Wednesday, November 28, 2012

OPC and DCOM/COM Issues

My working experience with OPC and DCOM/COM can be tracked back to more than 10 years ago. I remember that when I was working at a SCADA software company in Calgary, I was assigned to a project to write OPC Client app. OPC technology is based on Microsoft Windows DCOM/COM infrastructure to provide automation for industries. At that time, it was very advanced technology and has been quickly adopted by many industry companies, specially in SCADNA system.

Since then, I have been on and off on OPC development and support. Even COM was very nice library based design infrastructure, it has it is drawbacks. Microsoft has been moved to .Net based infrastructure, COM and DCOM becomes old technology. However, so many software and applications have been developed and they are in use in various systems, it is really hard to cut it off.

Recently I have been working on a project to build a new historian system. The system is based OPC technology. In the past week, I have been working to set up a new historian system. I expected OPC configuration being the hardest task. Basically, an OPC client application has be set up to communicate with a remote OPC server. I have been struggled for almost a week on the project. I almost reached the point to make them to talk. The OPC client could talk to the remote OPC server by using local Administrator, but not a domain user. The DCOM settings on the OPC server side should be OK since we have a production OPC Client collecting data. It is just a new Windows 2008 Server not being able to collect data. Windows 2008 Server is a kind of Windows Vista, which is based on a more complicated secure framework, such as firewall, network configuration and system security configurations, in addition to OPC configurations.

My past experience and my knowledge in this area still benefit me a lot for my current work. I have changed my careers in a wide range of areas. Never know what you have done may continue to impact your future.

Read More...

Wednesday, November 21, 2012

Oligo Got Patent

Since I started my new contract job at HP/Cenuvos, I have not been doing application development. Instead, I provide applications support. That's why I don't have a lots to write about my programming and skill experience.

I have been kept listening some .Net technology podcasts, such as HanselMiniutes and .Net Rocks. Those podcasts occasionally talk about some none-programming topics. That's a change to bring some thing the authors being interested while they cannot find any good topics. Now I am going to talk about nutrients.

I have been a Melaleuca preferred customer for about 16 years. I really enjoy their great products, green, safe, effective and reasonably priced. This month I got my products. Along with the box, there is fly normally about products and specials. I saw the first page is dedicated to Oligo, the technology behind many of Melaleuca products.


To restate the claim:

Melaleuca's Oligo™ technology is now protected by U.S. Patent No 8,273,393

On Tuesday, September 25, 2012, the United States Patent and Trademark Office granted a patent protecting the Oligo technology that powers the Vitality Pack® and other Melaleuca products.

*Patent pending in Canada 

I started to use Vitality products (multi-vitamins and minerals) 10 years ago. It makes great difference to improve my health. Before I did not believe nutritional supplements at all. I thought I get all the nutrients from my daily in-takes, and why should I rely on supplements. From Melaleuca product information and my own research, I found that I could not get enough and balanced micro-food my body needs. That changed my mind to give Melaleuca Vitality product a try. The more I learn about health knowledge, the more I believe that I need to use Melaleuca products to enhance my life.

That's my after work research and hobby. I am a down-to-earth person, not only for the best codes, but also for my other hobbies, such personal health. I spent many of my after-work hours to explore and to study Melaleuca products. Each time when I see anything I don't know, I'll try to do my research through all the channels, such as on web and books, to expand my knowledge. As a programmer and IT consultant, I think my health is very important. I need to keep my mind sharp and my body strong and in good shape so that I have more energy to do what I like.

Before Oligo, Melaleuca has already obtained patent about how improve minerals absorption, it was called as fructose-compounding. This technology makes Melaleuca multi-vitamin and multi-minerals with high absorption rate. The Oligo technology goes one more step. It has been proven that the Oligo-fructose compound minerals has much less oxidations during digest process, which means less multi-vitamines wasted during intestinal digestion process.

Reference


Read More...

Tuesday, November 13, 2012

Xcode 4.5 Upate and Mac Automatic Update


Yesterday I saw Xcode 4.5 update in my App store. I have been put my App development on hold for a while. This update may have new features I have been waiting for: customized object collection view for pictures I'll use my my app.




One new feature in Mountain Lion(ML) is to download updates automatically. All the Mac and app updates are through App Store. The download process happens automatically. However, the update has to be done through users.

Before ML, Mac OS update check is set through System Preference, as a scheduled check. When new updates are available, OS will prompt user to proceed downloading and then installation. In ML, the software has more options in System Preference:


The download process can be done automatically, as well as system data and files. For other updates, Mac users have to be click on Update button  to proceed. The above is my settings. The advantage of this update is that the update process will avoid long time waiting for downloading. When updates are ready, the installation can be done immediately.

I notice that there is no way to define checking updates schedule, daily, weekly or monthly. There is only a button for Check Now.

This new feature is quite convenient for users because most of cases users want to do updates.

Read More...

Monday, November 05, 2012

Mac OS Security: Gatekeeper (2)

I remember that one of WWDC 2010 session videos has a show on this topic with demos. The demo was a quick one, but it is very impressive. I have done some tests on this feature. Here are my hands-on tests.

App Store Only

First, I tried to set up my Security to Mac App Store only. This is the most restrictive option. With this simple setting, I could not download any apps from browser.

Identified Developers

This is the recommended option for most users: Mac App Store and Identified Developers. This means you can download apps from web, but those apps have to have authorized developer IDs. According to Apple, an developers ID certificate can be obtained from none-Apple Agents, such as Google, Microsoft.

I set up this option in my Mac. Then I can download any apps from Web. Only apps with identified developer IDs can be opened. For example, I downloaded a free app NetNewsWire.app, which is an app signed with Apple Developer ID. After downloading, the following warning message is display for the first time to run it:


No Open for None Identified Apps

For example, I tried to download MesaSQLite from CNET downloads. For the time bing, this app has no Apple Developer ID signed. Therefore, I could not run this app on my Mac.

No Open for Other Macs

I tried to copy this app to another Mac. Still I cannot run it. It seems that the Mac OS quarantined the app upon its download.

Anywhere

This is the most open option, as same as previous Mac OS or Windows. You can download any apps from Web and use them. The interesting thing is that I tried to temporally set to this option to get apps which I trust with no harm. Then I reset option to Identified Developers. The file I got from anywhere are free to be copied to another Mac by USB, Airdrop or network shared drivers. Therefore, Gatekeeper is only for web browsers.

Authenticated Developer ID

The key point in Gatekeeper is the concept to sign an app with an authenticated developer ID. In the WWDC demo, one interesting demo is a hijacked app. That is, to modify an app, either signed or none-signed. For those apps, Gatekeeper would identify them as potential malicious apps.

To test this case, I opened the content of the app NetNewWire by Show Package Contents from its context menu. I copied one image to the root of its content. Then I uploaded it to my Dropbox's Public area. From there I downloaded the app again. Here is the image of original app, on the left, and modified app, on the right side, on my Mac:

No matter my Gatekeeper setting is Anywhere or not, I just cannot run this app. This app is quarantined by OS upon its download. Nor I can run this by copy to another Mac (I mean copy the downloaded app).

However, if I modify the app on my Mac, I can still run it and I can copy it to another Mac. Gatekeeper is just a security gate at browser between Mac and Web.

I think Apple's Gatekeeper strategy is an innovation change in OS level. It is a very effective way to protect Mac users from attacks by malicious apps, which most sneaked in, either accidentally or social engineered downloading from web browser.

Gatekeeper is just the forefront tier of Mac OS security layers. For developers, this is a big change and it will be new trend we have to face to. If you sign your app with your ID, your app will be treated as good citizen in binary world, or white list, until you intentionally make crime, attack user computers or steal private information, for example.

This is analogous to the case of border gates of US, Canada or any country in the World, passport is a practical identify as to citizenship when you across border gates. This is by far the most effective and less costly way to protect countries. Just image how you can secure your country if you have to check periodically each one in your country to see if they are not malicious. In theory, the strategy of internally up-to-bottom thoroughly checking periodically may be the most secure method, but impossible in practice.

Reference


Read More...