So in this election year I have spent a lot of time thinking about voting and technology.. I see a lot of purpose built and closed systems outthere, and there are a few open systems.. But in my limited research I haven'tseen talk of but no action on a truly open source voting framework.. What I amtalking about is a series of services that would create a secure votingsystem.. Here are the design goals I am considering for this project.

• Distributed & Self healing data model :  The actual votes should be stored in multiple locations with enough parity between each location that N number of locations can be compromised and the results from the vote still be trusted and valid.
• Self recounts: This is something I did in a Voting system for an NPO many moons ago.. No user vote was ever associated with a specific user BUT all user votes were given an ID.. The User (Voter) was given the ID and could look up their vote any time.. In these cases when the voting base doesn't trust the results, they can still validate that their vote WAS recorded correctly.. This would allow grass root organizations to do "pseudo" recounts on their own using information they gather from voters about the accuracy of their vote and some statistical analysis.. if things seem TOO far out of whack then actual recounts can be executed.
• Scoped Voting: This is something that has bugged me for a LONG time.. If I am a voter who lives in a state but I go to the wrong polling place my entire VOTE is provisional or void.. I would suggest that disenfranchising these voters we scope the vote.  After all National concerns like President and Senatorial elections are still valid for you. The rest of the ballet could be marked provisional.. The same could be true if you move from one part of a county to another.. Perhaps you can't vote in the congressional seat but you can on county bonds or state initiatives. By scoping the vote we allow voters a chance for their voice to be heard accurately and give them the dynamics they need.
• Vote Anywhere: The goal here is to allow voters the opportunity to vote their specific ballot (based on their registration) regardless of their physical location or the polling station they actually vote at.. This could also extend to the web. This, specifically, isn't pie in the sky tech; Travis County Texas already did this using Hart Intercivics voting system at all of their early voting centers.
• Hardware (and UI agnostic) : By this I mean that the application should be service based.. Private hardware providers should be allowed to build hardware or software that integrates with the voting service.  This is especially important when dealing with special needs voters. And of course this could allow for online or web based voting.
• Deep but anonymous Logs and Auditing trails: By this we mean that actions should (for privacy) be anonymised from the specific user that executed them BUT there should be deep logging so that should a node in the service become invalid (see Distributed and Self Healing) that it can be analyzed to determine the true cause of the issue.
• Voter Identity validation without ID: Using a series of questions & answers based on the user the identity of that use should be able to be validate to a level of certainty that is equal to or greater than that of forced State ID regulations.. This system could be used as a backup in locations where a person is missing their ID or for Online voting.

At thispoint its all just brain candy that I'm playing with. But I guess I have 4years to figure it out and get some of these ideas into code or architecture.  If your interested in these ideas or want to help let me know if there is enough backing I may start a formal project, otherwise I'll just tinker with it in my proverbial garage.

Right, so first off I am no great fan of having 10,000,000 flags.. But sometimes you run into a situation where you need to pass around a datastructure with ump-teen million flags so you end up turning it into an enum of type flag and doing bitwise OR and AND to  to operate on your flags something like

enum Flags
{
    FLAG1 = 1,
    FLAG2 = 2,
    FLAG3 = 4
}

And somewhere in your code you would have

Flags myCurrentVal = Flags.FLAG2;
bool Method HasFlag(Flags enum)
{
   return ((enum & myCurrentVal) != 0)
}

Ok sure, that works and it doesn't suck to bad.. but it has limitations.. First off, you can only have 32 or 64 flags (depending on int or long) in your enum.. Not a big deal unless you are doing something like field level security on a very complex form that includes workflow. And frankly while simple to use these things always make some on the team roll there eyes and "Dear god, no more bitwise logic"..

So in an effort to help my flag loving client have flags and my bitwise hating teammates not have to deal with & and | more than they have to I threw togeather an flag class that will support up to Int32.MaxValue flags (not wise, but it would handle it).

So here is the flags base class, its a generic base class that takes an enum in its inherited implementation

public abstract class  FlagsBase where T : struct
    {
        private bool[] _SetFlags;
        private int _flagLength;
        public int FlagLength
        {
            get { return _flagLength; }
        }
        public FlagsBase()
        {
            Type enumType = typeof(T);
            if (enumType.IsEnum)
            {
                int length = getFlagsLength(enumType);
                _SetFlags = new bool[length];
                for (int i = 0; i < _SetFlags.Length; i++)
                {
                    _SetFlags[i] = false;
                }
                _flagLength = length;
            }
            else
            {
                throw new ArgumentException("The Generic type of " + typeof(T).ToString() + " is not an enum. This base class only supports enums.");
            }
        }

        protected int GetFlagInt(T flag)
        {
            return (int)Enum.Parse(typeof(T), flag.ToString());
        }

        public bool GetFlagValue(T flag)
        {
            int flagval = GetFlagInt(flag);
            if (flagval <= _SetFlags.Length)
            {
                return _SetFlags[flagval];
            }
            return false;
        }

        public void SetFlagValue(T flag, bool newValue)
        {
            int flagval = GetFlagInt(flag);
            if (flagval <= _SetFlags.Length)
            {
                _SetFlags[flagval] = state;
            }
        }

        public T Flag(int position)
        {
            return (T)Enum.ToObject(typeof(T), position);

        }

        private int getFlagsLength(Type enumType)
        {
            return Enum.GetValues(enumType).Length;
        }
    }

So what we have here is a generic class that takes an enum as its type. So you make an enum and the length of that enum is used to create a private bool[].. Now each value in the enum becomes a point in the array and has a bool to back it. Easy sleasy as I like to say.

If I want to add new values to my flags set, I just add them to the enum and everything just keeps on working. Here is an example implementation and "use"

enum WebUI_FIELDS
{
   field1,
   field2,
   field3,
   field4,
   field5,
   field6,
   field7,
   field8,
   field9,
   field10,
   field11,
   field12,
   field13,
   field14,
   field15,
   field16,
   field17,
   field18,
   field19,
   field20,
   field21,
   field22,
   field23,
   field24,
   field25,
   field26,
   field27,
   field28,
   field29,
   field30,
   field31,
   field32,
   field33,
   field34
}
public class WebUIFieldSecurity : FlagsBase
    {
        public WebUIFieldSecurity ():base()
        {
        }
    }

And using it may look something like this

void SetupSecurity(IPrincipal user)
{
   WebUIFieldSecurity mysec = new WebUIFieldSecurity();
   if(user.IsInRole("UseField1"))
   {
       mysec.SetFlagValue(WebUI_FIELDS.field1,true);
   }
   SetupPageSecurity(mysec);
}
void SetupPageSecurity(WebUIFieldSecurity sec)
{
     field1.ReadOnly = sec.GetFlagValue(WebUI_FIELDS.field1);
     field2.ReadOnly = sec.GetFlagValue(WebUI_FIELDS.field2);
     field3.ReadOnly = sec.GetFlagValue(WebUI_FIELDS.field3);
     field4.ReadOnly = sec.GetFlagValue(WebUI_FIELDS.field4);
}

See how nice and easy that is.. And readable.. Personally I like readable.. and If I need to add more flags, I just grow my enum.. no worring about bit masks, using Hex numbering to set my flags to the right values or being limited to less than 100 flags.. Granted if you need more than 64 flags then things may be a little crazy already. But one never knows, and at least with this you won't care :-).

public abstract class ContextSingletonBase: IDisposable
    {
        private static string CONTEXT_PREFIX = "ContextSingleton:";

        protected static object _getObject(string key)
        {
            if (isWCF)
            {
                return WcfInstanceContext.Current.Items[ContextSingletonBase.CONTEXT_PREFIX + key];
            }
            else if (isHttp)
            {
                return System.Web.HttpContext.Current.Items[ContextSingletonBase.CONTEXT_PREFIX + key];
            }
            else
            {
                return CallContext.GetData(ContextSingletonBase.CONTEXT_PREFIX + key);
            }
        }
        protected static void _setObject(string key, object obj)
        {
            if (_getObject(key) != null)
            {
                if (isWCF)
                {
                    WcfInstanceContext.Current.Items.Remove(ContextSingletonBase.CONTEXT_PREFIX + key);
                }
                else if (isHttp)
                {
                    System.Web.HttpContext.Current.Items.Remove(ContextSingletonBase.CONTEXT_PREFIX + key);
                }
                else
                {
                    CallContext.SetData(ContextSingletonBase.CONTEXT_PREFIX + key, null);
                }
            }

            if (isWCF)
            {
                WcfInstanceContext.Current.Items.Add(ContextSingletonBase.CONTEXT_PREFIX + key, obj);
            }
            else if (isHttp)
            {
                System.Web.HttpContext.Current.Items.Add(ContextSingletonBase.CONTEXT_PREFIX + key, obj);
            }
            else
            {
                CallContext.SetData(ContextSingletonBase.CONTEXT_PREFIX + key, obj);
            }
        }
        private static bool isWCF
        {
            get
            {
                return (WcfInstanceContext.Current != null);
            }
        }
        private static bool isHttp
        {
            get
            {
                if (isWCF)
                {
                    return false;
                }
                if (System.Web.HttpContext.Current != null)
                {
                    return true;
                }
                return false;
            }
        }
        internal class WcfInstanceContext : IExtension
        {
            private readonly IDictionary items;

            private WcfInstanceContext()
            {
                items = new Hashtable();
            }

            public IDictionary Items
            {
                get { return items; }
            }

           public static WcfInstanceContext Current
            {
                get
                {
                    if (OperationContext.Current != null)
                    {
                        WcfInstanceContext context =
                            OperationContext.Current.InstanceContext.Extensions.Find();
                        if (context == null)
                        {
                            context = new WcfInstanceContext();
                            OperationContext.Current.InstanceContext.Extensions.Add(context);
                        }
                        return context;
                    }
                    return null;
                }
            }

           public void Attach(InstanceContext owner) { }

           public void Detach(InstanceContext owner) { }
        }

        #region IDisposable Members

        public void Dispose()
        {
            _dispose();
        }

        protected abstract void _dispose();

        #endregion
    }

  public class Helper:ContextSingletonBase
    {
        private static string KEY = "SingletonKey";
        public static Helper Instance
        {
            get
            {
                Helper h = GetHelper();
                if (h == null)
                {
                    h = MakeHelper();
                }
                return h;
            }
        }

        private static Helper MakeHelper()
        {
            Helper h = new Helper();
            Helper._setObject(Helper.KEY, h);
            return h;
        }

        private static Helper GetHelper()
        {
            object helper = Helper._getObject(Helper.KEY);
            if (helper != null)
            {
                return (Helper)helper;
            }
            return null;
        }

        private DataContext _dc;
        public DataContext DC
        {
            get
            {
                if (_dc == null)
                {
                    _dc = new DataContext();
                }
                return _dc;
            }
       }

        protected override void _dispose()
        {
            _dc.Dispose();
        }

}

Lets start with a life cycle that leads to the completion of the action that "how" proposes.. After all, how is just a question that defines an action (be it completed or proposed)..

1) Who: One must define the actors, after all "How" is either enacted on or by something/someone.

2) Why: Why is like a compass, it points the way and helps shape the goals of what How will achieve.

3) What: What is the MOST important question.. It is the goal that How will make real.. If you don't know what, then how is just the definision of random action..

4) How: wondered when we would get here hu :-P... As a developer I like to think of How as the answer to What..

5) Do Stuff: now that you have how you start making it happen.

(Rinse and repeat whole process until final goal is achived).

Really each question is the answer to the previous question such that you eventually have a defined action to take.

Question:

Propose what a team that will handle requirements gathering might look like, what tasks they must do and what resulting assets may come out of this phase of development.

Response:

Nothing to major here, just made a move to use the BlogEngine.NET from using SUBTEXT. This will include a few minor visual changes, but most everything was under the hood ;-).

The biggest pain was mapping all the old posts to the new permalink format. This entailed a bit of hackery to the 404 page so that I could map all of the old posts to there new URLS.

The main cause for the change was so that I could use a blogging client to write my posts. As I am (in theory) going to start doing weekly screen-casts; I figure a little better posting experience was a good thing

     Looks to me like Microsoft isn't taking the whole Rails movement lying down. First off they have IronRuby. But why stop there? I just read thru and watched the screencasts from the MVC demo at Alt.Net (click here to watch them, and yes you do want to read and watch them!) and I have to say I am quite impressed.

      It really does look like the boys at MS realized that RoR and Monorail and other MVC platforms brought a real value add for some (in my book many) web development scenarios and as such are moving to Microsoft the Web MVC development experience. Now add in the DLR (I do love what it can offer because I have become a big fan of Dynamic languages) and top it off with LINQ (or DLINQ) and you have a very compelling argument to develop your next RoR or Monorails app using all microsoft goodness.

   So the good and bad of it for me..

The good: Microsoft level of dependability, scaleability, performance, etc..

The bad: I want all my projects on one platform. I really don't want to mix and match my apps between MonoRail and System.Web.MVC and RoR! One MVC to rule them all Damnit!!!!! Its an in-determinit amount of time away (the Screencasts are of an internal experimental build).

The IIS team has finally released the new FastCGI module for IIS 6 and 7.. I won't know until I try to get it setup if it will work for me BUT (fingers crossed).. with any luck this will allow me to atleast have all of my work served out of one instance of IIS instead of IIS for my .NET work and Apache + Mongral Clusters for my Rails work.

In an effort to become more of a company and less of a "shop", we have developed and deployed a new site for Ktomics.. The new site also has our new logo and tag line :-).. Its pretty nice (if I do say so myself), so check it out :-).. www.ktomics.net.

(oh a techical note on the products. Gift Scanner is about 90% complete with eval/alpha versions in field testing. Gift Scanner is written with a .NET client and .NET/MonoRail on the server side. Given my problems with RoR for Windows I have made the transition to MonoRail for projects moving forward. Passvault is running on a cluster of Mongrals and is still a Ruby on Rails application).

Ok so I have fallen in love with RoR as a development enviroment, its easy, elegent, and for compatent developers it can increase productivity astronomicly.. BUT it has a huge problem for Windows enviroments; it has no solid deployment stratagy for windows ( and no mongrel clusters behind apache don't count). Below are the methods I have tried any my opinion of their results.

1) Fast CGI on IIS using the old Fast CGI ISAPI filter: Slow (10, 12 connections per second) and I couldn't find an elegent way for it to run multiple sites.

2) Fast CGI on IIS using the new Microsoft Fast CGI tech preview 2: Faster BUT it couldn't handle default routes (routes to the root of a site) and it crashed when I had more than 1 app (first app would run fine, second one would keep crashing). Oh and did I mention it was a Tech Preview :-P

3) Fast CGI on Apache: I tried, 2.0, 2.2, FastCGI, fcgid, and about 2 million other combinations. I never got it work work! (I followed 3 diffrent tutorials about 10 times each, even mixing and matching steps where I thought one may have had a typo.) This may be because I am on Windows Server 2003 x64. But thats about the only reason I could find that thse just  "wouldn't work"

4) X Mongral Services running with apache as the balancer: This works great until you consider scale. It takes about 40megs per mongral instance (instance + ruby). and you need one Mongral per connection you want to handle (simaltanious, not per/second). So if I want to handle 200 connections/second and my Mongrals can each handle 10 per second, then I need 20 mongrals running. Now multiply that by 40 megs, and you are burning 800 megs of ram just on my app. This is not so go.

5) Linux VM running inside my windows box: One major downside. I can only connect to my SQL server via ODBC. Enough said.

So what are my options.

1) Ditch windows: Ya sorry, not going to happen.

2) Ditch Sql Server: See above answer.

3) Live with it and wait for iron ruby to support rails: I would if I thought iron ruby on rails was just around the corner, but its my bet its atleast 18 months out before its solid and production ready (remember iron ruby is only pre-alpha).

4) Do [X] (where X is the suggestion you place in the comments below): I am all ears.

5) Bite the bullet now (before there is TO much development to turn back) and port to Monorail or another MVC style framework that places nice with IIS and Windows: This is high on my list.

5) Give up on the clean goodness of a forced MVC framework and go back to traditional ASP.NET: This may also happen; but I am not a fan of this.

Suggestions are (of course) very welcome.