Category Archives: software

.net, microsoft, mobile, open source, software, software development, visual studio

SharpDevelop 3.0: everything .NET from Boo to F#

4 Comments

I’ve been researching open source .NET and noticed that SharpDevelop, the free IDE for .NET on Windows, completed version 3.0 earlier this month. Congratulations to the team. Along with Windows Forms and ASP.NET applications in C# or Visual Basic, you get extras like support for F#, Boo and Python. Another welcome feature is built-in support for Subversion version control. There’s even an ASCII table in the IDE, which brings back memories: 15 years ago every programming manual had one at the back.

SharpDevelop has two major challenges. One is keeping up with Microsoft; right now there are discussions about improving WPF support, for example. The other is that Microsoft offers free Express versions of Visual Studio, which leaves SharpDevelop with those niche users for whom the Express products are unsuitable, but who do not want to pay for a full version, or who are wedded to some exclusive SharpDevelop feature.

In favour of SharpDevelop, it installs more easily and loads more quickly than Microsoft’s effort, and certainly proves the point that native C# applications do not have to be slow.

A more interesting though less complete product is the forked MonoDevelop, which is cross platform and targets Mono, the open source implementation of .NET. Mono now looks good on Linux; but the idea of WORA (Write Once Run Anywhere) has never really caught on in the .NET world. How many significant Mono applications for Windows have you seen? My guess is that if it happens at all, it will be in the form of Silverlight/Moonlight running in the browser.

Technorati tags: , , , ,
adobe, cloud computing, flash, internet, microsoft, multimedia, silverlight, software, software development, Uncategorized, web authoring

How will Microsoft make money from Silverlight?

6 Comments

Indeed, will it do so? I like Silverlight a lot; though I appreciate that to a Flash developer it may seem pointless. It does a lot of stuff right: small download, powerful layout language, cross-platform (with caveats), rich media, fast just-in-time compiled code.

Still, what intrigues me is how Silverlight has come from nowhere to what seems to be a central position in Microsoft’s product strategy in just a few years. What’s the business case? Or is it just that someone high up experienced a moment of horror – “Flash is taking over in web media and browser-hosted applications, we gotta do something”?

Let’s eliminate a few things. It’s not the design and developer tools. Making a profit from tools is hard, with tough competition both from open source, and from commercial companies giving away tools to promote other products. I don’t know how Microsoft’s figures look for the Expression range, but I’m guessing they bleed red, irrespective of their quality. Visual Studio may just about be a profit centre (though the Express series is free); but Silverlight is only a small corner of what it does.

Nor is it the runtime. Adobe can’t charge for Flash; Microsoft can’t charge for Silverlight.

I asked Twitter for some ideas. Here are some of the responses:

migueldeicaza @timanderson, my guesses:WinServer built-in-steaming;Strengthening .NET ecosystem, and client-server interactions;Keep share in RIA space

IanBlackburn @timanderson Isn’t Silverlight going to become the "Microsoft Client" and central to s+s?  Apps built with it can be charged in many way

harbars @timanderson no doubt with annoying adverts

mickael @timanderson isn’t silverlight a defensive move against other RIA platforms (like Adobe’s one)? They might only plan selling developmt tools

jonhoneyball @timanderson In the long term by hosting tv stations’ internet traffic and providing the charging/hosting/download/player model.

jonhoneyball @timanderson ie azure cloud + silverlight + someone elses content = ms revenue. no, it wont work, but its not unexpected ms-think.

jonhoneyball @timanderson why no work? price war to come on cloud host/delivery etc Someone will host BBC for free. Game over

There are two main themes here. One is media streaming; as the Internet takes over an increasing proportion of broadcasting and media delivery (note recent comments on Spotify) Microsoft plans to profit from server-side services. The challenges here are that there may be little money to be made; Adobe has a firm grip on this already; and Apple will do its own thing.

The other is about applications. This is the bit that makes sense to me. Microsoft knows that the era of Windows desktop clients, while not over, is in long-term decline; and that applies to applications like Office as well as custom business applications. Silverlight is a strong client platform for web-based alternatives. So I’m voting for Ian Blackburn’s comment above: it’s the Microsoft Client.

If that’s right, we’ll see Silverlight embed itself into more and more of Microsoft’s products, from desktop to server, just as Adobe is gradually remaking everything it does around Flash.

The difference is that Microsoft has far more invested in the status quo: selling Windows and Office. I’m guessing that there are heated internal battles around things like Web Office. The briefing I attended at the 2008 PDC on Office Web Applications was fascinating in respect of its ambivalence; for every web feature shown, the presenters wanted to emphasise that desktop Office was still the thing you should have.

Technorati tags: , , ,
microsoft, security, software, software development, windows

Gears of War certificate expiry a reminder to developers: always timestamp signed code

Users of the PC version of Gears of War have been unable to run the game since yesterday (29th January 2009). If they try, they get a message:

You cannot run the game with modified executable code

Joe Graf from Epic has acknowledged the problem:

We have been notified of the issue and are working with Microsoft to get it resolved. Sorry for any problems related to this. I’ll post more once we have a resolution.

The workaround is to set back your system clock. An ugly solution. Of course, some users went through the agony of full Windows reinstalls in an effort to get playing again.

So what happened? This looks to me like a code-signing problem, not a DRM problem as such, though the motivation for it may have been to protect against piracy. Code signing is a technique for verifying both the publisher of an executable, and that it has not tampered with. When you sign code, for example using the signwizard utility in the Windows SDK, you have to select a certificate with which to sign, and then you have an option to apply a timestamp. The wizard doesn’t mention it, but the consequences of not applying a timestamp are severe:

Microsoft Authenticode allows you to timestamp your signed code. Timestamping ensures that code will not expire when the certificate expires because the browser validates the timestamp. The timestamping service is provided courtesy of VeriSign. If you use the timestamping service when signing code, a hash of your code is sent to VeriSign’s server to record a timestamp for your code. A user’s software can distinguish between code signed with an expired certificate that should not be trusted and code that was signed with a Certificate that was valid at the time the code was signed but which has subsequently expired … If you do not use the timestamping option during the signing, you must re-sign your code and re-send it out to your customers.

Unfortunately, there is no timestamping for Netscape Object Signing and JavaSoft Certificates. Therefore you need to re-sign your code with a new certificate after the old certificate expires.

I don’t know if this is the exact reason for the problems with Gears of War, and I’m surprised that the game refuses to run, as opposed to issuing a warning, but this could be where the anti-piracy measures kick in. Epic’s programmers may have assumed that the only reason the certificate would be invalid is if the code had been modified.

I blogged about a similar problem in February 2006, when a Java certificate expired causing APC’s PowerChute software (a utility for an uninterruptible power supply) to fail. That one caused servers to run slow or refuse to boot.

As far as I know, there is no way of telling whether other not-yet-expired certificates are sitting on our PCs waiting to cause havoc one morning. If there are some examples, I hope it does not affect software running, say, Air Traffic Control systems or nuclear power stations.

If you are a Windows developer, the message is: always timestamp when signing your code.

adobe, internet, multimedia, software

BBC iPlayer AIR app brings downloads to Mac and Linux

I’ve successfully installed the new BBC iPlayer AIR application on Windows, Mac and Linux – and I’m mostly impressed so far. The main snag is that you have to click the Labs tester button on a separate page before the  download works – but this isn’t mentioned on the download page. Another usability issue is that when you start up the app it invites you start downloading; you click the link, and the iPlayer web site opens in your default browser with no advice on what to do next. You have to find a programme which includes a download to computer link – most of them do not. I found a Roy Orbison documentary that worked (no, that’s not Roy Orbison in the pic, but another singer).

This was a better experience than early days with the old download iPlayer, though on Linux (Ubuntu Intrepid Ibex) I found that I needed to fiddle with the settings and allocate some disk space specifically before it would accept downloads.

An interesting aspect of the new iPlayer is that it replaces a peer-to-peer download system with a direct download. I discussed the implications of this at some length with both Anthony Rose at the BBC, and with a couple of ISPs, when I was researching an interview for the Guardian. In the end there wasn’t enough space to include much of this technical detail, though I’m hoping to post some of it in the near future.

A quick summary: the ISPs are not in favour of peer-to-peer because it is less efficient. Typically, all the retries cause approximately double the amount of data to be transferred (according to my source). That said, they don’t like the BBCs move towards Level 3 rather than Akamai, because it works out more expensive for them. ISPs could install their own box to stream the BBCs content, saving them operational money, but these apparently are expensive to buy and install; I was told that the iPlayer’s traffic does not yet justify it, but if it grows to say twice what it is now, it will become economic.

The biggest cost though is the last step, from the ISP to the user. This is where the cable companies (mostly Virgin Media) have a big advantage, since the cable goes to your doorstep, and is designed to accommodate digital broardcasts. ISPs that have taken advantage of local loop unbundling are also relatively well placed. Those that pay BT wholesale for the traffic are the most vulnerable.

The other important point is that there is always something you can do to manage increased traffic – though not necessarily quickly. If everyone in the UK suddenly tries to watch HD video at the same time, the system will seize up, but that won’t happen. What will happen is that increasing numbers of people will find that their cheap transfer-limited packages are no longer sufficient and they will need to upgrade.

Technorati tags: , , , , , ,
apple, microsoft, security, software, vista, windows

Microsoft plans free anti-malware

5 Comments

Microsoft will be offering a free anti-malware suite codenamed “Morro”, from the second half of 2009, according to a press release:

This streamlined solution will … provide comprehensive protection from malware including viruses, spyware, rootkits and trojans. This new solution, to be offered at no charge to consumers, will be architected for a smaller footprint that will use fewer computing resources, making it ideal for low-bandwidth scenarios or less powerful PCs.

It’s a good move. Here’s why:

  • The current situation is calamitous. Even users with fully paid-up anti-virus solutions installed get infected, as I recently saw for myself. PC security is ineffective.
  • The practice of shipping PCs with pre-installed anti-virus that has a trial subscription is counter-productive. There will always be a proportion of users who take the free trial and do not renew, ending up with out-of-date security software. A free solution is better – several are available now – if only because it does not expire.
  • Microsoft wants to compete more effectively with Apple. It is addressing an extra cost faced by PC users, as well as (possibly) the poor user experience inherent in pre-installed anti-virus trialware.
  • The performance issue is also important. Anti-malware software is a significant performance drag. Microsoft is the vendor best placed to implement anti-malware that minimizes the drag on the system.

Counter-arguments:

  • Only specialist companies have the necessary expertise. I don’t believe this; Microsoft’s investment in security is genuine.
  • Single-supplier security gives malware a fixed target, easier to bypass. There’s some merit to this argument; but it is weakened by the fact that the current multi-vendor scenario is clearly failing. Further, the Mac is a fixed target that does not appear to be easy to bypass.

All of this is hot air compared to the real challenge, which is securing the operating system. Vista is progress, Windows 7 not much different according to my first impressions.

Why not just use another operating system? There’s a good case for it; ironically the theory that a large factor in Windows insecurity is its dominance can/will only be properly tested when an alternative OS is equally or more popular. If people continue switching to Macs perhaps it will happen some day. Windows is still hampered by its legacy, though my impression is that Vista’s UAC is having its intended effect: fewer applications now write to system areas in Windows, bringing us closer to the day when security can be tightened further.

What about business systems? This is one area that needs clarification. Microsoft says Morro is only for consumers. Why should businesses have to pay for a feature that consumers get for free? On the other hand, some equivalent initiative may be planned for business users.

java, open source, software, software development, Sun

Sun’s financial problems – what comes next?

1 Comment

Sun has today published a press release announcing that up to 18% of its global workforce is to be cut and that Rich Green, VP of Software, has resigned.

It has also formed a new business group called Cloud Computing & Developer Platforms, for advancing its cloud services efforts.

Sun is a fascinating company, with serious commitment to open source. It is also the steward of Java, MySQL and OpenOffice.org. Despite the software aspect, selling servers is a core part of its business, and its problems now (in my quick opinion) are a consequence of the economic downturn, a trend towards cheap-and-many in the server market, and a rush towards open source without any clear strategy over how to monetize it. No, I don’t believe turning runtime and application downloads into foistware and adware is the solution.

Somehow, Sun allowed competitors such as IBM and Oracle to benefit from Java without reaping equal rewards itself. It is great at innovating but less good at profiting from its invention. Java applets were the first browser-hosted client applications, but Sun did not see the need for something like JavaFX until Adobe Flash and then Microsoft Silverlight showed how this needed to evolve; now it is probably too late.

Another example is utility computing (one aspect of cloud computing), which Sun pioneered with its Grid initiative; but others such as Amazon are now setting the pace in this area.

What comes next – acquisition, recovery, or continued decline?

Technorati tags: , , , , ,
linux, software, ubuntu, vista, windows

Reasons to love Linux #1: package management

5 Comments

I posted recently about a difficult Ubuntu upgrade, drawing the comment “What do you prefer to do on Linux that you don’t on Windows?”

Today I patched the Debian server which runs this blog. APT upgraded the following applications:

MySQL 5

Apache 2.2

Clam AntiVirus

Time Zone data (tzdata)

Some of these involve several packages, so 16 packages were updated.

Bear in mind that this is a running system, and that MySQL and Apache are in constant heavy use, mostly by WordPress.

I logged on to the terminal and typed a single command:

apt-get upgrade

The package manager took less than a minute to upgrade all the packages, which had already been downloaded via a scheduled job. Services were stopped and started as needed. No reboot needed. Job done.

I guess a few people trying to access this site got a slow response, but that was all.

Now, how long would it take to upgrade IIS, SQL Server and some server anti-virus package on Windows? What are the odds of getting away without a restart?

Admittedly this is not risk-free. I’ve known package management to get messed up on Linux, and it can take many hours to resolve – but this usually happens on experimental systems. Web servers that stick to the official stable distribution rarely have problems in my experience.

I realise that the comment really referred to desktop Linux, not server, and here the picture is less rosy. In fact, this post was inspired by a difficult upgrade, though in this case it was the entire distribution being updated. Even on the desktop though, the user experience for installing updates and applications is generally much better.

Let’s say I’m looking for an image editor. I click on Add/Remove and type a search:

I like the way the apps show popularity. I’d like a few more things like ratings and comments; but it’s a start. Inkscape looks interesting, so I check it, click Apply Changes, and shortly after I get this dialog:

I double-click, and there it is:

I admit, I did take a few moments to download an example SVG file from the W3C, just to make the screen grab look better. But provided you have broadband, and the app you want is in the list, it is a great experience.

Windows Vista has had a go at this. From Control Panel – Programs and Features you can get to Windows Marketplace, where you might search and find something like The Gimp (free)  or Sketsa SVG Editor (costs). I tried The Gimp, to be more like-with-like. I had to sign in with a Live ID even though it is free. I went through several web dialogs and ended up with a download prompt for a zipped setup. That was it.

In other words, I went through all these steps, but I still do not have The Gimp. OK, I know I have to extract the ZIP and run the setup; but Ubuntu’s Add/Remove spares me all that complication; it is way ahead in usability.

App Store on the iPhone also has it right. For the user, that is. I detest the lock-in and the business model; but usability generally wins. The online stores on games consoles, like XBox Live Marketplace, are good as well. I guess one day we will install or buy most applications this way.

cloud computing, internet, linux, microsoft, open source, software

Microsoft Office vs OpenOffice.org in UK education

6 Comments

Yesterday I took a seminar with a small number of people from schools and colleges in the UK, who had purchasing responsibility for software.

I talked about some of the history, differences between the products, the ISO standardisation wars, the ribbon, and the way Microsoft’s pricing escalates in order to charge the maximum to business users. I also mentioned online alternatives like Google docs and asked whether they could contemplate switching entirely to a web-based productivity suite.

It is always interesting talking to people with a real-world perspective, in contrast to the hothouse of Internet discussions and attempting to follow what is happening at the bleeding edge. What I found:

  • These folk knew about OpenOffice.org but none use it regularly themeselves; one had a reasonable number of students using it, but only because they were using netbooks running Linux. Not very encouraging for OpenOffice.org since the buzz is that netbooks are increasingly switching to Windows.
  • There was very little interest in ISO standards. On the other hand, there was real concern about interoperability, which is related. However, the best solution at the moment is to use Microsoft’s old binary formats throughout. Filters in MS office for OpenDocument, and in OpenOffice.org for Open XML, will be welcome.
    Incidentally, I used Office 2007 PowerPoint for the session. I tried to open the .pptx in OpenOffice.org 3.0; it worked, but there were extra borders round objects and some unwanted text. I saved from Office 2007 as .ppt, re-opened in OpenOffice.org. It was perfect.
  • Some had already rolled out Office 2007, and reported that the Ribbon UI was better for new users, but caused problems for some who were familiar with the old menus. Mainly a training issue.
  • Education gets generous pricing for MS Office. There was interest in saving money by using OpenOffice.org, but the sums involved are relatively small. We discussed the ethical issue – whether it is right to get young people hooked on a product that will cost them or their businesses dearly later on – but this particular group didn’t engage with this much. Little desire to change the world; focused on getting their work done.
  • I mentioned the negative Becta report on Vista and Office 2007, which I also looked at again in preparation. I was struck again by what a poor report it is, ducking important issues and giving a rose-tinted view of ODF, though I am in sympathy with Becta’s efforts to promote choice and open source in education. However, none of this group had read the report, or even heard of it. Becta is a government organization focused on technology in education.
  • There was little enthusiasm for web-based office suites. Interest perked up a little when I mentioned Google Gears and the possibility of seamless online/offline use. One person said his school was rural and could not get broadband at all.

My overall impression is that Microsoft Office remains dominant in the institutions represented by this group, and that seems unlikely to change soon. The web-based suites have more chance of breaking the habit, since they represent a more fundamental shift than simply moving from one fat desktop application to another.

I would likely have got a better attendance for a seminar on rolling out Office 2007.

google, open source, php, ruby, software, software development, web authoring

Future of Web Apps 2008 Day One: Web is DVD, desktop VHS

1 Comment

I’m at London’s dreary Excel centre for Carson’s Future of Web Apps conference, just before the opening of day two. Yesterday was a mixed bag; good when speakers talk technical; bad when they descend into marketing. The origins of the conference are as a start-up incubator; developers and entrepreneurs getting together to see what’s new and make contacts. It still has some of that flavour, but it has grown beyond that because web apps are a mainstream topic and Carson attracts generally excellent speakers. There is a good crowd here; I’m not sure if every last ticket sold, but it is pretty much packed out, though the dark economic mood is dampening spirits.

Digg’s Kevin Rose spoke briefly about his site’s new recommendation engine, which has been active since July or so. The idea is that Digg learns a user’s profile by examining clicks and votes, using it to customize what the user sees. He spoke about a forthcoming feature, where third-party sites will be able to call the Digg recommendation engine to get profile information that it can then use to customize its own site.

An interesting idea; though it raises several questions. How does it work – would logging out of Digg be sufficient to disable it? Will users opt-out or opt-in? How much of this kind of customization do we want anyway?

This whole theme of contextualization is a big one here; it ties in closely with social networking, and Google’s OpenSocial API is getting quite a bit of attention.

Blaine Cook (ex Twitter now Yahoo, Ruby guy and inventor of OAuth) gave a though-provoking session on scalability along with Joe Stump from Digg (and a PHP guy). They took the line that languages don’t matter – partly a reflection on Twitter’s scaling problems and whether it was Ruby’s fault. Other factors make language efficiency unimportant, they said, such as disk I/O and network speed; and the secret of scaling is multiple and redundant cheap boxes and apps which are segmented so that no one box  is a bottleneck. The case was overstated but the main points strike me as sound.

I’m wondering how many of the developers here are actually having to deal with these kinds of scalability problems. Many web apps get only light use; the problems for everyday developers are different.

I attended a session entitled "The future of Enterprise Web Apps" by Googler Kevin Marks. It turned out to be a plug for the OpenSocial API; not what I was expecting.

Francisco Tolmasky of 280slides.com evangelised his Objective-J and Cappucino JavaScript framework, based loosely on Apple’s Cocoa framework. Hmm, bit like SproutCore.

I give Tolmasky credit for the most striking analogy of the day. The Web is DVD is says, and the desktop VHS. Adobe’s AIR is a combo player. He is talking about transition and leaving us in no doubt about what he sees is the future of the desktop.

Best sessions of the day (that I attended) were Blaine Cook on Jabber and its XMPP protocol, and David Recordon from SixApart on the evolving Internet "open stack". In this he includes:

  • OpenID + hCard for identity
  • XRDS-Simple for discovery (http://is.gd/3M53)
  • OAuth for authentication
  • ATOM and POCO  ( or PorC) – Portable contacts)
  • OpenSocial

I put these two sessions together because they both addressed the "Web as platform" topic that is really the heart of why we are here. Spotting which APIs and protocols will win is tricky; but if consensus is reached on some or all of these, they will impact all web developers and bring new coherence to what we are doing.

I’ll be covering today on Twitter again – see here if you want to follow.