Monday, 3 December 2012

Adventures with Powershell and Amazon EC2 (part 1)

Managing servers isn’t fun. Setting up servers isn’t fun. I don’t want to do it any more, ever – it’s tedious, repetitive and error-prone, and, dammit, we have machines to do those kinds of jobs these days.

So, here’s what I’m trying to do. I want to be able to spin up a blank Windows instance on Amazon EC2 and deploy our apps onto it without ever logging into the box directly. This means no remote desktop sessions, no VNC, no SSH – nothing. These blog posts are as much a diary of work in progress as anything else… I’ll probably make mistakes and get things wrong along the way, but hopefully I’ll end up with something usable.

Step 1: Hello, World!

Prerequisites:

  1. An Amazon EC2 security group with firewall rules accepting all connections from your local network.
  2. A fresh Windows instance running in that security group, bound to an Amazon elastic IP
  3. The Windows Administrator username and password for that instance.

Create this script on your local workstation:

$remoteUsername = "Administrator"
$remotePassword = "your Amazon EC2 instance Administrator password"
$remoteHostname = "the elastic IP bound to your Amazon EC2 box"

$securePassword = ConvertTo-SecureString -AsPlainText -Force $remotePassword
$cred = New-Object System.Management.Automation.PSCredential $remoteUsername, $securePassword

Invoke-Command -ComputerName $remoteHostname -Credential $cred -ScriptBlock {
    Write-Host "Hello, World (from $env:COMPUTERNAME)"

}

Run it. You should get:

Invoking command on Remote host X.X.X.X
Hello, World (from AMAZONA-???????)

If that works, you’ve got Powershell remoting working against your Amazon EC2 instance. Hurrah!

Tuesday, 30 October 2012

The Joy of Forms Authentication, IIS7 and Device Profiles

We’re setting up a thing called PRTG Network Monitor to add monitoring and logging to one of our new MVC3 web applications, and I spent this morning scratching my head and wondering why an app that works just fine when you view it in a browser was consistently failing when I tried to attach an HTTP monitor to it.

A little digging with Wireshark later, and it turns out that IIS/ASP.NET isn’t sending the FormsAuthentication cookie in the response to requests made via the PRTG monitoring software. Which is… odd. We haven’t explicitly configured cookieless authentication or anything – although we’re doing some funky stuff with cross-domain auth cookies, the PRTG monitor is as simple as it gets – POST credentials to the login handler, get a response, check the response includes a cookie. Not rocket surgery.

After a fun hour of comparing TCP traces and HTTP headers, it turns out it’s the HTTP User Agent that’s controlling this behaviour – if ASP.NET running under IIS7 sees particular user agents, it just doesn’t set any cookies. And this is where it gets interesting. Here’s some real-world HTTP user agents that work just fine:

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.89 Safari/537.1

Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0);

Opera/9.80 (Windows NT 6.1; WOW64; U; en) Presto/2.10.289 Version/12.02

Here’s the PRTG monitoring software’s default user agent. Now this looks to me like a completely sensible user agent for a piece of monitoring software – but IIS7 clearly believes this to be a client that can’t handle HTTP cookies, and so won’t set any:

Mozilla/5.0 (compatible; PRTG Network Monitor (www.paessler.com); Windows)

But the really fun part – here’s a bunch of user agents that work absolutely fine:

Bozilla/5.0 (compatible; PRTG Network Monitor (www.paessler.com); Windows)

Batman/1.2 (compatible; spiderman; vigorous jazz-hands)

CAKE CAKE CAKE CAKE CAKE I LIKE CAKE

CookieHater1.2 (incompatible; does not accept cookies; no cookies; cookies are evil)

This doesn’t work:

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML)

But these do:

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like a BOSS)

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like anyone cares)

In short - it looks like any string that starts with “Mozilla” triggers some sort of complicated parsing algorithm that looks for magic values in the user-agent string and decides that means they’re cookie-capable. I have this horrible, horrible feeling that somewhere in the bowels of the IIS team there’s somebody who still thinks browscap.ini was a good idea – and I’m amazed that something as fragile and idiosyncratic as determining device capabilities based on user agents would be the default behaviour in IIS7 and ASP.NET 4.

The good news is that this bizarre behaviour is easily fixed – just add cookieless="useCookies" to the system.web/authentication/forms element of your web.config file. The default is apparently “useDeviceProfile”, and there’s more details in the IIS documentation on Microsoft Technet.

This is also another classic example of how easily you can lose an entire day of developer time to something that should have taken about ten minutes. We have an app that uses HTTP and out-of-the-box cookie-based authentication. We’ve got something approaching 500 tests verifying the behaviour of this app under every scenario we could think of. We have a mature, stable monitoring platform that hundreds, if not thousands, of people are using to monitor HTTP applications every day. And yet BANG! you connect them together, everything falls apart and next thing you know you’re up to your elbows in network packets and wondering if it’s too early in the week to start drinking…

UPDATE: Thanks to @duncansmart for pointing me at this article on Scott Hanselman’s blog where he discusses this very problem.

Tuesday, 23 October 2012

Rocksmith for Guitar Players

OK, having finally convinced those necrotic turbinates at Ubisoft that I'm not a dirty filthy pirate (yarrr!) I have an install key for Rocksmith. And I've installed it. And I've played it. Now, I'm not a gamer. I've played around with Guitar Hero and gone "meh"... But I have been playing guitar for 25 years and wasted more hours than I care to recall plugging assorted guitars into various kinds of computer gear to try and make them do interesting things, so I was really curious to see how Rocksmith did it.

First impressions?

It looks fantastic. Lovely atmospheric visuals, stylistically quite beautiful. Second impression? Lag. Seriously. The folks telling you you won't notice 30ms of latency aren't musicians - they're marketing shills who work for the computer games industry. Having 30 milliseconds of delay between your fingers and your ears is horrible - after ten minutes, it was actually making me feel ill. Kinda like when you're on a roller-coaster and your eyes are disagreeing with your inner ear about which way is up - the same kind of slightly nauseating sensory disconnect. Yuck.

Eliminating Latency

So... just when I was about to give the whole thing up as a failed experiment, I had a daft idea. I plugged in an electro-acoustic and turned the guitar volume in the game right down - I figured the game can play the backing track and the guitar can look after itself, sonically speaking. The experience was instantly transformed - the game engine itself doesn't seem to suffer from any kind of latency, and suddenly I was jamming along to the Stones with a big stupid grin on my face. So I started thinking - maybe there's some way I could link up my existing guitar gear so I can get the same zero-latency experience but with an electric guitar and all the tones and presets in my trusty Line6 PodXT... easy. All you need is something to split the signal as it leaves the guitar. Now although I've not tried, I suspect an ordinary jack splitter would do the trick - plug it into your guitar, then plug the Rocksmith jack-USB cable into one output, and connect the other to your amp or effects rig using a normal guitar lead.

Problem is, I didn't have anything as simple as a splitter amongst my boxes of audio gear... so I ended up doing this instead:

image

The UA25EX is a really good USB audio adapter, but here I'm just using it as an active splitter, piping one output into the PC via the Rocksmith lead and then running the other one into the PodXT; the Pod's outputs are wired to the PC line-in, and then I've tweaked the Windows volume control so that the line-in is mixed back into the playback signal. Finally, remember to turn the guitar volume in Rocksmith down to zero, and voila - Rocksmith does the backing, Pod does the guitar sound with zero latency, and I'm back to grinning like an idiot. (Yes, I realise I'm using about £1500 worth of gear as a glorified gamepad... but hey, it's not like I bought this gear just to play computer games like Jeff Atwood over at CodingHorror did...) One more thing I changed - under Options ->  Game Settings -> String Layout - set this to inverted. It wasn't obvious at first, but the standard setting mimics the physical layout of guitar strings (i.e. treble at the bottom, bass at the top) while guitar tab and normal notation are written the other way up - things suddenly got a lot more fun once I tweaked this.

So... latency solved, is the game any good?

Well, yeah. It is. And I'm really impressed at how well it equates improvement in guitar technique with in-game progress. Using a combination of training exercises, arcade mini-games and full band backing tracks, it'll take you from tuning up, to playing simple one-note riffs, to slides, bends and hammer-ons. If you can already play, you'll be amazed at how quickly it exposes your weak spots and bad habits - and if you can't, I suspect you'll be really surprised at how quickly you progress. The techniques are clearly demonstrated on-screen, there's a built-in tuner that pops up at regular intervals to make sure your guitar's still in tune, and even following the on-screen color-coded notation isn't too hard - as a guitarist who never learned to sight-read, I was surprised how quickly I started to recognise patterns and phrases as they flew down the screen towards me at 140bpm. It also has distinct guitar and bass modes - including an "emulated bass" mode if you want to learn to play basslines but you've only got a six-string guitar. No five-string bass support, though... here's hoping we get that in Rocksmith 2.

The Guitarcade mini-games deserve a special mention, if only for the stupid amount of time I've spent playing Super Slider. Coloured blocks fall down the grid... you move them left and right by playing slide notes on the guitar. It is stupidly addictive and - because it requires you to change strings and positions without taking your eyes off the screen - it's also great for improving fretboard technique.

image

My one frustration is that the game constantly adjusts the difficulty, so there's no way - that I've found, anyway - to just bring up a song on "accurate" difficulty setting and keep practising it until you get it right. A couple of times I actually managed to move up a level just by noodling around and throwing in notes that weren't on the screen - turns out I was getting it right (?) and so the difficulty increased accordingly. I can imagine this being great fun if you already know the tune and you're working on your guitar technique, but it'd be nice if you could just switch it off and dive in at the deep end, so to speak.

In conclusion: great visuals, great gameplay, great implementation. And it actually *works* - once I'd solved the lag problem, I never once felt like I'd hit a note and the game had missed it, which is really impressive when you consider it's analysing the ragged mess of waveforms coming off a six-string guitar in real-time. Sure, the lag sucks and the missing CD keys and crappy attitude really sucks, but neither of those problems is insurmountable with a little patience and ingenuity. And once you get up and running, it's great fun. I can't wait to hear what happens when a generation of kids who grew up on this move onto GarageBand and start recording demos.

Friday, 19 October 2012

Ripping Off Paying Customers the Ubisoft Way

I got into work this morning to find Dave excitedly waving a box containing something called Rocksmith - which, it turns out, is a "Guitar Hero"-type game, but you play it using a real guitar. Now, whilst I'm not a serious gamer, I am a tech nerd, and a guitar geek, and this sounded like the best thing ever. If nothing else, for the first time in 15 years, it might actually be a computer game I could beat my brother at... So, this lunchtime, I left the office, wandered to HMV on Piccadilly, and bought it. No download, no Steam, no piracy or dubious torrenting, just good, old-fashioned law-abiding retail. I walked into a physical store, picked up a boxed product, paid £39.99 for it, and left.

Now, here's what the guy in HMV did NOT say when I bought it. He didn't say "Keep the receipt because you'll need to send a copy of it to Ubisoft in order to install your game". He DID offer to sell me "game protection" for a pound, which sounded like (a) a way of charging me money for my own statutory rights, and (b) the biggest rip-off I'd ever heard - ha, maybe he knew something I didn't. But no, after I'd paid for my game, he wished me a pleasant weekend and off I went. The receipt went in the bag, along with the game, and, by the time I returned to work, some samosas and a Chinese pork bun. When I got back to the office, I put the game in my rucksack, the samosas and the pork bun in my belly, and stuck the carrier bag in a drawer. Why am I mentioning this? Ah, just wait and see...

So I get home around nine this evening and open it - look at all the things! It even comes with a jack-USB cable to plug your guitar into your PC - that's cool! OK, and a sheet of rather lame-looking fret stickers. I shudder at the thought of someone sticking these on a '57 Les Paul Standard that they've only dragged out from under the bed because they think Rocksmith might FINALLY get them playing it...

Anyway, I digress. I go to install it, and I'm asked to enter a CD key. This is pretty normal.

image

OK... on the jewel case? No. Manual cover? No. Disc insert? Under the disc? No. Oh dear. This is invariably where things get unpleasant. I Google rocksmith CD key and - wow, it looks like I'm not the only one. The top link is to a Ubisoft support article published 4 days ago:

image

Which links to this article, which says:

image

I try giving them a call, but "unfortunately [their] offices are now closed". So it looks like that support article is all I've got until Monday morning. I love the "encountering problems during installation". No, it's not a "problem during installation", it's that the manufacturer screwed up and omitted to include an essential part of the product in the retail packaging. And they'd like a copy of the receipt. Which, as I've mentioned, is in a bag eight miles away.

So, leaving aside that little detail, let's see how far we get. First I have to submit a request. I can't do this without signing in, I can't sign in without creating an account. Of course, this doesn't work first time because their sign-up/login system has 'issues'. Eventually I get as far as submitting a support request:

image

OK, question submitted at 21:52 UK time. And now, I guess, I wait and see what happens. They aim to respond to me "within 24-48 hours, although response times may be longer." Looks like I won't be playing Rocksmith this weekend.

Let's just recap. So far, I've gone out in the rain to purchase a product because it looks like fun. I've spent £39.99. I've spent ten minutes searching through packaging for a non-existent key. I've had to create an account in order to politely request that the manufacturer allow me to use the product. Ubisoft have effectively accused me of having stolen the game assumed I'm not a legitimate customer and I therefore can't install it until I prove otherwise. This isn't a minor manufacturing defect affecting a single unit, like a cracked picture frame or a corked bottle of wine - this looks like they've just deliberately excluded the installation key from boxed retail copies of the game.

What's completely ridiculous is that this is one of the few games in recent history that requires a physical component - the aforementioned USB-guitar cable. They could so easily have encoded a unique key in the cable and used that as a copy protection dongle - after all, you can't download a cable from the Pirate Bay. But no, instead they go for a CD key and don't bother to include one. I appreciate game development is a hugely involved and expensive exercise, and that piracy has the potential to seriously undermine the commercial viability of game development - but treating your customers like criminals to compensate for your own short-sightedness and lack of imagination is not the answer.

Next time I want to spend £40 on something fun to do over a rainy weekend, I'll forgo the delights of proving my innocence to the games industry and just buy some more Lego. At least I've never had to grovel to the manufacturer for permission to start building a Lego set.

UPDATE: E-mail from Ubisoft on Saturday afternoon saying they can't/won't help until I send them the original purchase receipt:

image

Oh well.

UPDATE 2: I e-mailed them a photo of the receipt on Monday morning at 10am; they e-mailed me a CD key at noon. I wonder whether they actually verify the proof-of-purchase details against the retailers’ records or are just under instructions to give out CD keys to anyone with a convincing-looking receipt…

Saturday, 18 August 2012

SECURITY_DENIED_BY_MIMEMAP Hosting WCF Services in IIS 7 Classic Mode

Another one of those gotchas where the error message doesn't actually have anything to do with the problem...

One of our apps includes a WCF service endpoint that's called by some of our other systems. This works perfectly in production, but when I fired it up locally this morning to fix a bug, I just couldn't get the thing to run properly - the right handlers were mapped, the file permissions were OK, but every time I pointed a browser at http://www.mysite.com.local/some_app/endpoint.svc , I got an HTTP 403 Forbidden.

Turning on IIS failed request tracing gave me one of those incredibly detailed XML dump files:

imageSo... SECURITY_DENIED_BY_MIMEMAP. Which is a little odd, because I was pretty sure MIME mapping only applied to static content - but sure enough, I tried setting up a MIME mapping for .svc files - mapped to application/xml. This didn't work - IIS just sent me the .svc definition file instead of actually executing it...

Turns out that the problem is our production servers are 32-bit and our development boxes are x64 - and I hadn't gone into the IIS Application Pool for this app and enabled 32-bit applications.

image

Quite why this results in the misleading MIME type error is one of those little mysteries that makes IIS such fun to work with, but that solved it for me.

Friday, 3 August 2012

Planning Poker… with LOLCATS

So… there’s this thing called planning poker, which although it looks a little odd at first, is actually a really effective way to flush out uncertainty during software planning meetings. It’s played with a special deck of cards, and for the last year or two we’ve been using a couple of decks that I got at a SkillsMatter event.

Now, in normal poker, all the cards need to be from the same deck – otherwise you could read the card backs. Obvious. But with planning poker, only the cards in your own hand need to be the same – there’s no reason why your deck needs to be the same as the other people in the planning session – so there’s nothing stopping you making your own planning poker cards. So, thanks to a bit of interwebbing, a little bit of magick and those wonderful people at MOO.com, I give you my one-of-a-kind LOLcat planning poker deck.

image

Whilst I’m here, I want to say a public thanks to MOO for their outstanding customer service… I got this e-mail from them on Tuesday:

Dear Dylan,

I'm afraid we have been experiencing some problems rendering your order. I think I have managed to fix it now, but we had to enlist the help of our developers to ascertain the cause of the problems. As I can see these are Agile estimation cards, I thought I'd share the more complex development solution to the problem :-)

Basically, the PNGs are a bit odd: all but the first two have offsets that position our canvas outside of the actual image. Our cropping implementation obeys the offsets, and finds that cropping produces a 0 width image. This is bad. You'll find that if you open the images with GIMP or, probably, Photoshop it'll report that something a bit odd is going on. Unfortunately some software (browsers, the flash) either helpfully ignore the duff offsets, or just don't support offsets at all (so mask the problem.)

Now for some guess work, the offsets in the PNGs suggest that they were originally all part of one large (2080x2340) image. Did you perhaps use an automated process to extract the images, to make them suitable for uploading to Moo? The obvious way to achieve this using ImageMagick is to use the -extract command, but with pngs this has an odd side effect: it gives you an output image of the size you asked for, but sets the canvas to the width and height of the original image, with the offset as specified in the extract command. This is not very helpful.

I hope that this all makes sense and helps to avoid this problem in the future. I have also upgraded your order to rush printing, and they will be shipped tomorrow.

If you have any questions, please do not hesitate to get in touch by replying to this email.

They are absolutely spot-on – the way I made the cards was to start off with a 2080x2340 PNG file, use ImageMagick to crop it into 4x3 cards, and then upload the cropped tiles to MOO for printing. So, if you fancy getting your own deck printed, here’s what you’ll need to do:

  1. Download this template.png – it’s a huge PNG with transparent windows for you to arrange your images of choice behind the frame on each card. (No, you can’t have my LOLCAT pictures. Mainly because I don’t own the copyright, but also ‘cos choosing your own pictures is half the fun)
  2. Put photographs in it, tweak it to suit, flatten it, and save it as agile_cards.png – this should be a single 2080x2340 PNG file
  3. Download ImageMagick if you don’t have it already.
  4. Use ImageMagick’s convert.exe to slice your file into cards:

    D:\lolcards>C:\Program Files\ImageMagick\convert.exe –crop 520x780 agile_cards.png card%02d.png
  5. Use ImageMagick to strip the offset from the individual card files – this is the bit that’ll stop you having the same problem I had above:

    D:\lolcards>C:\Program Files\ImageMagick\mogrify.exe +repage card*.png
  6. Design an image for your card back
  7. Head over to MOO.com, and use your agile card pictures to order a pack of rounded-corner business cards. I only used ten of the card images, so a pack of 50 cards includes five full sets of cards – with their classic paper and rounded corners, my deck was £13.49 + postage and VAT.
  8. Wait for the postman

Who knows… maybe personalized planning decks will become the software developer equivalent of personalised guitar picks or golf balls… ? Or maybe they’re just fun. Mine certainly brought a few smiles to people’s faces this morning.

Friday, 30 March 2012

Cross-Domain Forms Authentication with ASP.NET

I'm looking into splitting bits of a web application across multiple domains, so that - for example - all logins, password changes, etc. are handled at http://security.example.com/, payments and order history are handled at http://accounts.example.com/ and so on. Just to keep things interesting, some of these apps are in .NET 2.0 and some are greenfield apps we'll be building in .NET 4.0.

Good news is - it's completely possible. And with IIS 7, it's apparently even possible to secure static pages, classic ASP and other non-.NET pages using the same authentication mechanism.

Step 1: Make sure your machineKey values are identical

Each application that's going to participate in cross-domain authentication needs an identical machineKey element - this defines the encryption keys that are used to encrypt and decrypt the .ASPXAUTH cookie that contains the authenticated user data.

In my solution, I generated a machineKey using http://aspnetresources.com/tools/machineKey and then added this to the web.config files for each application individually - it goes under <system.web> like:

<system.web>
    <machineKey validationKey="yada yada yada" decryptionKey="yada yada yada" validation="SHA1" decryption="AES" />
</system.web>

In theory, you could also define this in your machine.config or machine-level web.config file - remembering that you may have up to four of these (x86 .NET 20, x86 .NET 4.0, x64 .NET 2.0 and x64 .NET 4.0) - but I haven't tested this approach.

Step 2: Configure your FormsAuthentication attributes

Add this to the <system.web> section of the applications that are going to participate in cross-domain authentication:

<authentication mode="Forms">
    <forms loginUrl="
https://security.example.com/login" timeout="2880" domain=".example.com" path="/" />
</authentication>

Key points to note here:

  • The loginUrl is an absolute reference to the site that hosts your security app - so if you try to view a secure page, it'll redirect you to this website to log in.
  • The cookie domain is set to ".example.com" = notice the leading dot. That's important - it means the same cookie will be sent to example.com, something.example.com, another.url.at.example.com, and so on.

You'll need to make sure you're calling FormsAuthentication.SetAuthCookie(username) on your login server, but once that's done, you should be able to retrieve HttpContext.Current.User.Identity.Name from anywhere on any participating server. It is still up to you to verify that the username is valid and authorized - but this should save you a bit of plumbing when it comes to getting things working.

Thursday, 16 February 2012

Snowcode 2012

Snowcode is an awesome combination of skiing holiday, unconference and hack camp. Snowcode was started in 2010 as an experiment, organized by Alan Hemmings whom you may know from the Cambridge .NET User Group. We did it again in 2011, and in the spirit of continuous improvement, we're making a couple of changes to the format this year. We have a new venue - Chalet Joseph in Morzine - and we're going to try a more focused approach to the "code" part of Snowcode. Previously, we've used an "anything goes" unconference format, which has led to workshops on OpenRasta and REST frameworks, WaTIR, ASP.NET MVC, MongoDB, automated acceptance testing, and lots of good code and great ideas.

This year, it's JavaScript all the way - from deep-diving into the obscure corners of pure JavaScript to the latest JS frameworks and tools such as node.js, CoffeeScript, Backbone, Knockout - and, of course, jQuery. We'll discuss them, we'll play with them, and we'll work out fun ways to glue them together to build apps, websites, services and games.

One of the things we've struggled with on previous Snowcode events is sustaining the unconference format over an entire week, and so I'm really excited to announce that Alan has invited Pete Mounce and I to coordinate the "code" part of Snowcode 2012. Pete and I are preparing a programme that will provide a little more structure to the week, but still be modular enough that people can dip in and out, participating in the bits that interest them. If you're exhausted from a day on the snow and want to skip a session, that's fine - and if we find ourselves going off on interesting tangents - no problem. We're here to have fun and to learn. (And to ski, of course.)

Untitled-1

Every Snowcode is different, but a typical day will go a little something like this:

  • Wake up (a mild hangover is optional but not unlikely)
  • Breakfast - coffee, fresh bread, croissants, fresh juice... and a dozen or so people sat around laptops doing a quick bit of coding or catching up on Facebook or giggling at the pictures from dinner last night.
  • Hit the slopes - if that's your thing. Morzine is in the Portes du Soleil ski area, with access to over 600km of stunning runs and spectacular scenery. The sun is shining, there's fresh powder on the ground, and your hangover's gone by the time you hit the bottom of the first run.
  • Break for lunch - normally an opportunity to rendezvous with other Snowcoders and swap notes on the mornings' ski runs
  • Ski some more - or snowboard, or head back to the chalet for a lazy afternoon's coding, reading or napping...
  • Coding & "geeking out" - get back to the chalet, have a shower, open a beer and a laptop, and spend a couple of hours hacking, learning, coding, talking and generally working out cool ways to build cool stuff.
  • Dinner - three courses, wine, stories, the inevitable jokes at Alan's expense, that kind of thing...
  • ...and then whatever you like! Wander into town and go clubbing; watch movies, play X-box, more hacking, or just crash out early and get ready to do it all over again. A jaunt into Morzine is well worth it - it's a fantastic town with some really good bars, and the Mutzig beer is practically a Snowcode rite of passage.

You should come. No, really, you should. It'll be a fantastic week, and we'd love to see you there. If you ski or snowboard, you'll love it. If you code, you'll love it. And if you're not a skier or a coder, you're still more than welcome - it's a great opportunity to learn to do either (or both!)

Full details of the event are over on the SNOWCODE 2012 page on meetup.com - but in a nutshell:

  • It's in Morzine, France, from 18-25 March 2012.
  • Book your place via the SNOWCODE 2012 page on meetup.com - Snowcode costs £569 per person including half-board accommodation and airport transfers.
  • Get a cheap flight to Geneva with Easyjet (don't forget to book your skis as extra baggage)
  • Don't forget your laptop...

" when I ski,  I live... the rest is just waiting "