Category Archives: software development

google, software development, web authoring

Sophos video about hacked BusinessWeek site

1 Comment

Sophos has a short video showing evidence of a hacked page on the BusinessWeek web site. I was impressed by how Google Chrome handled this:

The interesting point is that we are finding malicious JavaScript on highly reputable sites. Sophos says this one was caused by SQL injection, and I noticed that the page uses Microsoft’s old .asp technology in which it was particularly easy to code insecurely.

What’s the solution? Beats me; there are just zillions of insecure web applications out there. However, it’s disappointing that BusinessWeek still has not cleaned up the pages, which were reported last week (but perhaps that means last thing Friday).

apple, google, software development, web authoring, windows

Google Chrome for Mac and Linux will be a long while coming

6 Comments

When I looked at the Chromium source code and did a build, I noticed how much of it was Windows-specific. Although the WebKit rendering component is already cross-platform, it seems that the Mac and Linux versions of Chromium and therefore Chrome are a long way from ready. This is from the build notes for Mac OS X:

Right now, the Mac build is a work in progress that is much closer to the start than the finish. No application that renders web pages is generated at the end of these instructions!

Cross-platform work usually involves compromises, and it looks like the Google team pointed the dial more towards optimising for Windows than towards ease of porting. That surprises me, since it likely means more work maintaining the application for several platforms as well as delays now.

Chrome’s ambitions as an application platform cannot be realised until it runs on the Mac. Further, a disproportionate number of web designers and developers use Apple.

How long is a long while? Good question. I’ll be seeing some Google folk tomorrow; I’ll let you know what they say.

Technorati tags: , , , ,
microsoft, open source, software development

Developers: will you or have you signed for ribbon rights?

3 Comments

This is the dialog you see when installing Delphi 2009 or C++ Builder 2009:

There’s a similar restriction on use of the ribbon controls in the latest MFC.

The license information page is here. The license itself has two provisions that you might care about. First, you agree not to use the Ribbon, also known as the Fluent UI, in “Excluded products”:

“Excluded Products” are software products or components, or web-based or hosted services that perform primarily the same general functions as the Microsoft Office Word, Excel, PowerPoint, Outlook and Access software applications, and that are created or marketed as a replacement for any or all of those Microsoft applications.

OpenOffice.org – that’s you.

The second provision is more troublesome (unless you are OpenOffice or Google Apps). You have to comply with the Design Guidelines:

Your Licensed UI must comply with the Design Guidelines. If Microsoft notifies you that the Design Guidelines have been updated or that you are not complying with the Design Guidelines, you will make the necessary changes to comply as soon as you reasonably can, but no later than your next product release that is 6 months or more from the date you receive notice.

So what are the Design Guidelines? Good question. This is where it gets silly. In order to see the Design Guidelines, you have to agree the “2007 Microsoft Office Fluent User Interface Design Guidelines Evaluation License Agreement”, which among other things is a non-disclosure agreement. Furthermore, you have to destroy them within 30 days:

3. RESTRICTIONS. The Design Guidelines are for reference only and may not be used in development. You agree that you will destroy the Design Guidelines within thirty (30) days after you first acquire them or upon termination, whichever is earlier.

I am guessing here, but I hope and suppose that if you agree the main license you no longer have to destroy the guidelines to which you are meant to be conforming. It’s not obvious that this is the case, since the main agreement refers back to the UI licensing page, and the only way I can see to get the design guidelines is by agreeing the evaluation license which requires you to destroy them.

I reckon Microsoft’s lawyers are getting carried away.

Lunacy aside, I’d presume that the guidelines are detailed and that conforming could involve considerable work. It is also unclear to me what would happen in the real world if Microsoft issued an edict requiring you to update your application to its latest version with 3D revolving icons, for example. If you are an external developer and your customer does not want to pay, what then? I suppose in theory you should insure against it, or sneak in a clause to your development contract that says the customer pays for extra work imposed by Microsoft in the event that it exercises its rights.

Pragmatically I guess it is unlikely to happen. Still, I don’t like unreasonable agreements. In any case, are we sure that if you did not agree the license, but still went ahead and used the Ribbon UI, that Microsoft could successfully pursue you? Call it a toolbar, and it’s been commonplace in software for years.

microsoft, software development

Microsoft makes up with the OMG

Microsoft has joined the Object Management Group:

Microsoft Corp. today outlined its approach for taking modeling into mainstream industry use and announced its membership in the standards body Object Management Group™ (OMG™).

I’m not clear exactly when Microsoft joined the OMG. It is already listed as a Contributing Member (the highest level) here. Still, the warm words are something new. In the past Microsoft’s modelling strategy has been presented as an alternative to the OMG. For example, here’s IBM’s Agile Development expert Scott Ambler in a 2005 article:

Luckily, the OMG isn’t the only modeling game in town. Microsoft has struck out on its own, a strategy that has clearly served it well in the past, and is suggesting a new approach to modeling: Domain Specific Languages (DSLs).

And here’s Grady Booch in 2004, on why UML is good and why he “disagrees with Microsoft’s rejection of the UML in favour of proprietary domain-specific languages.”

Before the UML vs DSL wars it was the CORBA vs COM wars, and in both cases it was OMG on one side and Microsoft on the other.

It’s different now, with warm words from OMG CEO Dr Richard Mark Soley:

Microsoft has always been one of the driving forces in the development industry, helping to make innovation possible but also simplifying many of the most challenging aspects of the application development process …[stuff about UML] … Microsoft’s broad expertise and impact will make its membership in OMG beneficial to everyone involved.

It is all part of Microsoft’s efforts to establish “Oslo”, its new modelling initiative which it hopes is the next big thing in development productivity, and will feature in the next Visual Studio.

I wonder what has happened to software factories, which was Microsoft’s modelling buzzword just a couple of years ago? Part of Oslo, or now abandoned?

Technorati tags: , , , , ,
microsoft, silverlight, software development

Doubling performance with Silverlight multithreading

Bart Czernicki has a detailed post showing how Silverlight 2.0’s multithreading can improve performance. He took my counting primes code and  adapted it for parallel processing. On my quad core system the results are impressive:

As you can see by squinting at the screen grab, the processing time went from 0.43 to 0.20 seconds.

Multithreading is getting a bad rap in some quarters, because it greatly complicated debugging. On the other hand, if you have an app which does some heavy duty calculations then performance benefits like this are worth a little pain.

Technorati tags: , ,
microsoft, software, software development, windows

Microsoft Oslo: a tool, a language, a repository

A couple of Microsofties are talking up the Oslo launch at the forthcoming PDC. “Oslo” is what Microsoft sees as the next generation of software development – I think.

Don Box and Douglas Purdy have just posted their own definitions. They should know, they’re working on it.

Box says:

With Oslo, we’re doing two things:

1. We’re making it easier for people to write things down in ways that make sense for the domain they are working in – the common term for this in the wild is modeling.

2. We’re making the things people wrote down accessible to platform components during program execution.

Purdy:

we have boiled down Oslo to three very simple things:

  • A tool that helps people define and interact with models in a rich and visual manner
  • A language that helps people create and use textual domain-specific languages and data models
  • A relational repository that makes models available to both tools and platform components

There will be a CTP for us all to try at PDC.

The last time the industry tried this I believe it was called UML 2.0; it excited a lot of theoreticians but made little impact on real-world application development. I’m sceptical about Oslo too; but let’s acknowledge at least that the goal is a worthy one.

Having said that, what do you think about this remark from Purdy:

For me personally, Oslo is the first step in my vision “to make everyone a programmer (even if they don’t know it)”.

I’m sorry, that “everyone a programmer” line brings to mind spaghetti-macros in Excel or some of those unmaintainable Access and Visual Basic applications which you still see sometimes if you hang around small businesses.

Still, there is a costly divide in development, which is to do with the fact that A is an expert is some particular field, B is a programmer; and somehow A’s expertise has to be expressed in B’s code. I think this is about bridging that gap.

Technorati tags: , , ,
adobe, google, microsoft, software development, web authoring

Flash and Silverlight are the Chrome losers, says Zoho boss

5 Comments

Zoho CEO Sridhar Vembu makes an interesting statement in an email he has circulated following the launch of Google Chrome:

The biggest losers in Google’s announcement are not really competing browsers, but competing rich client engines like Flash and Silverlight. As Javascript advances rapidly, it inevitably encroaches on the territory currently held by Flash. Native browser video is likely the last nail in the coffin — and Google needs native browser-based video for its own YouTube; so we can be confident Google Chrome and Firefox will both have native video support, with Javascript-accessible VOM (video object model) APIs for web applications to manipulate video. As for Silverlight, let me just say that if Silverlight is the future of web computing, companies like us might as well find another line of work — and I suspect Google and Yahoo probably see it the same way too.

These last weeks have not been good for Adobe. First there was the Harmony announcement, sidelining the Adobe/Mozilla Tamarin project and making Adobe’s ActionScript 3.0 look more proprietary. Now there is Chrome; and I’m inclined to agree with Vembu, that Google will try to move away from Flash dependency. If that is right, then neither Google, nor Microsoft, nor Apple wants to play the Flash game.

As for Silverlight, I see this more as a Microsoft platform solution, extending its reach beyond the Windows client. I doubt it will be much affected by Chrome, though Vembu is right in saying that the more capable the browser becomes, the less necessity there is for something like Silverlight.

What about Zoho itself? I would take it more seriously if it were not so desperately slow whenever I give it a try, in contrast to Google’s usually responsive servers. It may be better in the USA, or perhaps there is some other reason, but for me the performance just kills it.

google, software development, web authoring

Google Chrome: the developer angle

3 Comments

The real purpose of Chrome is to run web applications. Google would like it to be Google applications, of course. Here’s a few things I noticed.

1. The V8 Javascript engine in Chrome is really fast – thanks to just-in-time compilation and other optimizations. This is important, because it removes some of the advantages of plug-ins such as Flash and Silverlight, which also do just-in-time compilation.

2. Chrome includes Gears, which enables offline functionality and other useful services, like a local database engine.

3. This is really part of Gears; but it’s worth noting separately. The Gears Desktop API lets you create application shortcuts – without further permission, apparently. In Chrome this is surfaced as a Create application shortcut dialog:

Note that this is a browser dialog, not a web page dialog.

Why is this a big deal? Well, I recall Adobe’s Kevin Lynch telling me that the usability issue around navigating to an URL in order to run an application was one of the motivations behind the development of AIR, Flash on the desktop. Google reckons it is easier to deal with the usability issue, than to create a separate desktop runtime.

4. Web applications started from shortcuts have no browser furniture. Just the web page in a window. There are probably other ways to get this effect too. I noticed that if you type Ctrl-T while in one of these full-window Chrome pages, which normally starts a new tab, it actually opens a second Chrome window, not just a new tab. Google wants that shortcut to behave like an application, not like a web browser.

Technorati tags: , , ,

microsoft, silverlight, software development, web authoring, xml

10 things you might not have known about XAML

2 Comments

I’ve written a short piece on XAML for the Register. Here’s a few things you might not have known about Microsoft’s Extensible Application Markup Language:

1. It is not just for WPF (Windows Presentation Foundation); it is also used as a language for Workflow Foundation (WF). Microsoft has hinted that we will see more XAML applications announced at the forthcoming PDC.

2. XAML doesn’t have to be XML – see the intro to the XAML Object Mapping Specification 2006, which says that “any physical representation may be used.”

3. XAML is a small core and distinct from XAML vocabularies. The huge WPF is a XAML vocabulary. WF is another vocabulary.

4. Although XAML is usually represented as XML, it is near-impossible to create an XML Schema to validate it usefully. Here’s where Microsoft explains why.

5. In Visual Studio 2005, a huge but imperfect .xsd schema file was used for validation and to drive IntelliSense (things like code completion) in the XAML editor. In Visual Studio 2008 Microsoft abandoned that idea and uses a language service instead.

6. The core idea behind XAML is to be a declarative language for .NET. WPF is merely an early application for XAML.

7. XPS, Microsoft’s fixed-layout language that competes (just about) with Adobe’s PDF, uses XAML that is a subset of WPF. This means that you can actually display XPS documents in Silverlight – there’s no need for a viewer, it is native Silverlight code.

8. When you compile a Silverlight application, the XAML stays as XAML, albeit bundled into a resource.

9. Silverlight allows you to write inline XAML within HTML.

10. XAML rhymes with Camel. Sorry, you knew that already. But did you know that CAML (Compiled Application Markup Language) is XAML compiled to MSIL (Microsoft Intermediate Language)? Microsoft tested this idea in pre-release versions of WPF, but apparently the performance benefits were disappointing and it was less compact than BAML (Binary Application Markup Language), a tokenized representation of XAML. Silverlight doesn’t bother with either: XAML is saved as a resource in a .NET DLL, and then zipped as part of the .XAP package by which a Silverlight application is delivered.

Technorati tags: , , , ,