Month: February 2013

Use Your Azure Settings!

A lot of times you are used to creating your connection strings and important app settings in your web.config file. However, what happens when you are creating a worker process that you don’t necessarily have a config file for? What if you wanted to update a value without have to repost the code to your application? Luckily, Microsoft provides us with the ability to specify settings values for each of the cloud pieces of our application. So if we open up a simple cloud application with a worker process then we can begin to see how this works.   The cloud project will be the one we are working with. We simply right click on the role that we want to attach settings to and select Properties. In our example, this would be WorkerRole1. Opening up the Properties window you will see the following:   Here you can specify how many instance and what size you want them to be for this particular role. You would click the Settings tab from the menu on the left hand side to access the Settings area. As you can see, we have the ability to add settings here either as String or Connection String types. You may think that the Connection String would be the type used for inputting connection strings for things like database connections. However, if you open the editor...

Read More

Microsoft Announces New Pricing for Azure SQL Reporting Services

Microsoft announced earlier this month that they were changing the way Azure SQL Reporting was being charged. http://blogs.msdn.com/b/windowsazure/archive/2013/02/01/sql-reporting-services-pricing-update.aspx   I believe this is due in large part to a lot of pressure from the general public that they were  just not going to use it at the current pricing levels. Simply put it just did not make sense. With the original pricing, you were essentially paying $0.88/hr for 200 reports. Sounds fairly inexpensive until you start running the math..   24 hours/day * 30 days/month * $0.88/hr =  ~ $630.00/ month   Ouch! Especially if all you need is a smaller scale instance in order to server up reports for a web site. Additionally, remember that this is for 200 reports/hour. If you go over those 200 reports then you are charged another $0.88 . Double ouch! This shocked quite a few people when the original pricing was announced because those of use in the beta hadn’t really heard anything about pricing yet and had assumed that maybe it would be baked into the SQL Azure pricing or that possibly would entail you spinning up an app server. Now about 6 months later, it seems that Microsoft has figured out that it just wasn’t working and has revamped their pricing model. So there are a couple of points that you need to follow. 1. Base price is $0.16/hr 2....

Read More

Fear Not the Mighty TRIM() Function!

  Jason Strate wrote up an excellent blog post dealing with the people asking for SQL Server to have a TRIM() function in addition to the LTRIM() and RTRIM() function and the possibility of performance issues creeping up.  You can check out his post below: PLEASE, NO TRIM()? Jason points out using two examples RTRIM() SELECT * FROM Person.Contact WHERE RTRIM(EmailAddress) = 'gustavo0@adventure-works.com' LTRIM() + RTIM() = TRIM() Equivalent   SELECT * FROM Person.Contact WHERE LTRIM(RTRIM(EmailAddress)) = 'gustavo0@adventure-works.com' Now on the face of things, this looks kind of bad….you’ve traded off a really good index scan and key lookup for a clustered index scan. Also if you look at the I/O counts as Jason does it bears out that this is the wrong thing to do …basically 178 reads for the RTRIM() version versus 570 reads for the TRIM() version… However, the problem here is the LTRIM function and how it is handled by the system. Basically, every query that you send to the database goes through a multi-step process in order to get your results… 1. Parser: Yep, the system actually checks to ensure that you know WTH you are doing before it wastes its time on some poorly typed invalid T-SQL code. 2. Algebrizer: This piece is harder for people to understand. If your query is a DML then we have some extra work to do. Basically,...

Read More

Twitter Is Nuts : Considering Two-Factor Authentication

  Okay so it looks from this post that Twitter is at least considering two-factor authentication since it had a security breach in which 250,000 user accounts were compromised. During the breach Bob Lord revealed that passwords and salts were taken but they didn’t think that they could be cracked but just as a “precaution” they were resetting them. “The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked. For that reason we felt that it was important to publicise this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.”  – Bob Lord (Director of Information Security @ Twitter )   Of course, those of you attending my security sessions last year remember that I was working on cracking algorithms using GPUs…. then later on this happened (Windows Passwords Cracked in 6 Hours with GPU Cluster) .  So the improbability of them cracking encrypted passwords doesn’t seem so improbable at all. One thing true hackers normally have is patience.   What is Two-Factor Authentication Two-factor authentication adds on to the traditional reliance of username/password authentication with a second phase of entering a one time only password. This is typically referred to as the “something you know, something you...

Read More