scary router vulnerabilities

It seems like consumer-level routers get hacked at an alarming rate. There was a lot of buzz today about a new Netgear vulnerability. I have a Netgear router, but not one of the models that’s affected by this particular problem. I bought mine back in 2010, and it’s been working fine. The firmware for it hasn’t been updated in a few years though. As far as I know, there are no unpatched vulnerabilities for it, but I’m not really confident about that.

I should probably install DD-WRT on it. I had DD-WRT on my last router, and it worked well. I’ve thought about installing it on the Netgear, but haven’t gotten around to it. Maybe that’s a project for this weekend, since it looks like it’ll be cold and snowy out.

Reinventing Local News

Here’s an interesting effort to help “reinvent” local news. The gist of it seems to be that we should put aside a certain amount of money from FCC auctions of local TV licenses to help set up new “cutting edge” local news sources. I’m not too optimistic that this will happen, or that it would result in quality, long-term, local news for New Jersey if it does. But, hey, it’s worth a shot. The local news situation in NJ is pretty weak.

We’re focusing first on New Jersey. Sandwiched between the New York and Philadelphia media markets, New Jersey receives little to no coverage of its state and local governments. New Jersey owns four public TV licenses, which the FCC estimates could fetch as much as $2.3 billion at auction.

Source: Our Last, Best Chance to Reinvent Local News

Paying for Pluralsight, and other subscriptions

Pluralsight extended their Black Friday sale by a few days, so I gave in and paid for a year last night. Part of my reason for that is that I noticed that there’s a series on SharePoint 2013 programming with JavaScript by David Mann that looks like it might be useful. (Now I just have to convince myself to watch it.)

I was happy to see that they added the paid subscription to the end of my free period, rather than just start it immediately, so it will last until January 2018. I paid for the subscription with a virtual card number, so it won’t auto-renew, so that will give me a chance to think about whether or not I want to continue with it in 2018.

I’m in the middle of listening to a Mac Power Users episode on managing subscriptions, and there’s a few good ideas in there. For stuff that renews annually, my approach is generally to pay for them with a virtual card number or (where possible) a personal check, so they don’t auto-renew. Then, I have to make a conscious decision to evaluate and renew (or not) each year. I also try to keep track of them in Evernote, and set reminders so I know when they’re coming up for renewal.

I tend to review subscriptions at the end of each year, so I might as well do that now. Looking at a few of the big ones, I see that my Office 365 subscription is good until December 2018, so I don’t have to worry about that one for a long time. But my Evernote subscription is set to renew next month, at the $70 “premium” level. I’m still not happy about their increase from $50 to $70, but I do get quite a lot of use out of Evernote, so I’m pretty sure that I’m going to let that one renew. (Though maybe I should read up some more on their iOS app redesign, before I commit to that.)

And I just checked my NY Times subscription. I originally subscribed at a promotional rate of $10.50 every four weeks, for a year. That was in January, so that promotional rate will be over soon. I don’t mind paying that, but I expect that the renewal will be done at whatever the current “regular” rate is. The Times is kind of sketchy about pricing. My account page doesn’t say at what rate the subscription will renew, so I’m not sure if it’ll still be $10.50, or something else. Looking at their current rates (by going to their site in a private browsing window), I think it would be $15 every 4 weeks. And looking at the cost of subscribing through their iOS app, I think I could get a subscription for $130 per year, which comes out to $10 every 4 weeks. So, to get a good rate, I may need to cancel my existing subscription and resubscribe through iOS.

I could choose to look at supporting the Times as being a little like a charitable donation though. I think we’re going to need a robust, independent, (relatively) unbiased press over the next four years. And the Times seems to have gotten under the president-elect’s skin more than any other media outlet. So they’re worth supporting, for that reason, at very least.

Giving Tuesday (a bit late)

Since I posted about Black Friday and Cyber Monday, I figure I should write a Giving Tuesday post too. I’ve been really indecisive about giving to charity, since the election results came in. I think there are a lot of charities that will need help over the next few years, and it’s hard to choose which ones to support.

A friend forwarded me an article from NPR about choosing charities to support this year. It’s somewhat helpful. And there’s Nick Kristof’s annual column about holiday season charitable giving at the NY Times site.

Fun and games with the SharePoint social comment control

I’ve been working on a big SharePoint 2013 project at work, and I’m learning a lot about the ins and outs of developing custom applications with SharePoint. (TL;DR: It’s messy.) There have been a bunch of times when I’ve come across something weird and/or interesting and thought “I should write this up in a blog post,” but I just haven’t gotten around to it. Well, this time, I’m going to at least start writing something up. (We’ll see if I get far enough to have something coherent to post or not.)

My application is a farm-level solution using a couple of application pages. There’s a search page and a detail page, basically. The detail page loads data from a few different sources, based on parameters passed on the query string. So, in some ways, standard ASP.NET stuff.

After having gotten most of the stuff on the detail page done, I wanted to add the ability for users to add comments to the page. I looked at a number of possibilities for this. One option that jumped out is the social comment control. This control can be added to a page as a web part, via “Social Collaboration”, “Note Board”. To add it to an application page in Visual Studio, you need to do the following:

  1. Add a reference to “Microsoft.SharePoint.Portal” to your project.
  2. On your page, register the SharePoint portal controls:
    <%@ Register TagPrefix="SharePointPortalControls" Namespace="Microsoft.SharePoint.Portal.WebControls" Assembly="Microsoft.SharePoint.Portal, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
  3. Drop the social comment control on the page somewhere:
    <SharePointPortalControls:SocialCommentControl ID="CommentControl" runat="server"/>

I picked up the basics on this from this article, which also covers user ratings.

This initially seemed to work well. I was curious about where, exactly, SharePoint was storing these comments though. From this article, I learned that you need to go through central admin to get to them:

  1. Open the Central Admin home page.
  2. Click “Manage service applications” under “Application Management.”
  3. Click “User Profile Service Application”.
  4. Click “Manage Social Tags and Notes” under “My Site Settings”.

This gets you to a page where you can search for notes, by user and/or URL. You cannot do a wildcard search, or simply pull up all notes, so that’s pretty inconvenient. But it was reassuring to see that the notes are indeed stored by URL, with the full URL, including query string. So, for me, each detail page would have its own set of comments, no problem there.

When I did some testing, posting comments to the same page from two different user accounts, I hit a pretty major snag though. The two users could not see each other’s comments. That led me down a rabbit hole that brought me to this StackExchange page. I followed the advice to set “Security Trimming Options” to “Show all links regardless of permission”, and that (eventually) fixed the problem. I also ran the “Social Data Maintenance Job”, as described in this StackExchange page.

I’m not sure if changing that security trimming setting will have any negative effects, if I change it in production. It’s a Central Admin level setting, so it’s something I’ll need to review seriously.

Assuming I stick with this plan, I’m also going to need to be able to create comments in code, as I’m going to be importing a bunch of them from the old site that I’m replacing. It does seem to be possible to do that, based on info from these pages:

I haven’t actually tried writing any code for this yet, so I may stumble across some “gotchas,” as I have with a number of other seemingly-straighforward SharePoint tasks.

And, after going through all this, I see that, for SharePoint Online, the Tags & Notes feature has been retired. We’re not using SharePoint Online, but if we ever migrate to it, I’d have to redo this functionality. So that’s a serious knock against it.

A lot of the stuff I’ve been doing in SharePoint has been working out this way:

  1. Find a SharePoint feature that looks like it solves my problem nicely.
  2. Spend some time setting it up and doing some initial testing. Things look promising.
  3. Stumble across a problem. Spend a bunch of time researching it.
  4. Either:
    • Find that the problem isn’t really solvable and give up.
    • Or find a workaround that’s acceptable, maybe, but not great. (It relies on something undocumented, or a feature that’s deprecated, or it requires changing farm-level settings that I’m not sure I can change.)
  5. Realize that I’ve wasted half the day on this.
  6. Give up and go to lunch.

So my solution for commenting is probably going to be a standard SharePoint list that I’ll read and write in code-behind and show in a standard ASP.NET repeater, or something like that.

Well, I guess I’ve succeeded in writing a semi-coherent post about SharePoint programming. I’m not sure if it will help anyone, but it might be mildly amusing, if nothing else.

Cyber Monday

I couldn’t quite talk myself into signing up for a Pluralsight subscription today, even at the $200 Black Friday rate, but I did convince myself to plunk down $15 for the Humble / O’Reilly Unix bundle that’s running right now. (Not technically a Black Friday or Cyber Monday deal, but it’s in the right date range.)

Over a dozen classic O’Reilly books for $15: not a bad deal. Most of the books are pretty old, but many of them are still useful. I’m not sure if the sed & awk book or the lex & yacc book are of any use at this point, but the vi/Vim and Emacs books could be. And bash is still useful. I have a few of these in hard copy form, but it’ll be nice to have PDF copies of them. I imagine I could actually throw out some of my older O’Reilly books at this point. I think I have a first edition of the Unix Power Tools book floating around here somewhere, for instance. That’s a pretty thick book, and there’s really no reason I need it anymore, except maybe as a doorstop. (Thinking about it a bit more, I guess most of these books are available through the Safari subscription I get through ACM, but it can’t hurt to have offline, DRM-free, copies.)

I also convinced myself to buy a few comics from Dark Horse, from their Black Friday sale (most books for 99 cents), and a few collections from Comixology (from DC’s buy one get one free sale). In both cases, I was buying stuff that I missed from the period where I’d pretty much stopped buying comics (2009-2015, roughly).

I should probably be slightly embarrassed that I only bought stuff for myself this weekend, but I don’t really have any need to do any significant Christmas shopping for anyone else. And that can all get done online, whenever.

Pluralsight Black Friday sale and SharePoint development

I signed up for a free three-month Pluralsight subscription, via Microsoft’s Dev Essentials program, a couple of months ago. The main purpose of the subscription, initially, was to learn more about SharePoint programming, for a project at work. So far, I’ve completed Andrew Connell’s “SharePoint 2013 Developer Ramp-Up” series, and I’m most of the way through Sahil Malik’s “Understanding SharePoint 2013” series. So I’m actually using the subscription, and getting some value out of it.

I’ve been watching the videos largely at work, but now I’m getting a little self-conscious about it. There’s apparently been some political stuff going on at work regarding streaming video. It’s a long story, but apparently we need to be careful about not watching too much streaming video now. I don’t think anybody would look askance at a few hours of Pluralsight per week, but you can’t be too careful, so I guess I might need to stick with watching the videos at home from now on.

But, either way, I’m getting value out of the free Pluralsight subscription, so I’m thinking about getting a paid subscription. Normally, I’d wait until the free one was up, but Pluralsight does a Black Friday sale every year, so now would be a good time to pay for a year-long subscription. Their regular rate of $300 per year is a bit too steep for me. The Black Friday deal is $200 per year, so that’s a bit better, but still not insignificant, so I haven’t quite decided yet. The deal is good through Monday, so I have some time to make up my mind.

On the subject of SharePoint programming in general, I’m pretty deep into a SharePoint 2013 project right now, and I’m learning a lot of stuff by trial and error. I seem to keep finding weird little quirks that I have to work around. And I keep trying to do stuff that, apparently, isn’t easy to do in SharePoint, or at least isn’t obvious. I’ve been thinking about writing up a few SharePoint-related blog posts, but I’ve been too busy to really get my notes together on anything particularly interesting, to the point where I could write a coherent post. But maybe soon.

Gratitude

Happy Thanksgiving! Coincidentally (or not), I’ve been thinking about gratitude a bit lately. I stumbled across Berkeley’s Greater Good site recently, and spent some time perusing the gratitude section. The site, at first glance, seems a bit new-agey (or maybe hippydippy?), but it appears to be science-based, and might be worth a deeper look.

And I recently listened to an episode of Note to Self featuring Chade-Meng Tan, a former Google employee who has written a couple of books on happiness and mindfulness. I keep telling myself that I need to read up on some of this stuff, and maybe give meditation a try, but I never get around to doing it. (Then, I feel guilty about that, and that’s certainly counter-productive…) Maybe approaching the subject from an engineer’s point of view would make it easier for me to get into? I guess I’ll add his books to the big (virtual) pile of stuff I’d like to read (but probably won’t get around to).

Looking at Facebook this morning, I saw a number of Thanksgiving morning posts, and was struck by how eloquently and genuinely some of my friends expressed their gratitude for family and friends today. I have trouble doing that without working in a degree of sarcasm. The phrase that comes to mind (for some reason) is “sand in the vaseline” which is the title of a Talking Heads best-of compilation (and has nothing to do with anything, really, but that’s how my mind works sometimes).

Regardless of all that, I’m going to be hitting the road soon, driving down to a friend’s house, and we’ll hopefully have a nice little Thanksgiving. I made a sweet potato pie last night, and bought a bottle of Gewürztraminer, so that’s a good start.

Bananapocalypse

Here’s a good article on the possibility of a coming bananapocalypse. It sounds kind of funny, but it’s a real problem.

The world’s most popular fruit, the Cavendish banana, is also one of the least genetically diverse. These seedless bananas destined for the $11 billion export market are, essentially, clones. That leaves the humble Cavendish vulnerable to diseases that can take advantage of its limited genetic diversity.

I eat a banana almost every day, so it would really bother me if they disappeared, but of course that’s a “first-world problem.” I’d just eat more of something else, and get on with my life. In some parts of the world, bananas are a staple and an important source of nutrition.

All of this seems to be leading up to a world much like the one presented in Paolo Bacigalupi’s The Windup Girl. Let’s hope we don’t actually let it go that far. (Which reminds me: I need to read more Paolo Bacigalupi.)

Mastry and Monster Men

I took my own advice (from yesterday) and took the train into New York today and visited The Met Breuer. The Kerry James Marshall exhibit was really impressive. I knew next to nothing about him, going in, and honestly my expectations were kind of low. But the exhibit is great. I have a lot of respect for him now, especially since I found out that he’s a fellow comic book collector! And the exhibit includes a bit of comic-strip work from something he calls “Rythm Mastr.” I’m a little unclear as to whether or not Rythm Mastr is a completed work, and/or if it’s ever actually appeared as a printed comic book. I found a couple of articles that mention it here and here, but I’m still not sure.

Speaking of comics: on the train, I read through the recent Night of the Monster Men crossover that ran through six issues of Batman, Detective, and Nightwing. I’m not usually a big fan of multi-title crossovers, but this was a pretty good one. I’ve really been enjoying the current Rebirth iterations of Batman and Detective. I had really only planned to pick up a few of the DC Rebirth titles through to the end of the summer, then I was going to drop them, but all of the ones I’m reading are good enough that I want to keep reading them. So now I’m thinking that I’ll reassess everything at the end of the year. But, for now, I’m still buying 5 or 6 DC titles regularly.