
  17:          // Limits (403) -
  18:          // Also returns 403 when you send same message twice...
  19:          protected void Page_Load(object sender, EventArgs e)
  20:          {
  21:              string url = string.Empty;
  22:              string xml = string.Empty;
  23:              oAuthTwitter oAuth = new oAuthTwitter();
  24:              oAuth.Token = ConfigurationManager.AppSettings["accessToken"];
  25:              oAuth.TokenSecret = ConfigurationManager.AppSettings["accessTokenSecret"];
  27:              url = "";
  28:              string postData = "user=@MyTwitterAccount" +
  29:                          "&text=" + oAuth.UrlEncode("D @MyTwitterAccount - Hello World");
  30:              xml = oAuth.oAuthWebRequest(oAuthTwitter.Method.POST, url, postData);
  31:              apiResponse.InnerHtml = Server.HtmlEncode(xml);
  32:          }
  33:      }
  34:  }

The web.config is shown as follows:

   1:  <?xml version="1.0"?>
   2:  <configuration>
   3:    <appSettings>
   4:      <add key="consumerKey"
   5:           value="XXXXXXXXXXXXXXXXXXXXXXXXX"/>
   6:      <add key="consumerSecret"
   8:      <add key="accessToken"
  10:      <add key="accessTokenSecret"
  12:    </appSettings>
  13:      <connectionStrings/>
  14:      <system.web>
  15:      <compilation debug="true"
  16:                   targetFramework="4.0" />
  17:          <authentication mode="Windows"/>
  18:          <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/>
  19:    </system.web>
  20:  </configuration>


To protect the innocent, the web.config above does not show the actual Consumer Key and Consumer Secret as well as the actual Access Token and Access Token Secret.

That is it…Authentication with OAuth for Twitter…at least from the Consumer’s perspective.   Click HERE to download the project.