Category Archives: software development

.net, software development

F#, Enterprise JavaScript at QCon London

2 Comments

The best sessions here at QCon London have been the small ones, not the big ones. Yesterday the slot I enjoyed most was from Attila Szegedi on JavaScript in the Enterprise. He uses Mozilla Rhino for server-side development. It’s not a mainstream choice; but he made a case for it, saying that continuations in JavaScript bring huge benefits, that there is a ready supply of developers with JavaScript skills (albeit mostly browser-based), and JavaScript is so flexible that he can work around any limitations.

One example is that JavaScript has no namespaces; but it does support function pointers, so he adds a bunch of function pointers as members of an object, and then that object works like a namespace.

Szegedi says he has little interest in ECMAScript 4.0 – once thought to be the future of JavaScript – because there is no community consensus around it.

Today I’ve just attended a session on Microsoft F# given by Amanda Laucher. F# is a functional language that will be released as part of Visual Studio 2010. I knew little about it until today. Laucher gave a code-heavy presentation looking at how the ease of concurrency in F# can greatly increase speed of execution, using an example from the car insurance industry.

Laucher said that threading in C# is horrible in comparison.

Developers are not going to abandon C# or Visual Basic in favour of F#. Rather, they will encapsulate pieces of functionality in F# where they can get benefit, and call them from their C# or VB application.

Technorati Tags: ,,,,,
.net, java, software development, web authoring

QCon London 2009

I’m at QCon London and covering it on Twitter as wi-fi and battery power allows. The focus of the conference is enterprise development, and it spans Java and .NET, SOAP and REST, but with a bias towards Agile methodology.

I was here last year, and my observation is that last year there was considerable angst about the idea that the SOAP stack was failing to deliver and that new stacks based on REST were the thing to do.

This year this same statement feels more widely accepted and people are moving on, based on that assumption.

One delegate stuck his hand up and asked, “is this a fad, or will it last”? Sounds like a cry of pain from someone who invested heavily in something now condemned. History tells that in five or ten years time we may well be equally enthusiastic about some new thing and observing all the weaknesses in the bad stuff we used to do.

Still, these trends don’t form overnight. We have to choose what looks like the best model at the time.

I’m typing this during a session on test-driven development. Personally I think TDD is a more profound improvement in the software development process than REST vs SOAP; the detail of TDD will continue to evolve and be debated; but its basic ideas are hard to challenge.

As an aside, this is one factor in why ASP.NET MVC is so important for developers on Microsoft’s web platform. Reason: it’s testable.

.net, internet, microsoft, software development, visual studio, web authoring, windows

Mono creeping into the mainstream?

1 Comment

For those of you who have not already seen this link on Twitter: I’ve posted a short piece on Mono, the open source implementation of Microsoft .NET. The piece was prompted by my own experience writing a simple .NET application in Visual Studio and deploying it to Linux. Admittedly I anticipated the move by using MySQL rather than SQL Server as the database; but even so, I was impressed by how easy it was – I spent more time recently deploying an application from Visual Studio 2008 to Windows Server 2008, thanks to some issues with SQL Server Express.

Don’t Miguel de Icaza’s comment about scalability and garbage collection, two of the factors that have deterred some from real-world Mono deployments.

.net, adobe, google, iphone, microsoft, ruby, silverlight, software development, web authoring

Programming language trends: Flash up, AJAX down?

5 Comments

I’m fascinated by the O’Reilly reports on the state of the computer book market in 2008, particularly the one relating to programming languages.

Notable facts and speculations:

C# is the number one language, overtaking Java (which is down 12%), and was consistently so throughout 2008. Although the .NET platform is no longer new and exciting, I’m guessing this reflects Microsoft’s success in corporate development, plus the fact that the language is changing fast enough to stimulate book purchases. Absolute growth is small though: just 1%.

Objective-C is growing massively (965%). That’s probably stimulated by iPhone app development more than anything else. It’s a perfect topic for a programming book, since the platform is important and popular, and attracting developers who were previously ignorant of Objective-C.

ActionScript is growing (33%). That’s Adobe’s success in establishing Flex and the Flash platform.

PHP is up 3%. I’m not surprised; it’s usually the P in LAMP, everyone’s favourite free and open source web platform. That said, the online documentation and community support for PHP is so good that a book is less necessary than for some other languages.

JavaScript is down 24%. I’m a little surprised, as JavaScript is still a language everyone has to grapple with to some degree. It may be a stretch; but I wonder if this is a symptom of AJAX losing developer mindshare to Flash/Flex (ActionScript) and maybe Silverlight (C#)? Another factor is that JavaScript is not changing much; last year’s JavaScript book is still good enough.

Visual Basic is down 15%. Exactly what I would expect; slow-ish decline but still popular.

Ruby is down 51%. This is a surprise; though it was well up in 2007 so you could be kind and describe this as settling. The problem with Ruby though is lack of a major sponsor; plus the migration from PHP to Ruby that seemed possible a couple of years ago just has not happened. It may be intimidating to casual developers who find PHP more approachable; plus of course, Ruby probably is not installed on your low-cost shared web hosting package.

Python is down 14%. Google sponsors Python, in that it is the language of App Engine, but apparently this has not been enough to stimulate grown in book sales. I guess App Engine is still not mainstream; or maybe there just aren’t enough good Python books out there.*

It will be interesting to see the 2009 report in a year or so. Meanwhile, I’m off to write an Objective C tutorial (joke!).

*Update: I was reading the charts too quickly; it looks as if the percentages above are only for the last quarter; the annual figures are similar except that Python actually grew over the year as a whole.

.net, microsoft, mobile, open source, software, software development, visual studio

SharpDevelop 3.0: everything .NET from Boo to F#

4 Comments

I’ve been researching open source .NET and noticed that SharpDevelop, the free IDE for .NET on Windows, completed version 3.0 earlier this month. Congratulations to the team. Along with Windows Forms and ASP.NET applications in C# or Visual Basic, you get extras like support for F#, Boo and Python. Another welcome feature is built-in support for Subversion version control. There’s even an ASCII table in the IDE, which brings back memories: 15 years ago every programming manual had one at the back.

SharpDevelop has two major challenges. One is keeping up with Microsoft; right now there are discussions about improving WPF support, for example. The other is that Microsoft offers free Express versions of Visual Studio, which leaves SharpDevelop with those niche users for whom the Express products are unsuitable, but who do not want to pay for a full version, or who are wedded to some exclusive SharpDevelop feature.

In favour of SharpDevelop, it installs more easily and loads more quickly than Microsoft’s effort, and certainly proves the point that native C# applications do not have to be slow.

A more interesting though less complete product is the forked MonoDevelop, which is cross platform and targets Mono, the open source implementation of .NET. Mono now looks good on Linux; but the idea of WORA (Write Once Run Anywhere) has never really caught on in the .NET world. How many significant Mono applications for Windows have you seen? My guess is that if it happens at all, it will be in the form of Silverlight/Moonlight running in the browser.

Technorati tags: , , , ,
.net, microsoft, software development, visual studio

First screenshots of Visual Studio 2010 UI

1 Comment

Jason Zander has posted some screenshots and info about the new WPF-based UI for Visual Studio 2010.

An early build of VS 2010 was handed out at PDC last year, but lacked the new UI.

Floating document windows is a great new feature. That said, Visual Studio 2008 works rather well; I hope the new version is equally fast and stable.

Technorati tags: , ,
adobe, cloud computing, flash, internet, microsoft, multimedia, silverlight, software, software development, Uncategorized, web authoring

How will Microsoft make money from Silverlight?

6 Comments

Indeed, will it do so? I like Silverlight a lot; though I appreciate that to a Flash developer it may seem pointless. It does a lot of stuff right: small download, powerful layout language, cross-platform (with caveats), rich media, fast just-in-time compiled code.

Still, what intrigues me is how Silverlight has come from nowhere to what seems to be a central position in Microsoft’s product strategy in just a few years. What’s the business case? Or is it just that someone high up experienced a moment of horror – “Flash is taking over in web media and browser-hosted applications, we gotta do something”?

Let’s eliminate a few things. It’s not the design and developer tools. Making a profit from tools is hard, with tough competition both from open source, and from commercial companies giving away tools to promote other products. I don’t know how Microsoft’s figures look for the Expression range, but I’m guessing they bleed red, irrespective of their quality. Visual Studio may just about be a profit centre (though the Express series is free); but Silverlight is only a small corner of what it does.

Nor is it the runtime. Adobe can’t charge for Flash; Microsoft can’t charge for Silverlight.

I asked Twitter for some ideas. Here are some of the responses:

migueldeicaza @timanderson, my guesses:WinServer built-in-steaming;Strengthening .NET ecosystem, and client-server interactions;Keep share in RIA space

IanBlackburn @timanderson Isn’t Silverlight going to become the "Microsoft Client" and central to s+s?  Apps built with it can be charged in many way

harbars @timanderson no doubt with annoying adverts

mickael @timanderson isn’t silverlight a defensive move against other RIA platforms (like Adobe’s one)? They might only plan selling developmt tools

jonhoneyball @timanderson In the long term by hosting tv stations’ internet traffic and providing the charging/hosting/download/player model.

jonhoneyball @timanderson ie azure cloud + silverlight + someone elses content = ms revenue. no, it wont work, but its not unexpected ms-think.

jonhoneyball @timanderson why no work? price war to come on cloud host/delivery etc Someone will host BBC for free. Game over

There are two main themes here. One is media streaming; as the Internet takes over an increasing proportion of broadcasting and media delivery (note recent comments on Spotify) Microsoft plans to profit from server-side services. The challenges here are that there may be little money to be made; Adobe has a firm grip on this already; and Apple will do its own thing.

The other is about applications. This is the bit that makes sense to me. Microsoft knows that the era of Windows desktop clients, while not over, is in long-term decline; and that applies to applications like Office as well as custom business applications. Silverlight is a strong client platform for web-based alternatives. So I’m voting for Ian Blackburn’s comment above: it’s the Microsoft Client.

If that’s right, we’ll see Silverlight embed itself into more and more of Microsoft’s products, from desktop to server, just as Adobe is gradually remaking everything it does around Flash.

The difference is that Microsoft has far more invested in the status quo: selling Windows and Office. I’m guessing that there are heated internal battles around things like Web Office. The briefing I attended at the 2008 PDC on Office Web Applications was fascinating in respect of its ambivalence; for every web feature shown, the presenters wanted to emphasise that desktop Office was still the thing you should have.

Technorati tags: , , ,
software development

QCon next month reports strong registrations

An email this morning reminds me that QCon takes place in London next month – this is one of my favourite developer-focused conferences, with excellent speakers covering a breadth of technology, though if you hate all things Agile it is probably not the place for you.

The organizers say that:

attendance for this year’s QCon London is actually ahead of last year’s, despite the problems in the economy

Given that it’s now common for conferences to be shrunk or cancelled, that’s impressive.

Technorati tags: ,
security, software development, sql

Kaspersky site hacked through SQL injection

There are millions of sites out there vulnerable to SQL injection; apparently one of them (at least until yesterday) was that of the security software vendor kaspersky.com. A hacker codenamed unu posted details – not all the details, but enough to show that the vulnerability was real. The hack exposed username tables and possibly personal details. Reddit has a discussion of the programming issues. According to the Reg, Kaspersky had been warned but took no action:

I have sent emails to info@kaspersky.com, forum@kaspersky.com, and webmaster@kaspersky.com warning Kasperky [sic] about the problem but I didn’t get any response," Unu, the hacker, said in an email. "After some time, still having no response from Kaspersky, I have published the article on hackersblog.org regarding the vulnerability.

The trouble with those kinds of email addresses is that they are unlikely to get to the right people. It’s still disappointing; and also disappointing that there is currently no mention of the issue (that I can see) on Kaspersky’s site. The company’s response to the security hole is equally as important as the vulnerability itself. When WordPress was hacked, founder Matt Mullenweg was everywhere responding to comments – on this blog, for example. I liked that a lot.

Technorati tags: , ,

microsoft, security, software development, vista, windows 7

Windows security and the UAC debate: Microsoft misses the point

2 Comments

Poor old Microsoft. When User Account Control was introduced in Windows Vista the crowd said it was too intrusive, broke applications, and not really more secure – partly because of the “OK” twitch reflex users may suffer from. In Windows 7 UAC is toned-down by default, and easy to control via an easy-to-find slider. Now the crowd is saying that Microsoft has gone too far, making Windows 7 less secure than Vista. The catalyst for this new wave of protest was Long Zheng’s observation that with the new default setting a malicious script could actually turn off UAC completely without raising a prompt.

Microsoft’s Jon DeVaan responds with a lengthy piece that somewhat misses the point. Zheng argues that Microsoft should make the UAC setting a special one that would:

force a UAC prompt in Secure Desktop mode whenever UAC is changed, regardless of its current state

DeVaan doesn’t respond directly to this suggestion which seems a minor change that would barely impact usability.

DeVaan also says:

There has been no report of a way for malware to make it onto a PC without consent. All of the feedback so far concerns the behavior of UAC once malware has found its way onto the PC and is running.

It’s an important point; though I wonder how DeVaan has missed the problems with autorun that can pretty much install malware without consent.

I am not one of those journalists whom Zheng lambasts:

This is dedicated to every ignorant “tech journalist” who cried wolf about UAC in Windows Vista.

Rather, I’ve been an advocate for UAC since pre-release days; see for example my post If Microsoft doesn’t use UAC, why should anyone else? which I later discovered upset some folk. One reason is that I see its real intent, best articulated by Mark Russinovitch, who writes:

UAC’s various changes and technologies will result in a major shift in the Windows usage model. With Windows Vista, Windows users can for the first time perform most daily tasks and run most software using standard user rights, and many corporations can now deploy standard user accounts.

and Microsoft’s Crispin Cowan:

Making it possible for everyone to run as Standard User is the real long term security value

In other words, UAC is a transitional tool, which aims to bring Windows closer to the Unix model where users do not normally run with local admin rights and data is cleanly separated from executables.

The real breakthrough will come when Microsoft configures Windows so that by default non-expert home and SME users end up running as standard users. Experts and system admins can make their own decisions.

In the meantime, I don’t see any harm in implementing the change Zheng is asking for, and I’d like to see Microsoft fix the autoplay problem; I believe users now understand that there is a trade-off between security and convenience, though they become irritated when they get the inconvenience without the security.

Update: Microsoft now says it will fix Windows 7 so that the UAC settings are better protected.

Technorati tags: , ,