Cool space stuff! See the shuttle pull away from the Hubble Space Telescope:
http://www.youtube.com/watch?v=n2GH5rYf2Ko&fmt=18 (via http://blogs.discovermagazine.com/badastronomy/2009/05/20/bon-voyage-hubble/)

It's interesting to find out a bit about the history of where you live. In my case, there's a cool blog about Portland:
http://www.cafeunknown.com/ (via http://twitter.com/patrickdlogan/statuses/1897082323)

First 1m30s are rather humourous: http://www.youtube.com/watch?v=sfCfPuALS8Y (fortunately this isn't an issue for me, as the people I’m around are either past the whole baby stage, or haven't got there yet (and, let's be honest, probably never will...))

Now playing: Joel Plaskett – Three Disc 2 – 07 Beyond, Beyond, Beyond

Anyone up for a road trip to Greenland? Tibet?
http://www.universetoday.com/2009/04/20/where-is-the-most-remote-location-on-earth/

Interesting study...
http://scienceblogs.com/bioephemera/2009/05/why_has_science_been_neglectin.php

Hopefully I'll not think of this the next time I'm on a ferry
http://j-walkblog.com/index.php?/weblog/posts/that_didnt_take_long/

This meme spread pretty widely last week, but it’s cool anyway
http://jwz.livejournal.com/1043760.html

Neat subway map comparison
http://scienceblogs.com/bioephemera/2009/05/international_subway_system_th.php

Anyone want to pay money to subscribe to this blog on their Kindle?
http://j-walkblog.com/index.php?/weblog/posts/blogs_on_a_kindle/

Now playing: Joel Plaskett – Three (Disc 3) – 03 Deny, Deny, Deny

So for some reason you have a Lenovo X200T, a bootable USB hard drive running WinPE (Vista SP1/Server 2008 based), ImageX, and the WIM files that were originally on the recovery partition. For some reason you no longer have the recovery partition (probably because it was deleted to free up space), you don’t have the recovery discs that you burned like a conscientious computer owner, and your X200T wont start the OS (say, because you didn’t think about all the implications of encrypting the entire drive with BitLocker and then not having the recovery key…). Also, just to make it more fun, you’re on a plane!

Obviously the system needs to be restored. And because of the things you do have, you’re in luck! It’s possible! And not that hard! (yeah, right…)

First, backup everything you can off the X200T’s hard drive, because restoring things is destructive and will involve wiping the drive. If you can’t back things up…umm…learn to live with disappointment and loss? Since the system wont start the OS, you’ll probably be doing this from within WinPE. Good luck copying everything with the command line (xcopy can be useful here).

If you aren’t in WinPE yet, adjust the bios settings to allow you to boot off the bootable WinPE USB hard drive. Then boot into WinPE.

The first real part of the recovery process is to wipe the X200T’s drive and repartition it. Start diskpart and issue the following commands:

select disk 0
clean
create partition primary size=1499
active
assign letter=s
format fs=ntfs label="SERVICEV003" quick
create partition primary
assign letter=c
format fs=ntfs label="SW_Preload" quick

Next, apply the WIM files to the disk (exact paths to the WIM files will probably be different for you):

imagex /apply E:\images\x200t\sdrivebackup.wim 0 S:\
imagex /apply E:\images\x200t\cdrivebackup.wim 0 C:\

So, in a perfect world, everything would be all set to go now. Unfortunately, you my run into problems with bootmgr not being able to find the OS, or the OS thinking its on a different drive letter than it should be. To fix those issues, a little editing of the boot configuration database will be required:

bcdedit /store S:\boot\bcd /set {9dea862c-5cdd-4e70-acc1-f32b344d4795} device partition=S:

bcdedit /store S:\boot\bcd /set {3657ebe1-d4e6-11dc-88f0-ec9c0d1f1864} device partition=C:
bcdedit /store S:\boot\bcd /set {3657ebe1-d4e6-11dc-88f0-ec9c0d1f1864} osdevice partition=C:

bcdedit /store S:\boot\bcd /set {3657ebe2-d4e6-11dc-88f0-ec9c0d1f1864} device partition=C:

bcdedit /store S:\boot\bcd /set {b2721d73-1db4-4c62-bf78-c548a880142d} device partition=S:

bcdedit /store S:\boot\bcd /set {466f5a88-0af2-4f76-9038-095b170dc21c} device partition=S:

bcdedit /store S:\boot\bcd /set {ae5534e0-a924-466c-b836-758539a3ee3a} device partition=S:

Note: bcdedit is kind of sensitive about the drive letter availability when it’s run. Which is why S: was used back in the diskpart stage.

In an almost perfect world, everything would now be all set to go. Too bad things aren’t even almost perfect. One further step was required to swap get the drive letter assignments correct: the registry of the restored OS needs to have its drive letter mounts tweaked BEFORE the OS boots for the first time. This step is probably the most complicated, since it's not scriptable. Basically, start up regedit. Navigate to the HKLM\SYSTEM\MountedDevices key. Make note of the binary data for the "\DosDevices\C:" and "\DosDevices\S:" values (in my case they were something like "C4 78 A4 9C 00 00 C0 5D 00 00 00 00" & "C4 78 A4 9C 00 00 10 00 00 00 00 00"). Now load System Hive from the restored OS (it's "C:\windows\system32\config\system") in regedit. Navigate to the SYSTEM\MountedDevices key in that hive. Change/create the SAME values with the SAME data that the WinPE registry had.

After rebooting the system (remember to either unplug the USB hard drive or adjust the bios settings so its no longer the preferred boot device), everything should be back to working.

Now playing: Neko Case – Middle Cyclone – 09 Magpie To The Morning

So, from April 5th through the 8th I was in San Antonio, Texas on business for the annual Ratabase conference. I’d been planning on live blogging it again like I did last year (actually, I was planning on doing it better than last year), but things didn’t quite work out that way. So, instead of the latest news on cool new things you can do with an insurance rating calculator (stop laughing!), I’ve got a cautionary tail about relying on new equipment, planning before doing things, and generally about how I do stupid stuff with technology.

Now for a bit of background. Windows Vista & 7 have this cool feature called “BitLocker”. Basically, it encrypts your hard drive so that if the computer/drive is stolen, an attacker would have to go through the OS level security mechanisms (usernames/passwords/smartcards/ACL’s). The attacker wouldn’t be able to circumvent the OS mechanisms by, say, editing the password store to give change the passwords. Or they could go after the EFS keys and just decrypt files that you had encrypted explicitly so that other people wouldn’t be able to read them!

One “mode” of Bitlocker relies on this cool hardware device called a TPM (trusted platform module). The TPM is involved in the key management/access process, and basically serves to ensure that the entire system, starting from the beginning of the boot process, is “trusted”. After all, you wouldn’t want some nefarious person coming in, booting to a different environment that can impersonate the BitLocker process, and then unlocking/decrypting the BitLocker volume and thus bypassing all the security it was supposed to offer. If the TPM/BitLocker (not sure which actually does the checks) detects that the system is under attack (for example, the order of the devices that the system boots from has changed), the system will require that a 56 digit recovery key be entered. Assuming you created a recovery key initially…but everyone does that & keeps that key safe, right?

A week before I was to head to San Antonio, my new Tablet PC (a Lenovo X200T) arrived. Incidentally, it’s a very nice system…fast, light, long battery life, lots of accessories (I bought most of the options…X-Base so I have an optical drive, webcam, fingerprint reader, WiMAX, HSDPA/UMTS, GPS, etc.). And it has a TPM v1.2. Which was cool, because it meant I could use BitLocker!

So I put Windows 7 (beta) on the system, enabled BitLocker, created the recovery key, and used the system successfully for a week. One time while rebooting the system I had to enter the recovery key, which I thought was kind of funny at the time, but didn’t really worry that much about it. So along came Sunday morning, it’s 5:00AM and I need to head out to the airport, so I hibernate my tablet and pull it out of the docking station (X Base). Figured I wouldn’t need the optical drive, and certainly wouldn’t need the extra weight. Thought about putting the recovery key on a flash drive or the external hard drive I was taking, but then thought “nah, I wouldn’t need that”. Besides, the key would be a lot more exposed to compromise if I had it with me and, say, my flash drive got lost/stolen.

Remember how I said the boot order mattered to the TPM? And remember how 1) I installed the OS shortly before this (from a DVD), & 2) how I wasn’t taking the X-Base with the DVD drive with me? And how I ignored the fact that when I’d last attached the X-Base I had to enter the recovery key? And how I wasn’t taking the recovery key with me? (this is where it should become apparent to most people that I am, in fact, an idiot.)

Of course I got all the way to the airport, through security, and was sitting at the gate with 30 minutes until boarding started when I went to use my tablet. And of course it saw that the DVD drive was no longer present and began going “oh noes! I’m under attack!”. Which then caused me to first realize exactly what mistakes I’d made, then freak out (it’s amazing what sorts of brief, complete clarity you can have when a situation goes to crap).

Part of the freak out was calling up a trusted friend and giving him all the details of connecting back to my network via VPN (including user names and passwords). I figured “okay, get connected to the internal network, then the administrator account can be used to login to the online CA and security server to retrieve the recovery key”. Yes, it was a moment of weakness and complete stupidity. Fortunately, years ago when I got the VPN stuff working, I had the foresight to use L2TP and require certificates to connect in addition to passwords. So no VPN connection could be established, giving the passwords did absolutely no good (but no harm either), and the recovery key couldn’t be retrieved. Hurray for defense-in-depth.

I was not totally without my tablet during the trip though. Remember how I brought an external hard drive with me? Well, that drive is the bootable one that I use to make OS recovery images. And I’d used it just a week before to backup the Lenovo factory default config. So I spent the flight down to Texas doing restores until I got the system working again.

Here are some pictures from the trip (more (and higher res ones) can be found on my Windows Live Photos album for the trip):

Westin La Cantera Resort gulf course outbuilding

San Antonio, TX Riverwalk. There’s a boat ride around it that’s kind of cool too (+). Lots of people (-). On the whole, it was a cool area, and made for a good change of pace from the conference.

The Alamo (of course!).

Now playing: Greg Laswell – Three Flights From Alto Nido – 04 Comes & Goes (In Waves)

There have been entirely too few random bits posted here lately, so here's an IM conversation from yesterday...

Jeffrey says (05:34):
you're up kind of late...
Jeffrey says (05:35):
unless your computers are LIEING
Matt says (13:31):
or up early
but more likely is that my computer is full of lies
Matt says (14:10):
but you
are idle
remember Jeffrey...
idle messenger clients are the Devil's beowulf cluster
Matt says (14:11):
Now the devil has a better SETI@home score than Jesus, are you happy now Jeffrey?

Now playing: Stars – In Our Bedroom After the War – 10 Bitches in Tokyo

US Airways flight 1549 (the one that had the forced landing on the Hudson River back in January):
http://feedproxy.google.com/~r/typepad/ZSjz/~3/SSL89J3Le2M/mallons-salvage-pictures-back-online.html

Opting out of online advertising cookies & their tracking behaviours:
http://feedproxy.google.com/~r/typepad/sethsmainblog/~3/4mvAgzlGUaI/how-to-opt-out-of-cookie-sniffing-and-trading.html
(not sure I entirely believe that opting out would really do anything)

Doctor Who humour:
http://roflrazzi.com/2009/01/08/celebrity-pictures-tennant-pop-up/

Exception Driven Development (I actually added something along these lines to the app at work that I used to work on…it was quite enlightening to be notified about the crashes/errors and see 1) how alike your users think, & 2) how different that is from what you thought they’d think and the assumptions you implicitly made when building the software)
http://www.codinghorror.com/blog/archives/001239.html

Now playing: Holy F*ck – Holy F*ck EP – 04 Lovely Allen

http://www.wordplace.com/ap/index.shtml

http://www.qwantz.com/fanart/timetravelling.jpg

http://blogs.msdn.com/michkap/archive/2009/04/08/9537233.aspx

We need more Engineers

And lastly, for anyone that reads the blog just via the RSS feed and never visits the sites, my pictures are now hosted via Windows Live Photos. We’ll see how well that works out in the long run… URL is http://cid-348cb3ddffbdf313.photos.live.com/

Now playing: Emm Gryner — Get Brave

DasBlog 2.3 is out! Upgrading took longer than it should have...probably because I did a bad job of separating the application from my SharePoint migration customizations last year. But that’s been fixed, and upgrading from my custom build of 2.1+ to 2.3 went pretty smoothly.

In case I accidentally delete the files I saved these changes off into (again), here are my customizations:

• ~/web.config (I actually just copied & reused my existing web.config file, but this is the big change*):

  <system.webServer>
    ...
    <security>
      <requestFiltering>
        <hiddenSegments applyToWebDAV="true">
          <add segment="siteConfig" />
        </hiddenSegments>
      </requestFiltering>
    </security>
    ...
  </system.webServer>

• ~/siteConfig/site.config (these are in addition to the regular ones that have to be performed, like site title, notification address, root url, etc.):

  <!-- CUSTOMIZATIONS: -->
    <DisplayTimeZoneIndex>90</DisplayTimeZoneIndex>
    <AdjustDisplayTimeZone>false</AdjustDisplayTimeZone>
    <ContentDir>~/App_Data/content/</ContentDir>
    <LogDir>~/App_Data/logs/</LogDir>
    <BinariesDir>~/attachments/</BinariesDir>
    <ProfilesDir>~/App_Data/profiles/</ProfilesDir>
    <SmtpServer>localhost</SmtpServer>
    <EnableSmtpAuthentication>false</EnableSmtpAuthentication>
    <CommentsRequireApproval>true</CommentsRequireApproval>
  <!-- END OF CUSTOMIZATIONS—>

Other customizations:

• Backup from old installation and restore to new install:
  • ~/siteConfig/blogroll.opml
  • ~/siteConfig/navigatorLinks.xml
  • ~/siteConfig/siteSecurity.config
  • ~/App_Data
  • ~/attachments
• Change ACL on ~/siteConfig to grant NETWORK SERVICE modify access (ACL's on App_Data and attachments should be retained when backed up & restored; if not, grant this access to those directories too)

* I run dasBlog on IIS7, so my web.config file is actually quite a bit different than the one that ships with dasBlog. But those differences (other than the one highlighted above) were created by migrating the existing config file.

Now playing: Emm Gryner – Goddess – 07 Match

One lane bridge on the road to the coast between Carlton, OR & Beaver, OR. It has a couple different names depending on where you’re at on it: Meadow Lake Road, Nestucca River Road, Upper Nestucca River Road, & Blaine Road. It was fun to drive when I took it, but I imagine that would change as soon as some snow got on it. So probably only safe to take it from late spring to early fall. In mid-April 2008 it was passable enough, and there’s a number of campgrounds that were completely empty along the National Forest parts. There are some nice views towards the Carlton side that I wish I had captured pictures of. Maybe for next year!

Cape Kiwanda, as viewed from the south near Pacific City.

Offshore rock at Cape Kiwanda.

Now Playing: Brenda Weiler – Live – 18 Sweet Lullaby

Taken back in March when Emil & his girlfriend were visiting. For some reason I didn’t take pictures of the informational signs, so I don’t actually remember which waterfalls these are pictures of. They’re in the Columbia River Gorge, off the old highway. I’ll have to head back out there sometime & capture what the names are...

Now playing: Stars – Sad Robots (EP) – 05 14 Forever