Welcome to RightHand's community place Sign in | | Help

Moving my blog to BlogEngine.net

I am moving away my blog from Community Server, as many others did (i.e. Andrej Tozon)  before me, to BlogEngine.net. The reason is that Community Server is meant for communities, not for single lightweight blogs – it is a complex beast and it does its job great, yet it is too much for a single blog. I’ll keep my Community Server up mostly for my public downloads but the blog here won’t be updated anymore.

blog.rthand.com is my new location. If you are subscribed to my feedburner feed (default) then you don’t need to change anything. Otherwise change the subscription to it: feeds.feedburner.com/RighthandBlogs.

Update: The old RSS is redirected to feedburner feed, so you really don't need to change anything.

Posted by Miha Markic | (Comments Off)
Filed under:

Building an Intel Core i7 based computer - Storage

Disks fail more often than one can imagine. Because my data is the most important part of my computer my main objective is data safety so I’ll go for RAID 1 – disk mirroring that guarantees data integrity even if one of the two disks fails. Heck, I wouldn’t even miss a working day in such case – I’d just work with one disk until the damaged one gets replaced. RAID 1 is expensive because it mirrors the data – you’ll need two disks for the same data, however, the data will be redundant and furthermore RAID 1 reads data almost as twice faster than a single disk solution, write process is a bit slower compared to the single disk solution though. Another benefit of RAID 1 is possibility of using a motherboard-integrated RAID controller (which uses few CPU cycles, yet one won’t notice it on 4-core CPU) without any performance loss. RAID 5 is out of question because of really slow writes and requirements for an (expensive) add-on controller (although there are integrated controllers that handle RAID 5 but they will make it even slower). Add-on controllers have additional features such as memory cache (I’ll just use cheaper OS caching) and an option for batteries that will save the data in case of power failure (I will use an UPS to power my computer anyway – no need for those batteries).

Secondary objective is performance/price ratio. These days storage devices are the main performance bottleneck because they are relatively slow and computer often accesses them. They are even more important when you ran out of RAM (hope not, but it can happen) – then the page file swapping party begins. So the main goal is to get as good price/performance ratio as possible.

First, there are two choices: hard disk (HD) or solid state drive (SSD). I’ll pick HD option because SSDs are:

  • unproven new technology (in the long term)
  • usually slow for writing operations (they are improving though)
  • very pricey

So, I have three choices with HD technology:

  • SATA (mainstream)
  • SAS

SAS drives are very expensive, relatively small and I am not sure whether their faster speed would bring enough benefits in the performance/price sense. Furthermore they require additional SAS controller which isn’t cheap either. I think that SATA technology is far better for me. Every motherboard has an integrated SATA controller, better motherboards support RAID 1. But which drive? I’ll go for WD Velociraptors because, albeit they are more expensive, they are considerably faster than standard 7.200 RPM disks. Interestingly, Velociraptors are 2.5” disks packed in 3.5” chassis (no, they can’t be mounted in a laptop).

I bought a pair of Western Digital Velociraptor WD3000HLFS 300GB 10.000 RPM drives from mimovrste.com for 2 x 246,79 Euros.

See other relevant posts:

Introduction
CPU cooler
The goal
Power Supply Unit
Memory

Posted by Miha Markic | 4 Comments

Building an Intel Core i7 based computer - Memory

Core i7 requires DDR3 memory. The more cheaper and slower DDR2 isn’t an option. But beware that not every DDR3 memory is good for Core i7. Oh no, they have to have a lower voltage than usual, that’s max 1.65V (1.5V recommended). Lookout for memory modules that are “build/optimized/etc. for Core i7”. Read this article to learn more about differences between DDR2 and DDR3.

Another innovation in memory access is that Core i7 is capable of using three channels to read/write from/to memory. Previous Intel and AMD CPUs could utilize only two channels at most. Thus the necessity for a triple channel modules. IOW you get the best performance by using three (or a multiplier of) physical modules. You are not constrained by the multiplier of three (the number of modules depends on motherboard as well – not every motherboard accepts many modules) but then you’ll get lower performances.

So, I’ll go for three DDR3 modules.

The final two aspects of interests to me where I can choose:

  • size
    I’ve chosen the size of 6GB (3x2GB) because I think it will be enough for my usage. Note that you shouldn’t go below your requirements (you should know how much memory on average your applications consume and what applications you are going to run at the same time) – if you run out of physical memory then your computer will start swapping memory to disk like crazy and performance will go down the drain. So, the size matters after all. No need for exaggeration though. Having more memory than required doesn’t help a lot.

    Another word of caution: 32 bit operating systems can’t use more than, at most, 3.5GB of RAM (there are ways for servers to get around this limitation but for special use). This is a hardware limitation. Which means that if you want to use more than 3.5GB of RAM you’ll have to install a 64 bit OS which doesn’t have such a limitation. In fact I am planning to install either Windows 7 x64 or Vista x64.

  • performance/price and performance
    The faster the memory is, the faster can CPU access it and thus your applications will run faster.
    There are two factors affecting memory performance: frequency and latency. The former should be as high as possible (1333 is the lowest and cheapest frequency for DDR3 that I’ve found on the net – note: allowed max and min frequency depends on the motherboard as well) but then again, not too high because of a non-linear increase of performance/price – you don’t gain that much performance if you increase the frequency insanely. Also beware that there are two frequency labels out there: one is the frequency itself (i.e. 1600Mhz) while the other is a PC3 rating that depends on the frequency (PC3 12700 for 1600Mhz).
    The other factor is latency. It is marked by a single number (i.e. CL9) or by a group of numbers where first number is CL (i.e. 9-9-9-27). The number(s) should be as low as possible because latency (simplified) states how much time is required for memory module to do an operation.
    Memory frequency is far more important than latency (look at the benchmark tests on the web). Thus invest in higher frequencies rather than lower latency. Or better, both, but the most important is frequency.
    After a while I concluded that I’ll go for a 1600Mhz/CL9 modules, partially because of price and partially because of the lack of the availability of lower latency 1600Mhz modules – I was shooting for CL7 but I couldn’t find any (OCZ has nice modules for a great price – but those can’t be found these days).

I bought a Super Talent 6GB/DDR3/1600/CL9 triple channel kit (SKU: WA160UX6G9) modules from Mlacom for 238 Euros.

005

See other relevant posts:

Introduction
CPU cooler
The goal
Power Supply Unit

Posted by Miha Markic | (Comments Off)

Building an Intel Core i7 based computer – Power Supply Unit

If you think that power supply unit (PSU) seems like a non-important piece of the computer think again. It is the heart of the computer as it delivers the blood to the brains and other parts. The blood in this context is the electricity of course.

The PSU aspects that are important to me:

  • the quality of the components/build
    If you want to start a fire or have an instable computer then a no-name PSU is a good choice. They are cheap but they use low quality components and 220V (or other input voltages, i.e. 110V in the US) and a bunch of amperes can make some smoke at least if not start a huge fire. As it happened once to me. Luckily, I was at home at the time. I didn’t see smoke yet but I smelled that something is burning. After some “find that smell” exercise with my nose it turned out to be the low-quality PSU of my computer. Again, I was lucky that it happened while I was at home. The moral of the story is that you shouldn’t but a cheap junk PSU. Instead go with a branded one at least.
  • silence
    As usual, the bigger the cooling fan the better. There are some passively cooled PSUs out there however I wouldn’t use them since… well the point above and the fact that you might require additional fans on the chassis to cool them and they are not very powerful either. A heat controlled fan is a bonus – it would spin as fast as it is required and produce less noise when the temperature is low.
  • output power distribution
    Isn’t a 500W PSU equal to another 500W PSU? No, it isn’t. A PSU delivers various voltages to various computer components through various rails (wires). The declared power is distributed between these voltages. It is good as long every voltage has enough power. Even if PSU is rated at 1kW (yes, they do exist) and it lacks power even on only one rail then computer might behave oddly or it won’t turn on at all. PSU might even damage the computer components in such case.
  • energy efficiency
    The higher the better. It should be at least 80% (meaning that 20% is a waste). The higher the efficiency is the less energy gets wasted and your electricity bill is lower. Not to mention that the world benefits from it as well. Note also that efficiency varies with operating power. Check out 80plus website for more info on PSU energy efficiency.

I’ve been using Super Flower as manufacturer of my PSUs for some time now and I am happy with them although they are not a very well known manufacturer. Nevertheless web reviews are praising their PSUs in all the aspects mentioned above.

I’ve chosen the Aurora 600W (SF-600R14A) model (you won’t find it on their web site - which is a poor web site btw). It is rated at 82% efficiency though I don’t think it has been certified for (yet). It uses a huge 14cm cooling fan that is supposed to be very silent, furthermore it is heat-driven – it will adapt its speed to the actual conditions. 600W should be more than enough for my configuration. It should be enough for the most configurations, except for the dual graphic card ones (nVidia SLI, ATI CrossFire) (additional graphic card might draw a lot of additional power, i.e. 200W - depends on the card). So do calculate the power required in such case and buy an adequate PSU (again, check out the railings power).

Another bonus for Aurora is the usage of round cable connectors toward PSU. The round shape facilitates the air movement in the chassis and thus the cooling of the components. Another good thing is that cables are attached with connectors – you can attach and detach them if you don’t need them (as opposite to fixed cables on cheaper PSU). Less cables means better air movement and again, better cooling of the chassis interior. And less clutter in the chassis.

 

Bought it from CoolPC for 109,54€.

See other relevant posts:

Introduction
CPU cooler 
The goal

Posted by Miha Markic | 2 Comments

Building an Intel Core i7 based computer – The goal

Somehow I’ve missed two important things to mention in the introduction: what will I use computer for and the budget.

The computer is, of course, meant to be a development workstation that will replace my current aged Core 2 Duo E6600 based one. I’ll base my new computer on three pillars in this order of importance:

  1. Reliability
  2. Silence
  3. Performance and Price/Performance ratio

The first point is all about avoiding unnecessary risks by taking in consideration only quality components if possible and redundancy. Nothing is more important than data. And having certain disk redundancy keeps computer operational even if a single disk fails – a disk failure is not uncommon at all. Backups are important as well, but that’s another story.

Does second point really need an explanation? Do you want the noise level of a vacuum cleaner under the desk? If you work a lot with computer you’ll appreciate as quiet machine as it gets. Low noise is mostly achieved through passive cooling or big fans that rotate slowly – the bigger they are the slower they need to rotate and thus noise is lower.

So, performance and price make only the third pillar in order of importance. Of course those performance and price are important but only after the first two.

Se what’s left is the budget: 1501 euros. Expensive? Cheap? I think this is a good compromise for my three pillars of a development workstation.

In case that I’ve missed some other relevant information so far, let me know.

See other relevant posts:

Introduction
Building an Intel Core i7 based computer – CPU cooler

Posted by Miha Markic | 1 Comments

Parallel computing in Visual Studio 2010/.net 4.0 slides

Just finished the presentation about Parallel computing in Visual Studio 2010/.net 4.0 at TŠC Nova Gorica (a part of Microsoft’s event for students). Audience was cool and almost everything went well, except for VS2010CTP crash at very beginning. Not a big problem, one has to expect such problems running CPT versions. Visual Studio restart fixed it.

All in all a good day for my presentation. Go get the slides here (slides are in Slovene language).

Posted by Miha Markic | 2 Comments

Entity Framework leaves the door open to a SQL Injection attack?

I couldn’t believe it when I read Julie Lerman’s post about EF and SQL Injection. She discovered that Entity Framework doesn’t use parameterized queries always!

I had to try it for myself on Northwind database:

var query = from c in entities.Customers
                        where c.ContactName == "Tubo"
                        select c;

produces this SQL statement (courtesy of SQL Profiler):

SELECT
[Extent1].[CustomerID] AS [CustomerID],
[Extent1].[CompanyName] AS [CompanyName],
[Extent1].[ContactName] AS [ContactName],
[Extent1].[ContactTitle] AS [ContactTitle],
[Extent1].[Address] AS [Address],
[Extent1].[City] AS [City],
[Extent1].[Region] AS [Region],
[Extent1].[PostalCode] AS [PostalCode],
[Extent1].[Country] AS [Country],
[Extent1].[Phone] AS [Phone],
[Extent1].[Fax] AS [Fax]
FROM [dbo].[Customers] AS [Extent1]
WHERE N'Tubo' = [Extent1].[ContactName]

See the Tubo condition expressed like a string? Speechless. Granted, if you specify a variable instead a string within the EF query then a parameter is used.

So I tried a classic SQL Injection attack, like this:

var query = from c in entities.Customers
                        where c.ContactName == "Tubo'; UPDATE [Northwind].Categories SET Description='SQL Injection' WHERE CategoryID=9; --'"
                        select c;

which produces this condition (select columns trimmed)

WHERE N'Tubo''; UPDATE [Northwind].Categories SET Description=''SQL Injection'' WHERE CategoryID=9; --''' = [Extent1].[ContactName]

Luckily the attack fails due to duplication of single quotes. So there is a protection against SQL attacks afterall.

However, I am not feeling safe with this approach. Attackers are smart and sooner or later they might find a way across string-replacement defense strategy.

But the real questions is: why leave the door open to a possible attack in first place? Why not always use parameters as there is no way around them? What good is to risk a SQL injection attack?

Update: A possible scenario where one could exploit this feature, granting there is a way around single-quote-replacement, is with add-ins. Imagine you have an add-in based application where each add-in is allowed to perform EF selects on database (enforced by your application). One could fake a select with all sort of T-SQL code nested within.

Posted by Miha Markic | 7 Comments
Filed under: ,

Building an Intel Core i7 based computer – CPU cooler

The most valuable aspects for my computer are performance and silence.

The later means as less possible noise producing components and as silent moving parts as possible. The Core i7 920 comes usually in a boxed SKU which means that is comes with a stock cooler. This cooler usually isn’t meant to be silent but rather an average noisy one. Thus the need for a 3rd party solution. Core i7 has a different socket than previous Core 2 Duo line – 1366 as opposed to 775 (the change is mostly due to integrated memory controller and hence more pins for the memory bus). The change of sockets also means that all available coolers won’t work just like that and since the socket 1366 is pretty much new there are no many coolers to choose from. After googling a bit I’ve found one that caught my attention: Scythe Mugen 2. It natively supports socket 1366 and it has a 12cm fan. The bigger the fan is the slower it has to rotate and thus it produces less noise. Well actually it comes with a single low noise 12cm fan but one can attach additional three similar fans (which I don’t plan – one should be more than enough). Anyway, my rule of the thumb for any cooler – the bigger the fan is the less noise it produces.

I bought Scythe Mugen 2 from mojcomp.net (Slovene online shop) for 49 Euros.

Here is a bunch of photos of the Scythe Mugen 2. I placed a CD case next to it to show the cooler’s relative size. There is also some cardboard stuffed in the cooler which I will remove before mounting it:

mugen4 mugen1 mugen2 mugen3

The cooler is one huge beast. Its size is amazing. At least is not that heavy. Few years ago I couldn’t imagine I’d mount coolers of this size and weight to motherboards.

Another important aspect of lowering the noise is fan speed controller on the mainboard. You attach the fan to the mainboard and BIOS takes care of fan speed. Not sure which motherboards support it but I am sure I’ll get one with proper support.

BTW if you wonder why I am buying a boxed CPU just to replace the stock cooler then wonder no more: non-boxed versions aren’t much cheaper and even if they were it is hard to find one.

See other relevant posts:

Introduction

 

Posted by Miha Markic | 1 Comments

Building an Intel Core i7 based computer – Introduction

I am starting to build a new computer for me and I’ll document the parts and decisions along the path.

Parts required for a computer:

  1. CPU
  2. Motherboard
  3. Memory
  4. Hard disks
  5. Chassis
  6. Power supply unit (PSU)
  7. CPU cooler
  8. Graphic card
  9. Operating system

Based on price/performance ration of new Intel Core i7 CPU line I’ve decided to build the computer around the i7 920 model which is the slowest of the i7 line yet it blasts all the Core 2 Quad line, not to mention Core 2 Duo line. It is a quad core CPU with hyperthreading thus it looks like 8 cores to the OS (albeit hyperthreading cores are not real ones – they can work in parallel only to a certain degree). It also features integrated memory controller which significantly reduces memory latency (lesson learned from AMD). The price of i7 920 is very reasonable as well: 282,8 Euros (all prices I’ll list are VAT included and expressed in Euros- use the currency converter such as Universal Currency Converter to convert prices to other currencies) from mimovrste.com (Slovene online shop). I’ll get back to the CPU when I receive it.

Posted by Miha Markic | 2 Comments

Change the HAL of Windows OS

I am doing a presentation on Visual Studio 2010/.net 4 parallel programming enhancements in the near future. Microsoft released Visual Studio 2010 CTP and that’s fine. The problem was that the one and only release comes in the form of a VirtualPC image. This is not a problem by itself but it is a problem if one wants to show parallelism. You see, VirtualPC supports only single processor guests (Microsoft isn’t exactly pushing for VirtualPC enhancements, is it – at the time Microsoft bought VirtualPC it was on the same level as VMWare Workstation, now it is lightyears away). How can one show performance enhancements of parallelism with one CPU?

Part of the solution is VMWare Workstation 6.5 (and earlier, don’t know exactly which ones): it supports multiprocessor guests. Great. However once I’ve imported VirtualPC image into Workstation the OS was still showing only one processor even though device manager recognized two processors. Even updating the computer driver (node Computer\Advanced Configuration and Power Interface (ACPI) PC) didn’t help – there were no choices. Luckily I’ve googled over this blog post: Hyper-V How To: Change the HAL on your vm. Oh, the joy, the trick just worked.

The other problem with this presentation is that Visual Studio 2010 CTP expired by the end 2008. The solution is to change date backwards (silly, isn’t it) but Workstation/Windows keep synchronizing the time with current and thus yielding all sort of activation and expiration warnings. The solution is a twofold one:

- add these lines to Workstation’s configuration file so the Workstation won’t synchronize the guest on every occasion (thanks to Virtual Time Freeze):

tools.syncTime = "FALSE"
time.synchronize.continue = "FALSE"
time.synchronize.restore = "FALSE"
time.synchronize.resume.disk = "FALSE"
time.synchronize.shrink = "FALSE"

- remove or disable guest’s network capabilities so the OS won’t synchronize as well.

Ah, the joys of presentations based on CTPs.

Posted by Miha Markic | 3 Comments

Hollywood graphics FX

Did you ever watch a Hollywood movie/episode where police/detective/bad guy/alien manages to get a blurry low res photo of a vehicle? And then they enhance the picture to get a readable vehicle’s license plate? Like, for example the picture below:IMG_0081_o

The enhancement in the movie is done by a single click and (through a nice video animation) they get the result below (intentionally hidden two letters):

 

IMG_0081

Notice how much readable and sharper is the second plate?

Is this kind of enhancement really possible? No. You just can’t recreate the information that isn’t available in the source. It can go the other way round but not the way as shown by Hollywood movie makers. In the reality they’d produce a interpolated version of original picture, like the zoomed region in first picture. Can you read that? Nope.

So, has been Hollywood lying to us all the time and movies aren’t real? Perhaps not. I think that reading a blurry low res the license plate is still possible but not as easily as shown in the movies. Most probably there is often enough information there to recreate the letters even when human can’t read them. With proper software you can really read those letters I guess – it still depends on the quality of the photo.

Posted by Miha Markic | (Comments Off)
Filed under:

Windows Live Writer doesn’t work well under Windows 7 beta x64

I’ve tried to run Windows Live Writer under Windows 7 beta today. It runs but it can’t upload pictures through FTP. There are two indications of the problem:

  • when you configure FTP connection it will yield this warning
  • The remote server could not be contacted to verify the settings. Do you want to continue anyway?

  • Publish or save draft to server will yield an error:
  • Error occurred while transferring file [picture name here]

    (Publishing Error) A publishing error occurred: The source of the error is unknown.

I wonder whether this bug is related to x64, Windows 7 beta or to both.

Posted by Miha Markic | (Comments Off)

VMWare Workstation's Easy Install

When you think that VMWare invented everything they push the innovations even further. These days I've finally accomplished Windows 7 beta download and since I don't have a spare computer right now I've though of installing it under Workstation 6.5. I have to admit that I didn't install any new OS for a while now (thanks to Workstation's excellent snapshot management system). So I created a new typical configuration and entered the path to the Windows 7 beta x64 iso file. Workstation recognized it as Vista (W7 is enhanced Vista after all, but I am sure Workstation will be updated to reflect the proper name in the future) and notified me that it will be installed using Easy Install.

ei

I didn't know about Easy Install and I was pleasantly surprised about it. It lets you enter all the required data for the installation in the next next dialog:

eii

and that’s it. After you put in all the required configuration data Workstation will install the OS for you, no interaction required whatsoever. That’s right, after some time you’ll be greeted by running OS. A huge timesaver even if you don’t install a lot.

Posted by Miha Markic | (Comments Off)

Stop Israeli slaughter

When I started blogging I've decided not to bore the audience with political or other non-technical content. However, the situation in Gaza is well beyond political or rational - there is an Israeli state led slaughter over Palestinian, mostly civilian population going on. I can't do much to help stop the slaughter but at least I can boycott Israeli companies as well as state clearly my stand to my government and foreign ministry which didn't condemn the Israeli actions and have once again proven Slovene submisive attitude to Israel. They do not represent me, and judging from the public reaction, neither the majority of Slovenes.

Shame on them both, shame on everybody that supports Israel and their slaughter!

Posted by Miha Markic | 3 Comments
Filed under:

A developer diving into microcontroller world part 1

I always wanted to do play with microcontrollers but I lacked hardware knowledge. Actually the last time I wanted to play with them was at the very early stages of the internet (during my university time that is). So I let it go for the time being because of lack of the available informations and other more important tasks (like going out with friends).

Now, 15 years later, the very same idea kicked in my head again. I was still hardware ignorant - more or less like I was 15 years ago. But this time there was a major factor in my advantage: Internet. So I went surfing for microcontrollers and soon found a priceless site for beginners and advanced users: Society Of Robots. The author has written plenty of tutorials that even a beginner can understand. The tutorials are excellent. There are also tutorials and other content provided by the author and community. But tutorials don't answer every question one can come up with - yes, there is a forum as well. And again, the forum is excellent as tutorials are - many skilled users are ready to answer (even beginner's) questions and many questions are already answered. The author of the site has even created its own MCU (microcontroller unit) Axon (it can be ordered on-line) - an advanced microcontroller worth checking out (I'll buy it, just to support his efforts if not for anything else, but not right now).

Now, armed with new the new knowledge I had to decide which microcontroller I am going to start with. The first choice was Axon, mentioned above, ATmega640 based one with plenty of in/out pins. I went browsing for alternatives. Soon it struck me: Microsoft .net microframework might be a perfect choice. The drawbacks? Expensive compared to the Axon. It is much more powerfull in terms of CPU though. The thing is that I wasn't looking for a powerful MCU. Rather I was looking for two features:

  1. Bluetooth connection with PC - as a beginner I really didn't want to fry my workstation PC by a shortcircuit. That means no physical connection between two entities can exist to be on the safe side. (so far I didn't manage a shortcircuit anyway). Most of the MCUs communicate with PC via USB or RS232 port.
  2. It should be cheap - because I am a beginner and I don't want to make too much damage from the start.

After a while I've found Arduino - a cheap MCU and again, great site with a great forum and a huge community. Quote form the web site:

"Arduino is an open-source electronics prototyping platform based on flexible, easy-to-use hardware and software. It's intended for artists, designers, hobbyists, and anyone interested in creating interactive objects or environments."

Society of Robots is friendlier to the beginners while this one has definitely a larger community. The base Arudino MCU (based on ATmega168, a chip from the same family as Axon's.) is dirty cheap (Arduino Duemillenova - 22€) and there is even DIY documentation (how to build it from the scratch). There is plenty of Arduino versions and even variations (Roboduino, RainbowDuino, etc.) The bluetooth Arduino BT (built in bluetooth Class I reciever - 100m range) version is cheap as well - 79€ from Smart Projects. Perfect. I went with it. You can buy from various on-line sellers found here.

Arduino BT
Arduino BT

So Arduino BT for the start it is. Next, for bringing it to live I needed an energy source. While it runs perfectly well on batteries (5.5V max for this particular version) I opted for a power supply instead. I bought a Voltcraft VLP 1602pro from Conrad in Slovenia. It is a dual channel thing with short circuit protection, voltage and current limitator - meaning it is very safe to use and can provide two different voltages at the same time. I'll use batteries when I'll need to move around Arduino.

Voltcraft VLP 1602pro
Voltcraft VLP 1602pro

At that point I was able to power up Arduino and open the communication with PC via bluetooth.

To be continued...


Posted by Miha Markic | 1 Comments
More Posts Next page »