Microsoft has a long and storied history of creating mind-altering corporate
videos. It runs the gamut, from the slick, minimalist tribute that is the Volkswagen-inspired
"Da
Da Da" spot, to the hopped-on-meth circus show that is Steve Ballmer's
epic
"Developers!
Developers! Developers!" keynote rant.
So you can imagine my joy when I was at our RedmondReport.com
news site, which pulls together Microsoft-related news from across the Web,
and found this.
This leaked Windows Vista SP1 sales video could be the best thing I've seen
since the Hillary4U&Me
"fan-paign" video that became a YouTube hit this winter, or the
"Hot! Hot! Hot!"
promotional spot for Appalachian State University, which hit the tubes last
fall. Scratch that -- this internal Vista sales video is even better.
I know a lot of folks will deride Microsoft for making such an ill-considered
bit of derivative promotional media. Others may spend the rest of the afternoon
washing their eyes out with bleach, hoping to wipe the memory of this thing
from their brains (good luck with that).
But not me. Because I know that this is the stuff of Internet greatness. Twenty
years ago, you had no shot at getting a terrifying glimpse inside Microsoft's
promotional machinery. Today, you wish you could avert your eyes.
One thing I do know: I'm going to meet that BitLocker guy in my nightmares.
Is there a corporate YouTube classic that ranks as your worst ever? And by
worst ever, I mean best ever. E-mail me at mdesmond@reddevnews.com
and share the pain.
Posted by Michael Desmond on 04/17/20084 comments
Virtualization has gained a lot of traction in the developer community, particularly
in the areas of QA and test. And it's become so ubiquitous in the general IT
space that our parent company, Redmond Media Group, recently launched a new
publication called
Virtualization Review to provide dedicated coverage
of virtualization issues. You can find the Web site
here.
My question is: Are you, as developers, actively moving to virtualized environments
and solutions as a way to improve productivity, broaden the scope of your work
and achieve higher efficiencies? If so, we want to hear from you.
Tell us how you're making use of virtualization in your development operations
and what you want to see tool vendors provide. This is your chance to tell the
industry what you need to get work done. E-mail me at mdesmond@reddevnews.com.
Posted by Michael Desmond on 04/17/20080 comments
Back in June of last year, we
featured
Jeff Atwood in the pages of
Redmond Developer News, profiling him
and his popular
Coding Horror developer
blog in the Cool Developer Tricks section of
RDN.
At the time, Jeff had expressed a concern that some of the big-name dev bloggers
he looked up to were busy running their own software companies and had a lot
more going on than he did. Now it seems that Jeff is onto a few small things
of his own. Since our interview, Jeff has moved on from his position as a senior
technical evangelist at Vertigo Software to devote more of his time to blogging
and pursuing an open source project of his own, called Stackoverflow.com.
And, as he recounts in an April
10 Coding Horror blog entry, Jeff has recently awarded a $5,000 grant to
Dario Solera of the ScrewTurn Wiki project, which is developing an ASP.NET-based
Wiki engine. The award is part of an announced program to recognize outstanding
and important efforts in the field of .NET open source development.
Here's where it gets interesting. Jeff contends that "open source projects
are treated as second-class citizens in the Microsoft ecosystem." He says
Microsoft is not only wrong to withhold support from open source projects that
contribute to the .NET universe; he believes Microsoft's fate as a dev tools
provider hinges on the company changing its approach.
It's a point worth discussion. Dev shops worldwide rely on diverse open source
tools like DotNetNuke, MbUnit, NAnt, NHibernate and ZedGraph, just to name a
few. And yet, for all of Microsoft's efforts to embrace, welcome and work with
the open source community (CodePlex, the IronPython and IronRuby projects, Mono
development, etc.), it's clear that the .NET-aligned, open source developer
community isn't feeling the love from Redmond.
Are you using or considering the use of open source tooling in your development
projects? Tell us how you are using these .NET-savvy tools either alongside
or in place of Microsoft's own products. Let me know at mdesmond@reddevnews.com.
Posted by Michael Desmond on 04/15/200810 comments
It's the kind of story that should rightly give anyone the chills. Yesterday
at the
RSA Conference in San Francisco,
penetration testing expert Ira Winkler told the audience that the networks of
power companies are vulnerable to attack.
He should know. Winkler, you see, was able to hack into one such network in
less than a day.
Winkler and his team, working at the company's behest, were quickly able to
gain access to several employees' systems -- by way of a simple phishing attack.
From there, they could access the network controlling the power station's monitoring
and distribution operations. And from there, a lot of things -- mostly bad --
can happen. You can read a Network World article about Winkler's presentation here.
The problem, Winkler contends, isn't so much with gullible employees who should
know better than to click a link on a faux e-mail message. It's with the slap-dash
evolution of systems and networks at the power companies. As Winkler explains
in a 2007
blog post, the Supervisory Control and Data Acquisition (SCADA) systems
employed inside power companies are no longer isolated from external threats.
The air gap that once protected these systems has been bridged by what Winkler
calls the "lazy and cheap" behavior of people at these companies.
The worst thing? Winkler says power companies' fear of service interruptions
makes them reluctant "to update SCADA systems, and the systems and networks
that support them." It's a recipe for disaster that Winkler has urged power
companies to uncook. He calls for SCADA systems to be unlinked from the public
network and for power companies to deploy software and systems that enable reliable
and rapid patching.
What do you think of Winkler's warning to the power industry? And what can
development managers do to ensure that critical systems like these prove less
susceptible to attack? E-mail me at mdesmond@reddevnews.com.
Posted by Michael Desmond on 04/10/20080 comments
Microsoft is, of course, a leader in the arena of IT and software development.
And yet, I often feel that Microsoft runs the business the way I drive in rush-hour
traffic -- an abrupt, panic-filled drama punctuated by angry shouting and the
occasional triple-lane change. Still, the company almost always seems to get
where it's going.
In the mid-'90s, Microsoft reworked its entire MSN strategy and launched Internet
Explorer in response to the rise of the World Wide Web and Netscape. Just six
weeks ago, Redmond suddenly announced a strategic
interoperability pledge in response to competitive and regulatory pressure.
And now today, at the RSA
Conference keynote in San Francisco, Microsoft Chief Research and Strategy
Officer Craig Mundie talked about what the company calls its "End to End
Trust vision."
We've heard this word "trust" before. It emerged in January 2002
in the now-famous Bill
Gates e-mail that, for the first time, placed security ahead of functionality
in the Redmond product development stack. As Gates wrote at the time:
"Trustworthy Computing is the highest priority for all the work we
are doing. We must lead the industry to a whole new level of Trustworthiness
in computing."
That e-mail helped launch the Security Development Lifecycle (SDL) at Microsoft,
and was critical in cleaning up the mess in such strategic products as Microsoft
Office, SQL Server and IIS.
Now, Microsoft is broadening the challenge, seeking to drive a strategic discussion
of privacy and security to the larger Internet. In the months ahead, you'll
hear a lot of talk about the "trusted stack" and what it will take
to achieve what Microsoft calls a "more secure and trustworthy Internet
ecosystem."
This is a big topic Microsoft is taking on, and one that we should all make
a point to pay very close attention to. The idea of a trusted stack certainly
brings with it a host of integration, leverage and lock-in opportunities for
Microsoft. But it also invites a true "lift all boats" scenario, where
Microsoft may stand to profit most by working closely with, rather than competing
against, its fiercest rivals.
If there's one truism in all of these developments, it's this: The work is
never done. On the same day Microsoft announced its End to End Trust vision,
the company sent out a Patch Tuesday security bulletin detailing five
critical security vulnerabilities.
What do you think of Microsoft's End to End Trust vision and its push for a
trusted stack? Speak up at mdesmond@reddevnews.com.
Posted by Michael Desmond on 04/08/20083 comments
Maybe it's because I'm a middle child in an angry, Irish family, but I've always
played the role of diplomat. Whether it's soothing tempers around the dinner
table or hoping to find common ground in a heated political discussion, I'm
not one to admire intransigence.
So imagine my dilemma covering the ongoing push to make Office Open XML (OOXML)
an ISO standard. After talking to some of the brightest minds in the industry,
I've come to an unsatisfying conclusion: Smart people can, and often must, disagree.
And sometimes, they must disagree violently.
Which helps explain the invective coming out of the open source and OpenDocument
Format (ODF) community this week, in the wake of the April 1 announcement by
the ISO that OOXML had, indeed, won
approval as a standard.
Sun's Tim Bray, who represented Canada in the ISO Ballot Resolution Meeting
(BRM), wrote
in his blog back on Feb. 29 at the conclusion of the BRM session:
"The process was complete, utter, unadulterated bullsh*t. I'm not
an ISO expert, but whatever their 'Fast Track' process was designed for, it
sure wasn't this. You just can't revise six thousand pages of deeply complex
specification-ware in the time that was provided for the process."
His subsequent
essay offers a more balanced perspective, though his criticism of the technical
product remains.
Meanwhile, guys like Mono Project founder Miguel de Icaza praise
the technical worth of OOXML and earn a firestorm of scathing critique from
open source advocates. Andrew Brust, an RDN contributor, Microsoft regional
director and chief of new technology at consultancy twentysix New York, said
of the process that Microsoft was forced to counter targeted opposition from
competitors and open source advocates.
"I think the worst you can say about that effort was that it was necessary
to make the vote fair, and it was unfortunate that the OOXML standard could
not be judged exclusively on its technical merits," Brust said. "Were
it judged that way, without the politics, I think it would have won approval
[in the first round of voting], and done so with much less rancor."
OOXML has passed muster in the ISO, and Microsoft is, predictably, calling
for people to set aside their differences in the ratification process and move
forward. But with the European Commission looking
for signs that Microsoft abused its monopoly position in the ISO process,
and the real possibility of an appeal being filed, it's clear that the healing
process may take longer to start than even a diplomat like myself might hope.
E-mail me at mdesmond@reddevnews.com.
Posted by Michael Desmond on 04/03/20084 comments
Yesterday, we were all expecting to hear the final results of the vote to make
Microsoft Office Open XML (OOXML) an industry standard under the International
Organization for Standardization (ISO). That announcement has been put off until
tomorrow, but
rumors
persist that Microsoft may have narrowly won the support it needed to gain
approval.
We'll be covering the ISO process and its implications in our next issue of
Redmond Developer News magazine, but in the meantime, I'm left to wonder:
What do developers think of the noisome ballot process that has brought OOXML
to the doorstep of ISO ratification? What could have been done better? And what,
perhaps, shouldn't have been done at all? E-mail me at mdesmond@reddevnews.com.
Posted by Michael Desmond on 04/01/20080 comments
I've spent the last couple of days in San Francisco at
VSLive!,
which offers Visual Studio developers a chance to glimpse Microsoft dev tool
roadmaps, hone technical skills, and explore important new tooling like Language
Integrated Query (LINQ) and the latest version of Visual Studio Team System
(VSTS). Along the way, attendees also get a chance to voice their opinions about
the tools they use every day.
All of that was in evidence at the session Stephanie
Saad gave on Monday afternoon. The VSTS group manager is heading up work
on the next release of VSTS (codenamed "Rosario"), and she was actively
working the audience to get a sense of what they wanted, and wanted changed,
in the upcoming toolset.
While her early demos of VSTS-Microsoft Project integration fell a bit flat,
Saad pleased the crowd when she showed off the promised reporting tools within
the next Team System version. And no wonder: When Saad asked developers if they
struggled to author reports, one attendee replied flatly, "We gave up."
Saad then demoed the slick integration of Excel to display flexible and compelling
report charts from simple queries, drawing applause from developers.
There's more, of course, including SharePoint integration for project dashboarding,
promised client-side code search and enhanced test functionality with a focus
on manual testing. Ultimately, Saad noted, Microsoft's goal isn't to produce
best-of-breed tooling across VSTS, but rather to deliver the most well-integrated
tooling.
In short: Development managers will face some tough choices in the years ahead
as they weigh the benefits of a focused testing suite like Identify Appsight,
for example, against the across-the-board plug-and-play value offered by Rosario.
What do you think of Microsoft's efforts with VSTS? Is the company focusing
on the right things or are there specific areas it really needs to address?
E-mail me at mdesmond@reddevnews.com.
Posted by Michael Desmond on 04/01/20080 comments
If Google has taught the world one thing, it's this: Search is good.
So I stood up and took note last month when Krugle
introduced the second version of its Krugle Enterprise Appliance, an enterprise
search network device that lets developers and managers track down specific
code assets across repositories and over the Internet. The appliance can search
enterprise code indexed behind the firewall, and also provides access to Krugle's
public index of more than 2.6 billion lines of open source code.
According to Matthew Graney, Krugle's senior director of product management,
Krugle Enterprise Appliance 2.0 extends native support for source code management
systems, adding ClearCase and Microsoft Foundation Server to support for Subversion,
Perforce and CVS. Krugle search supports more than 40 languages. It also features
improved management and configuration features.
Graney said the product meets a long-standing need among development teams.
"Whether you are doing open source or other kinds of development, the biggest
challenge facing developers is often finding what is out there," Graney
said. "That is really the primary benefit."
Honestly, I'm surprised we don't hear more about code search solutions, especially
given the increasingly distributed and componentized nature of development.
Tim Murphy, a senior consultant for Daugherty Business Solutions, agreed. He
said effective code search is a great way for developers to get past bottlenecks
and learn from each other.
"The most productive developers I have met are where they are because
of the resources that they utilize," Murphy wrote in an e-mail interview.
"Reading other people's code is a great way to find solutions but it is
also a way to get new ideas for approaches to development."
More than that, a device like Krugle's, which plugs into the datacenter and
crawls code repositories and other sources, can help large organizations do
a better job of reusing code. Michael Cote, analyst for research firm RedMonk,
sees developers searching across business units and projects to find blocks
of code that address a problem at hand.
Of course, Web search helped turn keyword- and key phrase-writing into a profit-making
art, and launched a cottage industry of search engine optimization consultancies.
I imagine code search will put a real emphasis on well-commented and organized
code.
Does your shop or projects make use of code search solutions? What would you
like to see to help you do your jobs better? E-mail me at mdesmond@reddevnews.com.
Posted by Michael Desmond on 03/27/20080 comments
Unless you've been hiding under a rock, you've almost certainly noticed Microsoft's
shift toward a more
open, interoperable and standards-savvy approach to development technologies.
It's a trend that started with the release
of the .NET source code and promotion of XML-based
open file formats for Office, and recently culminated in the Feb. 21 "Interoperability
Pledge" announcement.
What's remarkable isn't that Microsoft is playing nicely with others; the company
has enjoyed a long history of fruitful partnerships, often with unexpected partners
like Apple, Red Hat and Sun Microsystems. Rather, it's the way that Microsoft
seems to be turning its vast and remarkable ecosystem toward the emerging threat
and opportunity posed by open source development and standards-based Web services.
You see, in the past, Microsoft would identify a key market opportunity or
threat and target it with a compelling offering. So Microsoft Excel was set
against Lotus 1-2-3, MSN was set against AOL and Internet Explorer competed
with Netscape Navigator.
But how does Microsoft compete against a movement? The rapidly growing web
of standards and open source solutions serving the enterprise poses a real danger
to Microsoft.
If You Can't Beat 'Em, Join 'Em. Then Beat 'Em.
Unable to simply set a product against this broad phenomenon, Microsoft instead
mirrors the actions of Daniel Plainview in the acclaimed movie There Will
Be Blood, and proposes to drain the momentum and revenue right out from
under the competition.
The Office Open XML (OOXML) file format is a case in point. Faced with an established
open source XML standard (OpenDocument Format) and the real possibility that
government and regulatory bodies might mandate a move off the proprietary binary
Office formats, Microsoft launched OOXML as an industry standard. More than
that, it's moved aggressively to deploy an ecosystem of partners, on display
at the recent Interoperability Lab in Cambridge, Mass., to surround ODF's position.
You can almost picture Daniel Day-Lewis describing his long straw as it reaches
across the room and saying, "I drink your milkshake. I drink it up!"
Just as Plainview surrounded a sought-for oil field and drained its wealth
right out from under the owner's deed, Microsoft is shifting the competition.
Instead of simply going head-to-head against ODF or Web services or competing
browser platforms, Redmond is going over, under, around and into the competition.
It's co-opting standards-making processes and adopting mature industry standards
even as it opens access to its once-hidden IP.
The good news for developers is that we can expect Microsoft to become increasingly
engaged with both open source- and industry standards-based projects and efforts.
We can expect to enjoy broader and deeper access to Microsoft IP than ever before.
And we can expect more partnerships like the PHP project with Zend Technologies
and the Mono and Moonlight projects with Novell. This is all welcome news.
But don't think for a moment that Microsoft isn't anxious to monetize or leverage
every precious ounce of IP it can muster.
In less than a week, we should learn the results of the long-running OOXML
standardization battle in the ISO. Win or lose, this is just the beginning.
Even without ISO imprimatur, Microsoft will make its file format spec a major
contender. It's breaking down the competitive value of ODF by opening its own
standard, by enabling an ecosystem of rich solutions around OOXML and by making
available the vast leverage of the Office and Windows platforms.
And Microsoft is working to apply this same model across the entire enterprise
Web space, from Web services to rich Internet application runtimes. To turn
an old phrase: If you can't beat 'em, join 'em. Then beat 'em.
What do you think of Microsoft's open and interoperable strategy? E-mail me
at mdesmond@reddevnews.
Posted by Michael Desmond on 03/25/20082 comments
When the Mozilla development team started work on Firefox 3 back in 2005, one
of the key issues facing the group was the issue of memory management. Shifting
usage patterns and increasingly demanding Web environments had exposed issues
like insidious memory leaks and application processes that failed to let go
of allocated memory. The result: Degrading performance and concerns about stability.
About a month ago, Mozilla developer Stuart Parmenter wrote an informative
account of how his team went about attacking the memory allocation and handling
problem. You can read it on his
blog here.
I spoke with Stuart and with Mozilla Vice President Mike Schroepfer yesterday
about the Firefox 3 development process. To improve memory performance, the
team had to go beyond tweaking their code and build custom tooling to help them
measure and address the challenge. It wasn't a trivial task, Parmenter said.
"I would say it was pretty difficult. We had to take a look at a pretty
low level at what was going on. So we actually had to end up building a lot
of custom tools to monitor when our our memory was being allocated, how it was
being allocated, how it was being freed and what the result of that was,"
Parmenter explained. "So a lot of really deep technical issues there. We
built a lot of tools to measure that."
The results are apparent to many users working with the current beta 4 of
Firefox 3, but Parmenter's blog post offers pretty compelling quantitative results,
as well. His team cooked up an aggressive series of tests that reflect the evolving
nature of Web browsing, and measures how well the code behaves when juggling
multiple sites in multiple tabs over a long period of time. According to their
tests, Firefox 3 does a much better job of releasing memory, with a terminal
state that's 60 percent below that of Firefox 2.
What might it all mean for corporate developers and managers? Parmenter and
Schroepfer said that all development efforts can benefit from the kind of continuous
build process that's been in place at Mozilla throughout the Firefox 3 effort.
The team produces nightly builds of Firefox, Schroepfer said, and has kicked
out eight alphas and four public betas in the time that Microsoft has produced
one public milestone of Internet Explorer 8.
What are your impressions of the latest Firefox beta? Is the Mozilla team onto
something, and can we all learn something from them? E-mail me at mdesmond@reddevnews.com
and let me know why or why not.
Posted by Michael Desmond on 03/20/20080 comments
Even as Mozilla fixes and
tweaks
its own code, the open source purveyor is motivating developers to do the
same with their add-ons and extensions. Mozilla just announced the Extend Firefox
3 contest, which rewards developer efforts for creating outstanding add-ons
for the forthcoming release of Firefox.
The contest will run through July 4 and emphasizes outstanding UI, innovative
approaches and the use of open standards. A new category will recognize the
best updated versions of existing add-ons.
You can find out more details at extendfirefox.com.
Posted by Michael Desmond on 03/20/20080 comments