Some interesting things coming from Microsoft, regarding the next version of Internet Explorer. Thanks to Jeffrey Joslin for this collection of links.

1. First, we have this IE6 EOLAS Active-X overhaul issue, regarding a long-standing patent litigation that has resulted in Microsoft on the losing end.

2. Then the IE7 CSS standards overhaul issue here on an MSDN blog posting
3. Third party initial reaction
4. More third party updated reaction now with less doomsday fears

Yet more reasons to leave Active X behind.

My quest for better phone service began when I started working from home this January, after I left Tom’s Hardware. I have been a Vonage customer for the past several years, and up until I started working from home and placing demands on the service, was pretty much a happy camper. But now I am caught on the short end of the cable modem, and I suffer on hold for several hours a day as I try to get through to customer disservice. What are the problems? In a word, Adelphia’s cable Internet service sucks. Rarely does a day go by when I can reliable service throughout the day. This has nothing to do with Vonage, but without a decent Internet dial tone, I don’t get any benefit with having Vonage VOIP. (I won’t bore you with the number of times that Adelphia has been out to rewire this and that in my building to get service to a decent enough level.) Lately I have been having problems with some of the IVR systems responding to my touch tones — this never used to happen to me. I don’t know if my phone is going bad, or something odd is happening with Vonage. Now I do a lot of conference calls, and almost all of them require you to input a call ID number via touch tones. Sometimes I get connected. Sometimes I don’t. It has been very frustrating to say the least. One of the reasons I went with Vonage was because of the ability to change my call features using Vonage’s Web site, without ever having to talk to a customer disservice person. But Vonage made some changes that make the site harder to use, and that also has reduced my voice service reliability. So after all of these issues, I thought I would be smart and switch back to a good ole fashioned Verizon land line. They have an all-you-can-call package that isn’t much more than I pay for Vonage. Boy, did I not realize what I was getting into. It took me no time to order the voice and DSL service online on Verizon’s Web site. Might as well just get everything from one place and pay one bill, I thought. What was I thinking? Then the trouble started. When I placed my order, I knew that I wanted a Verizon tech to come into my apartment and make sure that the interior wiring was working correctly. I hadn’t had land line service since we moved in here and didn’t want to take any chances. So I specifically asked for this service, for the tune of about $100. Verizon promptly told me my service would be available the day after I placed my order, and that is when I began to smell a rat. I thought: they probably think, because I am in an existing location that their computers know about, that all they have to do is turn on the dial tone at the central office and I will be good to go. Wrong! Now, the wiring inside my apartment is like a lot of old apartment buildings: in short, a mess. There are jacks with bunches of wires going here and there. I needed that tech to come visit with his tone set and get things connected from the wiring closet downstairs. First I got an email from Verizon verifying my order. Everything was great, I thought: they get the Web and are sending me email. But a careful read through the email was my next frustration: nowhere in this message was the key phone number that my order had assigned. I had chosen the number during the Web ordering process, but of course didn’t write it down. Why was this important? Because without the phone number of my line, there was no way I could track my order via Verizon’s Web-based customer care system. So I waited. The next day, I got a paper confirmation via good ole USPS. This had all sorts of information, including my eventual phone number. Hooray! Now I can sign on and figure out what is going on with my line. But when I did, I got this message: Our records indicate that the account you entered is no longer in service. Please contact your local business for assistance. Okay, so I call the business office and tell them that they still need to send a technician out to hook me up. That was two days ago. No tech came. Today I call and finally get through to someone who can schedule a tech. He comes out, spends about an hour fooling around with the wires in my apartment, and eventually gets me dial tone after rewiring a few things here and there. But that is just half the story. Now I need to find out what happened with my DSL order. Today, I get another email from Verizon, telling me: Our records show that you recently placed an order for Verizon Online DSL. Due to a system malfunction, your order is not complete. We invite you to return to our Web site … I ask Jim, my Verizon tech buddy that I have since bonded with, about whether his order shows that my line has been configured for DSL. Nope. I have to re-order the DSL service. Incredible! Do they really want my business? So I go back online and spend a very frustrating time trying to do this, only to find out that the Verizon Web site thinks my DSL is already a feature on my voice line and I can’t re-order it again. I gotta call their customer disservice line. After waiting on hold for a live person for 30 minutes, I give up. Can they make this any harder? Jim tells me that the DSL guys are a bunch of losers (not in so many words, but I get his drift). So do I really want to give Verizon my business? I think not. While Jim is finishing up with his install of my voice line, I surf on over to Earthlink, and order my DSL package from them. I figure since I know the CEO, I might be able to get some traction in case things don’t work out. (Note 4/24/06: nearly a month later, and I just get a call from Earthlink. Seems that there is some problem with my order. Still no DSL here) How do normal people deal with this stuff? Anyway, I have a new voice number, which I’ll post on my strominator.com blog but here it is in case you need to call me: 310 829 4742. And the funny thing is, when I go to Verizon’s Web site and key in this number, I still get the “account is no longer in service” message. Maybe one of these days Verizon will finally figure out how to really use this new-fangled Web-thingie. A month later, 4/24/06, I get this email from Verizon: <tt> This email is being sent in reference to your contact with Verizon by email during the month of March. We identified a system issue that caused a delay in the receipt of our response to you. We have since corrected the system issue. If you have any questions, please feel free to contact us by clicking on the link below: </tt> Sigh.

I have a confession here: I am not a big watcher of reality TV. I think I have watched maybe two hours of reality TV — that is a lifetime total. But on a visit to Bunim-Murray Productions in the center of San Fernando Valley last week, I came away impressed, and I didn’t even get to see Paris and Nicole filming their latest show.

Setting up one of the first and one of the largest all-digital video production networks looks a lot easier now that the company has been producing a series of hit reality TV shows for the past year on the system. But handling terabytes of storage and moving all that video over Ethernet didn’t come easily.

While it would have been fun to see Paris on the streets of LA, what I was really interested in was Bunim-Murray’s storage area network. They have more than 30 terabytes of video files on their system, which is composed of twin Apple X-SAN servers and loads of hard disks spinning away.

“We have big files, big bandwidth, and big deadlines, with over 300 users on our network,” says JB Blunck, a SVP with the firm.

Bunim-Murray may not be a household name, but the production does handles several hit shows, including The Simple Life, The Real World, Starting Over, and The Gauntlet. They have pioneered reality production, and continue to find ways to improve and use digital technologies in their daily jobs. When I was visited, I saw them preparing a robotic TV studio that they have on premises to videotape interviews, Webcasts, and other bits.

The word videotape is somewhat misleading, because of course everything that they do goes directly to digital video. What was impressive about this studio wasn’t the green screen or the massive array of lights, but the fact that the entire operation ran on a couple of stock G5 Macs and ordinary digital video camcorders — albeit higher-end ones than most of us would have in our homes, but not all that different.

“One person can control the entire studio,” says JB. “What we have done is put the technology in the hands of the people that have to make the production decisions, making us much more productive.”

Some of their shows generate a great deal of video each day — after all, there are several cameras rolling for many hours capturing all the reality zeitgeist and inter-personal conflicts out in the field on the set of the shows. “We do 3500 hours of video per season for The Real World alone,” says JB. “Every show generates a huge amount of storage. While film is a director’s medium, reality TV is the editor’s medium as the story must be pieced together from all the raw video.”

Unlike other reality shows that “enhance reality” by manipulating the
production to create drama, Bunim-Murray prefers the classic cinema
verite approach. “We draw a strict line between the cast and crew,”
says Mark Raudonis, the VP of post production. “What you see on screen
really happened, with no interference or suggestion from us.”

The reality of their network is its reliability. “We have a drive failure every couple of months, but it isn’t any big deal because of our SAN RAID. From an operational standpoint, I don’t get a lot of calls in the middle of the night and we haven’t had any system meltdowns,” said JB.

“We are able to leverage advances in technology to do things that weren’t possible a couple of years ago,” says Raudonis. “We use a couple of stock Macs, some $500 pieces of software and some nice monitors that replace $20,000 worth of Sony gear,” says Raudonis. “There isn’t anything proprietary about what we are doing, and we are just using off-the-shelf stuff.”

The company started doing digital recordings in the field a few years ago and gradually replaced their Avid editing gear with Apple’s Final Cut Pro. “We made a conscious decision two years ago to change our digital destiny,” says Raudonis. Now all their editing is done on the Macs and the only videotape to be found in the place are archival copies of the older shows.

Having all this digital content online has changed the way the company edits and produces the shows. “We have all 165 shows of Starting Over available online for the editors to tap into,” says Raudonis. “The editor has every frame of every scene for the entire season at his fingertips. We can find a shot for any show at any time and use it easily. We are sitting in a stealth bomber here,” he says. Other production companies have to first locate a specific tape and shot on it, which consumes a lot of time and may not be worth the search. At Bunim-Murray, it takes seconds.

Part of their network extends over the Internet, and allows producers and staffers working on the shows to review the dailies by logging into a secure Web site and see the actual raw footage. “We use to Fedex firewire drives to our producers around the country. Now we use FTP and high-speed connections,” says JB. They cut the 30 hours of daily videos for The Real World, for example, down to a 30-minute highlight reel that begins the production process.

When asked what is left to conquer technologically, Raudonis says “infinite bandwidth and unlimited storage. Moore’s law has been accurate in predicting our storage news and enabled to do an incredible amount of work. Broadband still isn’t enough for us to ship a lot of media over the ‘Net, and FedExing a big box of tapes still beats the Internet.” Interestingly, CPU isn’t a problem for their system — at least for the time being until high definition video kicks in. And with 30-some terabytes of video data and narry a dropped frame, it is an impressive system indeed.

As JB says, “A terabyte isn’t what it used to be.” But what is amazing to see is how they have taken what used to be fairly standard IT desktop technology and put it together to drive their entire business. It is definitely a sign of things to come.

Simplifying your life usually starts with a list, and what better way than to use some online service that will maintain your lists for you? There are lots to choose from, I took a look at a few services and put together the following table to guide your own decision. If I missed a favorite, let me know.

The folks over at Cerado have posted a funny quiz here. There is a list of nouns: you get to pick whether they are Internet companies or characters in a Star Wars film. Now, I thought I was a fan and somewhat in tune, but forget it, I won’t reveal my miserable score. At least not here.

Yesterday’s keynote address by His Billness made it crystal clear. Microsoft isn’t going anywhere with opening any APIs for its Web programming. See some excellent reporting by Scott Fulton at my old haunt here:

The question was literally shouted at him, will you open your API the way Google does? The answer is no. … For the first time in years, other players are setting the rules, and Microsoft is choosing not to play by those rules. All of a sudden, Microsoft finds itself the outsider, the holdout, the would-be up-and-coming player, and Bill Gates finds himself playing the role of the conservative stalwart, resistant to change, impervious to the winds of history.

Today, we learned that Vista isn’t going anywhere, either. At least not this year.

As a public service, here is a guide to sending text messages between various phone network providers. Please don’t send this to my niece! Thanks to Dave Nathanson for collecting these.

AT&T Wireless
(your number)@mmode.com

Cingular
(your number)@mobile.mycingular.com

Nextel
(your number)@messaging.nextel.com

Quest
(your number)@qwestmp.com

Sprint
(your number)@messaging.sprintpcs.com

T-Mobile
(your number)@tmomail.net
(if you set up a name, it is name@tmail.com)

Verizon
(your number)@vtext.com

I am doing some research for a client and writing a paper on SQL Injection and what you can do to prevent this well-known exploit. Here are some of the more useful resources that I have found. If you know of others, plmk.

1.  SQL injection isn’t new. The earliest mention that we could find was an article in Phrack magazine by “Rainforest puppy” that was published in 1998!
2. A basic step-by-step introduction on the topic, showing you how to assemble information on a target’s data structure using a simple Web form by Steve Friedl (Jan 2005).
3. Oracle-specific examples of SQL injection from Security Focus (Nov 2001) and Net-Security.org (Jan 2004) contain lots of good information for other types of SQL servers as well.
4. SPIDynamics’ white paper on the subject goes beyond the basics (Sept 2005).
5. A more complete step-by-step walkthrough of various exploits.
6. More complete walkthrough of exploits, along with a nice description at the end of the paper on methods to lockdown your SQL Server (2002).
7. A more general resource on SQL Server security, including articles, free assessment tools and a nice lockdown script, all from Chip Andrews.
8. ODBC error messages by David Litchfield, given at a Black Hat conference.

Now is the time to get your entry together. I will be one of the contest judges, along with some of the fine folks from CMP. It is a great way to get some attention for your product, so don’t delay!

Nate Koechley, a senior Web developer at Yahoo, has written an interesting paper that describes Yahoo’s efforts toward supporting various browsers on their site. He groups all 10,000-plus versions of browsers into three different categories: C, A, and X. The A grade ones are the most modern and the ones that are the most capable of delivering an advanced Web experience.

I like what he says. I never was happy with “this page best viewed by this browser” buttons that cropped up in the late 1990s. And as the browsing experience becomes more complex with all sorts of tie-ins, helper apps, and new ancillary software programs, it is nice to have a statement of direction on the issue.