Author Archives: Bill Wilder

Unknown's avatar

About Bill Wilder

My professional developer persona: coder, blogger, community speaker, founder/leader of Boston Azure cloud user group, and Azure MVP

BostonAzure.org “Subscribe to Email List” Form gets UX make-over

1 Reply

There is a “subscribe” form on the Boston Azure web site from which people can ask to be added to  the group’s email list.

I just made some updates to improve the user experience (UX). Here are the changes I made, and I list the handy web resources I used to help me decide (where applicable).

For field labels, I place the label directly above the field it describes. I use <fieldset> and <label> to describe my markup, presumably making it friendly to screen readers. (Credit to templates provided with ASP.NET MVC for making this part easy.) This is the layout that Luke Wroblewski (author of Web Form Design: Filling in the Blanks) recommends in his Best Practices for Web Form Design for scenarios where you want to maximize speed, and the user is likely familiar with the data being requested.

Luke’s work is packed with clear, actionable, useful guidance that is easily applied and backed by user research. A gold mine…

Other recommendations I adopted from LukeW include:

  • Since I have two required fields and three optional ones, I removed the (Required) labels, and stuck with the (optional) ones only.
  • Added field length for optional Notes field.
  • Made the Primary Action of the form (the Subscribe button) green, just like Apple Store (got the idea from UIE mailing).

Also from LukeW, but from a different source (The Apple Store’s Checkout Form Redesign, which I learned of from a UIE mailing):

  • After the form is submitted, the user does not get an immediate email. I made that clear in the resulting text.

More improvements I can make in the future, also based on LukeW, include:

  • Validate the data entered. In my case, this is currently only that a well-formed email address is provided.
  • Provide more context on why data is being requested.
  • Disable the Submit (Subscribe) button after it is clicked to avoid double clicks.

Other changes, outside of LukeW’s guidance:

  • Mentioned “low volume” and “will not spam you” – though also need a privacy policy. Will get to that eventually..
  • Programmatically set focus to the first field in the form when the page is loaded. I used the jQuery technique described here.
  • Dropped “:” (colons) at end of labels while also changing labels text from leading caps style to mixed case (“Job title” instead of “Job Title:”). While not decisive for me, I found an interesting discussion around whether to use a colon in form labels.
  • Made sure users could press Enter at any time to submit – but this will only work if they are not in the single multi-line field on my form. Need to consider removing that field … Need to consult with Joan on that one. 🙂

Used semantic mark-up to implement the green Submit (Subscribe) button mentioned above:

Green button that is visually distinctive

Submit (Subscribe) Button

HTML:

<input type="submit" id="primaryaction" value="Subscribe" />

CSS:

#primaryaction
{
 padding: 5px;
 color: #FFFFFF;
 background-color: #267C18;
 font-weight: bolder;
}

Old form:

sign-up form BEFORE the make-over

New form:

The subscribe form AFTER IMPROVEMENT

The AFTER screen shot

The Project Location is not Trusted – Dealing with the Dreaded Unblock

6 Replies

The Project Location is not Trusted

Dealing with the dreaded blocked files problem

Quickly Unblocking files marked as Unsafe

Ever download a Zip (or other files) and have to manually “Unblock” one or more files through Windows Explorer’s Properties dialog, like this?

Perhaps you been mystified by a message like this one from Visual Studio?

Mysterious Visual Studio error message

Read on to understand what’s happening and to learn how to more easily deal with Unblocking such downloaded files on Windows 7, Vista, and XP.

Why does this happen? Why do files become “Blocked”?

It appears that Internet Explorer (versions 7 and  8, maybe late patches in IE 6) applies the “block” in a stream (see below for more on streams). Some programs handle these “blocked” files more gracefully than others (looks like the latest Adobe PDF reader can read files like this w/o error).

I’ve seen blocking happen when downloading Visual Studio solutions from the web or from an email. I’ve also seen it when downloading documents to disk for use later. You can view the file’s properties in Windows Explorer to see if the block is there (look for the “Unblock” option, as seen above).

Another option is to use Notepad as illustrated in Colin Mackay’s Tip of the Day from nearly a year ago:

notepad MyDownloadedFile.zip:zone.identifier

Of course, substitute your filename in instead of BostonAzureSite.zip, but keep everything else identical. You will see the external zone stream:

[ZoneTransfer]
ZoneId=3

Windows is protecting us from ourselves. I guess if you don’t know what you are doing, you could hurt yourself; you’ve downloaded something “untrusted” from the interweb. This “protection” is in Windows 7 and Windows Vista, and apparently can even appear in Windows XP if certain Microsoft software updates are installed. I assume this has some benefits to someone!

But if you are a programmer / hacker / techie, and are comfortable hacking and generally know what you are doing, read on…

Easily Unblock downloaded files marked by IE as Unsafe

Normally, to Unblock files, you need to visit them one at a time with Windows Explorer, pop up the properties, and click on the Unblock button. This is tedious. If you want to be able to Unblock files more quickly, including whole directory trees at once, then consider doing the following.

Go get streams.exe from the big brains at Systinternals (which is part of Microsoft) and copy the executable to c:\bin\streams.exe. (If you put it somewhere else, make a compensating adjustment in the next step.)

Use Notepad to save the following into a text file named unblock-menu.reg and save it to disk:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\Directory\shell\UnBlock]

[HKEY_CLASSES_ROOT\Directory\shell\UnBlock\command]
@="c:\\bin\\streams.exe -d -s \"%1\""

[HKEY_CLASSES_ROOT\*\shell\UnBlock]

[HKEY_CLASSES_ROOT\*\shell\UnBlock\command]
@="c:\\bin\\streams.exe -d \"%1\""

What do these Registry Settings do?

This file lists some registry settings that will allow you to invoke streams.exe from the right-click context menu in Windows Explorer. Depending on whether you right-click on a folder or a file, the context menu will vary, as will the action. For a folder (directory), the registry setting says “call the program streams.exe with the parameters ‘-d -s’ and name-of-whatever-folder-i-clicked-on” which will cause streams.exe to visit each file in that directory tree and remove its streams information. If you right-click on just one file, the command is similar, except does not use the “-s” flag (which says to recurse into subdirectories).

Now install these registry settings by executing this file, probably by double-clicking on unblock-menu.reg from Windows Explorer. You will probably get a warning from Windows saying you must be nuts to attempt to modify the registry. However, if you are a programmer you are probably cool with it (and may also be nuts).

Now you are ready for the next time Windows protects you from yourself by blocking content you didn’t want marked as unsafe in the first place. You can right-click on any file or directory on your computer and select “Unblock” and that will apply the Unblock process. If you apply it to a file, it will only impact that file. If you apply it to a directory (aka folder) then it will recursively apply to all files and directories below that folder.

Here’s what you will see when you right-click on a directory / folder from Windows Explorer – note the new option:

And here’s what you will see when you right-click on a file:

Other Options

I learned about the streams.exe utility from a handy post about unblocking files for Vista. In that same post, they describe how to turn the feature off altogether using the Policy Editor.

Caveat Emptor

With great power comes great responsiblility.

I do not advise applying streams.exe to C:\ as I have no idea whether it is ever a good idea to remove all streams from all files. This may in fact be a very bad thing to do. I just don’t know.  I am personally comfortable doing it with Visual Studio projects and various documents I’ve downloaded, and have not run into any trouble, but be careful out there…

Note that the streams utility will nuke *all* the streams. So if your files contain useful additionals streams, this is probably not going to be a helpful strategy. I expect this is not likely to be a problem for the vast majority of people.

Interesting write-up on Alternate Data Streams, which are a feature of NTFS file system. Even some interesting streams hacks out there.

ASP.NET MVC 1.0 Visual Studio 2008 project will not open in Visual Studio 2010 RC or Beta

4 Replies

Errors Opening ASP.NET MVC 1.0 Sites in Visual Studio 2010 RC, Beta

If you try to use Visual Studio 2010 RC to open an existing ASP.NET MVC web site that was built on ASP.NET MVC 1.0 under Visual Studio 2008, you might expect it to be converted and to open successfully. That’s what I expected, but that did not happen. Visual Studio 2010 gave me conversion errors.

But.. there is a straight-forward way to migrate your ASP.NET MVC project from Visual Studio 2008 to Visual Studio 2010 RC.

Here’s what you need to do:

1. Uninstall the MVC 2.0 RC (or RC 1) bits that ship with the RC if you’ve already installed Visual Studio 2010 (and you probably have if you are reading this blob post – but refer to Phil Haack’s post for full details)

2. Download the latest MVC 2.0 RC 2 bits and install them into Visual Studio 2010

3. Download the work-in-progress MVC converter tool and run it on your project

4. Open your project in Visual Studio 2010 and it will now be able to complete the conversion

One step in the conversion to Visual Studio 2010 will also ask you if you wish to convert to .NET 4.0:

Since I wish to deploy this site back to a host with .NET 3.5 SP1, I chose No. I am willing to live with deploying the ASP.NET MVC RC 2 bits, but not so with .NET 4.0 as I don’t have control over that (I deploy onto a shared server).

Presumably this will all be integrated and seamless in the final release of Visual Studio. But it worked for me…

Notes from Curt Devlin on Identity, Claims, and Azure Geneva from 4th Boston Azure Meeting Feb 2010

3 Replies

Curt Devlin keynotes 4th Boston Azure User Group meeting

Identity, Claims, Geneva, and Trust in the Cloud

This was Boston Azure meeting #4, Feb 25, 2010

(Curt’s slide deck will be made is now available (PPT 2003 format))

Some notes from Curt’s talk:

  • Azure devs need to care about claims-based-identity and federated identity
  • Geneva is Microsoft’s solution in this space
  • Perfect storm of paradigm shifts
  • Caution: Geneva is not a panacea for “Identity in the Cloud”

“The most important thing Microsoft has done in identity since they came out with ActiveDirectory” – and think about how much we rely on AD for enterprise-class apps – “it’s like air”

First two lines of every program (with nod to Kim Cameron):

  1. Who are you?
  2. What are you allowed to do?
  • The answer to the second generally depends on the answer to the first. “Identity” is an input.

Big architectural problem: the ‘net was built w/o any way of knowing who you are connecting to (http has no identity)

  • RBAC (role-based access control) is not as flexible or powerful as claims
  • Any statement that can be validated can be a claim

Microsoft’s Federated Identity Group very focused on standards. To be serious also about Azure, you need to pay deep attention to the key standards.

Azure is only cloud solution REALLY solving the SSO problem in the cloud – and into your data center. Identity must flow…

Geneva Technology stack:

  • Microsoft Federation Gateway (“ADS 2.0 in the sky”)
  • Windows Identity Foundation (some .NET namespaces)
  • Active Directory Federation Services 2.0
  • Windows CardSpace 2.0

Curt will focus for a while in his talk on Windows Identity Foundation…

Consider three parties – Security Token Service, Your App, End User

  1. Secure Token Service <=> Your App – Initial handshake uses WS-Federation (metadata, X-509 cert)
  2. End User <=> Your App – claims via WS-Policy (which Security Token Service(s) I trust)
  3. End User <=> Security Token Service – verify policy
  4. End User <=> Security Token Service – WS-Trust
  5. End User <=> Your App – lots of interactions – signed tokens, claims

ADF 2.0 – same programming model across web and desktop

RP = relying party – someone that consumes tokens

PingIdentity.com

OpenID cannot help with Man-in-the-middle attacks

“Shred the token” is lingo meaning to decrypt a token.

Coded example showing implementation of Passive Federation.

  • Showed the 8 (!) prerequisites
  • Create full-trust app (Since runtime not fully baked in Azure yet – and certainly not yet in GAC)
  • Add a reference to Microsoft.IdentityModel (which is a stronger programming model than older System.IdentityModel)
  • using Microsoft.IdentityModel.Claims;
  • using System.Threading;
  • Then write like 5 lines of code…
  • Subclasses from IIdentity, IClaimsIdentity, IClaimsPrincipal (same ones used in other .NET apps)
  • WIF ASP.NET Processing Pipeline does a lot of behind-the-scenes work for us
  • IsInRole method is key
  • Then in the ASP.NET app, there is some 10 lines of key code for X-509 cert – which contains the URL (or domain, really) of the web site that the cert applies to – a problem with “localhost” and “stage.foo.com” etc. due to mismatch – this goes in Global.asax – plus several other blocks of code…

Now for the STS (which you don’t need if you have ADFS 2.0)

  • There is a Token Service for ASP.NET visual studio template with Geneva install
  • Many coding steps here (see slides)
  • Use FedUtil (which comes with Geneva and VS 2008, VS 2010) to create a trust between your application and your STS
  • There is a lab to create your own STS

Claims-based systems externalized the work of AuthZ, AuthN to your STS – not stuck in your code.

Geneva supports delegation – embedding one token within another…

(21 people at the meeting)

Curt Devlin to Speak about Identity in the Cloud at Boston Azure Meeting

Leave a reply

Boston Azure meeting to feature Microsoft’s Curt Devlin on Identity in the Cloud

Thursday February 25, 2010 at NERD in Cambridge, MA

The following is an update to the agenda for the upcoming Boston Azure User Group meeting this coming Thursday.

logo for BostonAzure.org

To RSVP for the meeting (helps you breeze through security and helps us have enough pizza on hand), for directions, and more details about the group, please check out http://BostonAzure.org.

To get on the Boston Azure email list, please visit http://bostonazure.org/Announcements/Subscribe.

[6:00-6:30 PM] Boston Azure Theater

The meeting activities begin at 6:00 PM with Boston Azure Theater, which is an informal viewing of some Azure-related video. This month will feature the first half of
Matthew Kerner‘s talk on Windows Azure Monitoring, Logging, and Management APIs from the November 2009 Microsoft PDC conference.

[6:30-7:00 PM] Upcoming Boston Azure Events and Firestarter

Around 6:30, Bill Wilder (that’s me) will first show off an interesting CodeProject contest, then will lead a discussion about the future of the Boston Azure user group and the upcoming All-Day-Saturday-May-8th event.

Curt Devlin will take the stage at 7:00 PM.

Before the meeting, if you want a little more context, you may wish to read Kim Cameron’s essay The Laws of Identity, which is an insightful analysis of challenges around Identity.

[7:00-8:15] Featured speaker: Curt Devlin of Microsoft

Photo of Curt Devlin, Architect at Microsoft

Abstract

The Azure platform presents new challenges for identity management. As developers and architects, we will still have to answer the same two perennial questions: 1) Who are you? 2) And what are you allowed to do? But the traditional on-premise approaches to authentication, authorization and identity lifecycle control are not adequate to meet these new challenges. The Geneva suite of technologies for claims-based identity management can be help because cloud computing can be thought of as a “special case” of federation, with many similar requirements. Together these two paradigms appear to be converging to create the perfect storm of paradigm shifts. However, even WIF, ADFS 2.0 and CardSpace 2.0, will only take us part way to a complete solution in the near term. This session will provide a simple recipe for claims-based identity management in Azure using Geneva, discuss some of the most important reasons why this is necessary, and finally some of the shortcomings we will still have to contend with on the road ahead. The aim is to educate, motivate, and caution.

About Curt Devlin

Curt Devlin is currently an architect in Microsoft DPE (Developer & Platform Evangelism) focusing on distributed solutions across many industries and customer segments. Curt is a Microsoft veteran of many technology wars, with more than 20 years of experience developing solutions on the Windows and .NET. platforms. He is also a dyed-in-the-wool New Englander with avid interests in sailing, skiing and nearly everything else.

Curt blogs as the philosophical architect, plus you can check out his MSDN articles Enterprise Authorization Strategy and SaaS Capacity Planning: Transaction Cost Analysis Revisited.

Curt’s blog post announcing his participation in this meeting: http://blogs.msdn.com/curtd/archive/2010/02/23/an-evening-with-identity-in-the-clouds-and-the-boston-azure-user-group.aspx

Steve Krug on Rocket Surgery Made Easy from Dec 2010 BostonCHI Meeting

3 Replies

Rocket Surgery Made Easy

Steve Krug speaks at BostonCHI

Notes from 08-Dec-2009 meeting

  • Steve’s new book – Rocket Surgery Made Easy – due in bookstores in a couple of weeks – material from this talk will be in his book…
  • Passed a copy of his book around through the audience for quick peek
  • 150 or so people in attendance

Writing process

  1. writing process: collect years of notes
  2. need deadlines to force you to write (and finish)
  3. collect relevant articles for each chapter and post them all on a wall
  4. once you’ve begun to panic, start throwing things overboard
  5. Outline, write, iterate
  6. get help
  7. throw things overboard (save for next book?)
  8. FAQ at the end of every chapter – good idea
  9. Doing usability (vs How to Think About Usability)

Doing Usability

  1. A morning a month – that’s all we ask
  2. Run tests – with whole team – at our site – scheduled monthly and well ahead of time – and debrief immediately after over lunch
    1. maybe do right before iteration planning
    2. company-sponsored lunch
  3. Start earlier than you think makes sense
  4. The sooner you get information, the better use you can make of that information
  5. Don’t wait until the site is “finished” – test it as soon as it is testable
  6. Don’t worry that “you already know about the problems”
  7. If you have nothing built, test other people’s sites
  8. Are you working on the site? –> Yes ==> test now!
  9. Recruit loosely and grade on a curve
  10. Beware implied domain knowledge
  11. Some testing can be done w/o your target audience
  12. Usability testers say many things that are similar to what therapists say – “what did you expect to happen when you did that?”
  13. Keep yourself out of it! It is about the user and what the user being tested is thinking.
  14. Make it a spectator sport
  15. Get everyone to come and watch the test – frequently the observers suddenly just “get it” that they are not their users
  16. Have high quality snacks. Keep the sessions short and compact. Do them on site. Make it easy for everyone to join in, hard to have a good reason to skip it.
  17. Record sessions with Camtasia ($300). Get a good USB desktop microphone ($25). Don’t record user’s face (“useless and distracting”). Use a screen sharing service (like GotoMeeting, $40/month?) to control the UI. High quality audio is important, and should be channeled to the observation room via GotoMeeting or Skype.
  18. Focus ruthlessly on a small number of the most important problems
  19. Serious because everyone will come across them, or serious because for those who do encounter them will be seriously impeded.
  20. Don’t feel you need to come up with the “perfect” fix
  21. Ask everyone in the observation room to write down the three most important issues they observed. These are raised at the debriefing session over lunch.
  22. When fixing problems, always do the least you can do ™
  23. Prioritize the list, then work your way down the list until you run out of time/resources
  24. Sometimes a tweak is better than a redesign – don’t get suckered into a redesign – the perfect is the enemy of the good!
  25. Focus on the smallest change we think we can make to address the problem we observed
  26. Q&A
  27. Remote Testing?
  28. Remote testing is handy – saves travel time, recruiting pool grows, … do over skype or GotoMeeting.
  29. How to get it off the ground? Try a group usability test of competitor’s site – everyone can get behind that. Do one and hope people get enthused about it. Make the cost of swinging by to watch the testing really small.
  30. Be very cautious about asking users how to fix the problems they’ve encountered. “Users are not designers.” “Hopefully you know a lot more than they do about design.” Listen to them, but be careful that they’re ideas are not well thought out. The purpose of testing is to “inform your design intelligence”.

January 2010 Boston Azure User Group Meeting Notes

Leave a reply

This was the third meeting of the Boston Azure User Group! (You can get on the group mailing list here.)

We watched a clip from the first day of PDC where Ray Ozzie and others talk Azure in the keynote

Discussed idea of an Azure Firestarter event – possibly for May 8, 2010 – and this seems to flow nicely from our scheduled April meeting where Jason Haley is scheduled to talk about getting started programming in Azure, such as with the Azure SDK.

Ben Day spoke on Windows Azure storage. Some quick notes / points from his talk:

  • Relational databases have a schema – all rows in a table have same columns, structure is defined before pouring in any data, data is not repeated (third-normal form breaks out data to appear only once – no redundancy)
  • … database will manage transactions across tables
  • … though mixed with replication can provide performance challenges
  • This changes for Azure Table Storage!
  • … though Azure Table Storage can scale way better – horizontally (“out”) whereas traditional SQL RDBMs tend to scale best vertically (“up”) – to larger boxes – which is more limiting and tends to be more expensive.
  • Do we need to rethink what needs to be transactional? Can we use a simplified transactional model – such as just within one table – or one instance of one table…
  • … compensating transactions are another approach
  • Securely storing data
    • Encrypt (compute is cheap)
    • If you encrypt a key, it won’t work for indexing
    • Search is harder if you encrypt
  • String columns have a 64KB size limit for Table Storage – so reference larger objects in a Blob
  • Unit testability
    • Abstract away you r persistent store, such as with Repository pattern – so you can unit test
    • Encapsulate business logic, such as with Service Layer and Domain Model patterns
    • Extract logic from UI using MVP (Model View Presenter)
    • Use Mock objects
  • Ben will come back to finish the story!

Around 23 attended.

Since Software is a Business, Architects need to be More than Technologists

Gave talk at Architect Factory, Part Deux today titled Since Software is a Business, Architects need to be More than Technologists. The slide deck can be downloaded here. The most prominent concept/slide follows:

Technology Skills

Technology + Communications + Business-Awareness = Influential Architect

The overall event was excellent. It was organized primarily by Bryan Tuttle of CodeRight, a Consulting/Training company. Many thanks to Bryan for a job well done!

December 2010 Boston Azure User Group Meeting Notes

Leave a reply

Second meeting of Boston Azure User Group

Guest speakers were Michael Stiefel and Mark Eisenberg

Meeting was held December 3, 2009 at the Microsoft NERD

We opened with Boston Azure Theater, kicking off a few minutes after 6:00.  For around 45 minutes we watched a video of Microsoft Director Manuvir Das’ PDC talk A Lap Around the Windows Azure Platform.

From there, Microsoft’s Mark Eisenberg walked us through a summary of key Windows Azure announcements made at (or right before) the Microsoft PDC in November. The deck Mark used is available BAUG_PDCHighlights. There was a lot of interest in the announcement details and in the pricing model.

Our keynote speaker, Michael Stiefel, followed with a detailed look into the project “Dallas” announcement, showcasing the Dallas “Data as a Service” platform, working through sample apps, a custom mashup – with code, demonstrating the straight-forward programming model (ATOM feeds), and showing use of the data directly within Excel. Michael wrapped up by reviewing the business model – and discussing the interesting possibilities (publishers can publish – and others can consume – data so much more easily than today since Microsoft will have eliminated the “contract friction” we’d have if every consumer had to strike a deal with every publisher).

Silverlight exceeds 50% penetration

5 Replies

According to RIAStats, a version of Silverlight is now detected on more than half of the browsers sampled! This is a telling milestone as installations of Silverlight continue to grow – drawing inexorably closer to that of Adobe Flash which currently enjoys installations on around 97% of browsers.

If you look at the graphic, and you consider the “not detected” section, it reads 49.99%, which means that the sum of those detected is better than half.

silverlight-exceeds-50-percent

At PDC 2009 in November, Scott Guthrie announced that Silverlight penetration was up to around 45%, up from around 30% in the summer. These RIAStats numbers feel in line with that.

Of course, I know this doesn’t “prove” Silverlight is really on more than 50% of browsers, as RIAStats are not a perfect reflection of the web as a whole, but it seems an interesting milestone nonetheless.

Silverlight has been in the wild for 863 days: Silverlight was released for real (RTW, or “released to web”) on 05-Sep-2007, followed thirteen months later by Silverlight 2 RTW 14-Oct-2008, then less than nine months later we saw Silverlight 3 on 09-July-2009. Silverlight 4 is in beta – maybe Microsoft will announce its release at MIX10 in mid-March? If they do, that would be on a similar release rhythm as from Silverlight 2 to Silverlight 3.

Silverlight’s installed base will also get another boost from the 2010 Winter Olympics next month as well. (And Silverlight 2 shipped shortly after the 2008 Summer Olympics.)

It is interesting to note that another tracking site – StatOwl.com – not only shows the penetration lower – and doesn’t agree on any of the numbers – but also doesn’t even agree on relative installed base across versions [EDIT: after Comment from Travis Collins, added in Silverlight 4 = 0.04 for RIAStats]:

RIAStats StatOwl
Silverlight 1 0.62 1.39
Silverlight 2 1.91 9.73
Silverlight 3 47.44 23.85
Silverlight 4 (beta) 0.04 (<1 pixel) not shown, or 0%
Undetected (reported) 49.99 65.03%

I’m not sure why they don’t agree – perhaps differences in sample sizes, sampling methodology, or due to different audiences being sampled.

Also, if you check the math yourself, you’ll see the values shown don’t tie down perfectly for RIAStats (though they do for StatOwl); if you add up the individual Silverlight versions along with the Undetected, you won’t get exactly 100%. Some sort of rounding errors I assume. [EDIT: See explanation in Comment from Travis Collins, RIAStats creator.] But I also assume that the Undetected = 49.99% is most likely right (at least not wrong due to a rounding error, since it is harder to round wrong there).

EDIT 01-Feb-2010: Found an interesting, relevant post on Cool facts about Silverlight penetration / mindshare from UXPassion.com.