Open XML – Resources

This post serves as a placeholder for my Open XML links, resources, etc. I will update it from time to time.

04/11/2008 – I’ve updated the demo code to include the code used in my screencast demonstrating Word 2007 Content Controls.

03/11/2008 – I’ve updated the demo code to include examination of the customXML file that is populated by the content control example (ContentControl.docx). Demo 5 shows how we can inject our own XML into the content controls.

Demo 6 presents the few lines of code required to extract the XML (as populated by the content controls) into an XmlDocument. Once the customXML is in an XmlDocument we are free to access the nodes as required.

Thus we are now in a position were we can create a document with custom data present, pass it to a user, the user can amend the custom data, save the document and send it back to us. We can then extract that custom data for subsequent processing. I will prepare a short screencast to demonstrate this – watch this space.

28/10/2008 – Posted pre-VBUG Newcastle inaugural delivery of An Introduction to Open XML. Download the slides and Visual Studio 2008 / Open XML SDK 2 CTP1 demo code. It’s likely that I will update this code to reflect further CTP releases.


Eric White’s blog entry about the first CTP of the Open XML SDK V2.

Microsoft’s primary Open XML portal,
Microsoft’s on-line forum for Open XML

OpenXML Code Snippets (for Visual Studio 2005) (Managing code snippets)

Brian Jones
Mauricio Ordonez
Doug Mahugh
Kevin Boske
Erika Ehrli
Gray Knowlton’s OpenXML content

Product/Technology Blogs

Open XML File Formats

Using Word 2007 Content Controls
Matthew Scott: Application Development using the Open XML File Formats
Matthew provides an excellent explanation of Word 2007’s content controls and customXML parts. Before OpenXML you probably found yourself using Word bookmarks to leave placeholders inside a Word document – content controls essentially replace those.

Andrew Coates has some excellent information about using Content Controls in conjunction with Matthew’s Word Content Control Toolkit (available on CodePlex).

Technorati Tags: , , , , , , , , , ,

The Fake Sarah Silverman Show @sarahsilverman @fake_sarah_silv @imKM

The Internet is awash with security issues, none more so than the social networking sites that so many users place considerable amounts of trust and belief. Today, users can sign up on such sites as Facebook and Twitter (to name two that I use) without any form of secondary credential check, i.e. you can sign up and be whoever you want to be. Evidence of this kind of impersonation can be found in my earlier blog entry where I discussed the “celebrities” who appear to be on Facebook.

From social networking to micro-blogging, the impersonation continues. During October the Twitter community was delighted to see Stephen Fry appear in the “Twitterverse”. Our delight continued when Stephen chose to follow a vast horde of us. John Cleese enjoyed similar celebrity status. However, Stephen and John were accepted into the Twitterverse without a second thought regarding their authenticity. It didn’t take long to spot that Stephen and John were standing on the “I am who I say I am” side of the fence. Their writing style is most eloquent and is rather recognisable.

Enter Sarah Silverman…on Twitter:

I read the Twitter stream reasonably carefully, checking a few things along the way. The stream mentioned London as a destination – true – the real Sarah Silverman did a gig at the Hammersmith Apollo last Sunday. A few other things checked out. What caught my eye was the fact that she was riled by the fact that she had lost a follower…so I suggested a web-site that might help her in the future. At that point the fake @sarahsilverman started to follow me, I was 1 of 23 folks she was following. And I remained 1 of 24 folks she was following whilst her followers grew from a handful to over 600 – this is most odd and served as a clue to something fishy.

The clue trail…
There’s not much to report about the profile picture or the user-name. Over the course the period 23/10/2008 to 26/10/2008, @sarahsilverman used at least two profile pictures – these were probably sourced from a variety of on-line photo repositories. If there were any clues to be found in the profile picture, I didn’t spot them.

Next up, the Biography and web-site details:

This is where it gets amusing. Silverman’s TwitterJacker made every effort to make the biography as real as possible. She (or he, more about why I say this shortly) even provided a link back to the real Sarah Silverman’s “Unofficial” web-site: Ironic, but still nothing hugely obvious there – anybody could obtain this information and set it up as it was here. However, even before I started following @sarahsilverman, I had my doubts about the authenticity of the textual content and writing style. I took the liberty of questioning the authenticity of celebrities in general. This prompted a rapid change in the biography text, previously it didn’t contain the text “and omfg i’m not going to say if i’m real or not”. OK, not really clues, however the use of “i’m” is a small clue. As is the use of “not” twice – the second “not” should really be replaced with “otherwise”.

I took the bait “Leaving for a bit. again! ~ as said ~ you should follow @imKM … see… isn’t that weird.” Prior to that bait finding its way on to the fake @sarahsilverman’s Twitter stream, a request for follow @imKM had arrived via a direct message: “…twitter friend ~ imKM?” What I found interesting about this approach was @imKM’s background image. I can’t be sure, but it does look like Sarah Silverman is in the background of this photograph:

I don’t know, perhaps @imKM happened to be using the cash point ahead of the real Sarah Silverman and decided to grab a photograph? Who knows for sure? Whatever the truth, when I mentioned this to the fake @sarahsilverman in a direct message, she responded “Yes, people say Photoshop but, he corrected me. It is actually faded with “LiveQuartz”. neat huh. say. are you not following my best… “

Connected to the background image challenge, during 25/10/2008, as the truth started to unfold, this tweet was a further clue to feathers being ruffled:

@imKM needs to stop using my photoshoped image. [] he set it as his background.

Still at 24/10/2008, I had confirmed that both the fake @sarahsilverman and @imKM were using Apple Mac’s for their tweets. Both Twitter streams exhibited over-use of the tilde character “~”. Via a direct message, I challenged the fake @sarahsilverman about the use of the tilde – oddly I am unable to lay my hands on that direct message, I can’t see it in my sent items stream. However, the fake @sarahsilverman replied: “or a creative thing”. It’s a small thing to notice, however two people who instant message each other a lot will pick up on each other’s habits. Or, a single person using two Twitter accounts will make the mistake of following the same habits.

On Sunday 26/10/2008, it became evident through a self-confession that @sarahsilverman wasn’t the real Sarah Silverman. Prior to the self-confession, a few blogs picked up on it, here and here. The @sarahsilverman feed vanished and was replaced with @fake_sarah_silv. The first post truthful post announced:

“My name is Sarah Ascher, friend of @imKM; not @imKM. I am sorry. This started as a joke, I guess people can’t take it.”

For a few minutes the @fake_sarah_silv continued to use the same Twitter background. This was probably an oversight as he or she was too busy undoing the web of deceit that had unfolded so rapidly:

Very soon after the confession tweet, @fake_sarah_silv finally changed the background image:

Of course, at the time of writing, it hasn’t been confirmed that Sarah Ascher even exists. As many Twitter users predicted, @fake_sarah_silv and @imKM could be the same person. Whatever the case, it was a shameful cry to drive traffic to @imKM’s content. KM himself (we must assume that it is a he!) eventually wrote a lengthy piece attempting to distance himself from the whole quagmire. Amusingly, @imKM was rather quick to quash any thoughts that he had a crush on the real Sarah Silverman! I must admit, the crush thing was first on my thoughts once the @imKM follow request appeared – that and the fact it appeared to be Sarah Silverman in @imKM’s background image.

Anyway, not surprisingly, it seems @imKM was somewhat disturbed by some of the tweets he was receiving:

I hope your parents have a good lawyer little boy.

heaven forbid your take responsibility for your actions

I don’t imagine that this will go away in a hurry, there’s probably a few more days of fall out to be had whilst bloggers and Twitterer’s around the globe pick up on it. In the meantime, @sarahsilverman is at 23:22 in the UK on 23/10/2008 is strangely still available. If the real Sarah Silverman reads this (hey, it’s possible surely?) perhaps it’s time you grabbed your presence on Twitter before somebody else does this all over again? Other micro-blogging sites are available.

Your take-away…
@imKM was attempting to drive web traffic to his blog and video site by relying on the hard work and goodwill of other folks. Whether you like the real Sarah Silverman or not, it had an effect: 600 followers for the fake @sarahsilverman within a short space of time. @imKM received a few extra followers, however now his reputation has taken a serious beating. Small mistakes, and failing to follow accepted Internet etiquette and Twitterquette led to the downfall being as rapid as it was. If @imKM was patient and exercised some care, he could have kept this charade running for weeks or months.

The moral of this blog post is still the same as it was when I wrote about impersonation last year. There are many places on the Internet where it is necessary to verify who you are and in some way prove that you are who you say you are (authenticity), however very few places actually implement them – even some of the big banks struggle to do this properly.

It’s difficult to offer any guaranteed advice that can help you spot fakes, hopefully this post provided a few things to look out for. In social networking and indeed, in micro-blogging situations, it’s always worth checking out the friends/followers of the person you are about to connect with. Take a look at the people that person connects with, do they look like the kind of people who would connect with each other?

Oh, 23:25 in the UK on 26/10/2008 and does not exist!

Finally, it was lovely to write this blog post as if I was on first name terms with Stephen and John. I am, of course, not and I will convey my apologies to Mr Fry and Mr Cleese when I next meet them.

Images grabbed using TechSmith‘s SnagIt – an essential tool for developers and bloggers alike. With thanks to Betsy Weber

Technorati Tags: , , , , , , , ,

Implementing GetEmailAddressFromExchange in C#

As developers we often find ourselves writing small one off applications to perform a specific “here and now” requirement. The task was to produce a list of e-mail addresses from a Microsoft Outlook folder. I’m reasonably happy with my understanding of the Microsoft Outlook object model, well, happy enough that I’ve managed to get it to do what I need it to do. I am by no means an expert, however since I’ve been making reasonable progress with my “duplicate e-mail remover” application, I figured that iterating over an Outlook folder extracting the e-mail address on they way couldn’t be too hard.

Indeed, for SMTP e-mail addresses, it’s fairly straightforward – a mail message in Outlook has a SenderEmailAddress property that holds the e-mail address in the format

In a corporate environment you may find X400 formatted addresses similar to this one:


The aforementioned SenderEmailAddress is also used to store this address, so if you were expecting an SMTP address, too bad!

However, mail messages also have a string property SenderEmailType which returns EX for mail items that use Exchange Server addressing. Here’s how you might use it:

               // Catch e-mails sitting on an Exchange Server...
                            if (oMsg.SenderEmailType == "EX")
                                display = GetEmailAddressFromExchange(oMsg.SenderName);
                                // Otherwise, assume SMTP addresses
                                display = string.Format("{0}", oMsg.SenderEmailAddress);

The eagle-eyed reader will have noticed the call to GetEmailAddressFromExchange. I really wanted an SMTP address for all the mail items in the folder(s) in question. A little bit of searching revealed this well-written article by Julian Biddle at An Original Idea.

Julian’s article explained how to get an e-mail address from an Exchange Server address using Visual Basic in .NET. I prefer to use C#, so set about converting Julian’s code (which was known to work). There are other flavours of this code floating on the Internet, this one works for me, your mileage may vary.

The entire application can be downloaded here. This little application is crude, but it solved a problem for me at the time of writing. It demonstrates how to iterate over Microsoft Outlook folders (not just the Inbox) building a treeview on the way. It also demonstrates how to save the contents of a ListView control to a CSV file.

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using Microsoft.Office.Interop.Outlook;
using System.Runtime.InteropServices;
using System.IO;

namespace OutlookEmailAddressExtractor
    public partial class frmExtractEmailAddresses : Form
        public frmExtractEmailAddresses()

        const int S_OK = 0;

        [DllImport("MAPI32.DLL", CharSet = CharSet.Ansi, EntryPoint = "HrGetOneProp@12")]
        private static extern void HrGetOneProp(IntPtr pmp, uint ulPropTag, out IntPtr ppProp);

        [DllImport("MAPI32.DLL", CharSet = CharSet.Ansi, EntryPoint = "HrSetOneProp@8")]
        private static extern void HrSetOneProp(IntPtr pmp, IntPtr pprop);

        [DllImport("MAPI32.DLL", CharSet = CharSet.Ansi, EntryPoint = "MAPIFreeBuffer@4")]
        private static extern void MAPIFreeBuffer(IntPtr lpBuffer);

        [DllImport("MAPI32.DLL", CharSet = CharSet.Ansi)]
        private static extern int MAPIInitialize(IntPtr lpMapiInit);

        [DllImport("MAPI32.DLL", CharSet = CharSet.Ansi)]
        private static extern void MAPIUninitialize();

        const string IID_IMAPIProp = "00020303-0000-0000-C000-000000000046";
        const uint PR_SMTP_ADDRESS = 972947486;

        struct SPropValue
            public uint ulPropTag;
            public uint dwAlignedPad;
            public long Value;

        Microsoft.Office.Interop.Outlook.Application oApp;
        NameSpace oNS;

        private string GetEmailAddressFromExchange(string emailName)
            MailItem loDummyMsg = (MailItem)oApp.CreateItem(OlItemType.olMailItem);
            Recipient loAddress = loDummyMsg.Recipients.Add(emailName);
            string SMTPAddress = GetMAPIProperty(loAddress.AddressEntry.MAPIOBJECT, PR_SMTP_ADDRESS);

            return SMTPAddress;

        private string GetMAPIProperty(object oMAPIObject, uint uiPropertyTag)
            if (oMAPIObject == null)
                return "";

            string sProperty = "";
            IntPtr pPropValue = IntPtr.Zero;

            IntPtr IUnknown = IntPtr.Zero;
            IntPtr IMAPIProperty = IntPtr.Zero;


                IUnknown = Marshal.GetIUnknownForObject(oMAPIObject);

                Guid guidMAPIProp = new Guid(IID_IMAPIProp);

                if (Marshal.QueryInterface(IUnknown, ref guidMAPIProp, out IMAPIProperty) != S_OK)
                    return "";

                    HrGetOneProp(IMAPIProperty, uiPropertyTag, out pPropValue);

                    if (pPropValue == IntPtr.Zero)
                        return "";

                    SPropValue propValue = (SPropValue)Marshal.PtrToStructure(pPropValue, typeof(SPropValue));

                    sProperty = Marshal.PtrToStringAnsi(new IntPtr(propValue.Value));
                catch (System.Exception ex)
                    throw ex;
                if (pPropValue != IntPtr.Zero)

                if (IMAPIProperty != IntPtr.Zero)

                if (IUnknown != IntPtr.Zero)


            return sProperty;


        void _PopulateFolderList(MAPIFolder oFolder, TreeNode node)
            foreach (MAPIFolder folder in oFolder.Folders)
                string s =String.Format("{0} ({1}) [{2}]", 
                TreeNode thisNode = node.Nodes.Add(s);

                thisNode.Tag = folder;

                if (folder.Folders.Count > 0)
                    _PopulateFolderList(folder, thisNode);

        private void btnGetFolders_Click(object sender, EventArgs e)
            oApp = new Microsoft.Office.Interop.Outlook.Application();
            oNS = oApp.GetNamespace("MAPI");

            progressBar.Minimum = 0;
            progressBar.Maximum = oNS.Folders.Count;
            progressBar.Value = 0;

            this.Cursor = Cursors.WaitCursor;

            foreach (MAPIFolder f in oNS.Folders)
                TreeNode node = tvOutlookFolders.Nodes.Add(f.Name);

                if (f.Name != "Public Folders" && f.Name != "Internet Calendars")
                    _PopulateFolderList(f, node);


            progressBar.Value = 0;
            this.Cursor = Cursors.Arrow;


        private void btnGetEmailAddresses_Click(object sender, EventArgs e)
            TreeNode nodeSelected = tvOutlookFolders.SelectedNode;
            MAPIFolder folder = (MAPIFolder)nodeSelected.Tag;

            this.Cursor = Cursors.WaitCursor;


            if (folder != null)
                progressBar.Maximum = folder.Items.Count;
                progressBar.Minimum = 0;
                progressBar.Value = 0;

                string sClassComp = "IPM.Note";

                Items oItems = folder.Items;

                label1.Text = oItems.Count.ToString();

                MailItem oMsg = (MailItem)oItems.GetFirst();

                while (oMsg != null)
                    if (oMsg.MessageClass == sClassComp)

                        if (oMsg.Body != null)
                            string display;

                            // Catch e-mails sitting on an Exchange Server...
                            if (oMsg.SenderEmailType == "EX")
                                display = GetEmailAddressFromExchange(oMsg.SenderName);
                                // Otherwise, assume SMTP addresses
                                display = string.Format("{0}", oMsg.SenderEmailAddress);

                            bool okToAdd = true;
                            if (cbIgnoreDuplicates.Checked)
                                okToAdd = lvEMailInSelectedFolder.FindItemWithText(display) == null;

                            if (okToAdd)
                                ListViewItem item;
                                item = lvEMailInSelectedFolder.Items.Add(display);


                                if (oMsg.Subject != null)
                                    item.SubItems.Add(" ");


                    bool exceptionRaised = true;

                    while (exceptionRaised)
                            oMsg = (MailItem)oItems.GetNext();
                            exceptionRaised = false;
                            exceptionRaised = true;


                btnSaveToCSV.Enabled = true;

                progressBar.Value = 0;

                this.Cursor = Cursors.Arrow;

        private void btnSaveToCSV_Click(object sender, EventArgs e)
            StringBuilder listViewContent = new StringBuilder();

            foreach (ListViewItem item in this.lvEMailInSelectedFolder.Items)



            saveFileDialog.FileName = "e-mail addresses.csv";
            saveFileDialog.Filter = "CSV files (*.csv)|*.csv|All files (*.*)|*.*";

            if (saveFileDialog.FileName != "")
                TextWriter tw = new StreamWriter(saveFileDialog.FileName);



        private void tvOutlookFolders_AfterSelect(object sender, TreeViewEventArgs e)
            if (tvOutlookFolders.SelectedNode != null)
                btnGetEmailAddresses.Enabled = true;

Technorati Tags: , , , , , , , , , , , ,

DeveloperDeveloperDeveloper – some statistics

As part of another exercise, I have been looking through the speaker lists for the seven DDD Reading events that we’ve run in the UK so far.

Thinking about the number of unique speakers who submitted sessions vs. number of sessions submitted, I pulled the the information from each of the first seven events to produce this graph below. Note that this graph isn’t limited to those speakers who made it on to the agenda – it contains data relating to those speakers who submitted one or more sessions.

DDD1 was obviously the first DDD event – it had a hand-picked agenda. As I recall there were a couple of cancellations, so pretty much every speaker who submitted a session made it on to the final agenda. I can’t remember the precise details behind the use of “developer developer developer” as the conference name, however it is obviously a hark back to Steve Ballmer’s famous pitch (of which there are plenty on YouTube). Of course, this is also the reason why the speaker to sessions submitted ratio is virtually 1:1. DDD1 came about after I was invited to look at an Excel spreadsheet containing a list of speakers and sessions…the next thing I knew is that I had a spreadsheet with an agenda on it, then a date, then a registration process, then an event (coinciding with my wedding anniversary)…it happened so fast!

DDD2 was the first, and last, DDD to have 30 minute sessions. We had hoped that the 30 minute sessions would be appealing to new speakers who may have felt that 60 minutes was too long. Whilst that was perhaps good for the new speakers, it was a scheduling and practical nightmare…although it seemed to work pretty well on the day. This is what happens at events – the attendees can have a whale of a time, whereas the organisers can see all the imperfections that make an event hard work for them. Luckily the DDD team are hard-skinned individuals who are keen to experiment and learn, so we take on-the-day problems with a pinch of salt and think “learning experience”.

DDD3 was almost a 1:1 speaker to session ratio. It was also the first time that Dave McMahon used his Sunday name “David” as part of a session submission. The key change for DDD3 was the introduction of community voting. Instead of relying on instinct to build an agenda, we asked the attendees to vote for the sessions that they wanted to see on the agenda. This has two main benefits. Firstly, it help us with room scheduling – if we know a session received 120 votes then we know to put it in a room that can handle at 120 people. Secondly, it means that the agenda is community-driven, we get to build an agenda that the majority of attendees are going to be interested in. Of course, like all systems, it’s not as precise as this and we do have to make some scheduling decisions, e.g. there might be two speakers discussing the same topic, we have to work out how best to handle that. I think that tells you that we don’t often take the first 20 sessions – it should come as little surprise to you that we look at the first 30-40 sessions, often settling on the 20 out of 35 sessions. With more and more speakers submitting two or more sessions, the chances of them getting more than one session in the top 25 is moderately high.

DDD4 was an eye-opener, fewer unique speakers, but those that did submit sessions were submitting one or more. This is a trend that has continued to this day.

DDD5 was originally planned to run on the first day of England’s World Cup match. You would be surprised how hard it is to plan developer events around the variety of sports that are competing for the same audience!

DDD6 “sold out” within 24 hours. DDD is clearly a popular event. After all, it is free, it is held on a Saturday, there are bacon (and veggie) rolls in the morning, there’s a free lunch, 20 full sessions, lunch-time grok talks, swag, discounted books, access to many of the Microsoft DPEs, an evening geek dinner (at your cost!)…it is no wonder that 350 attendees are driven to the registration site within seconds of it going live. We also had SQLBits (thanks!) sponsor coaches from Reading railway station to Microsoft’s TVP campus – feedback for this was good, so we’re hoping to run the same coaches at DDD7.

DDD7 saw us skip the summer DDD slot. We ran DDD 1-6 every 6 months, after DDD6 we looked at the year ahead and felt that so much was going on in the “2008 space”, that postponing DDD until November 22nd was a good idea. It is, after all, post-TechEd and post-PDC. I understand that there is a football match planned for that day…clearly football schedule planners don’t consult us when they are making their plans! We also stretched the time-frame for DDD7 – we have a time-line that we follow for all DDDs, this one we changed to suit the fact we had time on our hands. We opened session submissions earlier than usual and kept it open for longer – this has had the advantage of attacting new speakers on to the submission list. DDD7 is also the first DDD since DDD2 to have girlgeeks (aka ladies, with the exception of Barry, “he ain’t no lady”) on the agenda – Sarah Blow, Kalen Delaney, Annie Matthewman being the first to hold that honour.

Now that I’ve got some statistics rolling, I’ll publish some more over the coming weeks. For example, there is one speaker who has made it on to the agenda for all seven DDDs…more later!

In the meantime, DDD7, November 22nd 2008, Microsoft Thames Valley Park, Reading – on a Saturday, no cost to attend, bacon rolls, free lunch, swag, registration opens “real soon now”.

Follow DDD on Twitter here.

Technorati Tags: , , , , , , , , , , ,

Forcing a USB pen / key drive format

A colleague asked me if I knew of a means of restoring a PNY Attaché Pro 1GB pen drive back to a usable state.

It was one of these “partitioned” pen drives with an 8MB drive containing a small executable program that, after entering the correct password, opens up the rest of the drive. However my colleague had forgotten the password and was wondering if the drive could be formatted such that the full 1GB was available. I don’t use protected pen drives myself, however I believe some pen drives are “partitioned” like using private and public areas.

I had a look around on the PNY web-site, tried their pre-test tool, all to no avail. I even tried a couple of big-name disk utilities, however they didn’t “see” the USB pen/key drive.

Then I stumbled upon this post. It basically said, download and use this tool (via here), but don’t let it finish its format. So instead of letting it finish its format, I waited a moment or two, then removed the PNY drive. Windows then let me format the full 1GB without any further problems. Possibly an unorthodox approach, but a win nevertheless. Huge thanks to TTC Shelbyville for pointing this trick out.

I’m sure that there are other tools available that would achieve the same result, however this was my “5 minute solution”. I would be happy to hear about other approaches in the comments for this post.

Disclaimer: YMMV

Technorati Tags: , , , , , , ,

Lots of bright folks are speaking in the UK next month

UK – VBUG Annual Conference 2008 (the 11th!)

4th and 5th November 2008

2 days and 21 session tracks with presenters from across the UK and global community

Key Note:
Roy Osherove, founder of the Agile Israel community.

From overseas:
From the US the legendary Ken Getz and Jeffrey McManus.

UK community speakers:
András Belokosztolszki, Santosh Benjamin, Harry Brignul, Barry Dorrans, Richard Fennell, Sebastien Lambla, Ben Lamb, Mike Ormond, David Ringsell, Gary Short, Oliver Sturm, Dave Sussman, Mike Taulty, Tony Whitter and Phil Winstanley.

£299 Members / £399 Non Member (ex VAT)

Microsoft Reading, Microsoft Campus – Building 3, Thames Valley Park, Reading, RG6 1WG, GB

What to expect:
Roy Osherove – Tips and Tricks for Successful Software Teams, Unit Testing Best Practices

Ken Getz -Investigating LINQ to XML, Create Managed Code for Office 2007 in Visual Studio 2008, Create Custom Workflow Activities

Jeffrey McManus – Data-Driven ASP.Net AJAX, Distributed Caching for ASP.Net Applications

Tony Whitter – Silverlight for Mobile

Oliver Sturm – Functional Programming in C# (devExpress blog and here too)

Mike Ormond – Overview of Silverlight 2

Gary Short – Red, Green, then what? (devExpress blog)

Ben Lamb – Go With the Flow – an Introduction to Windows Workflow

David Ringsell – Improve Your Own Learning

Mike Taulty – Beyond Silverlight with Windows Presentation Foundation

Barry Dorrans – WCF 101

Seb Lambla – ASP.Net MVC

Santosh Benjamin – The Integration Landscape: Biztalk Server, WF and WCF

Andras Belokosztolszki – Advanced T-SQL 2005/2008

Phil Winstanley & Dave Sussman – ASP.Net 4.0

Richard Fennell – Team Foundation Server – The Answer to All Project Management Problems?

Harry Brignull – Making the User Experience Shift in a .NET Development House

More information can be found here:

Technorati Tags: , , , , , , , , , , , , , , , , , ,

eCards linking to dangerous executable files…

In a previous post I mentioned that phishing and spoofing were still very much in the mainstream. There are many tricks that scammers use in order to convince the unsuspecting Internet user to part with their financial details. One such trick is to send fake e-mails inviting users to click on an “eCard”. In reality, clicking on the eCard link typically links to file that can be run on the victim’s computer – even though today’s modern browsers offer many levels of warning, users frequently click on yes or OK when asked “are you really sure?”

Most eCards are trojan horses – they lay in wait watching for useful information such as credit card details, passwords, etc. to be typed into reputable web-sites. They then capture that information and, more often than not, attempt to transmit it to a central source that is capable of making the most of stolen credit card information.

Here’s an example:

As noted in my previous posting, it’s always worth verifying the destination of any links found in e-mails (there are some good comments on that post, with tips worth heeding). However, link aside, the text of the e-mail has a few other clues that suggest it might not be authentic. Look for problems with grammar, spelling mistakes, incorrect spacing, etc. I’ve highlighted a couple in the e-mail above. Also look out for “odd” e-mail addresses that are out of character, e.g. Hallmark would never use a personal e-mail address (other card vendors are available!)

If you are feeling even more adventurous, you could take a look at the message itself. In Microsoft Outlook if you right click on an e-mail in the Inbox view, choose Message Options and you’ll see something similar to the text below:

Delivery-date: Mon, 13 Oct 2008 15:30:19 +0100
Received: from ([])
by with esmtp (Exim 4.69)
(envelope-from )
id 1KpOR9-0007BM-6h
for; Mon, 13 Oct 2008 15:30:19 +0100
Message-ID: <09622.bamber@nolan>
Date: Mon, 13 Oct 2008 12:42:56 +0000
From: “”
User-Agent: Thunderbird (Windows/20080213)
MIME-Version: 1.0
To: “friend”
Subject: You have received an eCard
Content-Type: text/plain;
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=4.7
X-Spam-Score: 47
X-Spam-Bar: ++++
X-Spam-Flag: NO

A few things can be gleamed from the e-mail headers. Most reputable eCard web-sites wouldn’t use a client-side e-mail tool such as Thunderbird. Nor would they purport to be “” but actually be a personal e-mail address of Similarly, “friend” isn’t something mainstream vendors would use. A closer inspection reveals that this e-mail appears to have made use of a .edu domain, i.e. an educational establishment may have been used in the transport of this particular e-mail. Indeed, it is this .edu domain that demonstrates the true nature of trojan horses – they don’t always steal your financial details, they sometimes enable your computer such that it can act as e-mail hubs whereby further propagation of the the same or similar eCard e-mail takes place. In other words your computer could be used to send out eCard e-mails.

Incidentally, this particular eCard hit my spam filter before I even saw it. However, whilst my e-mail host has good spam filtering, coupled with my local spam filter (MailWasher Pro), it doesn’t mean other e-mail hosts are doing the same, it’s still possible that an eCard could make it into your inbox.

Again, regular readers will be sucking eggs after reading this post, however these e-mails are still doing the rounds. I always find it handy having these real world examples handy as demonstrations when I’m explaining the less than salubrious side of the Internet to newcomers.

Technorati Tags: , , , , ,

GTD – Using Microsoft Outlook to colour-code e-mails

I receive a lot of e-mail that is not sent directly to me. I work for a large company with thousands of employees – at least 50% of my inbox is made up of corporate “global all” type e-mail. Whilst it’s important to read these, I personally prefer to read’n’process the e-mail that are sent directly to me before I look at the global all items. To do this, I make use of Microsoft Outlook’s built-in formatting options such that mail sent directly to me appears in my inbox in light blue.

Here’s how we do this…choose the Tools menu followed by the Organise menu item:

Next, click on Using Colours. I already have e-mail that is sent to me and me only appear in blue, hence the option to turn it off is available. Assuming that you don’t have this option enabled, click on the Automatic Formatting button at the top right:

By default, Microsoft Outlook provides a handful of automatic formatting rules, one of them is “Mail sent directly to me”:

Outlook will do a pretty good job working out the conditions required to make this happen. For the sake of completeness though, click on the Condition… button to see for yourself:

As long as you have a tick beside the “Mail sent directly to me” rule, Outlook will colour-code your incoming e-mail:

This is yet another small and simple product feature that you may well have been aware of, however if it’s new to you, it could be of some use.

Other posts
GTD Action/Deferred/WaitingFor/Someday folders in Microsoft Outlook – Show Item Count
Making e-mail simpler and easier to handle: using Microsoft Outlook rules
Elementary GTD using Microsoft Outlook “move to folder”

Technorati Tags: , , , , ,

GTD Action/Deferred/WaitingFor/Someday folders in Microsoft Outlook – Show Item Count

Following on from my previous posts about using Microsoft Outlook for GTD (here and here), I’d like to mention a further tweak that we can make to Microsoft Outlook’s folder view control. Most of us probably have Microsoft Outlook display the number of unread items in each folder. However, for the GTD folders that I mentioned earlier, it’s likely that you will have read the items before they are filed in the GTD Action, Defer, Waiting For or Someday Maybe folders.

For these folders, I prefer to see the total number of items regardless of whether they have been read or not. Like a lot of things in Microsoft Outlook, the folder list is configurable. Right-clicking on a folder, then choosing Properties will allow us to configure the “total” that appears after the folder name.

This is a simple little tip, but one that might be of use to you if are are “rolling your own GTD” implementation.

Other posts
GTD Action/Deferred/WaitingFor/Someday folders in Microsoft Outlook – Show Item Count
Making e-mail simpler and easier to handle: using Microsoft Outlook rules
Elementary GTD using Microsoft Outlook “move to folder”

Technorati Tags: , , , , , , ,