On the NBN

We switched over to the NBN at home a couple of months ago. Unfortunately since the last change of Government in Australia, it appears that all NBN rollouts are getting fibre to the node (FTTN) rather than original plan of fibre to the premises (FTTP). So with the node servicing our neighbourhood being a fair distance from our house, it looks like the best we can expect for the foreseeable future is ~40MB. That is a 4x increase on what we used to get with ADSL2+, but it is a shame we can’t get the full 100MB if we wanted to pay for it.

40MB isn’t too bad – I know of others that are only getting 20 (and there’s stories of some that switch over from ADSL to get a slower speed than what they used to have). Just seems a lost opportunity that if everyone had got fibre, I’m sure that would be capable of being upgraded in the future to even beyond 100MB.

ShaggyMax screen protectors

My old laptop ended up getting a really scratched display. The keyboard obviously had been rubbing against the glass for a while, which was a shame. I think this was made worse because the only thing separating them was two rubber feet that had come loose after a few years.

My new laptop has a different design with a small rubber strip that goes all the way around the edge, which seems to do a better job. Nevertheless, I did want to get something that would help protect the display and reduce the chance of scratches.

A bit of Googling came up with a few options. A call out to Twitter ended up with an in-person response from Ryan showing me he’d got a ShaggyMax-brand protector for his brand new 9560 (the newer version of my 9550).

That was good enough for me, so I’ve now got my own!

I bought a 15.4” Laptop Screen Protector. You can buy them through Amazon, or direct from their website. Here’s what it looks like on my laptop:

It’s a microfibre cloth that is thin enough that it doesn’t interfere with closing the lid, but hopefully will be thick enough to softly cushion and protect the glass. So far, so good.

NDC Sydney 2017

My second time attending NDC Sydney, and this was extra special as I’d been accepted as a speaker. I was excited and pretty nervous!

I flew over Tuesday evening. It was quite windy with a fair bit of turbulence on the flight. A decent tailwind meant even though we left Adelaide late, we still got into Sydney on time.

Wednesday

The conference kicked off with a keynote from Jennifer Marsman talking about using EEG and Machine Learning to perform lie detection (on her husband!). Not sure about the lie detection, but I do like the application of EEG to enable things like controlling a wheelchair, and it was useful to learn about the different kinds of algorithms and models you used for different types of problems.

Barry Dorrans walked through a bunch of security vulnerabilities that had been discovered in .NET. Some subtle causes and a few things to watch out for in your own code.

Edith Harbaugh gave a good overview of using feature flags. She is from Launch Darkly, a company that provides ‘feature flags as a service’, though her talk was more general. One point she made was that feature flags can be dynamic – something that can be changed at runtime, not just a config setting that is set at startup.

Damian Edwards raced through what’s new in ASP.NET Core. This is looking pretty good.

Bart De Smet is a guru of .NET and CLR internals. I've watched some of his Pluralsight courses already. This talk on C# internals was fascinating.

Filip Ekberg dug into asynchronous programming.

Rounding out the day with Jimmy Bogard doing CI with Azure.
Wednesday evening there was a cruise on Sydney harbour. It was a little chillier than the last time I’d been out, but nice food and great to socialise with other attendees.

Thursday

First thing Michele Bustamante stepped through using Docker.

@DavidRGardiner talks chocolatey at #ndcsydney pic.twitter.com/3fhH2Bj9VH

— Ben Laan (@benlaan) August 17, 2017

Then it was my talk on using Chocolatey and Boxstarter! All my demos went off without a hitch and there were lots of questions from the audience. I think the early attendees appreciated the bonus chocolate frogs too.
Thanks to Ben for coming along and being a friendly face in the front row (and taking the photo!)

I hung around because Bart De Smet was up after me diving in to a bunch of areas of .NET to watch out for when you really care about performance.

Steve Sanderson showed off some nice options available now in ASP.NET Core.

The one and only Richard Campbell with a history lesson about .NET. Informative and entertaining.

Dina Goldshtein on self-monitoring apps. Some interesting ways to do logging and diagnostics.

Finally a bit more Michelle Bustamante with more Docker – this time looking at some of the orchestration tools.

Thursday evening there was a social evening, including a bunch of pretty funny “short stories about failure” from some of the speakers. Some people partied on late into the night, but I retired early.

Friday

Nick Blumhardt gave a great talk introducing SeriLog and structured logging.

Kylie Hunt talked about dealing with problem bosses. A mix of good suggestions and sharing personal experiences.
Maybe I’m just an old fuddy-duddy, but personally I’m less impressed by speakers at conferences that need a swear jar.

Laura Bell had some good content on building in security.

Lars Klint did a really interesting talk about Cosmo – a little programmable robot.
Last talk I caught was from Jimmy Pelletier on how his team introduced micro services into their architecture.

There was the option of attending PubConf after the main conference had finished, but I’d already made plans to catch up with some old Adelaide friends who are now living in Sydney. It was really great to spend Friday evening and Saturday with them before my flight home in the late afternoon.

Here’s a pretty waterfall that I saw on Saturday when we went out for a walk. It's been dry in Sydney recently, so imagine what it would be like after a bit of rain.


All in all, again NDC Sydney didn’t disappoint and I can only hope it continues to grow and get better next year. There were quite a few times where I was spoiled for choice. I'll be looking forward to catching up on missed sessions when the recordings are published in a few weeks. It was great to see the Adelaide contingent growing from 2 last year to 9 (that I know of). The word is getting out that this is THE developer conference you should attend!

Running SQL Server Configuration Manager without SQL Server installed

I like to have SQL Server Management Studio (SSMS) installed as part of my standard development environment. Usually this is because I also have an instance of SQL Server Developer or Express Edition installed, but not always.

One thing I noticed with the separate distribution of SSMS is that it also includes all the other management tools that used to be bundled with the server, like SQL Server Configuration Manager.

I wanted to change the SQL Client configuration settings and Configuration Manager is the tool I’d use to do that. But when I fired it up (it’s named SQL Server vNext CTP2.0 Configuration Manager in the latest release of SSMS), I’ve been greeted with this message:

I don’t see this problem when an instance of SQL Server is installed though.

The fix is documented in KB 956013. I ran the following from an elevated command prompt:

mofcomp "%programfiles(x86)%\Microsoft SQL Server\140\shared\sqlmgmproviderxpsp2up.mof"

Now SQL Server Configuration Manager starts up without error

Oh, and the easiest way to install SSMS is to use Chocolatey!

choco install sql-server-management-studio

TypeScript tsconfig.json being ignored in C# project

TL;DR - Make sure your tsconfig.json file has the Build Action set to Content

I have some TypeScript files included in a .NET project. I added the Microsoft.TypeScript.MSBuild NuGet package to the project to enable the TypeScript compiler to transpile the .ts files to JavaScript. All was good until I wanted to set some compiler options using the tsconfig.json file. I created this file but every time I compiled the project it didn’t do anything different.

I almost pulling out my hair in frustration, so I decided to dig in deeper to find out why this was happening.

First, I ran msbuild with detailed logging. That showed up the following line just before the CompileTypeScript target was run:

Target "PreComputeCompileTypeScriptWithTSConfig" skipped, due to false condition; ('@(ConfigFiles)' != '') was evaluated as ('' != '').

A bit more digging led me to packages\Microsoft.TypeScript.MSBuild.2.3.1\tools\net45\Microsoft.TypeScript.targets – This defines that PreComputeCompileTypeScriptWithTSConfig target which is looking for @(ConfigFiles), which in turn is set in target FindConfigFiles. That target calls the FindConfigFiles task that is in TypeScript.Tasks.dll.

Firing up JetBrains dotPeek to reflect on the code for FindConfigTasks shows that it uses the ContentFiles property to look for existing tsconfig.json files, and that property is set to @(Content) in the targets file.

Jumping back to my project, I notice this:

Ah haa! Let’s set that Build Action to Content and try again..

Yes! Building the project shows tsc.exe being passed the --project parameter pointing to the tsconfig.json file!

Speaking at NDC Sydney 2017

Well this happened!

Yes, my talk “Life is like a Box of Chocolate(y)” was accepted for NDC Sydney!

I’ll be speaking about using Chocolatey and BoxStarter as a way of scripting out the configuration of your developer workstation. You might think of these as more “IT” tools, but I want to show developers how easy they are to use.

Combined with Windows 10’s Reset, this means you can rebuild your Windows environment in a matter of minutes, allowing you to apply the “cattle, not pets” approach to your own PC.

Last year I attended NDC as a volunteer crew member and afterwards said that “this is THE developer event in Australia”.

So go have a look at the speakers and sessions. I reckon it’s a pretty compelling line-up, and if you register before Sunday 14th May, you can take advantage of early bird prices.

I hope to see you there!

Someone has created a Facebook profile using your name and photo

One in a series of posts on Facebook Security and Privacy

First off, don’t panic! Unless you have a really poor password, it’s unlikely that you have been hacked. Instead an annoying person has just created a new Facebook account, copied your profile picture and name, and is presumably now going through your friend list asking to become friends, and confusing all your friends who thought you were already their friend.

What can you do?

Use the Facebook “Report” function to ask Facebook to delete the fake account.

1. Open the fake profile page (Just click on the name)
2. Click on the ‘…’ button (to the right of the Message button), then click Report.
   
3. Select Report this profile and click Continue
4. Select They're pretending to be me or someone I know and click Continue
5. Select Me and click Continue
6. Select Submit to Facebook for Review
7. Usually within a matter of hours, someone at Facebook will review the details and shut down the offending account.

How can you reduce the risk of this happening?

Review your Facebook privacy and sharing settings to stop non-friends from seeing your friends list and your profile photo.

Enable Two Factor Authentication to reduce the risk of your actual Facebook account being really compromised.

Setting your Facebook privacy and sharing

One in a series of posts on Facebook Security and Privacy

If you use Facebook, you should take the time to review your privacy settings and be deliberate about what details you share with the public (as distinct from just your friends). Setting this appropriately can help prevent annoying people from creating fake Facebook accounts that have the same profile photo and name as you, and that then try to trick all your Facebook contacts into become friends with them.

There’s no one answer to setting privacy settings. Some people might be quite happy to share everything with everyone whereas others will prefer to keep things strictly between friends. The important thing is that you understand and are comfortable with what you’re sharing to whom.

To review your general privacy settings

1. Click on the drop-down menu on the top right in Facebook in your web browser
2. Click Settings
3. On the left, click Privacy
4. Review the settings and change to your preference if necessary.

To restrict who can see your profile picture

1. Go to your Facebook profile (click on your name in the top menu bar in Facebook in your web browser)
2. Click on your profile photo
3. To the right of the photo, click on the icon next to the date
   
4. Review the current setting and change to your preference if necessary. Choosing a non-public option will reduce the risk of someone copying your profile photo. On the other hand it will make it harder for potential friends to find you.

To restrict who can see your friends

1. Go to your Facebook profile
2. Click on Friends
3. Click on the ‘Pencil’ icon (Manage)
4. Click Edit Privacy
   
5. Review the current settings. Choosing a non-public option will reduce the risk of someone pretending to be you trying to contact all your friends.

Don’t just accept the defaults, be deliberate and intentional about exactly how much and to who you are sharing your Facebook information with.

Securing your Facebook account with Two Factor authentication

One in a series of posts on Facebook Security and Privacy

You should consider enabling Two Factor Authentication (often shortened to 2FA) for logging in to Facebook. This means in addition to having a unique password for Facebook (that you don’t use for any other online services), you also have to enter a (usually) 6 digit code (or receive a SMS text message) to confirm that it really is you signing in.

The two factors in “two factor” are 1) your password and 2) the 6 digit code.

The clever thing is that the 6 digit code changes every 30 seconds, so it’s no good writing it down as it will be out of date very quickly.

If you have a smart phone or tablet

1. Install an authenticator app on your device.
   I recommend (and use) the Microsoft Authenticator app (which is available for iOS, Android and Windows Phone), but there’s other options including Google Authenticator and Authy.
2. Open Facebook in your web browser (preferably on a different device to your smartphone)
3. Go to Settings, then Security and then Login Approvals
   
4. In the Code Generator section, click on third-party app.
5. A QR Code (like a barcode) appears.
6. On your smartphone, open the Microsoft Authenticator app
7. Click on ‘+’ to add a new account
8. Choose Other
9. Hold your smartphone in front of your computer’s web browser so that the phone’s camera can scan the QR Code.
10. It should automatically scan the code and add a new account entry for Facebook. eg.
    
11. Note the 6 digit number now being displayed on your phone.
12. Also notice there’s a countdown timer displayed next to this number. When this timer reaches zero, the number will expire and a new number will be displayed.
13. Switch back to your web browser and enter this number in the confirmation field and press Confirm
14. Click Enable to allow Login Approvals.
15. Click on Get Codes
16. Enter your password
17. Print out these codes and keep them in a safe place. You can use these codes as a last resort if you lose access to the Authenticator app (eg. your phone drops in the toilet)
18. It is also a good idea to provide your mobile phone number as a fall back in case you lose access to the Authenticator app (eg. you accidentally deleted it).

From now on, each time you log in to Facebook from a new device you will need to provide the current 6 digits from the Authenticator app as additional proof of identity. If you use some devices regularly, you can then choose not to require two factor authentication in the future.

If you use the Facebook App on your device, that can also function as an authenticator app. The downside to using this is that it only works for Facebook, whereas an app like Microsoft Authenticator can work with many online services.

These include Amazon, Dropbox, Facebook, GitHub, Google accounts, Microsoft Accounts, Mailchimp, Twitter and others. Always choose to enable 2FA for any online services you use. Many banks and financial institutions are also using similar systems.

If you have a mobile phone

1. Open Facebook in your web browser (preferably on a different device to your smartphone)
2. Go to Settings, then Security and then Login Approvals
3. In the Text message (SMS) section, if there is no number listed click on Add phone number
4. Follow through confirming the phone number

From now on, when you log in to Facebook you’ll receive a SMS text message with a code. You’ll then need to provide that code in addition to your password. If you use a device regularly, you can tell Facebook not to prompt for 2FA again.

Using 2FA with text messages is much better than not using 2FA at all, but it isn’t quite as secure as using an authenticator app. If you can’t use an app then do enable 2FA using SMS. Some services even support non-mobile numbers by reading out the code instead of as a text message.

You just received a friend request on Facebook from someone who’s already a friend

One in a series of posts on Facebook Security and Privacy

First off, don’t panic! Almost certainly your friend has not “been hacked”. Instead an annoying person has just created a new Facebook account and copied your friend’s profile picture and name, and is presumably now going through their friend list asking to become friends.

What can you do?

Use the Facebook “Report” function to let your friend know.

1. Open the fake profile page (Just click on the name. Don’t click on Confirm Request!)
2. Click on the ‘…’ button (to the right of the Message button), then click Report.
   
3. Select Report this profile and click Continue
4. Select They're pretending to be me or someone I know and click Continue
5. Select Someone I know and click Continue
6. Select Message your friend
7. Type in your friend’s name. Your friend’s existing Facebook profile should be listed.
8. Click Send.
9. You friend will receive a Facebook message with a link to the offending profile and they can follow it up by reporting it to Facebook.

If you’re particularly concerned, at step 6 you can also choose Submit to Facebook for Review. You will then be asked to select your friend’s real Facebook profile and send it off to Facebook.

Facebook security and privacy

I’ve had a number of friends on Facebook suffer the annoyance of having ‘fake’ accounts using the same name and profile picture to impersonate them and contacting all their friends asking to be friends.

It’s frustrating and annoying for everyone concerned. The victim who is being impersonated often also wonders if their Facebook account “has been hacked!”. Usually this is not the case, but I thought it would be helpful to write down some suggestions to help reduce the risk and help you feel more safe using Facebook.

Topics in this series:

• Setting your Facebook privacy and sharing
• Securing your Facebook account with Two Factor authentication
• You just received a friend request on Facebook from someone who’s already a friend
• You just found out someone is impersonating you with a fake account on Facebook

Let me know in the comments if there’s anything else I should cover.