Adding text preview in Windows Explorer based on file extension

This is so simple and has likely been around for some time but somehow I have not come across this technique until a colleague showed me today. I am not going to give a step by step guide simply because if you don’t understand how to do what I describe then I recommend that you don’t do it. Or at the very least, don’t do it until you have more experience.

In the registry under HKEY_LOCAL_MACHINE\SOFTWARE\Classes there is a key for each known extension (e.g. .wsdl). Under this key, you need to add a string value (REG_SZ) called PerceivedType and set its value to “text” (without the quotation marks).

You do not have to reboot the machine nor even restart Windows Explorer as every time focus is given to a different file then the registry is checked.

[Large Global Software Company] ignoring and ignorant of security and data protection.

For some time I had been receiving junk email, aka SPAM, at an inbox that I had setup solely for the use for interactions with [Large Global Software Company]. With various possibilities for why the email address was compromised, including Heart Bleed, I decided to change the address so I created a new address, logged in (over HTTPS) and manually typed in the new email address.

In less than three days I started junk email to the new email address. At this point there were three parties with access to that email address; me, the mail provider and [Large Global Software Company]. The mail provider is also a large global software company but as I have many email addresses there with over 90% never receiving a single instance of junk mail I have ruled them out at this point. And we can be certain that I have not handed out the email address in any way whatsoever (apart from as described above).

This post is to document the attitude of [Large Global Software Company].

I contacted [Large Global Software Company] with a security concern as, to my mind, they had a data breach and as a responsible customer I wanted the overall issue resolved. They opened an issue and asked for evidence then promptly closed the issue. The closing of the issue I assume was an error – we all make mistakes. Their request was reasonable so I provided the text of the email and a screenshot that they asked for. I was surprised that they didn’t ask for the mail headers but I thought that would come later.

They then called me and explicitly stated that they could not be the cause of the leaked data. They explained that everyone gets junk mail and to just block the sender (anyone who knows anything amount SPAM knows how ridiculous a suggestion this is, anyone else should ask someone who does – but in short the junk was coming from different email addresses). I explained that this was not a satisfactory solution and that it was too late for my email address but this is most likely an ongoing problem. Here I hit a brick wall. Their advice would not change and they refused to look into the matter further. I pleaded that I would assist them in any reasonable manner before finally threatening them with providing evidence and posting it publically in order that they took their responsibilities seriously. I have left it a bit of time so that they have had a chance to find and resolve the issue or even to reconsider and get back in touch with me.

It will be two weeks tomorrow so here goes. The following is a timeline of what has occurred and

13th May 2014 [Large Global Software Company] opens case based on website “Contact Us” from me promising that they “will get back to [me] within 2-3 business days”.

19th May 2014 [Large Global Software Company] requests a screenshot of 1st junk email then immediately close the case.

21st May 2014 Informed them of inappropriate case closure and uploaded screenshot and plain text of email.

23rd May 2014 [Large Global Software Company] confirm that the sender’s email address is not one of theirs and request the screenshot again. I respond highlighting that I had already uploaded the requested screenshot.

2nd June 2014 [Large Global Software Company] helpfully say that my email address has nothing to do with them, that there are a number of ways spammers can get email addresses and to just block the sender. I respond by insisting that their position is unjustified and challenge them to explain a single way that any spammers could have got this email address.

10th June 2014 I receive a telephone call from [Large Global Software Company] in which they refuse to provide a single explanation of how anyone could have got hold of this email address, refuse to do anything about it and refuse to accept that blocking the sender of every junk email I receive to this address will resolve nothing.

23rd June 2014 Two accounts setup with mail provider to see if they get any SPAM before use i.e. provide evidence of whether the mail provider in the clear.

[Update 1]
1st July 2014 It has been more than a week and I have yet to receive any SPAM to either account. Next step is to change the email address at [Large Global Software Company] and see how long it is until I get SPAM. [Large Global Software Company] has marked my issue as Withdrawn and made adding comments or re-opening the case impossible. For the record, I never withrew my issue but I did accept that they could close it as they were prepared to do nothing.

[Update 2]
2nd July 2014 I have just updated the email address and verified it at 11:43 BST. Now, bearing in mind the weekend is in the middle, how long until I get SPAM?

[Update 3]
21st July 2014 I have not received SPAM to either email address. I can only conclude that [Large Global Software Company] suffered from a vulnerability like Heart Bleed bug and busily fixed it whilst denying all wrong doing. For me this is where it ends. I shall now change the email address to something else and delete the test email accounts. Whilst I am far from happy with the way I was treated by [Large Global Software Company], they shall remain anonymous as I have failed to prove anything.

[Update 4]
1st August 2014 After thinking it was all over, yesterday I changed the email address once more at [Large Global Software Company] and this time changed the email address of the distribution group previously getting email at the email provider (as opposed to creating a new one). Within a few hours I was getting SPAM to the new email address. So today I have created a new email address for a new email distribution group and changed the email address of the distribution group getting SPAM. I shall change the email address at [Large Global Software Company] to the email address of the new distribution group. Which one will get SPAM? I am now wondering whether it is [Large Global Software Company] or the email provider.

[Update 5]
6th August 2014 The cause is a simple one: when changing the email address of a distribution group the previous email address is kept as an alias. This is a very handy feature if you want to change email addresses but want to keep receiving emails to the previous email address for a transitionary period. This alias can be removed at any time. I posted to the email provider on Twitter on 1st, received back advice to post on their forum on 5th (2 business days later) then I posted on their forum today and received the solution 19 minutes later. Now that is good customer service; well done Microsoft!!! (I still feel that I received poor customer service from [Large Global Software Company] and will name them the next time they treat me, the customer, poorly as had they worked with me in the first place then I would not have taken so long to find the issue – after all they “gave away” one of my email addresses in the first place.

Using relative paths to source for the Web Deploy tool (msdeploy.exe)

A colleague of mine recently wanted to write a script employing MSDeploy. Understandably he wanted to make the deployment scripts portable so that they could be used on different machines without forcing the deployment from and to the same directories on the different machines. Simple he thought: relative paths. I would have thought the same thing.

He expected to do something like the following (shortened for illustrative purposes):

msdeploy.exe -source:contentPath=".\SourceDir"

Simple until you discover that the tool requires either absolute paths or a full site/application path. This is clearly documented here. This documentation states that environment variables can be used and names %WINDIR% as an example.

The simplicity of the solution (also discovered by my colleague) was to delve back into DOS scripting days and use %CD%. This is the environment variable for the current directory. (Typing the quotes as well) try "%CD%" on the command line and see what you get. Just what you want for:

msdeploy.exe -source:contentPath="%CD%\SourceDir"

Locating stored procedures (and more) on a SQL Server instance.

Sometimes you need to locate a stored procedure on a SQL Server instance but you are not sure what database it is in. Well, at least I sometimes find myself in that situation. The following script iterates over each of the databases on the current SQL Server instance displaying the database name which contains the stored procedure named (replace #Stored Procedure Name# with the name of the stored procedure you are looking for):

-- Use for stored procedures only.
EXEC sp_MSForEachDB
'USE [?];
DECLARE @databaseName VARCHAR(100);
SELECT @databaseName = SPECIFIC_CATALOG FROM INFORMATION_SCHEMA.ROUTINES
WHERE ROUTINE_NAME = ''#Stored Procedure Name#''
IF @databaseName IS NOT NULL PRINT @databaseName'

Sometimes you know only part of it so the following script uses the LIKE statement which uses % as a wildcard. This can be used wherever the LIKE statement allows (see http://msdn.microsoft.com/en-us/library/ms179859.aspx). For example:

EXEC sp_MSForEachDB
'USE [?];
DECLARE @databaseName VARCHAR(100);
USE [?]; SELECT @databaseName = ''?'' FROM sys.sysobjects
WHERE sys.sysobjects.name LIKE ''#Start Of Stored Procedure Name#%''
AND sys.sysobjects.type = ''P''
ORDER BY sys.sysobjects.name
IF @databaseName IS NOT NULL PRINT @databaseName'

If you want to search for other object types then you need to replace the value compared to sys.sysobjects.type from P to one of the following:

AF = Aggregate function (CLR)
C = CHECK constraint
D = Default or DEFAULT constraint
F = FOREIGN KEY constraint
FN = Scalar function
FS = Assembly (CLR) scalar-function
FT = Assembly (CLR) table-valued functionIF = In-lined table-function
IT - Internal table
K = PRIMARY KEY or UNIQUE constraint
L = Log
P = Stored procedure
PC = Assembly (CLR) stored-procedure
R = Rule
RF = Replication filter stored procedure
S = System table
SN = Synonym
SQ = Service queue
TA = Assembly (CLR) DML trigger
TF = Table function
TR = SQL DML Trigger
TT = Table type
U = User table
V = View
X = Extended stored procedure

This was sourced from the MSDN article for sys.sysobjects (http://msdn.microsoft.com/en-us/library/ms177596.aspx).

Unsubscribing from Apple’s MobileMe Trial

So my better half wanted to unsubscribe from Apple’s MobileMe after an unsuccessful trial. What that really means, to be totally fair to both Apple and myself, is that MobileMe didn’t meet her requirements and that I was to unsubscribe from it for her (after all I had help her set it up in the first place).

This should have been a simple 5 minute task at most. IT WAS NOT!!! (No, CAPS LOCK was not accidentally pressed. Yes, I am cross).

As an existing iTunes user, my wife has long had an Apple account. For the purposes I shall refer to it as iTunesAppleAccount@Domain.com.

During setup of the MobileMe trial my wife used her existing Apple ID and was issued a new email address for MobileMe which I shall refer to MobileMeAccount@Me.com.

My wife was sent the following in an email from the MobileMe service which hit her one and only inbox:

If you’d like to make changes to the billing settings listed, log into me.com and click on Account. Choose Account Options to cancel your account, or Billing Info to update your credit card.

I clicked the link and entered her Apple ID (iTunesAppleAccount@Domain.com) which sent me straight to the rather good Find page which proceeded to locate and display the two devices she had registered. There was a menu with a dropdown list with Account. Which I clicked. This opened up a new page which, after re-authentication, gave access to her Apple ID account details.

All good so far except that there was no mention of MobileMe.

After a bit of digging I found a thread on Apple’s own Apple Support Communities forums. This lead me to an Apple Knowledge Base article. Which suggested the http://www.me.com/account link again.

By now I felt that I was going around in circles. I cannot tell you how many times I clicked a link then authenticated only to be on the Find page again. Yes, the only functionality I could find on MobileMe was the Find page!!!

Solution Found

It then struck me that I had this MobileMe email address. It turns out that I had to log in with that email address to access the MobileMe account details. Ironically, it said that it had no associated devices. At least it did allow me to cancel the subscription.

I cannot work out whether it was me or Apple. Should I have remembered to log in with this issued email address? Probably? Should MobileMe have allowed use of an existing Apple ID? Probably. Should Apple have reminded people that this login might use different credentials from their Apple ID that is used for other Apple services? I think so.

How to backup your Google Calendar automatically on a Windows machine

This is a quick and brief example of how to schedule a backup of a Google Calendar on a Windows machine. This technique uses a PowerShell script and the Windows Scheduler.

First you need to get the information required from Google:

  1. Login to Google Calendar.
  2. Under “My Calendars” click the down arrow (outlined in red in the pic below) that’s at the right of the name of your main calendar, the one you want to backup.

Google Calendar Settings

  1. Then click “Calendar settings”.
  2. In the view that appears, scroll down to the bottom, and find the bit headed “Private Address”, see below.

Google Calendar Right Click Position

  1. Right click the green ICAL button under “Private Address”, which provides the URL or web address of your own calendar file which will be something like https://www.google.com/calendar/ical/ThisIsMadeUp.calendar.google.com/private-1666abcdefa52b25e9539a043a0813cd/Calendar.ics (NOTE: keep this address to yourself).

Next create a PowerShell script:

The following should be saved in a file (this will use the example file C:\GoogleCalendarBackup.ps1) where the $Source is set to the “Private Address” URL retreived above:

$WebClient = New-Object System.Net.WebClient
$source = "https://www.google.com/calendar/ical/ThisIsMadeUp.calendar.google.com/private-1666abcdefa52b25e9539a043a0813cd/Calendar.ics"
$target = "C:\GoogleCalendarBackup.ics"
$WebClient.DownloadFile($source, $target)

Finally create the scheduled task:

  1. Open Start Menu\All Programs\Accesssories\System Tools\Task Scheduler
  2. Select Action\Create Basic Task…
  3. Enter a name and (optionally) a description then press Next.
  4. Select the frequency of the backup and press Next.
  5. Select the details of the backup frequency and press Next.
  6. Select “Start a program” for the Action and press Next.
  7. Browse to the PowerShell executable on your machine e.g. C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe.
  8. Put -nologo -command “& {C:\GoogleCalendarBackup.ps1}” in the Add Arguments box and click Next.
  9. Review your setting and click Finish.

I ran the scheduled task to ensure that the backup worked then checked that the scheduled task is running for the first few times just to be sure.

NOTE: Retrieving the Google Calendar URL is based upon http://www.consumingexperience.com/2010/04/how-to-backup-your-google-calendar.html by Improbulus

Many thanks to Improbulus.

Follow

Get every new post delivered to your Inbox.