Tuesday, December 04, 2007

Effective Use of Visual Studio 2005 - Keyboard Shortcuts

As a hardcore developer I found that typing is easy to me then using mouse. Mouse is an obstacle. Taking hands off the keyboard is time consuning. It takes me out of comfort zone. I like to use keyboard where ever possible and efficient. Thanks to the developers of Visual studio 2005, they provided keyboard shortcuts to the most frequest tasks.

Though the use of named commands is always recommended instead of keyboard shortcuts. But I found that these key strokes are most common and no one reassign these to custome actions. Its safe to get used to these shortcuts.

Here is a list of my favourite shortcusts.

Tool Boxes And Windows
  • CTRL+ALT+L: View Solution Explorer. I use Auto Hide for all of my tool windows to maximize screen real estate. Whenever I need to open the Solution Explorer, it’s just a shortcut away.
  • CTRL+ALT+X: Toolbox Window
  • CTRL+ALT+O: Output Window
  • CTRL+\, E: Error List Window
  • CTRL+\, T: Task List Window
  • F7: Toggle between Designer and Source views.
  • CTRL+PgDn: Toggle between Design and Source View in HTML editor.
  • SHIFT+ALT+Enter: Toggle full screen mode. This is especially useful if you have a small monitor. Since I upgraded to dual 17? monitors, I no longer needed to use full screen mode.
  • CTRL+SHIFT+A: Add New Item Window
  • ALT+F+F: Recent Files List

Building, Running And Debugging
  • F10: Debug - Step over.
  • F5: debug - Start
  • F11: debug - Step into
  • SHIFT+F11: Debug - step out
  • CTRL+F10: Debug - run to cursor
  • F9: Toggle Breakpoint
  • CTRL+SHIF+B: Build Solution. Related shortcuts:
  • ALT+B, U: Build selected Project
  • ALT+B, R: Rebuild Solution

Code Window

  • CTRL+D or CTRL+/: Find combo
  • CTRL+M, O: Collapse to Definitions.
  • CTRL+M, M: Toggle Outline Expension. Collapsed will become expanded and expanded will become collapsed.
  • CTRL+K, CTRL+C: Comment block.
  • CTRL+K, CTRL-U: Uncomment selected block
  • CTRL+-: Go back to the previous location in the navigation history.
  • CTRL+SHIFT+-: Go to the next location in the navigation history.
  • CTRL++: Select from last mouse pointer position to current mouse pointer position.
  • CTRL+ALT+Down Arrow: Show dropdown of currently open files. Type the first few letters of the file you want to select.
  • CTRL+K, D: Format code.
  • CTRL+L: Delete entire line.
  • CTRL+G: Go to line number. This is useful when you are looking at an exception stack trace and want to go to the offending line number.
  • CTRL+K, X: Insert "surrounds with" code snippet.
  • CTRL+K, K: Toggle bookmark.
  • CTRL+K, N: Next bookmark.
  • CTRL+K, P: Previous bookmark.
  • CTRL+K, L: Clear bookmark.
    CTRL+K, I: Quick Info
  • F12: Go to definition of a variable, object, or function.
  • SHIFT+F12: Find all references of a function or variable.

Thursday, November 29, 2007

Effective Use of Visual Studio 2005 - Named Commands

Command Window: Ctrl+Alt+A

Named commands are used to access VS features from Command Window. Visual Studio 2005 provides full intellisense support in the command window. I experienced that using named commands is much faster than accessing these features with mouse.

Named commands allow you to access and use menu commands in the command window. To use named commands, simply type the name of menu. Press '.' and VS will provide intellisense. Type the name of the menu option or select it from intellisense.


To access Find Results 1 window you have to

1. Click on the 'View' menu and then
2. Click on the 'Find Results' and
3. Finally choose 'Find Results 1'.

Now if you want to use named commands,
1. Press Ctrl+Alt+A to activate command window.
2. Type View.findresults1. You don't need to type full text. Intellisense provides yoy write text. Just press enter.

Some Examples of Named Copmmands:

  • Window.NewWindow: Open a new window on your code.
  • Tools.Options: Bring up Options dialog box.
  • Edit.ViewWhiteSpace: (Ctrl+R, Ctrl+W) Replace white spaces with a dot.
  • Convert tab to spaces: Ctrl+K, Ctrl+D
  • Window.ActivateDocumentWindow: Switch to document window.
  • Window.AutoHide: Hide command window. (Use Ctrl+Alt+A to show command window)
  • Window.AutoHideAll: Hide all windows except document windows. It will hide even pinned-up windows too.
  • Window.ShowEzMDIFileList: Show Easy MDI File List.
  • Window.Split: Split code window into two. Both windows show same files but you can scroll them independently. Issue same command to close splitting.
  • Window.Windows: Open 'Windows'  window. More Info
  • Edit.ClearAll: Clear Command Window.

Named Command and Keyboard Shortcuts

Usually VS features can be accessed in two ways: using keyboard shortcusts or  using named commands. But using named commands is easier than using keyboard shortcuts:

  1. You need to learn keyboard shortcuts. But named commands are not required to learn, as they are based of the menu navigation which is most commanlyt used.
  2. Keyboard shortcuts are customizable. You (or anybody else) can change them. If you are working on some other machine, you may not have same keyboard shortcuts.
  3. There is no help (intellisense) provided for keyboard shortcuts.


1. Easy MDI File List


2. Split code window



Wednesday, November 28, 2007

Effective Use Of Visual Studio 2005 - Handling Open Documents

Visual Studio 2005 provides some excellent document management capabilities. Most of the we are not aware of these features. One of the feature is open document tab groups. Unlike VS 2003, it shows only as much tabs as fits in the window width. There is no scrolling. Instead, VS 2005 provides dropdown menu to select from all open documents. Inseated of selecting open documents, you can also do some other functions.
I am planning to write a series on useful-but-less-known features of VS 2005. This is second post in the series. (read first post)
In continuation to my previous post on managing open documents, here are some more tricks.

Right click on the open document tab group. A context menu will appear with following options:
  1. Save default.aspx.vb
  2. Close
  3. Close all but this
  4. Copy full path
  5. Open containing folder
  6. New horizontal tab group
  7. New vertical tab group
Save default.aspx.vb
Allows you to save currently selected document. Currently selected document is the one which is open in the window.

Close currently selected document.

Close all but this
Close all open documents except the currently selected document.

Copy full path
Copy full path of the currently selected document to the clipboard.

Open containing folder
Open the folder that contains the currently selected document. The folder is opened in the windows explorer.

New horizontal tab group
Open another document window. The two windows are tiled horizontally. Both window will have document tab group. This is useful when you want to open on two group of documents simultaneously.

New vertical tab group
Same as above option. But this makes the windows tiles vertically instead of horizontally.

Tuesday, November 27, 2007

Effective Use of Visual Studio 2005 - Closing Selected Window

To close open documents selectively:
1. Go to Window -> Windows.
2. This will show list of all open windows (not just those which you see on the tabs).

3. Select the windows you want to close. Use shift (or ctrl) key for multiple selection. You can also use ctrl+A to select all windows.

4. Click "Close window(s)" button to close selected windows.

I experienced that the speed of loading a project into visual studio is directly proportional to the number of open documents. Generally, we open the document as we need it. And then we don't close it. Visual studio 2005 displays only a few number of documents on the tabs. Rest remains open but are hidden. You can click on the down arrow near the 'X' button of the document window to select the open document. To keep you project loading fast, always keep minimum number of open documents.

Monday, November 26, 2007

Microsoft Popfly - Share Visual Studio Projects On The Web


Popfly allows you to build gadgets and web pages. It also allows you to share your creation. Popfly provides online visual tools for creating Web pages and gadgets. You can host, share, rate, comments and even remix creations from other popfly users.

Here are some things you can do with Popfly:

Add some fun to your Facebook page, web site, or Windows Live Spaces page.

You can easily spice up your Web site or blog with Popfly by adding customized games like Whack-a-mole or asteroids with pictures of your friends and family or create custom quizzes or polls that you can easily embed on your Web site.

Build a Home Page:

You can build a custom home page, say for your school’s sports team and choose from over 150 different themes, 10 styles, and 30 unique color themes for a unique visual design. You can then easily add things like team photos, a team schedule from an RSS feed, video from previous games, Virtual Earth maps with directions to game locations and more, all without writing code.

Mix and Re-mix Photos and Videos:

Popfly makes it easy to create and share beautiful slideshows using pictures from Flickr, Windows Live Spaces, Facebook or to embed a podcast or a video player hosting videos from Soapbox or YouTube and share it on your Facebook profile, Windows Live Spaces page, or any Web page.

Unify Your Online Personality:

Popfly enables you to customize and stitch together your online persona in one place. You can create mashups that show what you dug on Digg.com, what you are buying or selling on eBay, you Halo 3 game scores, what Facebook events you’re attending, what your friends are doing on Twitter, and much more.

Share Visual Studio Projects:
Popfly offers a powerful web programming environment to bring in new data sources, create new ways to display information, or even create and share full Visual Studio projects.

Popfly Explorer for Visual Studio and Visual Studio Express:

Popfly Explorer is a plug-in for Visual Studio that lets you:

  • Effortlessly create and host a Popfly web site
  • Access your Visual Studio solutions from anywhere
  • Share Visual Studio solutions with friends
  • Add mash-ups to your web pages


Thursday, November 22, 2007

How To Purchase A Laptop

Question: How many people are required to purchase a laptop?

Answer: Five.

Question: And what is the flowchart of purchasing a laptop?

Answer: Acquire 100% resources --> Drink beer --> Have lunch --> Go to theatre --> Watch movie --> Then release 60% of resources and utilize 40% resources to buy laptop --> The process is exhausting so re-energize 40% resources with more beer.

Don't believe me? Read the story below (it's real):

Bob is a software professional who is working for a large MNC. Currently he is posted at client side. He has a team of six people who share good chemistry. Today one of his team mate Mr. M decided to buy a laptop. His office is very near to largest electronics market so it was decided that team will go to buy laptop in the lunch time.

Unfortunately, nobody in the team brought their car today. Usually people use company provided cabs for commute from home to office and back. So they decided to hire an auto. Bob and his mates asked many auto driver but all denied. Finally it was decided that they will take bus. After long wait bus stand, finally a bus arrived. Frustrated after waiting long time, they were onboard in fraction of seconds. Things seemed to be on the right path when they discovered that they had boarded wrong bus. After changing the bus at the next stop, they finally went to the market.

While passing through the theatre M proposed for watching the movie. Mr. V proposed for having lunch. Se it was decided that they will watch the movie after lunch and they they will buy laptop. The restaurant was unfortunately close to the beer and wine shop. It allowed carry and drink facility. Mr. D proposed for beer and Mr. G immediately approved. V and M gave silent approval. Bob doesn't take alcohol so his vote was neutral. Since nobody opposed the idea, they decided to have beer first, and than lunch and then movie. Purchasing laptop was last in the list.

Things went well as planned. They had beer and then had lunch. After lunch every body enjoyed movie. D and G want to have more beer. But theatre management didn't allow them to go outside while the show was running. By than, it was evening and almost dark. The office cab would leave in the one hour. So it was decided that first they will go to office and M and D will come back to buy laptop. D wanted to drink more beer. He proposed to drink one more beer and then go to office and then come back to buy laptop. Bob along with G and V opposed it. Going to office after having beer was not appropriate. So finally it was decided that M and D will purchase laptop, have more beer and than went to home. Bob, G and V will go back to the office.

What happened next is that they follow the plan. In the night Bob called M to confirm weather they had purchased the laptop or not. M had purchased it.

Who is Bob? It's a suspense. I will revel it at the appropriate time.

Technorati Tags: , , , ,

Tuesday, November 20, 2007

Visual Studio 2008 and .NET 3.5 Released

Microsoft shipped Visual Studio 2008 and .NET 3.5 today. Here are some resources for VS 2008:

1. ScottGu's weblog is the primary and authentic source of information।
२. Somasegar's Weblog
3. Paul Andrew blogged about a downloadable poster of commonly used types and namespace in .NET 3.5 (in pdf format), which is worth checking out.
4. View ASP.NET 3.5-specific videos at Microsoft's official asp.net website.
5. Brad Abrams wrote about Design Guidelines, Managed code and the .NET Framework 3.5 in his blog.
6. Here is a 31 minute video at Channel 9.
7. VS 2008 is not shipped with MSDN. You can Download MSDN Library for VS 2008 from here.
8. The details about VS 2008 express edition (free) are available here.

Monday, November 19, 2007

Benefit of Using Technorati Tags on your blog


Today, I received a mail from one of my old friend. he happened to visit my blog and was surprised to see Technorati tags there. He called me up to ask what these tags are and why I used them on my blog. In his own words,

"Yaar, your blog seems to be advertising for this web site called Technorati.com. Are you being paid for this?"

I was quite surprised to see the reaction of Technorati tags. Then  I told him what Technorati tags are and why I use them on my blog.

Later on I thought that many other people might also be thinking in the same way. So I decided to post a blog entry on this matter.

Tags are keywords or topics which you place at the bottom (or anywhere) of your blog post to catch the attention of Technorati and other search engines. Technorati is a search engine which indexes the blog which uses its tags. Technorati doesn't pay anything to me anybody to place a Technorati tag on his blog. They even don't pay me to write these stuff though I am advocating to use Technorati tags on your blog. (I wish they should pay me for that. Ha ha ha). Instead it helps the blog author in many ways (see below).

A common question arises - why Technorati do all this? The answer is that when you place a link of Technorati tag on your page, you increase the popularity of Technorati. When millions of blogs do the same thing, Technorati gets great page rank and a very very large number of hits on its pages. Technorati puts ads on its pages and the amount one charges to display an ad is directly proportional to number of hits on that page. So Technorati earns money indirectly. But that is not the concern of a blog author. As an author of a blog, I get many free of cost benefits by using Technorati tags.

The benefits of using Technorati Tags on your blog:

1. It gets your page recognized by Technorati and other blogosphere search engines thus increasing the chance of people finding your blog.

2. It gets your blog indexed on search engines like Google, yahoo etc. driving more inward traffic to your blog and increasing popularity and readership.

3. It increase page views per visit because readers can find more on a topic that interests them.

Technorati Tags: , , , , ,

Thursday, November 15, 2007

Putting ASP.net Application In Offline Mode Using app_offline.htm


Today, I was updating a stored procedure of SQL Server Express Edition 2005 within the Visual Studio 2005. At the same time, I tried to open a page of my application in internet browser using IIS (localhost). And I got the error stating:

'The application is currently offline. Remove app_offline.htm file from applications root directory.'

I never heard of app_offline.htm file before. As a habit I pressed 'F5' to refresh the page and it worked fine. 'What the hell was this?', I thought. I googled about the file in error message and learned some interesting facts. Here is what I found:


When ASP.Net found a file names app_offlinne.htm in the root of a web application directory, it shut-down the application, unload the application domain from the server, and stop processing any new incoming requests for that application. ASP.NET also then respond to all requests for dynamic pages in the application by sending back the content of the app_offline.htm file (for example: you might want to have a “site under construction” or “down for maintenance” message).

Visual Studio 2005 And app_offline.htm

SQL Server 2005 express edition does not support multiple processes. Only single process can access database at a time. So when a database is accessed through visual studio, ASP.net runtime cannot access the database. This will result into the internal server error.  To prevent this, VS 2005 places app_offline.htm file in the application's root directory. The file contain above message. This causes ASP.net to put the application in offline mode. Please note the accessing database means opening any component of the database (I.e. table, view, stored procedure etc.) into the design window. When design window is closed, VS 2005 removes app_offline.htm file.

Using app_offline.htm As A Feature

You may use app_offline.htm feature to put your application in offline mope for any purpose. This provides a convenient way to take down your application while you are making big changes or copying in lots of new page functionality (and you want to avoid the annoying problem of people hitting and activating your site in the middle of a content update). It can also be a useful way to immediately unlock and unload a SQL Express or Access database whose .mdf or .mdb data files are residing in the /app_data directory.

You should keep an eye on a feature of IE6 called "Show Friendly Http Errors".  This can be configured in the Tools->Internet Options->Advanced tab within IE, and is on by default with IE6.  When this is on, and a server returns a non HTTP-200 status code with less than 512 bytes of content, IE will not show the returned HTML and instead substitutes its own generic status code message (which personally I don't think is super friendly <g>).

So if you use the app_offline.htm feature, you should make sure you have at least 512 bytes of content within it to make sure that your HTML (instead of IE's friendly status message) shows up to your users.  If you don't want to have a lot of text show-up on the page, one trick you can use is to just add an html client-side comment with some bogus content to push it over 512 bytes.

Once you remove the app_offline.htm file, the next request into the application will cause ASP.NET to load the application and app-domain again, and life will continue along as normal.


  1. Andy Gray wrote an interesting story on how his application stops working and starts giving error 404 when he killed visual studio process.
  2. Phill Scott writes his experience about suddenly getting error 404 and finding the app_offline.htm file culprit.
  3. Chris Ullman, author of Beginning ASP.NET 2.0 also had similar experience.


I must thank ScottGu for providing useful details about this mysterious file. I could not found any official documentation from Microsoft about this. But ScottGu's blog is as authentic and Microsoft's documentation.

Cetrification in Ethical Hacking

Wanna become a hacker?

Now is the chance to hack corporate networks without worrying legal suits. Become a Certified Ethical Hacker. An ethical hacker works to identify vulnerabilities in computer systems so they can be made less susceptible to criminal hackers' malicious attacks. Without breaking laws or stealing data, ethical hackers uncover weaknesses by attacking IT systems using the same under-the-radar techniques criminal hackers employ. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.

"Ethical hackers typically have very strong programming and computer networking skills and have been in the computer and networking business for several years. ... These base skills are augmented with detailed knowledge of the hardware and software provided by the more popular computer and networking hardware vendors." says C.C. Palmer, an IBM technologist.

An ethical hacker's evaluation of a system's security seeks answers to three basic questions:

  • What can an intruder see on the target systems?
  • What can an intruder do with that information?
  • Does anyone at the target notice the intruder's attempts or successes?

While the first and second of these are clearly important, the third is even more important: If the owners or operators of the target systems do not notice when someone is trying to break in, the intruders can, and will, spend weeks or months trying and will usually eventually succeed.

EC-Council (International Council of E-Commerce Consultants) provides certification in ethical hacking (CEH). The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

You need to undergo CES training before passing exam. CEH training is typically an intense, five-day course that emphasizes the creative, ever-changing ways hackers gain access to IT systems. "Labs take students through real-world scenarios, which require them to use creativity and demonstrate the ability to solve unusual problems," says Steven DeFino, a course instructor at New Horizons Computer Learning Centers in Salt Lake City.

CEH courses are offered at EC-Council-authorized training centers around the world. Topics covered include:

  • Perimeter defenses.
  • Hacking tools.
  • Session hijacking.
  • Password cracking.
  • Firewall evasion.
  • Intrusion detection.

More Information on CEH

CEH Certification Path

Ethical Hacking Explained

Tuesday, November 13, 2007

Microsoft Security Summit 2007

Microsoft is organizing a one-day workshop on software security in Mumbai, Pune, Kolkata and Chennai.. The summit is useful for:

  • Software Developer
  • Analysts
  • Architects
  • Project Managers


09.00 - 09.30 hrs :


09.30 - 11.00 hrs

Microsoft Platform Security – An Overview

Get a detailed view on the different components of the security development lifecycle, latest updates on security challenges, trends and statistics.

11.00 – 11.30 hrs

Tea Break

11.30 – 13.00 hrs

Application Platform Security

As a developer who has written applications for any one of these platforms, you must have noticed similarities in .NET and J2EE. For anyone who has developed applications on both J2EE and .NET, you must have noticed the differences between them that make designing applications for both these platforms way different from each other. In this session we are going to talk about the similarities in the approaches of both .NET and J2EE and how you can cross leverage your skills across these platforms. We will also talk about underlying core differences and how you can make use of these feature differences to write more secure applications. As an added bonus we will show you how you can use a few common tools to detect security holes in your code.

13.00 – 14.00 hrs


14.00- 15.30 hrs

Data Platform Security

The Web provides a convenient, cheap, and instantaneous way of publishing data. Now it is extremely easy to disseminate information, it is equally important to ensure that the information is only accessible to those who have the rights to use it. Never before has information security had so many vulnerable points. As the computing industry moves from the mainframe era to the client/server era to the Internet era, a substantially increasing number of points of penetration have opened up. New security procedures and technology are pioneered daily, and this session explains the various security systems involved with solving the current problems via the Server Security, User-authentication security, session security and more. For each layer of security added, the system becomes more protected. Like a chain, however, the entire shield may be broken if there is a weak link. And this session will take a sneak preview of how database security and the various database environments are up for the challenge.

15.30- 16.00 hrs

Tea Break

16.00- 17.30 hrs

Web Platform Security

A security compromise of online web applications could result in huge losses of data and valuable customer information, causing irreversible losses. Popular web platforms such as ASP.NET and Linux/ Apache/ MySQL/ PHP should be designed to minimize security risks occurring due to a bug in the code or a vulnerability in the overall environment. Validating user input, handling user data securely, protecting vital configuration data, blocking common hacks such as injection and cross-site scripting, etc. are some of the basic features required in developing secure web applications. Learn how the LAMP platform and ASP.NET/IIS handle these various security scenarios and why ASP.NET/IIS can provide you with a much safer and secure environment for hosting web applications.

Date Time and Venue


21st Nov 2007. GRAND HYATT. Register Now!


Friday, 23rd Nov 2007. Taj Blue Diamond. Register Now!


Thursdays, 06th Dec 2007. Taj Bengal. Register Now!


Friday, 14th Dec 2007. The Park. Register Now!


Technorati Tags: ,

Monday, November 12, 2007

Microsoft Code Names

Microsoft Codenames

Microsoft codenames are the codenames given by Microsoft to products it has in development, before these products are given the names by which they appear on store shelves. Many of these products (new versions of Windows in particular) are of major significance to the IT community, and so the terms are often widely used in discussions prior to the official release. Microsoft usually does not announce a final name until shortly before the product is publicly available.

Visual Studio Codenames


Visual Basic 1.0. The first version of Visual Basic. The standard dialogs and controls created by the Visual Basic runtime library all have "Thunder" as a prefix of their internal type names (for example, buttons are internally known as ThunderCommandButton).


Microsoft Visual C++ 4.1. After Zamboni, an ice resurfacing machine.


Visual Studio 98 (6.0). Ski Resort in Colorado


C#. Short for: C-based Object Oriented Language


Visual Studio .NET 2002. After Rainier, a small town south of Seattle. Mount Rainier is a dormant volcano.


Visual Studio .NET 2003. After Everett, a large city near Seattle.


Visual Studio 2005. After Whidbey Island in Puget Sound. A little farther from Seattle than Everett.


Visual Studio 2008. Named after Orcas Island, located in Puget Sound. Farther still from Seattle.


Team System-only release after Visual Studio 2008. Named after a resort located on Orcas Island.


Visual Studio Team System. Unknown, although it is the name of a North American manufacturer of snowboards.


Successor or Orcas. An island 'much further out' than Orcas or Whidbey. Also, where the development team plan to celebrate its completion.


Visual Studio Team System's Source Control System. Named after the Cape Hatteras Lighthouse in the Outer Banks region of North Carolina.


Visual Studio Team System load testing suite. Named after the Ocracoke Island Lighthouse on Ocracoke Island, also in North Carolina.


Team Foundation Work Item Tracking. Named after the Currituck Beach Lighthouse in Corolla, North Carolina.


Team Foundation Server SDK. Named after the Bodie Island Lighthouse in North Carolina.


Visual Studio Team System's designers for architects.

Includes Application Designer, Logical Data Center Designer, System Designer, and Deployment Designer.


Visual Studio 2005 Extensions for WinFX. Named after Fidalgo Island, located in Puget Sound in the San Juan Islands.


Online version of Visual Studio. Currently a research project.


.Net CLR


LINQ. Language Integrated Query Language extensions to expose query syntax natively to languages such as Visual Basic .NET and C#


Microsoft Surface.  Table-top style computer with multi-touch touchscreen interface.


Windows CE .NET-based technology for smart displays.


Experimental operating system based on the Microsoft .NET platform, using software-based type safety as a replacement for hardware-based memory protection. Project homepage.


    Windows Presentation Foundation

Hail Storm

    .Net My Services. Project to make MSN-hosted user data available to the same users at non-Microsoft web sites; never released


    Windows Communication Foundation


    Silverlight 1.0


    Silverlight 1.1


In Microsoft jargon, the "toaster" is the hardware equivalent of fictional entities, such as the Contoso company or the http://tempuri.org/ URI, used in documentation and sample code as placeholders to be redefined by third-party developers.


A framework that takes advantage of Windows Communication Foundation and the Entity Data Model (EDM) to allow developers to expose data in the cloud.


Shared Source Common Language Infrastructure (SSCLI)


An implementation for ASP.NET of Ajax native to the .NET Framework 2.0.

Windows Codenames


            Windows XP


            Windows XP SP2


Windows Vista/ Windows Server 2008 (In Development). Named after the Longhorn Bar in the Whistler-Blackcomb resort


Windows Vista Service Pack 1


Windows Media Player 11 for XP


Windows Media Player 11 for Vista

SQL Server Codenames


            SQL 6.5


            SQL 7.0


            SQL 2000


            SQL 2005


            SQL 2008

Windows Live Codenames




    MSN Messenger


    Microsoft Office Communicator 2005

Sunday, November 11, 2007

Happy Diwali

Diwali is the celebration of enlightenment. This year, Diwali fulfilled one of my dream. I always fantasized about wearing traditional India dress - dhoti kurta in office. But you are not allowed wearing such dress in office - damn office protocol. On Diwali, our admin department was kind enough to let us wear ethnic wear. I took the opportunity and wear dhoti kurta.

Diwali is a five day celebration. The first day is called dhanteras. Traditionally, utensils are purchased on this day. Second day is chotti Diwali also called Naraka Chaturdashi. This is said to be the Diwali of shopkeepers. People buy sweets, crackers etc, on this day. The third day -Diwali is the main festival. People wear new clothes and distribute sweets. People worship the goddess of wealth - Laxmi along with Ganesha, the son of Lord Shiva. The next day is Govardhan Puja. The go-dhan i.e. cattle especially cow is worshiped this day. The last day is Bhaiduj, the day to express love between brothers a sisters.

Every corner of the city is lighted with candles and diyas. Now-a-days people use electric lights. The city seems like beautiful heaven. People burn crackers and fire works.

But I have some concerns. First, why we celebrate Diwali. Common belief is that Lord Rama returned to Ayodhya on this day after killing Ravana, the king of Lanka. Then why don't we worship Lord Rama? Some people believe this day as the beginning of Hindu financial year. So we worship goddess Laxmi. That's OK. Then why do we waste money in crackers?

We do worse to our environment on this auspicious day. Crackers cause lots of air pollution and noise pollution (report). People suffering with heart disease are prone to attack because of the loud and sudden noise of crackers. The amount of poisonous gases such as sulphur dioxide, carbon monoxide in the air increases beyond limits on Diwali. Even you are not able to breath smoothly.

In India, we have less electricity than we need. And we waste thousands of megawatts of electricity on a single day. Does this do any good to us or our country? As a responsible citizen, we must think about these problems.

The true celebration of Diwali, however, means something else. Diwali comes after a chain of festivals. First comes navratras. This is a nine day festival where people keep fasts and pray different goddesses. People prey shakti (The Power) which governs the world. The aim of navratras is to purify our behavior. It is the process of aatm-shuddhi i.e. purification of one's thoughts. After navratra, comes Dussehra. This is celebrated as the victory of good over the evil. This means that by dushhera, we have cleared and purified our thoughts. A pure heart is subject to enlightenment. So now we are on the path of enlightenment. Then came Diwali - the festival of enlightenment. By now, our thoughts are purest and our heart is full of enlightenment.

So Diwali is about the lightning of our inner self and not about wasting electricity and polluting air. I hope, next time before purchasing crackers, we will think about it.

Tuesday, November 06, 2007

What is KISS?

The term KISS is an acronym of the phrase "Keep It Simple, Stupid", and the KISS principle states that design simplicity should be a key goal and unnecessary complexity avoided. It serves as a useful and frequent verbal exhortation (or even dedicated policy) in software development, animation, engineering, and in strategic planning (especially military operations). Other versions of the phrase include "Keep It Simple & Stupid" (most recently used in west-European literature), "Keep It Sweet & Simple", "Keep It Short & Simple", "Keep it Simple, Sweetheart", and "Keep it Simple, Sherlock".

The principle roughly corresponds to Occam's razor, and to Albert Einstein's maxim that "everything should be made as simple as possible, but no simpler."

Etymology: The acronym KISS is known to have been in use during the U.S. Apollo program in the 1960s.

Technorati Tags: , ,

Monday, November 05, 2007

The Bluetooth Story


Microsoft scripting guys published an interesting story about the origin of Bluetooth at Microsoft TechNet. Here it goes:

The Bluetooth “personal area networking” protocol was named in honor of Harald Bluetooth Gormson, son of King Gorm the Old, the one time King of Jutland. (We’re not sure if Gorm the Old is the name that the King was given at birth; that would be pretty cool, though, wouldn’t it?) We found it interesting that Harald’s middle name was Bluetooth. After all, Scripting Guy Jean Bluetooth Ross has spent her entire life (79 years and counting) thinking she was the only person to have that middle name. Good news, Jean: you’re not the only Bluetooth after all.

At any rate, Harald became King sometime around 958, upon the death of his father. Over time, Harald conquered all of modern-day Denmark and Norway, and, along the way, kind of, sort of converted to Christianity. He had a son named Sweyn Forkbeard who, no doubt in retaliation for being given the name Sweyn Forkbeard, eventually led a revolt that cost his father both his throne and his life.

But Harald got the last laugh; after all, how many Forkbeard-enabled devices do you see these days?

Note. There seems to be some disagreement as to where the name Bluetooth came from. Some scholars insist it comes from the old Norse words for “dark-skinned” and “great man,” meaning that Harald had dark skin and, well, was a great man. Others say it’s because Harald actually had a blue tooth. Fortunately, Peter Costantini, the oldest living Scripting Guy, went to junior high school with Harald, so we’ll ask Peter about that.

Just as soon as he wakes up from his nap.

After we disposed of the question “Where did the name Bluetooth come from?” a second question popped into our heads: how can you tell if a computer is Bluetooth-enabled? That turned out to be a much tougher question to answer; in fact, we never did find anything that could tell us definitively whether or not a computer was Bluetooth-enabled. (Or at least not a definitive way to do this programmatically; it’s easy enough to verify that a computer is Bluetooth-enabled by using the Windows Control Panel.) However, based on the fact that Bluetooth is a network protocol, we managed to come up with the following a script, a script that correctly determined whether a handful of test computers were Bluetooth-enabled:

Technorati Tags: , , , , , , ,

Thursday, November 01, 2007

ASP.Net Session



What is Session:
Session is an object at server side which helps in implementing the mechanism to identify a revisiting user over a stateless protocol like HTTP.

What is Session State
The session object stores the information about a session (like session key). It may also store other information in the form of session variables. The collection of values stored in session object is called session state.

State Management
The management of session state is called state management. Different server technologies implement different mechanisms for the state management. ASP.net supports both, client side state management as well as server side state management.

At client side, following techniques are used for state management:
- Cookie
- Hidden Field
- View State
- Control State
- Query String

At server side, following are the techniques, used for state management:
- Application State
- Cache Object
- Session State
- Database

In ASP.net, there are three ways to manage session state:

- In-process session state
- Out-of-process session state
- database

These states are configured in web.config file's session state element.
<SessionState mode="Off | InProc | StateServer | SqlServer | Custome" />

InProc Session State
when session state is InProc, objects are stored as live reference in the HttpRuntime Internal Cache. The session state is held in memory.
- If worker process or application domain recycles, all session data is lost.

- If a web site is maintained on more than one machine, a user may be redirected to any other machine. when the user returns to the original machine, a fresh empty session is created. So InProc session state will not work here.

- If web gardening is used on a multi processor system, where each worker processor has an affinity for a particular CPU, don't use InProc session state.

Accessing Session Object:
the EnableSessionState of @Page directive controls the access to a session object for a page. The different values for EnableSessionState attribute are:
- (i) True: read/write access to session object. Acquires a write lock on the session object. No other page, requested from the same session, can access session object.
- (ii) False: no access to session object.
- (iii) ReadOnly: Only readonly access to session object. Acquires a reader lock on the session object.

Out-of-process Session State
when mode is set to state server in web.config, ASP.net maintains out-of-process session state. Out of process session is maintained by aspnet_state.exe file. It runs as a window service and listenes to TCP port 42424. The port can be changed using the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aspnet_state\Parameters\Port.
The aspnet_state service is not started by default. It can be started using MMC service or by running following command:
net start aspnet_state.

To use out-of-process, mode is set to StateServer in config.sys file.
  <SessionState mode="StateServer" StateConnectionString = "tcpip=" />

Since session state is managed on the local machine, so local host's IP is given. You may use a separate machine as state server. In that case, IP of state server should be given in the StateConnectionString. 42424 is the default port. Any port may be used after changing the registry but it should be open.

Out-of-process session state leaves the worker process (aspnet_wp.exe or w3wp.exe) and enters into the state process (aspnet_state.exe). Therefore out-of-process state can't be stored as reference. The objects are passed between processes in binary serialized form. So any object which is used in out of process session state must be instantiated from a serializable class.

A class can be made serializable in the following way:
<Serializable()> _
Public Class MyClass
End Class


public class MyClass{

SQL-Backed Session State
skipped for now.

Cookie-less session state
Include cookiless = "UseUri" in web.config file.
<SessionState Mode = "InProc" Cookieless = "UseUri" />

In Cookieless session state session-id is embedded into the URL. it seems to be a directory in the URL path.
- The session key consists of ASCII values and visible to everyone. They can be easily tempered.
- The session is lost, if a relative URL is invoked directly by typing its address. This is because, in this case session key will not be embedded in to the URL.
- To generate URL at server side, HttpResponse.ApplyAppPAthModifier method should be involved. For example

View State
View State is a encrypted hidden field which contains the key-value pair of the values of controls at a page. ViewState can be enabled or disables using the enableViewState attribute of @Page directive. The web server controls also have this attribute.

Objects or variables can be added to view state manually as follows:
ViewState["MyKey"] = myKey

Any object, which is to be added to the view state must be derived from a serializable class.

Since view state is encrypted, a developer cannot look into it. Some tools are available to examine the view state. One such tool called View State Decoder is available at http://www.pluralsight.com. Some tips on using view state are also available at www.hanselman.com/blog/searchview.aspx/q=viewstate. A tool to generate machine key is also available at pluralstate.com/tools.aspx.

Securing View State
The <machinekey> element of web.config is used to assign validation key to view state. A algorithm is used to protect view state.
<machineKey  ValidationKey = "AutoGenerate, IsolateApps"
  decryptionKey = "AutoGenerate, IsolateApps"
  validation = "SHA1" />

ASP.net automatically generate a 128 bit key. IsolateApps tells ASP.net to generate a unique key for each application using application's id. The available validation methods are SHA1, MD5 and 3DES. SHA1 and MD5 are used for temper-proofing while 3DES is used for encryption.

At the page level, in the <pages> configuration, Auto or Always values can be specified to viewStateEncryptionMode attribute. Auto encrypts the view state only when a control requests encryption using Page.RegisterRequiresViewStateEncryption method. Always specifies that the view state should be encrypted always.

Series of Events during The Life of A HTTP Request:

Begin Request
Authenticate Request
determines who the user is
Authorize Request
determine rights of user
Resolve Request Cache
determine weather request can by-pass additional processing
Acquire Request State
session state associated with request is about to be acquired
PreRequest Handler execute
application code of page execute at this point. HTTP handler is called
Post Request Handler Execute
get fired just after HTTP handler is called
Release Request State
session state is stored based on web.config setting
Update Request Cache
resulting output is ready to be added to cache
End request

Wednesday, October 31, 2007

Some cool tips on writing good blog entry

Scott Mitchell (founder, 4 guys from rolla) published a post on his blog about writing good blogs. I read the post and follow the suggested links. After reading through a chain of links, I read lots of material on good blogging. Below is the summary of what I read:

How To Achieve Ultimate Blog Success In One Easy Step(http://www.codinghorror.com/blog/archives/000983.html)

My theory is that lead generation derives from Google rank and that the best way to increase Google rank is to be like a professional fighter: neither jabs nor haymakers are enough. You must be always jabbing and you must regularly throw haymakers. Blog continuously to keep your hit-rate and link-traffic high and write longer pieces, containing the high-value words associated with your niche, occasionally.

Fear of Writing (http://www.codinghorror.com/blog/archives/000516.html)

And that's exactly why people who are afraid they can't write should be blogging. It's like exercise. No matter how out of shape you are, if you exercise a few times a week, you'll inevitably get fitter. And if you write a small blog entry a few times every week, you're bound to become a better writer. If you're not writing because you're intimidated by writing, well, you're likely to stay that way forever.

Users don't care about you (http://www.codinghorror.com/blog/archives/000536.html)

Unless what you're writing ..

  • solves their problem
  • provides useful information
  • entertains them
  • makes them feel like they rule

It's irrational to expect users to care about it. Every time you write, ask yourself, "so what?" If you can't answer that question convincingly, reformulate and try again.

Blogging about Blogging (http://www.codinghorror.com/blog/archives/000297.html)

  • you have to want to write
  • you have to believe you have something to say
  • you have to have an interesting way of saying it
  • you have to be a decent (not great, but decent) writer
  • you have to enable blog comments

Rory explains first three of above point in details in his blog post "Why do some blogs succeed?".

Writing Tips for Non-Writers Who Don't Want to Work at Writing (http://www.scalzi.com/whatever/004023.html)

0. Speak what you write: If you can't speak it naturally, rewrite it. Simple.
1. Punctuate, damn you:

2. With sentences, shorter is better than longer:

3. Learn to friggin' spell: This is particularly the case with basic spelling errors like using "your" when you're supposed to be using "you're" or "its" for "it's" (or in both cases, vice-versa). For every spelling error you make, your apparent IQ drops by 5 points. For every "there, they're, their" type of mistake you make, your apparent IQ drops by 10 points.

4. Don't use words you don't really know:

5. Grammar matters, but not as much

6. Front-load your point: Now, sometimes people write to find out what their point is; I think that's fine because I do that myself. But most of the time after I've figured out my point, I'll go back and re-write.

7. Try to write well every single time you write: There really is no excuse for writing poorly in one's blog. You'll look stupid for the whole world to see, and it will be archived for as long as humanity remembers how to produce electricity.

8. Read people who write well: Don't just read for entertainment, but also look to see how they do their writing -- how they craft sentences, use punctuation, break their prose into paragraphs, and so on.

9. When in doubt, simplify: Ultimately, people write to be understood (excepting Gertrude Stein and Tristan Tzara, who were intentionally being difficult). Most people are, in fact, capable of understanding. Therefore, if you can't make people understand what you write, most of the time it's not just because the world is filled with morons, it's also because you are not being clear. Downshift. People will be happy to know what you're saying.

10. Speak what you write: If you can't make your writing understandable to you, you can't make it understandable to others.

Hints for revising (http://www.testing.com/cgi-bin/blog/2004/11/16)

Read your text aloud. Reading aloud is one way to get some distance, to separate the piece from your memory of writing it.

If a sentence is unclear, split it.

If a paragraph is unclear, split it. Then Write text to head off the problem, then return to adjust the guilty paragraph.

If an idea or procedure is complicated, add an example.

After you change a sentence, leave it aside for a while, then come back and reread at least the whole paragraph that contains it. Then tweak the sentence to make it fit better into its environment.

Can you turn that bullet list into one or more paragraphs? Bullet lists are, on average, easier for writers but harder for readers. They don't provide transition between two ideas.

Monday, October 22, 2007

HTTP Modules' Events and Their Order of Firing


Below is the list of Events raised by HttpHandlers. These events are in the sequence of firing.

Page_Load Event of the Page

I wrote a http handler to check the sequence of execution of event handlers. Below is the program. Two events in the program are commented because these require integration with the IIS pipeline. I used Visual Web Developer 2008 Express Edition Beta 2 to write this program. So may be express edition does not support integration with IIS. I haven't checked it yet. Here is the program:

using System;

using System.Data;

using System.Configuration;

using System.Linq;

using System.Web;

using System.Web.Security;

using System.Web.UI;

using System.Web.UI.WebControls;

using System.Web.UI.WebControls.WebParts;

using System.Web.UI.HtmlControls;

using System.Xml.Linq;

/// <summary>

/// Summary description for AddSign

/// </summary>

public class AddSign: IHttpModule


public delegate void MyEventHandler(Object s, EventArgs e);

private MyEventHandler _eventHandler = null;

public event MyEventHandler MyEvent


add { _eventHandler += value; }

remove { _eventHandler -= value; }


public AddSign()



// TODO: Add constructor logic here



#region IHttpModule Members

void IHttpModule.Dispose()


//throw new NotImplementedException();


void IHttpModule.Init(HttpApplication context)


//throw new NotImplementedException();

context.EndRequest += new EventHandler(OnEndRequest);

context.AcquireRequestState += new EventHandler(OnAcquireRequestState);

context.AuthenticateRequest += new EventHandler(OnAuthenticateRequest);

context.AuthorizeRequest += new EventHandler(OnAuthorizeRequest);

context.BeginRequest += new EventHandler(OnBeginRequest);

context.Disposed += new EventHandler(OnDisposed);

context.Error += new EventHandler(OnError);

//context.LogRequest += new EventHandler(OnLogRequest); //This operation requires IIS integrated pipeline mode.

//context.MapRequestHandler += new EventHandler(OnMapRequestHandler); //This operation requires IIS integrated pipeline mode.

context.PostAcquireRequestState += new EventHandler(OnPostAcquireRequestState);

context.PostAuthenticateRequest += new EventHandler(OnPostAuthenticateRequest);

context.PostAuthorizeRequest += new EventHandler(OnPostAuthorizeRequest);

context.PostMapRequestHandler += new EventHandler(OnPostMapRequestHandler);

context.PostReleaseRequestState += new EventHandler(OnPostReleaseRequestState);

context.PostRequestHandlerExecute += new EventHandler(OnPostRequestHandlerExecute);

context.PostResolveRequestCache += new EventHandler(OnPostResolveRequestCache);

context.PostUpdateRequestCache += new EventHandler(OnPostUpdateRequestCache);

context.PreRequestHandlerExecute += new EventHandler(OnPreRequestHandlerExecute);

context.PreSendRequestContent += new EventHandler(OnPreSendRequestContent);

context.PreSendRequestHeaders += new EventHandler(OnPreSendRequestHeaders);

context.ReleaseRequestState += new EventHandler(OnReleaseRequestState);

context.ResolveRequestCache += new EventHandler(OnResolveRequestCache);

context.UpdateRequestCache += new EventHandler(OnUpdateRequestCache);



public void OnEndRequest(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;

app.Context.Response.Write("OnEndRequest<br />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnAcquireRequestState(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnAuthenticateRequest(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnAuthorizeRequest(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnBeginRequest(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnDisposed(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnError(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

app.Context.Response.Write("<BR />");

_eventHandler(this, null);


public void OnLogRequest(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnMapRequestHandler(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnPostAcquireRequestState(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnPostAuthenticateRequest(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnPostAuthorizeRequest(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnPostMapRequestHandler(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnPostReleaseRequestState(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnPostRequestHandlerExecute(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnPostResolveRequestCache(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnPostUpdateRequestCache(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnPreRequestHandlerExecute(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnPreSendRequestContent(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnPreSendRequestHeaders(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnReleaseRequestState(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnResolveRequestCache(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);


public void OnUpdateRequestCache(Object s, EventArgs e)


HttpApplication app = s as HttpApplication;


app.Context.Response.Write("<BR />");

if (_eventHandler != null)

_eventHandler(this, null);



Thursday, October 18, 2007

Script# - Another Flower in .Net Bouquet

Script# is a compiler that compiles C# code into JavaScript. This sounds great for ASP.Net developers who program into C#. Most of the time, C# programmers don't have good hand in JavaScript.

With the client machine increasing their processing power constantly, the demand for client side scripting is very high. People talk about a new architecture that would obsolete the server side programming model. Web serve will only server HTML pages with JavaScript. If any server side processing (or database connectivity) is required, web services will fill up the gap. Using JSON, JavaScript will now directly interact with a web service from client side. All UI processing, validations etc. will be done on client side.

C# and VB.net folks have to worry about that. Either they have to switch to web services or their job will not be safe. Nikhil Kothari also thinks same (though he has not expressed it anywhere). So he decided to bring C# developers on the client side. Nikhil is currently working on a project called Script#. In his own words:

"Script# brings the C# developer experience (programming and tooling) to JavaScript/Ajax world."

The project is still in development phase but you can try your hands on it. Download the Script# and read Nikhil's demonstration. You can also watch a video. Nikhil says:

"Essentially the Script# compiler is a C# compiler that generates JavaScript instead of IL. A key driving goal of the design is to produce readable JavaScript that you may have authored yourself, and would be ok deploying into real apps."


Introduction to Script#
Download Script#
Download Script# Video
Nikhil Kothari's Weblog

Technorati : , , , , , , ,

Wednesday, October 17, 2007

A Recipe For killing Internet In India

A Recipe For Killing Internet In India

A news published in Times Of India, Oct 17th, 2007 (internet edition)

A Recipe For Killing Internet In India

Standing Committee Goes Against International Norms To Stack Odds Against Net Service Providers, Says Manoj Mitta

There is a clear and present danger to internet in India। If the recommendations of the parliamentary standing committee were to go through, you might as well pull the shutters down on the net in the country, because the committee seeks to raise the liability of internet service providers for any third party content in a manner that it will become difficult to run the service and stay away from jail.

This isn't an exaggeration. Over 85% of internet deals with third party content। This includes search engines, mail services, messengers, blogs, communication and community sites. If they were to be held responsible for the sites searched, mails sent, blogs filed or scraps on community sites then service providers would be hauled up by the police for acts they are not even faintly responsible for.

Why, then, is the committee proposing this insanity? The answer is simple — the committee has failed to understand the internet। Frankly, there's no difference between the phone and the postal service and the net — it's just that one delivers voice or post and the other data. Both deal with third party content which is impossible to verify.

How would a mail service know, for instance, if two friends exchange copyright material? Or, how would a search engine track if someone accesses sites spreading hatred, or worse, promoting terror? It's all out there — the responsibility of who fetches what should be that of the individual, not the service provider।

Therefore, what the standing committee is seeking to do is something like making a postal service responsible for every mischievous mail it delivers — perhaps by a drug dealer giving details of a consignment or a student sending photocopies of a book and hence infringing on copyright। Or, something like making a phone service, such as MTNL or BSNL, responsible for every bit of dirty talk or criminal conspiracy over its wires.

Perhaps the committee is confusing internet with media like TV or print. In the latter, content is either self-generated or by designated news or TV agencies. The content goes through several layers of vetting and checks. This is not true of internet sites that provide mail service, aggregation of communities, picture sharing, etc।

This is possibly why in its report last month on the Information Technology (Amendment) Bill 2006, the committee headed by Congress MP Nikhil Kumar has called upon the government to abandon the proposal to reduce the liability of service providers or intermediaries in the wake of industry outrage over the 2004 arrest of Baazee।com's CEO for the auction of a CD containing an infamous student porn MMS.

The bone of contention is Section 79 of the IT Act 2000 which says that no service provider shall be liable for any third party information if he proves that the offence was committed ''without his knowledge or that he had exercised all due diligence'' to prevent the commission of such contravention।

Since the existing safeguard failed to save Baazee.com CEO Avnish Bajaj from being subjected to the ignominy of arrest and detention, the government sought to reduce the liability further in its 2006 Bill. The Bill raises the bar for taking action against ISPs by stipulating that they are not liable unless it is proved that they have conspired or abetted in the commission of the unlawful act.

Service providers under no obligation in US, EU
This is really how the law is in both Europe and in the US। To the industry here, the proposed amendment seemed a fair safeguard। But the standing committee, far from endorsing the change, has recommended that the existing Section 79 should be strengthened by casting ''a definite obligation'' on the service providers to ensure that the third party information was within the parameters of the law especially because ''it is very difficult to establish conspiracy or abetment'' on their part।

The committee also took objection to the Bill's proposal to relieve the service providers of the burden of demonstrating that they had exercised due diligence to prevent the third parties from misusing online market places and auction sites। ''The committee are of the firm opinion that if explicit provisions about blocking of objectionable material through various means are not codified, expecting self-regulation from the intermediaries, who basically work for commercial gains (sic), will just remain a pipedream,'' it said.

For all its efforts to make out a case for increasing the liability of service providers, the committee glossed over the fact that the Bill was in tune with the approach adopted by advanced countries that have given sufficient thought before framing their Internet laws. Take, for instance, the relevant law in the European Union. It says that a service provider storing third party information is liable to criminal action only when he ''by intent is storing illegal information or assisting in illegal activities।''

What is even more contrary to the committee's report is the express clarification in the European law that its provisions ''do not impose a general obligation on service providers to monitor the information, which they transmit, or store on the request of a recipient for the service, nor a general obligation to seek facts or circumstances indicating illegal activities.'' Similarly, in the US, both courts and legislation broadly seek to reduce the liability of service providers on charges such as copyright infringement and defamation।

The Digital Millennium Copyright Act, for instance, spells out the criteria for establishing liability and makes it difficult to sue service providers vicariously for copyright infringement committed by third parties. So, which way should Indian laws go? The way the advanced countries have gone, or in accordance with the wishes of some misinformed MPs that would spell the death of Internet in India

TOI Link: http://epaper.timesofindia.com/Daily/skins/TOI/navigator.asp?Daily=C

Related Posts