I've been getting a LOT of Blog Comment Spam lately, just in the at two weeks. I run all my comments through the Akismet Service, and I pay for it. However, this particular flavor of spam has been making it through consistently. It has a pattern, through, and I'd been trying to figure it out when this LARGE comment showed up.
Apparently while they were messing about trying to spam me, they posted their entire source template.
I'm embedding it below as a Gist, rather than copy/pasting it into my blog engine. It's so spammy, I'd hate to get delisted from Google looking rather like a splog.
"I used to do comment spam and this is not the most advanced one."
Really? Does one put Comment Spammer on their resume?
Another comment says that we're hating on spammers. We should embrace them because:
"Sure for the 1% of super popular blogs out there this might be unnecessary, but in a world filled with bloggers blogging blogs most people never read, the fake recognition and pleasantry might be just what these writers need."
I'm pretty sure that fake comment spam isn't as emotionally uplifting as you think.
Your comments, Dear Reader? Cue spam comment-related jokes...now.
Sponsor: TheWindows Azure Developer Challengeis on. Complete 5 programming challenges for a chance at spot prizes, Stage prizes and the Grand Prize. Over $16,000 is up for grabs with 65 chances to win!
About Scott
Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.
Additionally, I have a very international group who listen to my podcast, so by moving the images to the CDN I'll get load balancing and edge caching as well. Asians will get the images served from an Asian data center, etc.
Now, to be clear, Azure bandwidth is pretty cheap, with even 100GB costing around ~$11, but I also wanted to learn how to use Blob Storage and the CDN. I've only used it to store Virtual Machines and it's been hidden from me. Bandwidth from the Azure CDN is about the same price, but I get the geo-replication for free. Remember also that "ingress," that is, incoming traffic, is free. When you're estimating your bandwidth costs, you're only worried about outgoing traffic.
I also thought it would be cool to have a custom Hanselminutes subdomain, so I want the images to be served from http://images.hanselminutes.com, because it's cool. Plus, it means I could switch CDNs in the future and not change my URLs.
I created a new storage account called 'hanselminutescdn,' then a container called 'images.'
I went to 'Configure' and setup the images.hanselminutes.com CNAME to point to the new storage account. I went to my DNS provider (DNSimple.com) and added a CName from images.hanselman.com to point to hanselminutescdn.blob.core.windows.net, and then verified the domain per the Azure portable instructions. This involved adding another verification-specific CNAME.
I downloaded the Azure SDK for .NET and used Visual Studio to upload the images.
Later after the video, I got CloudBerry Explorer for Windows Azureand used their "sync" option to keep my local show images folder and Azure in sync. Very slick. Their app also lets me easily set HTTP Headers on my images if I want. I may pay for the Pro version.
I changed my paths in my HTML to images.hanselminutes.com instead of just /images of the website's domain.
I discovered that CDNs are case sensitive, then ran this PowerShell Script to make ALL my show images files all lowercase.
dir | Rename-Item { $_.Name.ToLowerInvariant() }
I cleared out the files and reuploaded the new lower-case ones.
PROFIT.
OK, I haven't figured out that last step, but soon...very soon. ;)
IMPORTANT UPDATE: Commenter Nate Jackson points out that while I've setup access to blob storage, I haven't yet actually enable the Edge Caching abilities of the CDN itself. For this, it seems I have to visit the old management portal (which explains why I missed it completely. It's not intuitive!).
You get to the old portal from your account dropdown:
There's instructions on the Azure docs site the say I need to create a "CDN endpoint" that associates the CDN with my now-public blob storage container.
I visit the Hosted Accounts + CDN button, then click New Endpoint.
So the idea is that there's storage in general, there's blob storage made public (which is what I did) which can be geo-replicated, and then there's the formal geo-load-balanced Content Delivery Network, which I failed to configure!
CDN -> pulls from -> Public Blob Endpoint -> hosted in -> Your Storage Container itself
I will update the YouTube video soon. Big thanks to Nate Jacksonfor catching this oversight and educating me!
Sponsor: TheWindows Azure Developer Challengeis on. Complete 5 programming challenges for a chance at spot prizes, Stage prizes and the Grand Prize. Over $16,000 is up for grabs with 65 chances to win!
About Scott
Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.
I use Two-Factor Authentication for my Google Apps account and I use the Google Authenticator application on my iPhone to generate the second factor.
Microsoft Accounts (formerly Live Accounts) just launched Two-Factor Auth and you should set it up now. That means SkyDrive, Outlook.com/Hotmail as well as the Windows Azure Dashboard can now be fronted by two-factor auth.
If you already use two-factor for Google, you can ADD your Microsoft account to the Google Authenticator application on your Android or iPhone. That means I can use one Authenticator application for all accounts which is extremely convenient.
The process for setting up two step authentication on a Microsoft account is:
Run your Authenticator app and scan the barcode with your phone's camera
Enter the number you're given and click Pair.
PRO TIP: If you have two factor auth turned on for BOTH Microsoft Accounts and Google Accounts, make sure you click Edit and change the display name of your accounts so you can tell them apart! I appended [MS] and [GOOG].
The process for Google is similar. Get the app installed, and go to the Google 2-step verification page. I've been running two-step since it came out and the annoyance is minor compared to the comfort of a little extra security.
Note that some apps (like the mail app on your phone) may not support two-factor auth, so you'll need to create an application-specific password for those apps. It's a one-time password just for the apps that need them and you can revoke those passwords anytime.
Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.
I'm continuing to look for ways to optimize and pinch pennies in the cloud. I realized recently that while my Website was running in the West US Azure datacenter, the database (managed by Carl Franklin's podcasting company) was running in North Central US. This means I was paying for the bandwidth of my database calls. Not to mention, it was slower, not the best idea, plus I was calling into a SQL Server over the open internet (although I had opened the firewall to do so).
This is unusual to have a website and SQL Database so far apart, of course, as you'll usually make your site and database at the same time in the same place. Azure also goes out of it's way to keep these linked resources together as you build them.
However, Carl had setup the database and original website a while back, and I only just redesigned it and moved it to Azure recently. Additionally, the administrative backend for the Hanselminutes podcast was in North Central, so we found ourselves in this position.
Azure Websites capacity opened up in the North Central datacenter, so I took lunch to move my site. You can't just click "move," but it's actually very easy to redeploy. The whole process including DNS changes took less than 15 minutes as you can see in the YouTube video above.
I made it Shared so I could use a custom domain (or you can use Reserved)
I took the domain names off the West US site, and moved them within the Portal to the North Central one
If this site was super important I would have had a load balancer and kept both sites up while I waited, but total downtime was like 5 min so I didn't sweat it for this.
I ensured the database within North Central was a "Linked Resource" within my Website
I made sure my new website had the right connection strings in configuration.
I downloaded the new website's publish profile and imported it anew into WebMatrix (or Visual Studio, etc)
Published the site using the new publish profile.
Cleared DNS and visited the site and confirmed it worked.
Deleted the old site.
It worked well and I'm happy with the result. My next penny pinching step (and a nice geo-load balanced optimization) will be to move all the images to the CDN so that folks overseas get edge caching...that means that Australians will get the images for the site served from a nearby datacenter. I'll get this extra benefit for less than I am paying for website bandwidth.
Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.
A few days ago, I visited the Xamarin.com website and noticed this. The word "Pricing" looks like "Prioing."
It's not an illusion. It looks wrong in Google Chrome. See this zoomed-in shot.
Here's the same menu in IE. Note the subtle"bites" that have been taken out of the g and s, but the c is OK. The hinting is OK, but the font is somehow "wrong."
I also happened to be at the Xamarin Evolve conference this week, so I mentioned it to the team down there, thinking they could pick another font.
Fast forward, and I'm on the plane, checking my email with Gmail Offline (the HTML5 offline version of Gmail) and noticed this.
These fonts look like crap too!
What's going on here? What's changed? Doesn't it seem like "What's changed?" is the question we engineer-types ask the most?
Well, what's changed is that I gave a talk at Xamarin Evolve this week, and in preparation, installed Helvetica Neue. It's a lovely font and I think it worked nicely for my talk and looked great in PowerPoint.
However, Helvetica is super common font that is mentioned in Stylesheets - often explicitly when CSS is designed on a Mac - and Arial on Windows usually steps in as the replacement on Windows.
The Helvetica Neue font that I installed for my presentation is very poorly hinted (if at all) at small sizes like the one's being used. It's just not a Web Font, and while it's great for the giant sizes I needed for my talk, it's lousy for the web.
Both IE and Chrome were picking up that my system had a Helvetica available on the system and used it instead. The Stylesheet said "hey, gimme Helvetica" and the browser said "Cool, here's one."
While it's obvious it would have major effects in retrospect, I had never realized that a machine-wide "common" font installation like this could mess up font rendering in my browser. I think the best solution (even though I'm deleting Helvetica Neue) would be to use an explicit Web Font in your stylesheets when possible rather than relying on a system font like Helvetica, even though they are the ultimate fallback. Any designers want to weigh-in the comments?
Here's Chrome now on Windows with Helvetica Neue removed:
And IE
I hope this post helps someone who might bump into this font issue. My sincerely apologies to the lovely Xamarin employees who took my "bug" seriously! Thanks to Damian Guard for his Font insight!
About Scott
Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.
Additionally, I have a very international group who listen to my podcast, so by moving the images to the CDN I'll get load balancing and edge caching as well. Asians will get the images served from an Asian data center, etc. 
_2.png "The C looks like an O in Chrome")
