Author Archives: Mahmoud Al-Qudsi

Case-sensitive SEO URL redirects and routing for IIS and ASP.NET MVC

Posted on by Mahmoud Al-Qudsi
Reply

At NeoSmart Technologies, we have a special affinity for ecosystems running both Windows and *nix in unison, each doing things they excel at. Half of this website is running ASP.NET MVC under IIS 8.0, while the other half is running under nginx on FreeBSD, everything behind an nginx reverse proxy. Windows likes to make things easy for users by being a primarily case-insensitive platform, both when it comes to the local filesystem and the web. FreeBSD and Linux on the other hand, like most of the unix world1 are explicitly and unapologetically case-sensitive.

On the one-hand, IIS defaulting to case-insensitive URL routing means that your users are far less likely to a see a 404 “Page not found” error as a result of a fat-fingered or mangled URL (which as we all know can be the fault of either the user or the developer), but it also means that when Google’s spiders and ‘bots come around looking to index your content, you’re likely to wind up penalized for having duplicate content. The web itself is officially case-insensitive, and technically both example.com/something and example.com/Something are completely separate, unique, and independent URLs that despite all semantical similarities share nothing in common (though you’d be mad to actually host different content on URLs differing only in spelling).

Welcome SeoRedirect, part of NeoSmart Technologies’ open-sourced Web Toolkit library, which provides case-sensitive routing for ASP.NET on IIS. With the latest update (freshly pushed!), SeoRedirect also gives you control over which GET parameters are also preserved, because apparently worrying about case-sensitivity alone just isn’t enough.

Continue reading

  1. Mac OS X is a notable exception here, as by default it uses HFS+ in a case-insensitive mode, though an HFS+ implementation w/ case-sensitivity is enabled (but rarely used). 

A smarter month and year input field: solving the credit card expiry conundrum

Posted on by Mahmoud Al-Qudsi
1

Every computer-savvy keyboarder has run into this problem before: you’re typing your merry way through a credit card payment form, pounding out your address and credit card numbers, tabbing between the fields so you don’t waste time mucking around with the mouse, when you come across the dreaded expiry date fields:

Expiry Date Fields

You groan. You know what’s coming next. Your card expires in April of 2019. Are they expecting you to type ‘A’ for “April” or to key in “04”? Or maybe it’s just ‘4’? Murphy’s law guarantees that whatever sequence you try typing these options in, it’ll be the last one you try. You sigh. You either try the different options haphazardly, holding your breath and cringing when it doesn’t change, or changes to select the wrong value. Finally, you give up and move your hand those excruciatingly-far 6″ to the mouse, and sigh in despair as you resort to clicking on the drop-down box and scrolling through the entries to select the one you’re looking for.

Continue reading

EasyBCD 2.3: Windows 10, EFI, and much, much more

Posted on by Mahmoud Al-Qudsi
28

EasyBCDIt’s our distinct pleasure to announce the release and immediate availability of EasyBCD® 2.3 for download. Development on EasyBCD 2.3 has been ongoing for the past three years as new functionality has been added and support for the latest developments in new operating systems and bootloaders has been polished and shined.

EasyBCD 2.3 features full Windows 10 and EFI support, and has been tested with the latest version of Windows under all imaginable circumstances and configurations, as well as many other operating systems and platforms, both big and small. From indie-sized micro Linux distributions to the latest major releases from Debian, FreeBSD, Ubuntu, SUSE, and more; EasyBCD 2.3 offers greater compatibility, more options, and better support while becoming even easier to use than ever before.

Continue reading

CHS, LBA, and 4k advanced format drives

Posted on by Mahmoud Al-Qudsi
4

Modern hard drives are shipping with newer features, some of them more confusing than others. One such feature that’s causing a lot of head-scratching and confusion amongst the ranks is the new, so-called “advanced format” hard disks that are now shipping. Generally, these are newer SSDs as well as traditional “spinning rust” hard drives larger than 4TiB in capacity. What’s 4k all about and why do we need it? To understand this, we’re going to have to take a trip back in time and find out exactly how disks work, how an operating system talks to a disk in order to read/write from/to the disk, and see why the old way was broken and needed to be replaced with something newer and better.

Continue reading

How-to: Upgrade to OS X El Capitan GM from a beta build

Posted on by Mahmoud Al-Qudsi

Apple has just released OS X 10.11 El Capitan GM, but users and developers running beta builds will not be able to upgrade directly from the App Store. In order to upgrade from a El Capitan beta build, for example, seed 15A278b to the El Capitan GM release 15A282b, you’ll need to jump through a few minor hoops first.

Continue reading

Windows 10 Repair Install (in-place upgrade)

Posted on by Mahmoud Al-Qudsi
5

BlackPCGood news! With Windows 10, we finally see the return of the “in-place upgrade,” more commonly known as the ability to repair install!

Windows XP was the last version of Windows that had a true “repair install” option, allowing users to fix a non-working system by simply booting from their Windows XP setup CD and simply pressing ‘r’ when prompted to begin an in-place upgrade/reinstall of Windows XP that would replace damaged or missing system files, fix system misconfigurations, reset drivers, and more while retaining users’ files, applications, and settings.

Continue reading

Explaining Windows 10 activation on upgrade with product keys from Windows 8 or Windows 7

Posted on by Mahmoud Al-Qudsi
17

blue-wallpaper_windows_10_hd_2880x1800Windows 10 is here. But unlike any other Windows release ever before, the situation with licensing and upgrades is quite different – and rather unclear. Who is entitled to a free copy of Windows 10, can you activate with your existing product key, what happens when you want to perform a clean install, how does Windows 10 activation work, who is covered by the free Windows 10 upgrade license, and more are questions going through everyone’s head.

Ever since Microsoft released Windows 10 last week, we’ve been receiving a flurry of emails pertaining to our free Product Key Tool for Windows, used to recover or retrieve the product key embedded in the BIOS/UEFI that can be used to activate a copy of whatever version of Windows your PC shipped with. And we’ve been replying to these emails on a case-by-case basis as our developers and testers have been putting Windows 10 (and by extension, its activation servers) through the works to try and figure out, all FUD aside, what really is the deal with activating Windows 10. Without further ado, here are our findings.

Continue reading

Easy USB Creator 2.1 Released

Posted on by Mahmoud Al-Qudsi
5

Easy USB CreatorEasy USB Creator 2.1 has been released and is available for immediate download, complete with support for Windows 10, improved support for creating more-reliable bootable USB sticks than ever before, and more.

Easy USB Creator is NeoSmart Technologies’ standalone utility for converting ISO images to external drives, USB sticks, and USB thumbdrives. With Easy USB Creator, the process of using a USB drive to boot into an ISO image on PCs without a CD or DVD drive is easier than ever, with its intelligent single-click conversion process that can elegantly handle most Windows ISOs you can throw at it.

Continue reading

pevents: a cross-platform Win32 events library

Posted on by Mahmoud Al-Qudsi
Reply

Threads-GitHubpevents, our implementation of Windows manual- and auto-reset events for Mac and Linux, is now officially pevents, our truly cross-platform win32 lightweight events library for Windows, Mac, Linux, and other platforms. We first released pevents way back in 2011, when we searched for and were unable to find an existing implementation of Windows events, the basic primitives for thread synchronization on Win32.

The *nix world has seen a lot of progress when it comes to non-blocking waits in recent years, but it’s very recently that purely event-driven libraries like epoll and kqueue have properly taken off. In the Windows world, it’s long-been possible to wait on filesystem and network events with WaitForMultipleObjects – a paradigm most Windows C/C++ developers are intimately familiar with. One thing that WaitForMultipleObjects (and pevents!) can also do rather neatly is wait on multiple mutexes, events, and/or semaphores simultaneously, unblocking when one or more (or all) are triggered or available.

Continue reading

Answers to password reset questions are passwords too — so why aren’t we treating them that way?

Posted on by Mahmoud Al-Qudsi
4

identity-theftIf you’re a developer working on or maintaining a website catering to the general public, chances are you’ve implemented some form of password reset via security question-and-answer into your site. How are you storing the answers to these questions in your database? Are you encrypting them? Storing the (hopefully cryptographic, salted) hashes? Or are you storing them plain text?

I can’t answer for you, but I can tell you that I’ve never used a system that didn’t leave tell-tale signs of storing these answers in plaintext. Here’s the thing – if it’s possible to use these answers to reset a password, then these answers, by extension, are passwords too.

In some ways, answers to password reset questions are more important than the password itself. With the password, an attacker can compromise and gain control of a user’s account. With the answers to security questions, an attacker can compromise a user’s entire online and offline security, steal their identity, and quite-literally ruin their lives. Think about it, these same questions (mother’s maiden name, childhood best friend, street you grew up on, where you were on New Year’s Eve of 2000) are the same questions every site asks you to confirm your identity and reset your password. They’re the questions your telephone banker asks before divulging account info or letting you wire money to an international account. They’re the questions that you’ll be asked when applying for a credit card to prove you’re who you claim to be.

Continue reading