Simple Method for Parsing Magnetic Stripe (Credit Card Example)

Short blog post for you today.  I put together a simple C# example of how to parse magnetic stripe data, and as you can see in the code below, it's written to more specifically deal with credit card data.  For those of you that aren't aware, there are typically two tracks of data, and some cards have three.  You can use a simple USB magnetic stripe card reader (something like this, or see image below) with a credit card and this code to take advantage of the data stored in the magnetic stripe.

Attaching the card reader to your computer (via USB) and swiping a card yields something similar to the following (portions redacted using the 'X' character):

%B4XXXXXXXXXXX9554^CHRISTNER/JOEL ^1504101100001100000000447000000?;4XXXXXXXXXXX9554=150410110000447?

If you look at the structure specified on Wikipedia (I prefer this one, personally: http://www.gae.ucm.es/~padilla/extrawork/magexam1.html) you'll see that this card only has two tracks of data.

When run through the code snippet below using the USB card reader, the output looks as follows:


Input track data: %B4XXXXXXXXXXX9554^CHRISTNER/JOEL ^1504101100001100000000447000000?;4XXXXXXXXXXX9554=150410110000447?
Data:
  Track1: %B4XXXXXXXXXXX9554^CHRISTNER/JOEL ^1504101100001100000000447000000?
    CCN: 4XXXXXXXXXXX9554
    Exp: 04/15
    CVV: 447
    Cardholder: CHRISTNER/JOEL
  Track2: ;4XXXXXXXXXXX9554=150410110000447?
    CCN: 4XXXXXXXXXXX9554
    Exp: 04/15
    PIN: 000
  Track3:


And here is the code snippet.  Note that there is no error handling whatsoever in this code, and that is intentional.


        static void Main(string[] args)
        {
            string track_data = "";
            Console.Write("Input track data: ");
            track_data = Console.ReadLine();

            string track1 = "";
            string track2 = "";
            string track3 = "";
            string track1_cardholder = "";
            string track1_expmo = "";
            string track1_expyr = "";
            string track1_cvv = "";
            string track1_ccn = "";
            string track2_ccn = "";
            string track2_expmo = "";
            string track2_expyr = "";
            string track2_encpin = "";

            bool in_track_1 = true;
            bool in_track_2 = false;
            bool in_track_3 = false;
            bool track1_caret1_found = false;
            bool track1_caret2_found = false;
            bool track2_equals_found = false;

            int track1_leg3_count = 0;
            int track2_leg2_count = 0;

            foreach (char c in track_data)
            {
                if (in_track_1)
                {
                    #region Track1

                    if (!track1_caret1_found)
                    {
                        #region Get-Track1-CCN

                        if ((c != '%') && (c != 'B') && (c != '^'))
                        {
                            track1_ccn += c;
                        }

                        if (c == '^')
                        {
                            track1_caret1_found = true;
                            track1 += c;
                            continue;
                        }

                        #endregion
                    }

                    if (track1_caret1_found && !track1_caret2_found)
                    {
                        #region Get-Cardholder-Name

                        if (c != '^')
                        {
                            track1_cardholder += c;
                        }
                        else
                        {
                            track1_caret2_found = true;
                            track1 += c;
                            continue;
                        }

                        #endregion
                    }

                    if (track1_caret1_found && track1_caret2_found)
                    {
                        #region Get-Expiration-and-CVV

                        if (track1_leg3_count == 0) track1_expyr += c;
                        if (track1_leg3_count == 1) track1_expyr += c;
                        if (track1_leg3_count == 2) track1_expmo += c;
                        if (track1_leg3_count == 3) track1_expmo += c;
                        if (track1_leg3_count == 22) track1_cvv += c;
                        if (track1_leg3_count == 23) track1_cvv += c;
                        if (track1_leg3_count == 24) track1_cvv += c;
                        track1_leg3_count++;

                        #endregion
                    }

                    track1 += c;
                    if (c == '?')
                    {
                        in_track_1 = false;
                        in_track_2 = true;
                        continue;
                    }

                    #endregion
                }

                if (in_track_2)
                {
                    #region Track2

                    if (!track2_equals_found)
                    {
                        #region Get-Track2-CCN

                        if ((c != ';') && (c != '='))
                        {
                            track2_ccn += c;
                        }

                        if (c == '=')
                        {
                            track2_equals_found = true;
                            track2 += c;
                            continue;
                        }

                        #endregion
                    }

                    if (track2_equals_found)
                    {
                        #region Get-Expiration-and-Encrypted-PIN

                        if (track2_leg2_count == 0) track2_expyr += c;
                        if (track2_leg2_count == 1) track2_expyr += c;
                        if (track2_leg2_count == 2) track2_expmo += c;
                        if (track2_leg2_count == 3) track2_expmo += c;
                        if (track2_leg2_count == 8) track2_encpin += c;
                        if (track2_leg2_count == 9) track2_encpin += c;
                        if (track2_leg2_count == 10) track2_encpin += c;
                        track2_leg2_count++;

                        #endregion
                    }

                    track2 += c;
                    if (c == '?')
                    {
                        in_track_2 = false;
                        in_track_3 = true;
                        continue;
                    }

                    #endregion
                }

                if (in_track_3)
                {
                    #region Track3

                    track3 += c;

                    #endregion
                }
            }

            Console.WriteLine("Data:");
            Console.WriteLine("  Track1: " + track1);
            Console.WriteLine("    CCN: " + track1_ccn);
            Console.WriteLine("    Exp: " + track1_expmo + "/" + track1_expyr);
            Console.WriteLine("    CVV: " + track1_cvv);
            Console.WriteLine("    Cardholder: " + track1_cardholder.Trim());
            Console.WriteLine("  Track2: " + track2);
            Console.WriteLine("    CCN: " + track2_ccn);
            Console.WriteLine("    Exp: " + track2_expmo + "/" + track2_expyr);
            Console.WriteLine("    PIN: " + track2_encpin);
            Console.WriteLine("  Track3: " + track3);
            Console.ReadLine();
        }

Tough Mudder SoCal Temecula 2/9/2013 Review

Hi everyone - just completed Tough Mudder SoCal Temecula today (2/9/2013) with a bunch of my friends from Cube.  I trained for this event the absolute wrong way.  The past few years of training have been primarily weight/resistance centric and up until about 5 months ago very little cardio.  I started adding cardio into the routine and given the distance I was naturally worried that I wasn't doing enough cardio training.

Turns out, my cardio performance was just fine.  But I completely underestimated the obstacles and the amount of muscle endurance required to not feel like death after completing them.  But then again, maybe that's how I'm supposed to feel.

A course map can be found here: http://toughmudder.com/wp-content/uploads/2013/01/SoCalWinter_Map.pdf

The race was about 11.5 miles with a 1mile walk each way to and from the car.  Almost all of the non-obstacle parts of the race were spent going up and down hills.  The hill runs were ridiculous.  They were steep, some of them were covered in mud, and it was very difficult maintaining even a jog for much of it.  If you are planning to do a Tough Mudder or similar event, do a lot of hill training.  I did a fair bit on the treadmill, but that wasn't enough (clearly).

Here are some details of the obstacles we encountered and my recommendations (where appropriate):

• Kiss of Mud - crawling on your belly under barbwire through the mud.  I like to think of this as the "Welcome to Tough Mudder" obstacle.  Not difficult at all, but breaking you of any thoughts of trying to stay clean
• Berlin Walls - we had this twice.  Definitely a good idea to help a couple of extra people out.  Have one person on either side, one cupping their hands for you to step on (and lift) and one on the other side so you can step on their shoulder.  When you get to the stop, swing around, re-orient your grip, and slowly lower yourself and drop
• Wounded Warrior Carry - straight-forward - carry your partner, let them carry you.  It's 100yd each (not too bad).  Farmer's Walks will probably help here
• Arctic Enema - ZOMG.  This was absolutely the worst thing ever.  Ever.  I read an article that said the temperature of water that was full of ice should hover around 32-33 degrees F.  Not only that, you have to jump in, then duck under a wood beam (barbed wire keeps you from going over), and the somehow bring yourself to get out of this frozen bath.  I don't know what to say to help you train for this.  Perhaps take really really really cold baths and keep your mind sane and focused
• Funky Monkey - ah the monkey bars.  Takes me back to grade school.  Except there was a pool of frigid water below.  And all the people that went before me made the bars wet and slippery (read: muddy).  Yeah, I fell in.
• Mud Mile - ok, this one might have been the hardest one period.  It should have been named mud mogles.  It was 7 hills of mud, each about 5-6 feet high, with pools of muddy water in between.  And when I say mud mogles, they were legitimate hills.  Very difficult to get through.  I can't stress how difficult this one was.

Yeah, I'm excited.  I'll try and cover the rest later.  

Cube blog is now live!

A quick update - the Cube blog is now live!  We've opened it up to everyone on the team and it won't just be marketing material.  To prove the point, I've hidden a link to a cat video in there - yes, on my work blog. Please take a read when you have some time and keep your eye out for the material our team publishes.  I anticipate it will be educational and fun.

http://blog.getcube.com

How I ran a spontaneous, impromptu marathon with little training

As many of you know, I came to Dallas this weekend to be a cheering squad for someone that was running the MetroPCS White Rock Dallas Marathon.  And, figuring that I would try to finish it - and not care if I failed (well, let's get serious - I was carrying a huge fear of failing after I had just told the world on Twitter, Facebook, and LinkedIn) - I went for it, and signed up.

First problem - I came down here with NO gear other than what I usually take to the gym with me.  Immediately after registering (the day before the marathon, which was also the packet pick-up day), I had to buy the gear I would need.  ALL of it.  Thankfully, there was an expo (imagine that).  Prices were surprisingly reasonable.  An hour later I was registered, had my shoes, shorts, shirt, socks, and a water bottle with integrated grip.

I'm not sure if writing this will help anyone that is either wanting to do a spontaneous or impromptu marathon (yes, I'm intentionally putting both of these words in to help optimize search engine crawling, because these are the terms I used) or is planning to do a marathon with little to no training.

Full disclosure: I had done some training.  I picked up cardio workouts about two months ago and usually had one long run every week or every other week.  But, the longest distance I had gone was only 9 miles.  Naturally, I was quite freaked when I fully wrapped my head around the fact that I would be running 26.2 miles (almost 3X my previous PR).

Before I get into some of the helpful pointers that I learned (via research and from other runners), I want to be transparent and tell you that my time was not that great.  Our group was running a pace between around 4.8 and peaking at a little over 6 occasionally with frequent walk intervals.  I hit the wall at 18 and never recovered, so I was stuck hobbling the last 8 miles with very few periods of running.

But, I finished.  And I'm hungry to do it again.

Now for the things that were helpful.  Hopefully they will help you, too:

• Go out slow.  When I say slow, I mean unnaturally slow.  We went out at around 4.8 to 6 and my usual running pace is normally between 7 and 8mph
• Don't run the whole time.  Set a reasonable interval, at least to start, if not for the entire marathon.  We used a 3:1 interval (run 3, walk 1).  Realistically, I should have switched to a 2:2 interval half-way through and I probably would have shaved some time off
• Stay hydrated, but drink more than water.  You run the risk of being depleted of sodium, so drink Gatorade too.  Helpful tip: keep your water separated from the Gatorade.  Don't pollute your water.  There were times when I wished I had water, and I had unfortunately polluted my water bottle with Gatorade.  Not good when you have dry mouth
• If at all possible, wear gear that you have worn before - especially your shoes.  Mine were brand new.  Immediately after I purchased them I went to the gym to log a few miles in them to make sure they would be ok.  Thankfully they were, and I only had one blister by the end of the race
• Get Vaseline and lube your nipples.  Lube anywhere that a seam comes in contact with your skin, particularly in areas where the seam will be moving.  Yes, this means your private parts.  No one likes running with swamp ass, but I have practically no chafing right now
• Go to the bathroom before the race (you don't want to run with a rock in your stomach) and during the race as soon as you feel the urge.  You don't want your nerves derailing your concentration while you are running
• Get a good night of sleep.  Go to bed early, because your nerves will probably keep you from falling asleep right away.  I was just advised to recommend that you get a good night of sleep the night before that, too
• Take one snack with a good mix of carbs and protein, like a Builder Bar.  Eat this after you get through the half way point
• I also took 6 GU/Clif gels and 2 Clif shot blocks.  I didn't get through them all, but I found that nibbling on a shot block (there are six in a package) at about every other mile gave me a nice 'treat' and some energy.  I took a gel about every 3-4 miles, but again, I hit the wall at 18 and couldn't recover
• I didn't carboload the night before, but I did have a pasta dish.  It definitely helped.  What was also helpful was having a GU/Clif gel about 60 minutes prior to the start of the race to get the sugar into my system and mostly processed
• LISTEN TO YOUR BODY.  If you need to slow down, do it.  If you need to walk, do it.  If you need to stretch, do it.  I stopped to stretch twice in the first 18 miles, and eight times in the last 8 miles.  I might have delayed hitting the wall had I done a better job of listening to my body and walked and stretched more
• Take music with you, but don't listen to it the whole time.  I listen to Christian, rock, and electronic music, and listened mostly to electronic music the entire time.  GREAT for running, but can also hypnotize you especially when your body starts releasing endorphins.  Ground yourself in reality every now and again by removing your headphones
• Evaluate what your body is saying on a regular basis.  Is my breathing normal?  Where am I feeling pain?  What is currently holding me back?  Can I safely go faster and add more stress to my system?  If not, should I dial back?  I don't know about yours, but my body is very vocal on what it's experiencing.  I just have to listen

Hopefully these tips - and my experience - will be helpful to you.  I've certainly learned a lot and can't wait for the next one, now that I know I can do it.  

Oh - one more thing...  I never fully appreciated people that cheered on the runners until I was one of the runners.  Be an encouragement to the people running with you and thank the people working the event.  And when you see a race going through your neighborhood, be sure to cheer them on.  Their words of encouragement made it easier to keep going.

Please comment below if you'd like to add anything to the list.  

GOOD LUCK!

Proud to Announce Availability of Cube

Today we are proud to announce availability of Cube.  We at Cube have been working hard to build a world-class point of sale system to make life better for business owners.  The point of sale market has seen a tremendous lack of innovation over the past several years for many reasons - existing vendors addicted to selling legacy hardware at high margins, complicated systems that are difficult to integrate leading to a lack of interest in optimization and enhancement, a long and windy value chain that is on the cusp of collapse keeping vendors from upsetting the apple cart - and unfortunately for merchants, they're left choosing from a buffet of sub-par solutions that make managing and growing their business more difficult and complicated.

This era is officially coming to an end.

Cube is a fully-integrated point of sale system that runs on any device (iPad, PC, Mac) that allows you to manage your business from anywhere and grow on-demand.  Gone are the days of expensive, legacy hardware and ridiculous maintenance contracts (use your iPad, laptop, or PC).  Gone are the days of calling in consultants to change your menu (use our simple web management dashboard).  Gone are the days of purchasing software licenses for basic reporting functions (yes, that's in there, too).  Gone are the days of costly software upgrades (update the app or hit the 'refresh' button).  Gone are the days of forcing your customers to funnel into a long line toward a desk where two or more antiquated point-of-sale systems are operated by cashiers that rarely get a chance to interact with your customers (take the iPad with you to where your customers are looking at your product).  Gone are the days of using pen and paper because you want to sell some of your products at a show or a market outside of your business (take it with you and transact business from anywhere).  Gone are the days of enduring a rigorous colonoscopy to get a merchant account (we've integrated credit card payments).  Gone are the days of not knowing your customers (you can associate your customers to orders to better support loyalty and rewards programs).

And most importantly, gone are the days of dealing with terrible support.  Yes, we have that covered.  Every employee at Cube is a customer support representative, and yes, you can call us.  No questions asked.  We prefer to be on a first-name-basis with our customers.

All of this is possible with Cube.  I'm proud to say that during our private beta we acquired a large number of customers - each of them vetting out the system, helping us eliminate bugs, and shaping the direction of the product with one purpose - make the point-of-sale a simple, easy-to-use hub through which the entire business can be managed.  It makes perfect sense - the point-of-sale is where in-person transactions are performed.  It's the experience that your customer is left with when finishing their transaction with you.  That customer should have as much delight in working with you and your business as you do in managing your business.  That's Cube.

For the techie geeks out there (like me), you'll find at the heart of Cube a big data platform.  A natively multi-tenant cloud service that is reachable from anywhere in the world - securely.  An extensible cloud service that is built from the ground up as a series of APIs (even our mobile and web apps are built using these APIs - nothing is 'private' and nothing is 'held back').  A powerful data service that allows a developer to answer big questions very quickly.  An open in-person transaction platform that allows value-added software vendors to quickly integrate their services into the experience that our merchants are able to offer their customers.

Our open approach to building an in-person transaction platform by revolutionizing the point-of-sale is unique.  As we speak, developers at partner companies are rapidly building value-added services that integrate directly.  Our architecture allows us to confidently claim that we at Cube have the most powerful application platform available to developers, giving our merchants the most opportunity to give their customers delight, simplify business management, and grow without headache.

We'll be making a self-service on-boarding process available in the very near future, but in the meantime, request a demo and we will get an account created for you so you can start using Cube.  We're ecstatic to meet new merchants that we can provide a game-changing transaction platform to, and we know you'll be ecstatic to use it.

https://www.getcube.com

(these screenshots are from actual Cube merchants)

CORS and RESTful WCF

Hi all,

I'm writing this post to hopefully save someone the hours of pain I had to go through when making CORS work with a RESTful WCF service.  If you're reading this, you either know me or know what CORS is and are struggling with it.  If you're reading this because you know me, you can probably tune out right now.

Let me start by saying a few things.  1) CORS is a pain in the rear.  2) Many of the 'solutions' I've found online are light on detail or leave out critical tidbits of information that could cause you to rip your hair out.  I'm a glutton for punishment and prefer to implement such solutions in my own code.

If you're stuck dealing with CORS on a RESTful WCF service, please find below an example that doesn't require web.config changes.

First, open IIS Manager.  Navigate to your application.  In the feature view, under 'IIS':
- Open 'Handler Mappings' and change the 'Path' associated with OPTIONSVerbHandler to '*.foo' or something equally useless
- While you're in IIS Manager, it may be helpful to do something similar for the WebDAV-related handlers, given that you'd probably like to be able to use PUT and DELETE

Second, get into your code.  The snippet below implements a simple OPTIONS handler that tells the requesting browser everything it needs to here.  If you're wondering why I'm using a 'Stream' response type, it's because I can't stand the serializer/deserializer that is included (I rolled my own).

In your service contract:

  [OperationContract]
  [WebInvoke(Method = "OPTIONS", UriTemplate = "/*", BodyStyle = WebMessageBodyStyle.Bare)]
  Stream http_webinvoke_options();

And the body of http_webinvoke_options():

public Stream http_webinvoke_options()
{
  WebOperationContext web_op_context = WebOperationContext.Current;
  OperationContext op_context = OperationContext.Current;
  WebHeaderCollection header_list = web_op_context.IncomingRequest.Headers;


  web_op_context.OutgoingResponse.StatusDescription = "OK";
  web_op_context.OutgoingResponse.StatusCode = HttpStatusCode.OK;
  web_op_context.OutgoingResponse.Headers.Add("Access-Control-Allow-Methods", "OPTIONS, POST, GET, PUT, DELETE");


  string headers = "";
  headers += "Content-Type, ";
  headers += "X-Requested-With, ";
  headers += "Accept";


  web_op_context.OutgoingResponse.Headers.Add("Access-Control-Allow-Headers", headers);
  web_op_context.OutgoingResponse.Headers.Add("Access-Control-Expose-Headers", headers);
  web_op_context.OutgoingResponse.Headers.Add("Accept", "*/*");
  web_op_context.OutgoingResponse.Headers.Add("Accept-Language", "en-US, en");
  web_op_context.OutgoingResponse.Headers.Add("Accept-Charset", "ISO-8859-1, utf-8");
  web_op_context.OutgoingResponse.Headers.Add("Connection", "keep-alive");


  string url = op_context.IncomingMessageHeaders.To.ToString();
  url = url.Replace(op_context.IncomingMessageHeaders.To.PathAndQuery, "");
  web_op_context.OutgoingResponse.Headers.Add("Host", url);
  web_op_context.OutgoingResponse.Headers.Add("Access-Control-Allow-Origin", "*");
  web_op_context.OutgoingResponse.Headers.Remove("Server");
  web_op_context.OutgoingResponse.Headers.Remove("X-Powered-By");
  return null;
}

For your other code files, make sure that you add the 'Access-Control-Allow-Origin' header to each of them as well.  It's not just about the OPTIONS response - each call needs to have this.


  [OperationContract]
  [WebInvoke(Method = "POST", UriTemplate = "/*", BodyStyle = WebMessageBodyStyle.Bare)]
  Stream http_webinvoke_post(Stream body_stream);


And just prior to the response in the http_webinvoke_post method...


  web_op_context.OutgoingResponse.Headers.Add("Access-Control-Allow-Origin", "*");
  stream.Flush();
  return stream;

I hope this brings at least one person some relief.

One of the most awesome tradeshow giveaways ever

Turn your sound up!  Sorry I had to set the camera down for a couple of seconds to wind the darn thing up.  I'm sure you'll find it's worth it.

Living in the here and now

Hopefully this encourages some of you (portions removed for clarity)...

"... Expectations for the future desensitize us to what is happening right now.  We shut off, attempting to avoid the discomforts of our present experience by contemplating what we hope or expect to be a better future.  But the truth is that although each nuisance in our lives eventually ends, a new one is certain to arise.  As a result of ignoring this fact, many of us spend our lives in numbness and denial, waiting for the problems and difficulties of life to end.

Waiting is self-defeating.  We have whatever we need.  This realization often is hidden behind veils, but as we peel these veils away through awareness and action to improve ourselves and the world, we discover that everything we ever wanted is right here."

Midrash Rabbah on Song of Songs 5:3...  God says "Offer me an opening no bigger than the eye of a needle, and I will widen it into openings through which wagons and carriages can pass."

Pearls and the question of good and evil

My sincere apologies to those that have been waiting for my next blog post to be of a technical bend.  I heard a great message from J. Vernon McGee today that really spoke to me today and struck my soul.


Many wonder how God can exist if evil or sin is present in the world.  


If you ask someone to describe a pearl, chances are they will tell you that it is a beautiful object, generally spherical in shape, formed by the secretion of a mollusk over periods of time.  There aren't many that would say something negative about the appearance of a pearl, though I concede that some may.  


But when you examine how the pearl is made, it reveals a stunning parallel to the larger world around us.  An irritant - usually a parasite (rarely is it ever sand) - enters the mollusk, causing it to react by creating a sac around the irritant, starting a process by which fluids and minerals encase the irritant.  Over time, the object grows into what we could call a pearl.


Such is the case with sin and evil.  The sin and evil that pervades is cloaked by the blood of God Himself (salvation), starting a process that works within us by which beauty and purity are overlaid (sanctification).  Over time, the object grows into something that would be described as holy.


Consider Matthew 13:45-46: “Again, the kingdom of heaven is like a merchant seeking fine pearls, and upon finding one pearl of great value, he went and sold all that he had and bought it.".  I submit to you that the merchant is God Himself, having sold everything (His Son) to bring us to Himself.

My rant for the day... REST vs RESTful

Disclaimer...  Getting on my SOAPbox...

Those that know me well know that - in certain areas like technology - I pay close attention to detail.  Some of my closest friends have even gone as far as calling me borderline obsessive when it comes to paying close attention to detail.  This certainly doesn't extend to other areas (you'll probably find spelling or grammatical errors in this blog post, for instance), but one that has really annoyed me lately is the loose use of the term 'REST' by many in the industry.

REST, or Representational State Transfer is an architecture and characterizes behavior, specifically that clients and servers exchange requests based on the representation of an object, typically its current state.  In terms of cloud storage, REST generally means PUTting or GETting the latest copy of an object based on some supplied metadata and in its simplest form is nothing more than a query on top of HTTP.

But some, when discussing how cloud storage is accessed, say "cloud storage is accessed using REST".

Hence my post.  REST is NOT a protocol.  It is an architecture and a behavior.  HTTP is a protocol, and the way it is typically used with cloud storage conforms to REST as an architecture and a behavior, thus the interface used for accessing cloud storage is RESTful.  But, the protocol is still HTTP.

The correct way to say this would be "cloud storage is accessed using a RESTful HTTP-based interface (or API for that matter)".

Off my SOAPbox (ha) and on to breakfast.  Have a wonderful day everyone.

How the cloud is transforming data storage architectures

It is absolutely amazing to be on the forefront of a paradigm shift in the data center.  The last five years have spawned the emergence of the public cloud, and we've all had the opportunity to witness its ongoing process of maturation.  My feeling is that we haven't even seen the full tip of the iceberg at this point, and that the possibilities for how cloud architectures can revolutionize the way we live and how businesses are managed are endless.

We're seeing such transformation now in customer data center storage architectures.  Most of the customers we speak with have what I would generously call a "legacy" architecture comprised of a series of (mostly) disjoint products, technologies, management stations, and certainly workflows.  Simple spikes of, and the ongoing continual growth of, data with such an architecture leads to enormous complexity and cost, and forces most buyers to isolate business-critical considerations such as disaster recovery and long-term content archival to only those applications that need it most and those where the costs can be justified by the net impact to the business should the information not be available.  Put simply, most customers are realizing that:

• Their infrastructure is currently or has already grown beyond their control
• They are unable to cope with their data growth, leading to lower levels of service quality and SLAs for less-than-critical applications (and the point of demarcation keeps moving upward toward more expensive applications that are core to the business)
• They can't keep all of the data they want to, because it is too costly and there are too few human resources to do so and inadequate technologies to do so
• There must be a better way...

While I've never been an advocate of saying that the cloud "solves every business problem", the number of problems it *does* solve very well continue to increase.  The emergence of hybrid cloud storage solutions (such as the solution provided by my company, StorSimple) have allowed customers to manage storage infrastructure in a familiar manner while collapsing the number of infrastructure components needed for the end-to-end lifecycle of their data - and remove many costly capital and operational cost elements.  Such devices are deployed in the data center, managed just like existing storage arrays, but the key difference is that one of the "disk trays" behind the device is a connection to one or more public or private storage clouds.  This architecture has - so far - proved itself very effective for applications that are centered around user data, virtualization, and long-term content retention.

Within these devices, intelligent algorithms that manage and monitor data access patterns - coupled with deduplication - allow these systems to dynamically and transparently move data across tiers of storage within the data center appliance and the cloud to ensure that the right blend of cost and performance are achieved.  Given that the cloud "disk tray" can be tens, hundreds, or thousands of miles away, off-site backups become integrated with your primary storage management tools, and data protection workflows are reduced to simple snapshot management - something never before possible with traditional arrays that have to allocate expensive storage capacity for point-in-time backups that can now be stored reliably and inexpensively in the cloud.  Another unique benefit our customers have mentioned is that all of their backups stored in the cloud are portable, meaning they are reachable from any location in the world with an Internet connection and a hybrid storage device.  This means that the line of demarcation that customers have to draw when determining which applications are appropriate for building costly disaster recovery architectures can shift downward to cover a larger portion of the business infrastructure because of the reduced cost and accessibility of their backups.  From an operational standpoint, these devices allow customers to deploy a single, unified solution that provides the functionality of:

• Primary storage devices
• Disk-based backup storage devices with deduplication
• Archival storage systems
• Tape-based backup storage systems
• Secondary facilities for disaster recovery (using the cloud)

As I mentioned earlier, this may just be the beginning.  Hybrid storage devices are providing a level of convergence of storage management capabilities that may possibility be the most significant that the data storage industry has ever seen.  Taking advantage of the cloud for both primary and secondary data storage when leveraging the intelligence of a hybrid storage solution radically reduces complexity and cost while allowing customers to better manage their data lifecycle, improve data protection while broadening the scope of disaster recovery coverage, and implement forward-thinking value-centric I/T services that move their business forward.

I'd be interested in your take on what the evolution of the cloud will provide businesses beyond what we're already seeing today.  

Cheers,
Joel
@jchristn
@StorSimple

Mention in Columbia Engineering's Spring 2011 Newsletter

Ok, so it was in the back of the magazine where they mention how their alums are doing, but nonetheless, I was humbled to be included :)

Launch days are a blast! Introducing StorSimple Appliance Family models 1010, 5010, and 7010

Today is an exciting day at StorSimple.  We're taking the covers off of the product we've been working on since mid-2009 and are proud to announce availability of our appliance family!  The StorSimple appliance family consists of three models (today, rest assured we have a VERY exciting roadmap), each targeting different use cases:

• Model 1010 - cloud storage controller (you can also call it a "gateway" or "on-ramp") that is packaged initially with a 10TB license and can be licensed up to 50TB of total capacity.  The 1010 has a slim, sleek form factor that fits nicely into a carry-on suitcase (many people here have done it, several times over) and it's fast, jammed full of SSDs.  The 1010 is great for cloud-as-a-tier and secondary storage/data protection use cases, and in some cases, primary storage applications

• Model 5010 - hybrid storage appliance with integrated storage supporting both primary and secondary storage use cases.  This 2U appliance is genuinely a data-center class system with full redundancy, high availability, and no single point of failure.  The 5010 is packaged with 20TB of initial capacity and can be licensed for up to 100TB of capacity
• Model 7010 - our flagship hybrid storage appliance supporting the same use cases as the 5010, but with a much larger maximum capacity.  The 7010 is packaged with 40TB of initial capacity and can be licensed for up to 200TB of capacity 

Who would have thought...  200TB in a compact, 2U form factor?  That, and the ability to package SSD performance with cloud elasticity and economics, are what have allowed us to provide compelling value to our customers - minimizing costs, simplifying data protection, and enabling greater degrees of business agility and I/T responsiveness than ever thought possible.

We're thankful not only for our customers that have helped us make this a data-center class solution but also for the recognition we've received from technology partners and the analyst community.  In 2010, StorSimple became the first hybrid storage solution certified by Microsoft for their hardware compatibility list, named a "Cool Vendor in Storage Technologies" by a leading analyst firm, named to the Dow Jones Venture Wire Top 50 Startups to Watch, and named the winner of "Most Promising" cloud computing award from UP-CON.  

Please let me know if you or someone you know would be interested in StorSimple and the amazing benefits it can provide to your I/T organization.

Cheers,
Joel
@jchristn
@StorSimple

Day 1 after Lasik and post operational examination

Went in for my post-operational examination today after having custom Lasik done yesterday.  Even though I still have some swelling, a bit of blurriness, and I am experiencing the "halo" side effect (see here) I was able to see 20/15 out of both eyes.  My vision became pretty clear last night at around 5pm, or about 7 hours after the procedure.  I've had a fair bit of light sensitivity today, but that prompted me to buy my first pair of really nice sunglasses in a long time, and it was great getting to walk around and drive without having prescription lenses on.  It was surreal having excellent vision out of all directions.