There's a new blog being launching over at MSDN titled "Hackers @ Microsoft". So far the intro post is all that's there, but in the future it should carry all sorts of interesting stuff most of which will relate to security.
Again, right now this is nothing, but you might keep an eye on that RSS.
The guys over at Patterns & Practices have released their final cut of "Performance Testing Guidance for Web Applications". The document provides recommended guidance regarding designing, executing and analyzing performance tests against web apps. This'll be on the "to do" list, if you get to it first let me know what you thought.
Scott Hanselman has published his 2007 hit list of cool tools. Most of these tools are targeted toward the Microsoft development crowd, but if you're into that sort of thing this is the page of the day.
One surprisingly sweet tool is SlickRun. This tool allows you to basically dock a little command line interface to screen and then call up programs using aliases you've defined. It's cool, it's simple and it doesn't take long for it to start saving a ton of time.
Another tool that looks wicked is Highlight, an OSS app that takes code snippets and converts them to a variety of formats including XHTML and CSS. So you can take your code from IDE to the tubes in a matter of moments. Pretty cool.
This list contains some great utilities and if you're a .Net guy you must take a look! Have more fun coding!
Joel Spolsky recently had an interview with ACM discussing some of his views on how software development should be done. You may know Joel from his blog "Joel on Software" which is wildly popular.
This is a great interview and it illustrates his depth of knowledge regarding what makes developers tick. Very cool stuff indeed.
That's the question those crazy kids over at F-Secure are asking...again. Recently, F-Secure uncovered a new hiding place created by a Sony software driver meant to enable a USB based fingerprint reader.
After reading through the F-Secure blog entry we can see that while this is certainly not a confidence builder, it appears that the device is no longer in production (putting this a few notches lower on the important things list). The real issue with this is "Really Sony? You want to do ride this ride again?", because the headline over at the Inquirer reads "Sony Installs Another Rootkit". Pretty damning.
Personally I don't think there's much of a story here. I hope Sony is scared to even think about implementing these tactics in the future, because it's obvious the kids on the street are ready to jump all over it.
With the "Orcas" launch just around the corner I thought I'd start looking into what promise Windows Presentation Foundation (WPF) held, specifically what the story is on the new markup language, XAML. The entire .Net 3.0 framework has been a great source of confusion for many developers, including myself. That said, I'm finally starting to get a handle on where Microsoft is going with their new scheme.
WPF takes the user interface in directions that haven't been accessible to .Net developers. By creating a more MVC patterned architecture of development we get closer to developing forms apps as we would web apps.
Overall WPF is impressive, but limited in usefulness. I see WPF as a fantastic approach to developing forms applications, especially in controlled corporate environments where .Net 3.0 can be pushed to end users. However, I really don't see WPF being ubiquitous enough for smart-client browser apps for some time, though it is definitely possible to bring applications online (See XBAP).
For more information check out XAML Chick's blog.
Don Parker over at SecurityFocus.com has posted an article titled "Security conferences versus practical knowledge". Mr. Parker is making the argument that conferences don't benefit most IT shops because they don't present enough practical information that can be applied when the attendee returns. Following the article you'll find a hailstorm of comments and shouting from both sides.
Basically there are two factions at work here. The "what we have today" folks and the "what we want to have tomorrow" folks.
There are a variety of environments and conditions at work that place an IT department in one category or the other. In the end, its really a question of department maturity and their ability to handle the everyday.
Let's talk about the "what we have today" guys:
The "what we have today" group is still in the crawling stage of the IT life cycle. These guys probably couldn't spare the days to attend a conference if it was free. They'd love to be innovative, but don't have the time or tools to even consider it.
This isn't necessarily bad, after all, everyone learns to crawl first. It just illustrates that the group has immediate concerns that have to be taken care of before they can begin to feel good about a strategic approach to the future.
Alright, so who are the "what we want to have tomorrow" guys:
The "what we want to have tomorrow" guys are forward-thinking and have started to see the value in building a team. These departments focus on strengthening concepts and working toward establishing organizational best practices.
I can see Don's side when talking about the first group. If you're going to a conference so that you can come back and blow the day-to-day problems away (wow, that should be a song) then you're probably better off buying books.
The second group is the side that needs to be there. Conferences offer a wide range of benefits including a glimpse of the bleeding edge, networking with colleagues and sparking conversation within teams. There's certainly something to taking IT out of the sterility of the office every once in a while.
Attending these types of things really is a reflection of where an IT department really is. IT isn't just about going through the motions, it's about executing sustainable solutions.
I was goofing off today looking at some videocasts and generally killing time. I came across a reality show called "The Next Internet Millionaire". The show brings talented online marketers together and to have them fight it out in a no holds barred battle royale!
Alright, it's really not that good, but it's there if you're bored. Really, really bored.
FollowUp :: If you want some real startup fueled coolness, watch Rockstartup.com
I've recently been looking at the Representational State Transfer (REST) architectural pattern for developing web services and distributed applications. I'm starting to become a big fan, as REST requires even less coupling than the traditional SOAP-RPC style web services. Loosely coupled systems are the word of the day folks and the quicker we get at developing reliable, scalable and maintainable systems, the better off everyone is going to be.
Not familiar with REST?
An article over at Builder.au reports that Adobe's position on the rise in PDF spam is that it doesn't necessarily mean that the average user is facing an increased security threat.
I've seen several articles covering the rise in PDF spam, but most are talking about the weight these files are putting on networks versus the ASCII alternative. Which, as the article mentions, is more of a nuisance and less of a threat.
Maybe I'm just not all that important, because I've seen a total of about 1 PDF spam message so far. Is this really the problem everyone says it is?
(Also, there are some great CPAN PDF modules out there should you want to homebrew a PDF processing script.)
