The end is nigh?

'The End is nigh!  A big stakes suit to save us all.' That is the Page Two headline in today's International Herald Tribune.  It is the story of how two men – Walter Wagner and Luis Sancho – are suing the Conseil Européen pour la Recherche Nucléaire (CERN), or rather are suing for a court-ordered restraining order that would prevent them from operating their Large Hadron Collider (LHC).  The claim is that the proper due diligence has not been performed, and that CERN '…has failed to provide an environmental impact statement as required under the U.S. National Environmental Policy Act.' (International Herald Tribune, Monday March 31, 2008, p.2)

The story goes on to explain that the LHC could create a black hole, and that although it is theorized (by Stephen Hawking) that black holes '…evaporate in a poof of radiation and elementary particles,' this phenomenon has never been witnessed, so Wagner and Sancho theorize that black holes might actually be stable, and that a micro-black hole created in the LHC could expand and destroy the Earth and eventually the universe (which I contend would be irrelevant to many of us once the Earth and Schwartz's Hebrew Delicatessen in Montreal were gone).

I find several points to this suit severely flawed, not the least of which is that they are suing in (sic!) the U.S. District Court in Honolulu.  While I am sure that the scientists and lawyers from CERN (located outside Geneva in Switzerland) would relish the idea of spending time on the beautiful Big Island in Hawaii, I am equally sure that they are not stupid enough as to cede to the U.S. District Court's jurisdiction in order to do so.  These are, after all, the people who actually invented the Internet (yes Dave, shot #2 at Mr. Gore this week!), as well as a Large Hadron Collider capable of creating matter and reproducing conditions not witnessed since the trillionth of a second following the Big Bang!

The same scientists bringing this suit did the same (unsuccessfully) against the Brookhaven National Laboratory when they fired up their Relativistic Heavy Ion Collider (RHIC).  The RHIC at Brookhaven is a similar (somewhat smaller) machine to the LHC, and has been operating without causing any recognizable destruction of the universe since 2000.  What makes the pair think that a slightly (sic!) larger machine would cause destruction unfounded in the smaller version?

For those of you interested in the technical details of the LHC in plain English I suggest you read Angels and Demons by Dan Brown.  It is the novel that introduced the main character from his later novel The DaVinci Code, and is for my money a much more interesting read.  Although its writing presumes the opening of the LHC some ten years before actual, most of the science in that work is plausible… though I will not speak to the matter/anti-matter issue of which my knowledge is limited to Star Trek and that novel.

My very limited knowledge of the LHC and CERN did not originate with that novel, but then I am almost as ignorant as any non-scientist on the matter.  The LHC is the largest machine in the world, and if I remember correctly (I am currently 32,000 feet above sea level in a Boeing 737-800 and unable to access the Internet to check my facts) extends beyond the borders of Switzerland into Italy and France.  It is a giant particle accelerator that will smash protons together and allow their scientists to '…sift through the debris for clues to the nature of mass and new forces and symmetries of nature.' (Ibid)  If you discount the minute possibility that it might destroy the universe, I do not see a downside to it.

If you are keeping up on your reading (and what is more important than reading my blog?) you will know that last week I visited the Nobel Museum in Stockholm and had a lot of opportunity to think about science and discovery.  Although I do not know what new knowledge and discoveries could be made by sifting through this matter, I do understand that most great discoveries were done so by accident, or at least without really knowing what the scientists were looking for.  I am certain though that if penicillin can be discovered by examining mouldy bread, the possibilities of examining this primordial sludge (what a great term!) has infinite possibilities beyond even the comprehension of the geniuses at CERN.

I hope that they do not blow it by showing up in Honolulu.

Anti-American Sentiment

I got to Sweden on Tuesday and it did not take me an hour to be fleeced by a taxi driver (A four minute taxi ride from the Kista subway station to the Microsoft office which was not my intended destination cost me 195SEK, or about USD$33).  Later in the evening I was speaking with one of the clerks at my hotel she told me that it was not uncommon for taxis to take advantage of people they see are tourists, and more specifically American tourists.

I think it's that way!  When i got to Stockholm on Thursday I had to get from the central station to the Swedish Tourism Bureau… no more than a 300m walk.  I kept asking directions and continued to walk around in circles.  I assumed I was looking for some obscure street that nobody knew, but when I arrived at Kungsträdgården I discovered it was this huge historical park with a concert venue, statues, and french gardens that started from the water and extended four blocks with cafés all along one side, and terminating at a major intersection three blocks from the central station.

I thought for most of the time that I was getting my exercise that the people in Sweden just did not speak English very well.

There was a bit of a line-up at the Tourism Bureau so I went into the gift store.  They had lapel pins of the Swedish flag crossed with several others, and I decided to buy and don the one with the Canadian flag; I had heard for years that Americans traveling abroad would wear Canadian flags to be treated better and I didn't know if it would be the case, but I decided it was worth a shot and if nothing else it was a nice pin for 5 SEK (less than a dollar).

It was the last time I got wrong directions in Sweden.

I understand that there is a great deal of animosity towards the United States.  I am not even naïve enough to believe that they would have started with the current situation in Iraq and Afghanistan (or even the first Iraq war).  I know that people have an impression of America that is not entirely favourable, to put nicely.  That impression has often extended to Americans abroad; the caricature of the loud, boorish, and ignorant American tourist is in so many movies including American ones.  I have encountered such tourists in Canada, in Israel, and even in America.  It does not mean that all Americans are like that; but we remember those who are because they leave a more lasting impression than the nice and quiet ones.

When I walked into the bar last night I took off my jacket, forgetting that at the same time I was taking off the pin that was on the lapel.  I was not treated poorly.  The bartender and people around me would answer my questions.  One of them finally asked me where in America I was from, at which point I made clear that I was from Canada.  All of a sudden we were all friends and having a great, jovial time.

I asked them about this and they told me that they did not actually dislike Americans, they just did not respect them, their behaviour, and the fact that their country 'felt it necessary to stick their nose in everybody's business.'  (We were sitting in a Boston Irish pub with a baseball-basketball-football motif… but let's leave that aside)  They spent five minutes telling me all of the bad that America has contributed to the world.  I asked them about all of the good that America has done… 'What good?  What has America ever taught us?'

How to not have to speak German.

It is easy to focus on the bad… and frankly I am as turned off by the loud and obnoxious tourists as anyone, but I also know that the majority of Americans are not like that, and that there are people like that everywhere.  I also understand (and have often joked about) the fact that so many Americans are woefully unaware of the world and cultures outside of their borders.  Is it that America has become an insular society closed off from the rest of the world?  Probably not… a hundred years ago it was unlikely that anyone anywhere would have traveled more than fifty miles from their home.  I know countless Americans who have never left their own country, but have traveled extensively within it.

In the United States should one wish to there are dozens of specialty channels that concentrate exclusively on foreign cultures, travel, and lands.  However if people are not interested there is little you can do to force them.

There is good and bad in every group of people.  Roger Waters sings a (VERY anti-war song) called Leaving Berlin.  It is about an encounter that he had with an old Lebanese couple in 1961… about how kind, gentle, and loving they are.  I have met those Lebanese, and I have met the ones carrying guns and planting bombs… launching missiles and carrying out terrorist attacks. 

Many Americans that I have met are equally guilty of the same offences.  That does not make the entire country racist, only the individuals who are unwilling to open their minds.  'The ability to think differently today from yesterday distinguishes the wise man from the stubborn.'  It is a quote on the wall of the Nobel Museum attributed to Sir Isaac Newton (or John Steinbeck depending on the source).  Hopefully we can all get over the stubbornness and open our minds.

You should not hate all people in a group based on the actions of a few, but neither can you love them either.  People are people, and should not be judged based on anything other than their actions and deeds.

Because I am going there next I asked another clerk at the hotel about the differences between Norway and Sweden.  She told me that the people in Norway are nicer.  I asked why and she told me that the Swedish people are xenophobic (her term was racist, but the explanation clarified her position).  I have not found that to be true, but then again I do not know what is being said behind my back, or in front of me in Swedish.  I guess I am trying to see the best in people… and hope that they are truly living up to it.

Sweden!

I arrived in Sweden on Tuesday on a Lufthanza plane filled with a Canadian hockey team coming to play a tournament here.  Good luck Canada!

Getting to my hotel was a little tricky.  Fortunately there is a great tourist information counter at Stockholm/Arlanda airport which pointed me in the right direction, starting with the fact that Kista is pronounced Shista.  That is the area where I am staying – about thirty minutes by subway outside of Stockholm Centre.  The train from Arlanda to Stockholm was reminiscent of the train from Hong Kong International into that city – very fast, clean, and quiet.  From there the subway got me to Kista… where my troubles started.  Fast-forward past the troubles.IMG_0205

The Microsoft office in Kista is very nice, and looks like most of the offices I have  been to… of course everything is in Swedish, but aside from that…  I walked in and saw what seems like the requisite wall mural from the Ready for a New Day tour from last year.  The local people were as helpful as could be, and after a little small-talk they showed me the MPR room, then gave me directions back to the hotel.  I had already discovered what getting into a taxi costs here, and for the kilometre I IMG_0215decided to walk.

Originally I was supposed to present in four cities over two weeks.  Either fortunately or unfortunately two of them were cancelled, so rather than having to spend a day in  transit every couple of days I have several days off here, followed by several days off in Oslo… effectively a ten day European vacation. 

Following my presentation (which went rather well) I took IMG_0220the rest of Wednesday to recover from the jet lag (or at least as well as I could) I ventured out into Stockholm on Thursday.  I did a lot of walking (primarily because everyone kept giving me wrong directions to where I wanted to go) until I finally arrived at the Swedish Tourism  Bureau and bought my Stockholm Card.

I began my slightly more organized tour at the Tre Kronar Museum, one of three IMG_0238 museums in the Royal Palace.  I have to admit I have always been ignorant about Sweden.  I should have realized that the three crowns work on the jersey of the Swedish hockey team was not just their team logo, but has indeed been the coat of arms of the country since King Gustaf III in the 16th century.  The museum showed a lot of the ruins of parts of the palace, including fortifications (the walls were 7m high on the inside, 11m high on the outside), tools and utensils, weapons, and IMG_0235 even clothes.

From the Tre Kronar Museum there is a door into the Royal Apartments, another of the museums.  Unlike the TKM the apartments are actually part of the castle of today, and the royal family graciously allows the public access when they are not in use.  Unfortunately many parts of the museum were off-limits (they say due to renovations… I suspect the king went off for a bit of a kip in the middle of the day) but that did not diminish what I was able to IMG_0257 see.

This was my first visit to a royal castle, and it was spectacular.  The artwork is outstanding – and much of it is shall we say not too Victorian.  Looking around is one thing, but the most magnificent achievements have to be the ceilings which in every room was more incredible to behold than the last.IMG_0255

Every year a dinner is held for the new Nobel Laureates in a grand dining room here, and I got to walk through it.  I am not impressed by 'who was here'… I have seen, met, and spoken with too many for that.  However the room, the artwork, the grandeur, and the detail were fabulous.  I recommend winning the prize just for that ;)  (Hey, Al Gore proved that it doesn't take much!)

Following the Royal Apartments I headed for the Nobel Museum.  I was hoping to gain some insight into Alfred Nobel and the origins of the prize more than into the IMG_0248 most recent winners… and I did, though I was surprised by something.  The 2007 Nobel Prize for physics was shared by Albert Fert (Université Paris-Sud) and Peter Grunberg (Forschungszentrum Jülich) for their discovery of Giant Magnetoresistance. 

If Giant Magnetoresistance doesn't mean anything to you then let me give you the very simple rundown:  Like many people I work on a laptop which has a very large and fast (capacity) tiny (size) hard drive, at least compared to what was available only a couple of years ago.
  Thinking back to my first hard drive, which was 10 Megabytes, 8" by 6" by 3", this is much smaller with a much higher capacity.  To dwarf that my friend Lawrence Young once told me about a hard drive that was either one or two megabytes, and required a forklift to move.  Giant Magnetoresistance is the technology that allows us to have tiny hard drives with huge capacities… in other words something that really does affect each and every one of us on a daily basis.

It was a very interesting day, and today should prove equally so.  I'm off to Stockholm… don't wait up!

IT Pro Toronto – Event #1

Tuesday evening was the inaugural meeting of the IT Professionals Community of Greater Toronto (www.itprotoronto.ca).  The event was hosted at Nexient in Mississauga.

The evening's presentation was entitled 'Virtualization Fever… Catch It!'  Although the main focus of the evening was on the advantages offered in Microsoft Windows Server 2008 with Hyper-V, I decided to present the past, present, and future of virtualization.  I was able to demonstrate the advantages of virtualization using Hyper-V over both Virtual Server 2005 R2 and Virtual PC.  There was even some mention of competing technologies such as VMWare, a respectable product to be sure.

Of course so much focus of late has been on Windows Server 2008, what with the recent Heroes Happen {Here} launch event so most of our audience knew at least something about Hyper-V, but this was an opportunity for someone who is not a Microsoft representative to show the advantages while still discussing the downsides and the competition. 

Because there were so many questions about consolidation planning I decided to delve into another Microsoft product called System Center Virtual Machine Manager, a product which I really consider to be the bees knees for planning, consolidating, and managing your virtual environment.  Unfortunately it is not yet compatible with Hyper-V, chiefly because one released in November and one went into beta in February.  We are waiting with bated breath for either a patch to the current or the next release of SCVMM which should be Hyper-V compatible… stay tuned!

Speaking of Hyper-V (as we were on Tuesday!) the Release Candidate 0 for same was released on Tuesday.  If you are running Windows Server 2008 you can download it at http://www.microsoft.com/downloads/details.aspx?FamilyId=DDD94DDA-9D31-4E6D-88A0-1939DE3E9898&displaylang=en.  Hopefully a few of the issues with the old will have been repaired in the new 🙂

One of the attendees (cloaked in secrecy) wrote a couple of great blog posts about the meeting… One had me laughing out loud (even though it depicted me as the great and powerful wizard pulling the strings :))  Check out his two posts at:

http://ye110beard.spaces.live.com/blog/cns!952F95CB5DE3F349!653.entry

http://ye110beard.spaces.live.com/blog/cns!952F95CB5DE3F349!652.entry

True to YellowBeard's word ITProToronto does indeed meet at Nexient Learning (30 Eglinton Ave. W, 2nd floor, Mississauga) the third Tuesday of every month.  We are trying to not be cloaked in secrecy though, so you can leave your invisibility cloak at home :)  We hope to see you there on April 15th, 2008, when the topic will be Unified Communications!

Mobile Device Advice – once bitten…

So I have raved to anyone who will listen about my HTC Tilt PDA… I bought it in November, and although it was pricey I have not regretted it for a minute.  If there is a function that a phone or device an do, it does it.  It has a great CPU that really shows how smooth the Mobile 6 operating system runs.  With built in features such as GPS, Push E-Mail, a very comfortable slide keyboard and both 3G and wifi networks I have never found myself wanting.

Unfortunately there are some things that not even this device can do, and when I accidentally smashed (and cracked) the screen a couple of weeks ago it became useless… and as sick as the cost of replacing (the screen) made me, it was still significantly cheaper than replacing the entire device.  For the most part the people at HTC have been very helpful and understanding, although I still maintain that the repair should have been covered under warranty.

The lesson from all this:  I have two bits of advice:

  1. Invest a couple of dollars in a screen protector, and more importantly a protective case (hopefully a hard shell case if available for your device; and
  2. Don't smash the phone and crack your screen in half inadvertently.

Expensive lessons learned… sigh.

There was supposed to be one bright side to this, as HTC promised to install their original Mobile 6 OS, rather than the AT&T modified version.  They did not.  As well, I cannot figure out why they insisted I ship the phone in the original packaging, but sent it back to me in a plain brown box.  I guess Theresa must have told them I like to keep these things and to try to help her out.

Another addition to the family!

Jacob, our Boston Terrier/Beagle cross (often called a Boggle) has been with us for nearly five months now.  As any of you who have spoken with me will know he is the absolute love of my life, and will always hold a very special place in my heart, along with Theresa's.  He has grown from a five pound ball of (short) fur into the very respectably sized thirty pounds he is today.  From the very first day we brought him home he has been daddy's little boy, and always will be.  He has also been decidedly jealous of anyone or anything that may seem to get any attention that could otherwise go to him.  (This was extremely cute and harmless at 6lbs… at 30 it is a challenge :))

Yesterday evening Theresa and I, quite on the spur of 001pupthe moment and without  discussing it with Aaron, saw a puppy on-line that we fell in love with.  After Theresa's dentist appointment she and I were sitting with our respective laptops across one another at our favourite café when I saw her face change… she e-mailed me a link from Kijiji and asked what I thought.  I saw in her eyes that I would make her a very happy woman if I would take her to at least meet the five-pound Basset Hound/Pug cross.

I called the number in Hamilton and after a few minutes talking realized an amazing coincidence… I was speaking to the same woman who we adopted Jacob from!  I did not know if it was a sign from above that we should have another puppy, but I did know it meant that the dog would likely be healthy and well-treated as Jacob had been.  I made an appointment to drive down there that evening.

Because of Jacob's jealousy I suggested that if we were going to consider bringing IMG_0027another puppy home that we should bring Jacob with us to meet her.  Bailey (our nine year old Wheaton Terrier) is extremely friendly and much calmer, and unless you are a squirrel would do no worse than lick you to death.  Jacob on the other hand could be an issue, so we picked him up before setting out for the drive to Hamilton.  As Theresa spoke to Aaron about his room I quietly asked our babysitter Margi to help us out… after Aaron was in bed if she could set up Jacob's old kennel which he outgrew next to the other two, just in case.  Then the three of us were off, Jacob comfortably in Theresa's lap in the passenger seat.

Amazingly Jacob seemed to sense where we were shortly after we got off the QEW in Hamilton… from about two kilometres out he was anxious, and seemed to know where we were.  Don't forget heIMG_0039 spent the first few weeks of his life here!

When Leanne and Barry opened the door they were thrilled… they have been reselling puppies from home since August, and Jacob was the first one who ever came back for a visit.  They had decided to keep a Boggle from the next litter, and Buster and Jacob got along from the first.  But when the star of the show made her appearance it was magical.

Theresa absolutely melted.  I did not have a word to say about it because that was what happened to me when I met Jacob, and it was in the exact same place.  When Theresa picked her up I knew that the story was over, we IMG_0054were bringing her home with us.  Jacob – a rambunctious boy to be be sure – also has a delicate side, and whenever the puppy was not in Theresa's arms he was very good with her.  It was hilarious to see her at one point take Jacob's leash in her teeth and try to take him for a walk!  He didn't mind… they were fast friends.

Unlike with Jacob Theresa had already chosen a name for her.  She took a minute to go through a few names including Molly and more, but then realized that they had nearly the same colour hair… and picked for the puppy the name that I had given her as a nickname: Gingit.  She couldn't have known that I learned the word when it was another puppy's name many years ago. 

I was a little jealous of Theresa… I remembered getting into the passenger seat with Mitch & Gingit 1a five pound Jacob – he didn't have a name yet – in my arms, and now it was her turn.  Once they were settled in I opened the back door and Jacob jumped right in.  He figures the back door is just another way to get into the front seat, and with mommy's  lap occupied by his new sister, there was only one place to go.

Have you ever tried to drive with a thirty pound dog in your lap?  I am glad I was not stopped by the O.P.P. because he does not have his license.  I have been critical of people who drive like that before, and decided that if he did not just lie down and sleep I would put him in the backseat again.  He didn't move a muscle for the entire drive, and when we got home he was just as excited as he could be to introduce Bailey to their new baby sister!

Of course there are jealousy issues… when Theresa brought them into bed in the middle of the night Jacob was a little confused by how anyone could cuddle up into HIS daddy's arms and fall asleep; it took a few minutes for him to settle down, but IMG_0005 he eventually lay down along my leg (his favourite place to sleep) and let Gingit sleep on my hand between Theresa and I.  By this time though Gingit was sopping wet from Jacob's attention, not a rare phenomenon.  But this morning when it was time to eat Gingit poo-pooed her puppy food in lie
u of sharing big brother Jacob's kibbles; Jacob made room for her at the trough like a big brother should.

Jacob will always hold a special place in my heart… but there is always plenty of room for a new puppy… especially one who curls up at my feet as I write about her and her brothers… and one who makes my Theresa so happy!

Adult Crimes

I have a confession to make: I was a bad kid.  I was rebellious, I was anti-authority, I did or tried to do what I thought was cool without much concern for what was right.  Up until my eighteenth birthday and probably a bit beyond that I was more than a handful, nearly getting expelled from school on a number of occasions and spending more time in one form or other of punishment than anyone should.  I was mouthy, arrogant and obnoxious, a know-it-all, and to make matters worse I may not have been too book-smart but I figured out early on how to manipulate those I needed to when it was to my benefit.

For all the trouble I got into I only had one opportunity to find myself in trouble with actual authorities – not the principal of my school but with the police, and frankly it was a stupid issue in which I was charged for carrying a Swiss Army knife in a downtown arcade.  The knife in question was never used nor intended to threaten anyone, but that summer there was a rash of knife attacks in Montreal and the police were cracking down, and I found myself in the wrong place at the wrong time.  I went before the judge, served ten hours of community service at a soup kitchen, and the judge gave me back my Swiss Army knife.

Of course you would never know any of this because I was fourteen or fifteen at the time, and those records would have been sealed when I became am adult, by which time I was well on my way to being a model citizen.  For all my tough talk and bad attitude to my recollection nobody ever got hurt beyond the occasional black eye or bruised rib… and more often than not I came out as bad if not worse than the other guy.  I thank providence and to some extent my parents that I never hurt anyone else (I hurt myself plenty) bad enough that they would remember it.

This week in the Greater Toronto Area there were a number of attacks perpetrated by youths that are despicable.  To name one, a fourteen year old (who was apparently out on parole for another offence) carjacked an elderly woman at gunpoint.  He stole her car and ran over her arm as he drove away.  Recently three youths were beaten within an inch of their lives by a mob of forty at a local high school.

I believe that the Young Offenders Act is a good idea… it gives kids a second chance after doing something stupid.  Unfortunately it also says that kids who commit truly despicable crimes – murder, sexual assault, brutal assaults – cannot be punished with anything more than a slap on the wrist.

There has to be an alternative.  Punishments are not only a way of trying to reduce crime by warning potential offenders, it is also a way of protecting society from danger.  Crime must be punished if we as a society are going to have any hope of protecting the innocent.

Of course as a civilized society we have altered over time the way in which we can punish offenders.  Gone are such punishments as the rack and chaining prisoners to the wall in a dungeon.  We have made corporal punishment – physical assault or torture of any kind – a crime, and Canada eliminated the Death Penalty in the 1970s, after not having executed a criminal since December, 1962.  Prisoners have cable television and the Internet, and though I do not claim that prisoners have a good life, they probably are not meant to, and the life they do have is better than some free men.

It would be folly to argue that the majority of youth offenders do not know right from wrong; you can argue that with violence in the media and in video games kids are desensitized to it.  I grew up watching violent movies where people carried guns – both for good and for bad – and people who were shot with them were either hurt or killed (with the possible exception of the A-Team, which to this day holds the record for the TV show with the highest number of people with bad aim firing assault rifles every week that never hit anyone, but by the mere threat of more bad shooting caused the greatest number of bad guys to surrender).  When I walked into the arcade in the summer of nineteen eighty-something with my utility knife I knew full well that were I to take it out and stab someone with it they would bleed and it would be wrong.  I suspect that had my parents not taught me that I would have gotten it from any number of war, ninja, or James Bond movies that my friends and I watched constantly. 

The youth committing these heinous crimes – rape, assault, murder – in which real people are hurt and killed know what they are doing, and do it anyway.  So would it be so wrong to apply the same standards of punishment to them as we would to an adult offender?  If nineteen-year-old John commits Crime A and is sentenced to five years in prison, why would sixteen-year-old Mark who commits the same Crime A go to a youth home until his eighteenth birthday? 

It doesn't seem fair, does it?  Well crime and punishment isn't always about fair.  We really should protect our youths and give them another chance.  If Crime A is simple vandalism – graffiti, broken windows, keyed-car, or the like, then I think sixteen-year-old Mark does deserve consideration under the law.  Things were damaged, but nobody was hurt.  If Crime A is a carjacking or any crime at knife- or gun-point then the punishment should fit the crime, not the age of the criminal.

I would even be willing to discuss a compromise: Currently the records of young offenders are sealed when they turn eighteen.  What if we were to seal the records for any under-age criminal at the completion of their sentence, whether they be twenty or thirty or forty, and let them try to live a normal life, after having paid their debt to society?  That way a fifteen year old gang member who is sentenced to ten years in prison can get out of prison at the age of twenty-five, with no criminal record.

I'll admit that I do not know what the answer is but I know this: what we are doing now is a joke to kids.  They (not all kids you understand, only the truly bad ones) walk into school, into their local arcades not with Swiss Army knives but with handguns and are not afraid to use them because in the scheme of things there are no consequences for using them.  When I got into a fight in school we went at it until one guy was down, then the two of them were hauled off to the principal's office, we both got punishments but one of us also got bragging rights. 

Today these fights end with deaths, and the authorities are going to remain powerless to stop them until we as a society admit that the Youth Protection Act needs to be changed and yes, we sometimes need to have the option of punishing fourteen-year-olds very severely because until we do old ladies in parking lots are going to be attacked by fourteen-year-olds brandishing weapons who are not only not afraid to hurt but look for an excuse to do so.

There has to be a clear distinction: I was a bit of delinquent; the kids using guns and carjacking and murdering are criminals.  I don't know what delinquents need, but criminals need to be punished.  Thus endeth the lesson.

Heroes Happen {Here}

On Wednesday I got together with five thousand of my closest friends at the Direct Energy Centre in Toronto for the launch of, among other products, Windows Server 2008.  It was one of those events that you had to be at to believe!

Most of you know that I wear many hats wherever I go, and this event was no exception…

  • I was there as an attendee of course; I am as interested in the technologies released as anyone, and was excited to see what Microsoft had to show.
  • As an MVP I was invited to participate in the Ask the Experts area, answering the questions of my peers when possible, and guiding them to fellow experts when I could not.
  • For no extra credit but to help out I (along with Jeff Loucks and Calvin McLennan) offered to help the Windows Essential Server booth.  Cal and I spent days designing and building the network which included one Small Business Server 2008 (formerly code named 'Cougar') server, three Essential Business Server (formerly code named 'Centro') machines, two client workstations, a network switch, and a router.  The three of us alternated answering questions for passers-by and demonstrating the technologies.  During the lunch break Jeff presented the Chalk Talk, which was well presented and well received.  You will be hearing more from me in the coming months on Essential Business Server; it is Microsoft's new solution for businesses who are too big for SBS, but still do not need the Enterprise solutions.
  • The IT Professionals Community of Greater Toronto had its coming out in the Community Zone, signing up more than five hundred new members, discussing our upcoming events, and in general telling people about ourselves.  Several people have been working very hard to make the group a reality, and many of them took turns manning the booth; Russell Onizuka, Simone Richard, Domenic Macchione, and Jacqueline Hutchinson did a spectacular job of representing the group.  Cal and I popped in and out, but the booth's success was thanks to them… not only the Mom's Best biscotti that we handed out 🙂

If you are not local to Toronto then keep your eyes peeled… the Heroes tour should be coming to a city near you soon, though it will be scaled down.  Nevertheless the information they are disseminating is worth hearing.

Server 2008 Virtualization – Catch It!

This past Monday I had the opportunity to present what I call a 'Let's Get Excited' presentation to an architect audience at Microsoft Canada.  I was asked to showcase several new features of Windows Server 2008, due to launch on February 27th.

While preparing for the presentation I thought back to the first time I presented virtualization, when Microsoft Virtual Server 2005 R2 was released.  I was at the time amazed at how much more powerful the product was than Virtual PC, which I had been playing with for a while.  So when I started playing around with Hyper-V (alternately known as Hyper-Visor, Windows Server Virtualization, and a number of other names) I was amazed by the improved functionality.

If you are a critic of Microsoft – or even if you are not – you are probably quick to point out then features that Microsoft initially promised to be included, such as live migration of virtual servers between parent machines, the ability to add (virtual) hardware components on the fly, and a number of other features that have been removed from the product (for now).  You might complain about Microsoft's seemingly fragmented virtualization picture noting that its much vaunted System Center Virtual Machine Manager (SCVMM) which offers spectacular functionality such as the automated migration of a physical network environment into virtual, intelligent placement of virtual machines on appropriate hosts, and the ability to automatically provision new virtual machines in a few minutes and with a number of keystrokes from a library of templates for systems such as file servers, domain controllers, mail servers, and myriad other possibilities.  You will certainly mention, as a critic of the world's premiere software goliath, that the Hyper-V feature that was supposed to release with Windows Server 2008, has been delayed and is only now issued as a semi-public beta program.

Of course saying all of that would be correct, but for my money Hyper-V offers a number of features that make it worth the wait.  I would like to cover a number of these, leaving for the moment that Hyper-V will be neither an add-on nor an additional cost, but will upon release (assumedly through a Microsoft Update patch) be distributed to all Windows Server 2008 installations as a new role, easily installed in minutes.

If you were to examine servers in any average data centre you would note that the resource usage for most of them is quite low.  If a server's CPU runs at, on average, twenty percent usage, and the company paid (to use a simple number but not based on actual pricing) $1000, doesn't it stand to reason that these companies could have just as easily purchased a CPU with one fifth the capacity for one fifth the price?  This is of course not an option, and virtualization allows us to fill that unused CPU capacity.  On Virtual Server 2005 R2 there were limitations to the functionality of the guest OS, and taxing on the host OS.  With Hyper-V both of these issues are addressed; it eliminates the host/guest operating system model that we have gotten used to and replaces it with a parent/child model in which the parent (or primary) Windows Server instance hosts the Hyper-V role, but the virtual (child) OSes address the physical resources of the hardware, rather than detracting from the parent, as was previously the case.  This allows several servers to operate in tandem on the same box with the resources you allocate to it, without draining each other.  To test this I built a Server 2008 lab environment within a Dell Lattitude 830 laptop with a 2.4GHz CPU and 4GB of RAM, The parent OS (Windows Server 2008 Enterprise Edition, RTM) hosted the Hyper-V role; Three virtual machines hosted one NAP (Network Access Protection) server on Server 2008, a domain controller and System Center Configuration Manager Site Server, both hosted on Windows Server 2003 R2 (Enterprise Edition) with Service Pack 2 installed.  I did not see any performance degradation on any of them.

(It should be noted that although Server 2008 is available in both 32- and 64-bit editions, only the 64-bit edition will support Hyper-V.)

A huge advantage to Hyper-V over its predecessor is the ability to support 64-bit child servers.  This is a huge advantage to companies who would otherwise virtualize servers such as mail servers, but couldn't due to Exchange 2007 only compatible with 64-bit servers.  I am looking forward to playing with that particular configuration in coming weeks.

If you previously built your virtual environment around the Virtual Server 2005 R2 platform you are bound to be happy that your virtual machines are going to be fully compatible with the new Hyper-V platform.  In the current beta build of the product there is a bug that prevents you from importing VMs, but there is a simple work-around… simply create a new virtual machine and then rather than create a new virtual hard drive select your existing .vhd file.  Make sure you check your settings, but having played with it for weeks I can attest that the method is flawless.

That being said, there is some minor preparation required before you migrate; your old Virtual Machine Additions are not going to be compatible with the new platform, and must be uninstalled from either Virtual PC or Virtual Server before bringing the VMs into Hyper-V.  Though offering similar functionality, Hyper-V now offers Integration Components in place of the old VMAs.

Before you kick off in Hyper-V you should be aware that all of the old key-combinations that we got used to in WVS and VPC have been replaced; if you are familiar with Remote Desktop Client then the transition will not be too tough, which brings up another favourite feature of mine: Rather than requiring a special client or connecting through Internet Explorer (an option that is certainly still available) you can connect to your Hyper-V machines using Remote Desktop Client, and since they are sitting on the hardware independently you can access them from remote machines as you would any remote server.  This will prove to be a huge benefit to systems administrators who manage geographically diverse servers, whether they be across a campus or around the world.

It just happens that earlier this week the mail servers in my fiance's organization were down for an entire day this week due to faulty hardware.  The time it took for the server provider to get and install the replacement part meant that nobody in the entire organization received or sent e-mail for an entire business day.  Without addressing the glaring lack of redundancy in their infrastructure I can imagine that their entire organization – especially the CIO – must have been visibly aging while the server was brought back online (eleven hours later).  I did a quick test and discovered that I could easily automate Hyper-V to take a snapshot of my servers every fifteen minutes; once done I was able to turn off the Server 2008 machine, attach the Network Attached Storage device storing my VMs to a different Server 2008 machine running Hyper-V, and restore the VM and then that snapshot to the previous snapshot within minutes.

Microsoft has nothing to be ashamed of in its current iteration of Hyper-V, beta release and all.  Although there are certainly features that have been removed (which hopefully will be included in future releases) the product as it stands is certainly a value-add to Windows Server 2008.  Its functionality is not what was hoped for but certainly offers improvements over Virtual Server 2005 R2.  I look forward to SCVMM integration and management, and the live migration will be a huge feature for the next release.  However for architects and systems engineers trying to decide if now is the time to virtualize or if they should wait I would certainly recommend keeping your eyes open for the RTM Hyper-V and then do it.  In the meantime have your
systems administrators download the beta release to familiarize themselves with it so that when it is released there need be no further delays… as our critics will bring up we have had enough of those already.

Hosting Servers Without a Static IP Address

Microsoft Windows Small Business Server is a great solution for small businesses of any size, from two to seventy-five seats.  The standard package offers the complete functionality of Windows Server, along with a web server, mail server, SharePoint Services, and much more for a small business price.  It allows small companies to bring their IT in-house and to compete with their larger competitors on an equal footing using the same technologies.

Unfortunately the way the Internet is designed in order to host public-facing servers (web, e-mail) you need a static IP address, much like having a business requires a telephone number.  Not every company with an Internet connection wants to pay the higher monthly fees (depending on the ISP and service often between $75 and $200 per month) for those benefits, and instead opt for a dynamic IP address, or an address that changes every so often. 

To address that problem a number of DNS Providers offer what is called dynamic DNS services, by which companies can configure a software client on the server (many inexpensive routers have the client built-in) to report back to a central server every time the dynamic IP address changes.  The DNS Provider then gives them an address (such as mitchgarvis.dyndns.org) which they can use to access their servers remotely anytime. 

Although this solution does address the initial problem, it creates a number of problems as well, such as:

  • Visitors know immediately that the company does not use static addresses;
  • The DNS Provider's name (or a variation thereon) is always part of their web address; and
  • Many ISPs block the default ports for many popular services on their lower-priced packages.

In this article I will offer solutions for all of these issues.  I will offer a solution for a fictitious company called Alpine Ski House that:

  • Registers their own domain name (alpineskihouse.com);
  • Configure web services and e-mail services at that address;
  • Redirects the necessary ports for the mail services*; and
  • Costs the company less than $100 per year, over and above their basic ISP fees.

What you need:

Although many of these methods can be adapted to different configurations, this article assumes that you have:

  • A properly configured server running Microsoft Windows Small Business Server, Standard Edition; and
  • A permanent connection to the Internet.

Domain Name

First things first, in order to do any of this you must purchase your domain name.  Choose something simple but explicative… so if your company name is Alpine Ski House try to choose something like alpineskihouse.com, and not theskichaletdowntheroadfromthatplaceIoncehaddinnerat.com.  Unfortunately it is true that most of the good domain names are taken, and consider alternate top-level domains, such as .info or .tv, if your first choice is taken.

Once upon a time there were only a couple of companies selling domain names, but those days are behind us.  Companies such as domainsatcost.ca, godaddy.com, and dyndns.com all sell domain names, and depending on what you want you may need to go to a few of them (domainsatcost.ca sells Canadian domain names which many of the others do not, though they should all sell .com, .net, and such).  Pick one that offers what you need at a reasonable price.  Recently a client told me they had paid $98 per year for their domain name and asked if they had paid too much… the same week that I paid $12.95 for one.  Shop around if you like and find a site you are comfortable with.

Register with a Dynamic DNS Provider

Open an account with a DNS Provider that offers Dynamic DNS services in addition to regular DNS services.  For the purpose of this article I used dyndns.com, but there are others such as no-ip.com who offer comparable services.  This service should be free, though it will start costing a bit as soon as we start adding options.  You will be asked what hostname you want to use (alpineskihouse.dyndns.org) as well as what domain name you want to use (dyndns.com offers several choices in lieu of dyndns.org).

NOTE: Especially if you have outside consultants working on your network I recommend selecting a password for this account that is completely different from all of your other services such as banking and such.  The password for your dynamic DNS will be configured either in your router or in a dynamic DNS client on your server, both of which are clear-text and unsecured.

Install a router with a DDNS Option

Even many of the lower end home routers these days offer a Dynamic DNS feature, and it is one less service that needs to run on your server.  For extra points get one with Universal Plug and Play (UPnP), which will allow the Small Business Server wizards to open all of the necessary ports in the device's firewall and direct them to the right server, which saves having to do this all manually.

Typically configuring Dynamic DNS will require selecting which dynamic DNS Provider you use, the username, password, and hostname.  Once you set this up properly it should report back to your DNS Provider the current IP address, and you should be ready to go.

Configure all Internet and E-Mail Services on your server

In short, run the Configure E-Mail and Internet Connection Wizard (CEICW).  This will configure everything automatically, and by selecting the option to configure your UPnP Router option when asked.  Make your selections according to your needs, so if you intend to host Exchange Server with Outlook Web Access, make sure to select the E-Mail option and Webmail options when asked.  When asked for the mail domain, enter the domain name you purchased (alpineskihouse.com).

Custom DNS Services

Now we may not like it, but this is where we start paying for all this.  The good news is that it is not overly expensive – recently I paid $22.50 for one year.  For mail and web services you will need a Custom DNS service.  The custom DNS will link your actual domain name to the dynamic account.  Because of this I recommend purchasing these services from the same DNS Provider that supplies your DDNS Service.

A Record: Forward looking records, the main record that points your name (alpineskihouse.com) to your server.  It is the only record that will point to an IP address.  If you purchased your domain name from a provider that is not your Dynamic DNS Provider then you will either have to transfer the name, or go into the records where you purchased them and substitute the original Name Servers with the ones that your DDNS  Provider supplies you with.

CNAME Record: Canonical names are the records for sub-names, such as http://www.  They are not required, but do not cost any more.

Although these records may only take a few minutes to create do not expect them to work right away.  The entire Internet DNS directory has to be updated appropriately, and this can take anywhere from 24-72 hours.

Ports?  What Ports?

If your ISP does block the necessary ports – typically port 25 for e-mail servers, then you have to play around a bit. 

  1. You will need to add a Mailhop Relay service to your DNS Zone.  This is another cost – I recently paid $42.50 for one year.  Configure the Mailhop service to your domain name, and select an alternate port to use – a common one is port 2525 which i
    s generally not used for anything else.
  2. You will then have to create two MX Records in your zone.  Again this will take 24-72 hours.
  3. Open the custom port in your router and redirect it to your SBS server.

MX Record: Mail Exchanger records control the e-mail addresses, the infamous name@address.com.  When you purchase the Mailhop service you will be instructed to create two MX records within the DNS account, and how to do so.

<WARNING> We are about to play in the advanced options of your Small Business Server.  If you are not comfortable doing so have a professional do this for you. 

  1. Log onto the Small Business Server with Administrator credentials.  In the Server Management console tree expand Advanced Management, then First Organizational Unit, then <your servername>.  Under servername expand Protocols, then SMTP.
  2. Right-click on Default SMTP Virtual Server and click Properties.
  3. In the General tab of Default SMTP Virtual Server Properties click on the Advanced… button.
  4. Click Add
  5. In the Identification window in the box next to TCP Port enter the value of the custom port you selected (2525).
  6. Check the boxes next to Apply Recipient Filter and Apply Intelligent Message Filter, then click OK.
  7. Click OK to close out of the Advanced window and OK to close out of the Default SMTP Virtual Server Properties window.

Test it!

As mentioned the DNS settings may take a couple of days to fully work, but in essence you are done.  Go for lunch, take the afternoon off, and tomorrow morning, from a remote location, try the following tests:

  1. In a web browser try to navigate to your server by typing http://alpineskihouse.com.  If that works then the main DNS records are properly configured.
  2. Try to send an e-mail to administrator@alpineskihouse.com.  Because I am impatient I usually configure 'Request Delivery Receipt' so that I know exactly when it shows up, but if you can log onto the Outlook Web Access (https://alpineskihouse.com/exchange) as the Administrator and the e-mail is there, then it works!

What About SBS Premium Technologies?

If you are using Windows Small Business Server 2003 Premium Edition then you likely are using Internet Security and Acceleration Server 2004 as your firewall, possibly in addition to your router device.  If that is the case you will have to configure the Mail rules to use the custom port instead of Port 25.

Good luck and happy SBSing!

*These instructions are technical in nature, and do not address contractual parameters set forth by your ISP, which may exclude you from hosting these servers.

An Organized Office, and the Journey into the Unknown

A couple of months ago I effectively moved in with Theresa; that is to say I have not yet vacated my apartment, but have relegated it to being little more than a drop box, sometimes office, and place to store things until we actually hire a truck to move the lot down to Oakville. 

Other than the obvious there have been some tangible benefits to Theresa and Aaron, one of which is that all of the computers and related components (networks, wireless, printers, etc…) are always working, protected, and safe (see my recent article on Internet Safety).

One of the downsides, for Theresa anyway, is that she has had to share her home office.  In my absence this room could generously have been described as cluttered, with what few shelves there were crammed with boxes, files, books dating to the turn of (thankfully this) millennium, and software manuals that predated those (The Viso Corporation, Excel 97…).  As a tribute to Theresa's musical background a clavinova occupied an entire wall, and a plastic 6' work table occupied another, although to identify this table would have required clearing off myriad piles of bills, reports, and boxes of games for Aaron's Nintendo DS.  The last wall was (thankfully) occupied by a desk and a filing cabinet.  The desk was home to the computer in the same manner that an untended garden is home to garden gnomes – it was there and accessible, but the overgrowth (papers, not weeds) made its use uncomfortable.

The clutter was initially made worse by my presence.  The inkjet printer that sat quietly on the filing cabinet in the corner was out of ink and rather than buy more (it was more expensive than the printer) I brought my spare laser printer; the new printer did not occupy the same space as the old one because the old one still had a flatbed scanner in it so that stayed there, and the laser printer took what was at the time the only uncluttered corner of the desk.  When Theresa moved her laptop from the plastic work table to the family room to let Aaron use it more comfortably the space was freed up was immediately taken over by… well, me.  My laptop did not come alone, it came with a pile of CDs that we wanted to rip to listen to on the Zune in the car, a few papers and five external hard drives… with the cables.  Six (yes, SIX) software boxes for Windows Vista and Microsoft Office were strewn about the table wherever they could settle.

The room is well lit by the window during the day, but in the evening a single lamp in the corner weakly lit the room.  There was a light switch, but it did not do anything, and Theresa explained that it was connected to a wall socket that was not used.

Enough was finally enough.  We had put it off long enough, but as we had organized the kitchen and the dining room, and forced Aaron to do the same to his room, we decided to bite the bullet and make this room right.

Three weeks ago I was to be home all day while everyone else was out, and I announced I was going to organize the office, but standing there looking at the reality of the project I knew it was not a job that I could do alone, not because it was too big a job, but because there was a method to the madness, an organization to the confusion; I could not start boxing or worse throwing out papers which were not mine.  This was a job that would require several distinct components:

  • A well thought-out plan of action;
  • Teamwork and Cooperation; and
  • Refurnishing.

The project started one evening with Theresa and I standing in the middle of the room and taking in the room… what was where, what was important.  The room had been thrown together over the years, and the furniture was what had been available, rather than what was required

The music just did not belong in our vision of a home office.  On the other hand it is important to Theresa, not to mention a potential source of revenue going forward.  However if we were to make this an actual office we would need space for shelves – lots of them, not to mention a work area for three computers of mine (you didn't think I woke up every morning and magically knew the material I have to teach or consult on?) and a desk for Theresa to manage the finances, bills, taxes, and such… not to mention her computer.

We are lucky enough to have two extra finished rooms in the house, not to mention the basement (currently terra inhospitable to me, as it is home to the cats).  There is also a large and spacious family room (probably poorly named, as Aaron and his clutter monopolize much of it).  What if we were to make the office hers and mine, rather than for the entire family?  Aaron had been doing his thing just fine since we moved the laptop into the family room, so why not make that his permanent work space?  Of course he would not have the laptop and I would have to get the extra computer working for him, as well as put in a desk but none of that would be overly difficult.  The third downstairs room could eventually be made into a music room/recording studio… a soundproofed room where Theresa could play and record her music, and I could record podcasts and such. 

The plan was forming… but how would we get there?  Theresa and I agreed that unlike the other organizational projects, for which we had enlisted Aaron's help, this would be us alone.

Step 1: Slash and Burn.

Well of course we neither slashed nor burned anything, but we cleared all of the non-office items into the unused room.  Clavinova, boxes of music, some boxes that did belong to the office (my new laptop, some other accessories), and bags of cables.  Anything that looked like it belonged in a basement – tools and such – went into the basement. After three hours of hard work we had one wall completely cleared, and the middle of the floor was relatively free of clutter as well.

Step 2: Acquisitions.

While the room was relatively (ha!) empty, we decided to bring in a standing lamp from the unused room.  We put a good energy-saving bulb in, and stood it in the corner by the socket that was connected to the light switch.  It was not overhead lighting (which both Theresa and I prefer for an office) but the improvement over what had been was measurable.  The lamp has three shelves in it and because this room would be off-limits to children we decided that it would be a nice place to put some of the jade and marble animal carvings that I had brought home from the Orient.  It might be an office, but it is our office, and if for no money we could spruce it up to reflect our tastes, then why not do it?  To complete the menagerie we added a wooden camel that must have come back from Israel with me years ago, but whose actual origins are a mystery.

The plastic table would not be long for this room, but because of the sheer amount of otherwise unmanageable… stuff on it, we would not touch it until we had the necessary places to move everything to.

At the office supply store we found a desk box with eight cubbyholes which would be used to manage papers.  It had a nice leather look to it, but for under $20 it was actually cardboard and plastic.  We also bought a desktop accessory to hold hanging files, along with legal-sized file folders.

It would be exaggerated to call Ikea a necessary evil, but suffice it to say that I have never liked shopping there.  However it is a great place to buy just about any furniture one could need for reasonable prices, as long as you are handy enough to assemble it yourself… and have a car that can hold a box six feet by four feet.  We needed desks, I am pretty handy, and my Toyota Matrix was built for the task.  Saturday evening we picked out a desk that was functional an
d not unattractive (called Frederik) and bought two of them.  We also picked up a couple of plastic mats for the floor so that our chairs would not muck up the wood floors any worse than had already done so.

We could have gone home and continued to work… but it was Saturday evening and we had a babysitter, so those of you with children will understand that we opted for Chinese food and a movie.

Sunday afternoon I assembled the desks, and we were ready to start populating them.  My desk was immediately occupied by two laptops and the external drives.  The first shelf (there are two shelves above the desk area) is home to the laser printer and software boxes, while the top shelf holds one of my PCs, and presently all of the 'not now' stuff… Nintendo boxes and such which will eventually find their way into the family room.  Theresa's desk has the files, trays, and cubbies needed for organizing papers and such, and we spent a lot of time getting the papers and files into their place.  It is hard to believe that the plastic table is gone, and you can actually walk around the room!

The week-end was over but the project is not… but the progress we made is remarkable.  The next phase will involve getting rid of the 'garage sale desk' and bringing proper shelving in… we bought the desks to match the shelves I have at the apartment which will come over in the next few weeks, and we will move on to the next phase of the organizational project.  However we now have something that we had never had before… a comfortable place for two people to sit side-by-side and work in!

The Internet… Do YOU Know Where YOUR Children Are?

One evening this week at the dinner table Theresa and I were discussing some of the steps that we took to protect Aaron (our nine year old) while he surfs the Internet.  He piped up that he did NOT like any of these measures, and I told him that he had better get used to them, because they are not going away.

I didn't think any more about it until I heard a discussion on the radio this week about an Internet predator who had been caught and sentenced to a long stint in prison, and what he had done.  I am happy that he was caught, but I feel horrible for his victims who will not recover from their trauma so easily.  The hosts discussed how it is important to protect your children, but that they did not trust the tools that are available to help parents.

Now granted I am not an 'average' computer user, and it will be a long time before Aaron becomes more tech-savvy than I am, but I thought about some of the tools that I use – both currently and planned – and realized that we can protect him to an extent, but no matter what protection we offer his mother and I will have to remain vigilant.  As he does grow with the Internet, we will have to monitor what he does, what sites he goes to, and even who he chats with.

When I installed the family computer last Autumn there were certain things that I did without thinking:

1) I created different User Accounts: One for me (I am the administrator and do not use the computer for day to day use), one for Theresa (who has elevated privileges and can do anything she has to do), and one for Aaron with reduced privileges.  Theresa's and my accounts are both password protected, and I have enabled auditing to see if he does try to hack in when we are not around.  Aaron's account is not password protected.

2) I installed Windows Live Family Safety.  This is a great free tool that ties the computer (not the user account) to a Live ID, and when any of us want to log onto the Internet we first have to sign onto that Live ID.  Theresa and I both know that password, and we have given it to the babysitter as well.  We do not want to hinder Aaron's computer use, we just want to know what he is doing.

Windows Live Safety also allows us to monitor what sites Aaron visits, and block any sites that are not 'kid friendly.' 

3) In Windows Vista I enabled Parental Controls on Aaron's account, offering us a second layer of protection for rated sites, as well as limiting what games he can play, and what hours he can use the Internet.

4) Aaron loves changing his screen savers and desktop background; he is visual and artistic, and to date he happens to like sports car backgrounds.  Unfortunately before I came along he also (inadvertently) liked to install screen savers that contained virii.  He also seemed to install every Internet Explorer toolbar that he could find.  To counter that I installed a good anti-virus software, as well as made sure that Windows Defender is properly enabled and updated to protect unwanted spyware.

But most importantly, especially going forward:

5) We watch him while he is on the computer!  That does not mean that we sit over his shoulder and watch everything he does, but because we know when he is on the computer we make it a point to walk in and look from time to time.  There will come a day that Aaron does get tech-savvy enough to side-step some of the methods I use now… and all that means is I will have to step it up a notch.  Believe me, I know how!

6) Aaron can sit and work or play on the computer in any common area in the house, but he has no right to privacy on it, and is not allowed to bring it into his room, or close the door to whatever room he is in when on the computer.  The fact that the laptop is portable and wireless does not change that.

All of these are methods we have right now… they did not cost anything extra to implement, and frankly they did not require an MCT to set up… but if you do want to make sure it is being done right (or you just want someone to check your work) it might be worthwhile to bring in an IT Professional for an hour to make sure.  Most peoples' children ARE better with computers than they are, and you should make sure that they are not pulling the wool over your eyes.

A number of steps that I am planning to take in the short-term future are a little more advanced, and probably not for the average home:

1) I plan to install a server at home with a Managed Firewall Solution.  Within a few weeks I will finally get around to installing Windows Small Business Server 2003 R2, which comes complete with Internet Security and Acceleration Server 2004.  This will allow me to not only monitor the sites that he is on, but I will actually capture and retain the log files from every chat that he has.  When I do implement this Theresa and I plan to sit him down and explain to him why we are doing this.  We will explain that aside from the fact that he does not have any right to privacy (kids hate that by the way… hold your ground!) his safety is my number one concern.  We will also promise him that we will not invade his privacy unnecessarily, and will never read chat logs from conversations with his grandparents, his aunts, or any friend who we know.  However strangers or friends who we do not know will be read, and if he cannot live with that then he can choose to NOT chat with people we do not know.

2) Theresa & I will from time to time go into his account and make sure that he has not found any way to bypass my security measures.  We will not tell him about this, but we will snoop in the same way we would snoop in his room if we suspected illicit activity.  No right to privacy means just that, and we are not interested in the content for any reason other than his safety.

The bottom line is the Internet can be a dangerous place, much moreso than going out to the mall or the park.  I trust Aaron and do not think he is going out looking for danger, but there are people out there who would look for unsuspecting kids like mine as targets, and I will take every step available to me to protect him.  Just as I do not let him cross the street without holding my hand, or go to the video arcade alone (do kids still do that?), I will not allow him free reign of the Internet.  The Internet is also a wonderful place filled with great people and myriad sites replete with information that he can use to expand that wonderfully hungry nine-year-old mind of his, and I will not keep him from it; he may not like the measures I have taken, and will never admit he feels better holding my hand when he crosses the road…

…but I sleep better for it and so does he, even if he doesn't realize it.

Feet were not meant to have wheels…

So for those of you who haven't been following along, I am in pretty decent shape for a man of my size and stature, that is to say for someone who is quite large.  I have not skied this year but I did last year, and I do walk my dog (from time to time) as well as golf (poorly) during the summer months.  However there was a time in my life (not too long ago) when I was pretty athletic.  It has, however, been thirteen years since I wore any pair of skates, and twenty-odd years since the time prior to that.  Though as a child I did own a pair of roller skates, the last time I was on any skates I am not sure that in-line roller blades had yet been invented.

So Theresa decided that we were going to buy Aaron (our nine year old) rollerblades for Christmas.  No problem, jolly good!  The only issue is in order to get him onto the roller rink with those rollerblades he was going to have to have his hand held by someone he trusted.  So all of a sudden in January I was elected to get a pair of skates for myself. 

It should be pointed out now that so many factors pointed to this being a bad idea, not least of which is the number on my bathroom scale, but also factors such as how difficult it is to find a pair of size 12 rollerblades in Canada in January.  I had almost given up hope when coming out of a restaurant at lunch I noticed a sporting good store next door, with an empty parking lot.  I went in, and wouldn't you know it, they had just received their first stock in that day, and though it was still in the back the helpful little *&%$ serving me said it wouldn't be any trouble, and opened up six cases of skates before finding my size.  I tried them on and they fit.  Oh joy.

Last week-end we had planned to go to the roller rink after tutoring except that Aaron forgot his skates at home, and when we came home we had to pay a condolence call to a neighbour.  Aww shucks.  Maybe next week, ok?

Well next week did eventually come (today coincidentally) and Aaron was ready for tutoring bright and early… he packed his school bag, he had his tutoring binder, and he had his rollerblades.  I figured it was going to happen eventually and there really was nothing on my schedule next week that would have been impossible to accomplish with a broken collar bone, so what the heck, let's go.

We got to the rink and it occurred to me that I could hardly get him to tie his running shoes, how would I get the skates on him?  NO PROBLEM!!! He was ready for that, and though he did need my help with the fasteners and then the padding, he was ready to follow my instruction… did not give me the slightest opening to punish him and throw his skates out.  Now he starts behaving… just my luck.

While he was still sitting I told him to give me a few minutes to get my bearings… It had been a lot of years since I'd skated and before I trusted myself with his life I figured I would jump in myself.  I hobbled over to the rink, and was transformed.  It really was just like riding a bike, you don't forget!  It was as if I had been skating all along… and though I played hockey for years I do not remember myself being an overly powerful skater.  GONE, Mitch the Super Skater was on the rink!

I was back… I was comfortable!  I was executing my turns!  I was speeding up, going with the flow, my powerful legs accelerating me through the throngs of kids who had skill and agility, but my legs overpowered all.  It was thrilling!  It was exhilarating!  It was too bad I had no idea how to stop.  Well I suppose that's what walls are for, right?  Walls, pads, and floors, the brakes of champions!

So a few more turns around the oval and I had… well, certainly not mastered the right heel braking system, but I had attempted it, and remembered the laws of gravity and inertia… if I stop pushing then I will slow down and eventually stop.  I went out and got Aaron, and we were on our way!  Of course a 105lbs nine-year-old on wheels clutching to your left arm for dear life does tend to throw off one's balance, and we took several minutes to get to the rink from the snack bar.

He was terrified.  He was petrified.  He was mortified.  He was… getting the hang of it!  I couldn't believe it, he was getting it!  Aaron was staying up and though he was no Brian Boitano he was certainly taking baby steps.  After a few minutes he was able to skate (as it were), turn (kinda), and fall (hard).  However he did start to figure out his balance, and a few minutes later I would say he found his skate legs!  We took a lot of breaks, but I could tell that he was truly in love with skating.  I have to admit, I was having fun too.

After ninety minutes of 10 minutes on, 5 minutes off the rink we decided to call it a day, but the beaming expression of joy on his face made me realize that we were going to be back.  Next week he'll take a lesson with someone who can brake without walls.  I may be too old to learn, but who knows… in a few weeks maybe he'll teach me how to stop!  In the meantime We'll just go out and have fun.  I can't wait until spring… we can even do it outdoors!

The Internet… Do YOU Know Where YOUR Children Are?

One evening this week at the dinner table Theresa and I were discussing some of the steps that we took to protect Aaron (our nine year old) while he surfs the Internet.  He piped up that he did NOT like any of these measures, and I told him that he had better get used to them, because they are not going away.

I didn't think any more about it until I heard a discussion on the radio this week about an Internet predator who had been caught and sentenced to a long stint in prison, and what he had done.  I am happy that he was caught, but I feel horrible for his victims who will not recover from their trauma so easily.  The hosts discussed how it is important to protect your children, but that they did not trust the tools that are available to help parents.

Now granted I am not an 'average' computer user, and it will be a long time before Aaron becomes more tech-savvy than I am, but I thought about some of the tools that I use – both currently and planned – and realized that we can protect him to an extent, but no matter what protection we offer his mother and I will have to remain vigilant.  As he does grow with the Internet, we will have to monitor what he does, what sites he goes to, and even who he chats with.

When I installed the family computer last Autumn there were certain things that I did without thinking:

1) I created different User Accounts: One for me (I am the administrator and do not use the computer for day to day use), one for Theresa (who has elevated privileges and can do anything she has to do), and one for Aaron with reduced privileges.  Theresa's and my accounts are both password protected, and I have enabled auditing to see if he does try to hack in when we are not around.  Aaron's account is not password protected.

2) I installed Windows Live Family Safety.  This is a great free tool that ties the computer (not the user account) to a Live ID, and when any of us want to log onto the Internet we first have to sign onto that Live ID.  Theresa and I both know that password, and we have given it to the babysitter as well.  We do not want to hinder Aaron's computer use, we just want to know what he is doing.

Windows Live Safety also allows us to monitor what sites Aaron visits, and block any sites that are not 'kid friendly.' 

3) In Windows Vista I enabled Parental Controls on Aaron's account, offering us a second layer of protection for rated sites, as well as limiting what games he can play, and what hours he can use the Internet.

4) Aaron loves changing his screen savers and desktop background; he is visual and artistic, and to date he happens to like sports car backgrounds.  Unfortunately before I came along he also (inadvertently) liked to install screen savers that contained virii.  He also seemed to install every Internet Explorer toolbar that he could find.  To counter that I installed a good anti-virus software, as well as made sure that Windows Defender is properly enabled and updated to protect unwanted spyware.

But most importantly, especially going forward:

5) We watch him while he is on the computer!  That does not mean that we sit over his shoulder and watch everything he does, but because we know when he is on the computer we make it a point to walk in and look from time to time.  There will come a day that Aaron does get tech-savvy enough to side-step some of the methods I use now… and all that means is I will have to step it up a notch.  Believe me, I know how!

6) Aaron can sit and work or play on the computer in any common area in the house, but he has no right to privacy on it, and is not allowed to bring it into his room, or close the door to whatever room he is in when on the computer.  The fact that the laptop is portable and wireless does not change that.

All of these are methods we have right now… they did not cost anything extra to implement, and frankly they did not require an MCT to set up… but if you do want to make sure it is being done right (or you just want someone to check your work) it might be worthwhile to bring in an IT Professional for an hour to make sure.  Most peoples' children ARE better with computers than they are, and you should make sure that they are not pulling the wool over your eyes.

A number of steps that I am planning to take in the short-term future are a little more advanced, and probably not for the average home:

1) I plan to install a server at home with a Managed Firewall Solution.  Within a few weeks I will finally get around to installing Windows Small Business Server 2003 R2, which comes complete with Internet Security and Acceleration Server 2004.  This will allow me to not only monitor the sites that he is on, but I will actually capture and retain the log files from every chat that he has.  When I do implement this Theresa and I plan to sit him down and explain to him why we are doing this.  We will explain that aside from the fact that he does not have any right to privacy (kids hate that by the way… hold your ground!) his safety is my number one concern.  We will also promise him that we will not invade his privacy unnecessarily, and will never read chat logs from conversations with his grandparents, his aunts, or any friend who we know.  However strangers or friends who we do not know will be read, and if he cannot live with that then he can choose to NOT chat with people we do not know.

2) Theresa & I will from time to time go into his account and make sure that he has not found any way to bypass my security measures.  We will not tell him about this, but we will snoop in the same way we would snoop in his room if we suspected illicit activity.  No right to privacy means just that, and we are not interested in the content for any reason other than his safety.

The bottom line is the Internet can be a dangerous place, much moreso than going out to the mall or the park.  I trust Aaron and do not think he is going out looking for danger, but there are people out there who would look for unsuspecting kids like mine as targets, and I will take every step available to me to protect him.  Just as I do not let him cross the street without holding my hand, or go to the video arcade alone (do kids still do that?), I will not allow him free reign of the Internet.  The Internet is also a wonderful place filled with great people and myriad sites replete with information that he can use to expand that wonderfully hungry nine-year-old mind of his, and I will not keep him from it; he may not like the measures I have taken, and will never admit he feels better holding my hand when he crosses the road…

…but I sleep better for it and so does he, even if he doesn't realize it.

Feet were noFeet were not meant to have wheels…

So for those of you who haven't been following along, I am in pretty decent shape for a man of my size and stature, that is to say for someone who is quite large.  I have not skied this year but I did last year, and I do walk my dog (from time to time) as well as golf (poorly) during the summer months.  However there was a time in my life (not too long ago) when I was pretty athletic.  It has, however, been thirteen years since I wore any pair of skates, and twenty-odd years since the time prior to that.  Though as a child I did own a pair of roller skates, the last time I was on any skates I am not sure that in-line roller blades had yet been invented.

So Theresa decided that we were going to buy Aaron (our nine year old) rollerblades for Christmas.  No problem, jolly good!  The only issue is in order to get him onto the roller rink with those rollerblades he was going to have to have his hand held by someone he trusted.  So all of a sudden in January I was elected to get a pair of skates for myself. 

It should be pointed out now that so many factors pointed to this being a bad idea, not least of which is the number on my bathroom scale, but also factors such as how difficult it is to find a pair of size 12 rollerblades in Canada in January.  I had almost given up hope when coming out of a restaurant at lunch I noticed a sporting good store next door, with an empty parking lot.  I went in, and wouldn't you know it, they had just received their first stock in that day, and though it was still in the back the helpful little *&%$ serving me said it wouldn't be any trouble, and opened up six cases of skates before finding my size.  I tried them on and they fit.  Oh joy.

Last week-end we had planned to go to the roller rink after tutoring except that Aaron forgot his skates at home, and when we came home we had to pay a condolence call to a neighbour.  Aww shucks.  Maybe next week, ok?

Well next week did eventually come (today coincidentally) and Aaron was ready for tutoring bright and early… he packed his school bag, he had his tutoring binder, and he had his rollerblades.  I figured it was going to happen eventually and there really was nothing on my schedule next week that would have been impossible to accomplish with a broken collar bone, so what the heck, let's go.

We got to the rink and it occurred to me that I could hardly get him to tie his running shoes, how would I get the skates on him?  NO PROBLEM!!! He was ready for that, and though he did need my help with the fasteners and then the padding, he was ready to follow my instruction… did not give me the slightest opening to punish him and throw his skates out.  Now he starts behaving… just my luck.

While he was still sitting I told him to give me a few minutes to get my bearings… It had been a lot of years since I'd skated and before I trusted myself with his life I figured I would jump in myself.  I hobbled over to the rink, and was transformed.  It really was just like riding a bike, you don't forget!  It was as if I had been skating all along… and though I played hockey for years I do not remember myself being an overly powerful skater.  GONE, Mitch the Super Skater was on the rink!

I was back… I was comfortable!  I was executing my turns!  I was speeding up, going with the flow, my powerful legs accelerating me through the throngs of kids who had skill and agility, but my legs overpowered all.  It was thrilling!  It was exhilarating!  It was too bad I had no idea how to stop.  Well I suppose that's what walls are for, right?  Walls, pads, and floors, the brakes of champions!

So a few more turns around the oval and I had… well, certainly not mastered the right heel braking system, but I had attempted it, and remembered the laws of gravity and inertia… if I stop pushing then I will slow down and eventually stop.  I went out and got Aaron, and we were on our way!  Of course a 105lbs nine-year-old on wheels clutching to your left arm for dear life does tend to throw off one's balance, and we took several minutes to get to the rink from the snack bar.

He was terrified.  He was petrified.  He was mortified.  He was… getting the hang of it!  I couldn't believe it, he was getting it!  Aaron was staying up and though he was no Brian Boitano he was certainly taking baby steps.  After a few minutes he was able to skate (as it were), turn (kinda), and fall (hard).  However he did start to figure out his balance, and a few minutes later I would say he found his skate legs!  We took a lot of breaks, but I could tell that he was truly in love with skating.  I have to admit, I was having fun too.

After ninety minutes of 10 minutes on, 5 minutes off the rink we decided to call it a day, but the beaming expression of joy on his face made me realize that we were going to be back.  Next week he'll take a lesson with someone who can brake without walls.  I may be too old to learn, but who knows… in a few weeks maybe he'll teach me how to stop!  In the meantime We'll just go out and have fun.  I can't wait until spring… we can even do it outdoors!