Category Archives: software

microsoft, software, software development, windows

SharePoint’s secret sauce

3 Comments

Just before Christmas I spoke to Daz Wilkin, Microsoft Developer Platform Evangelist, about Office development and Sharepoint. I’ve wanted to catch up on Sharepoint for some time, since it is achieving significant usage. Here’s a recent study which claims that:

the number of SharePoint applications in place today will quadruple over the next 12 months

Wilkin says that:

SharePoint is approaching becoming a billion dollar business for Microsoft. It’s vastly exceeded all of our estimates.

I suspect that journalists, myself included, have given Sharepoint insufficient attention. One reason is that it is a slippery product to describe and seems to straddle several categories, such as portal server, smart file store, and workflow platform. “I don’t think Microsoft has done a bang-up job in being able to articulate it. It is many things to many people,” says Wilkin.

Another problem is the confusion over SharePoint Portal Server (paid for) and SharePoint Services (free add-on for Windows server). You can find a point-by-point comparison here. The free SharePoint Services, on which Portal Server is built, are surprisingly rich. Once you have them installed, which can be a little painful, you get instant wikis and blogs, shared documents with versioning, permissions, and the ability to open and save directly from Office applications, shared calendars and tasks, and online forums. Here’s the settings panel for a shared document store:

Site options including content approval,versioning,permissions and check out 

It’s a shame that document versioning is off by default, but there is plenty of value in these features. Note we are mainly talking intranet rather than internet, though hosting SharePoint is a growing industry and it is also core to Microsoft’s own hosted service efforts.

Why is installation painful? Well, you need Windows Server, and if you want to use ASP.NET for something other than SharePoint on the same box, it needs a bit of tweaking. For example, if you run Exchange and install SharePoint Services, it breaks Outlook Web Access. On my server I got round this by adding a second host name in local DNS, pointing to the same machine, and using this for the SharePoint site using IIS host headers. Real-world businesses either install SharePoint on a separate server, or have Small Business Server which builds it in, so this is mainly an issue for journalists and the like. Perhaps this is a small factor in why SharePoint gets less coverage than it should; it is not something we can just pick up and use like Office itself.

So why is SharePoint taking off? According to Wilkin, it is about “group productivity”. He talks about how SharePoint deals with the classic document review process. Emailing documents around a company and getting numerous edited versions back is a hassle. Apparently Microsoft itself is now using SharePoint more intensively, and users just check-out a document, make changes, and check it back in. He adds,

…If you then combine that with the ease with which you can check that document into a workflow, and then have it automatically routed around the organization, and then very naturally combine that with data going in and out of backend systems whatever they are, that to me is the magic. Customers tend to get the value more quickly than some of the ISVs.

Visual Studio 2008 has support for SharePoint projects and this is something I plan to write about soon. If anyone has been doing SharePoint and/or Workflow Foundation development, I’d be interested to know how you found it.

internet, security, software, web authoring

Detailed look at a WordPress hack

Angsuman Chakraborty’s technical blog suffered a similar attack to mine – the malicious script was the same, though the detail of the attack was different. In my case WordPress was attacked via Phorum. Chakraborty offers a detailed look at how his site was compromised and makes some suggestions for improving WordPress security.

In both these cases, WordPress was not solely to blame. At least, that is the implication. Chakraborty thinks his attack began with an exploit described by Secunia, which requires the hacker first to obtain access to the WordPress password database, via a stray backup or a SQL injection attack. Nevertheless, Chakraborty says:

One of the challenges with WordPress is that security considerations were mostly an afterthought (feel free to disagree) which were latched on as WordPress became more and more popular.

I have huge respect for WordPress. Nevertheless, I believe its web site could do better with regard to security. The installation instructions say little about it. You really need to find this page on hardening WordPress. It should be more prominent.

Technorati tags: ,
internet, software

Is Adobe spying on you?

2 Comments

Abode is on the defensive after users complained that their premier software package Creative Suite 3 is collecting usage stats in an underhand manner.

On the other hand, Adobe’s John Nack reports that the content being tracked is content delivered from the internet, such as a Live News SWF, and online help which really is online, not just local files.

The other part of this story is that Adobe is using Omniture for analytics, and Omniture has chosen a deceptive url for its tracking stats, specifically 192.168.112.2O7.net. That’s not an IP number, it’s an URL – note the capital O used where it looks like a zero.

Breach of privacy? Case not proven. Anyone running a web site should track stats for all kinds of reasons; I used them recently to investigate a break-in. When desktop applications call internet resources, they are acting like a web browser, and users should expect that they leave a digital trail. It is not as if CS3 calls the internet secretly – I think most of us can figure out that a live news panel is doing more than showing files installed by setup.

Unfortunately once you start browsing the web it is difficult to know exactly what resources you are calling and from where. What users see as a single web page typically has ads from one place, maybe images from another, and often slightly sneaky tricks like invisible images or scripts put in place solely to track usage. Now desktop apps are doing the same thing; it is not different in kind though it is true that neither case is transparent for the user.

That’s no excuse for Omniture using a silly URL that is the kind of thing you would expect from spam sites or misleading emails that want you to click malware links. Omniture’s URL is designed to look like an internal IP address which would normally be safe. That’s beyond “not transparent”; it is deliberate deception, albeit easy to spot for anyone moderately technical.

Should Adobe offer an option to turn off all non-local content? Possibly, though not many users would want to do so. There is a simple way for users to protect their privacy, which is to disconnect their machine from the Internet.

The big unknown is how these stats are used. Does Adobe check for the same serial number being used on multiple machines concurrently? Does it link usage stats to registration details? Does it check which apps in the suite are used most, and use that for contextual marketing to specific users? There is probably a privacy policy somewhere which explains what Adobe does, or does not, or might do. Unfortunately users have to take such things on trust. Occasionally companies slip up, even with good intentions – you may recall the day AOL released search logs for 500,000 users naively thinking they were not personally identifiable.

This problem is not specific to Adobe. It is inherent in internet-connected applications including web browsers. That said, Adobe should beat up Omniture for its shady URL, and do a better job informing users what kind of data it is collecting and how it is used. Which is pretty much what Nack says in a second post – except he says security when this is a privacy issue. Not the same thing.

Technorati tags: , , , ,
linux, software

Firefox segmentation fault on Asus Eee PC after update

20 Comments

I’m writing about Eee PC right now, and after updating a clean install (no added repositories) was surprised to find Firefox failing with a segmentation fault. Clicking the Firefox icon did nothing. Running from a console got this:

/opt/firefox/run-mozilla.sh: line 131: nnnn Segmentation fault

Reinstalling Firefox and deleting the profile did not work, nor did safe mode. I found the answer here. Open a console (Control-Alt-T) and type:

sudo apt-get install eeepc-updatepack-20071126

What does this package do?

This update pack fixes SCIM for applications which were provided to ASUS as binaries. This includes Firefox, Thunderbird, Adobe Acrobat.

SCIM is the Smart Common Input Method platform.

All is now well, but I’m not impressed. Running apt-get update and then apt-get upgrade should not break important applications. Nor is it obvious how to fix the problem. This kind of thing will put new users off Linux; not good if Asus really wants to make the Eee a mass-market device.

Incidentally, if you are stuck without Firefox on the Eee and need to browse the web, typing konqueror from a console will fire up the KDE web browser.

software, software development

When good software goes bad

Verity Stob looks at feature bloat and a few other things in her piece on apps that have gotten worse over the years.

Confession: I use Paint Shop Pro too, although I have Photoshop installed as part of Adobe’s Web Premium CS3. In my case it is PSP version 5.0. PSP starts in a blink and has dead easy tools. Photoshop takes several seconds to start up and displays messages like “Initializing palettes” while it is getting going. There is nothing wrong with Photoshop, but equally if I just need to crop a screenshot quickly, I find myself using PSP and saving a few seconds.

Stob’s piece is light-hearted and unfair (I like C#) but a fun read.

I remember meeting a programmer back in the days of DOS and strict memory limits. He told me that every time he added a new feature, he had to find some other code he could remove in order to fit it in. A nightmare of course; but it prevented bloat.

It’s one of the reasons I like the Asus Eee PC. It is underpowered by many standards, but small, light, starts from cold in less than 30 seconds, and works fine for most everyday tasks.

Just another take on less is more.

microsoft, software

Windows Mobile sync pain

1 Comment

I use a Samsung i600, similar to the Blackjack, which I’ve upgraded to Windows Mobile 6.0. Nice mobile, but for a while now it hasn’t been syncing properly. It hadn’t bothered me too much, because the main thing I care about is email, which I retrieve via IMAP, and that always works fine.

Then something else went wrong. I noticed that some documents which I had on the storage card in the i600 had disappeared. No error message; they just were no longer there. That prompted me to fix it.

I started with sync. On Vista it is no longer ActiveSync, but two new things. One is called the Sync center, the other called Windows Mobile Device Center. Probably a lot of the same old stuff underneath. What’s the difference?

The new Sync Center is a convenient central location in Windows Vista from which you can manage data synchronization between PCs, between PCs and servers, and between PCs and devices.

Got that? Now this:

Though it unifies your various sync activities, please note that Sync Center does not replace third-party sync tools or functionality. For example, a Windows Mobile device will still use its own infrastructure—Windows Mobile Device Center—to perform the actual synchronization of data with a Windows Vista computer. If you want to change the granular sync settings for any specific relationship, Sync Center directs you to the Windows Mobile Device Center or, in the case of another company’s device, to the data management settings for that device.

I wish I’d read that sooner. Since it is the Sync Center that fires up automatically (or is meant to) when you connect via USB, I had wasted some time fiddling with it. I was trying to delete the partnership. Right-click, Delete. Nothing happened. File – Delete. Nothing happened. No error, nothing in the event log, but the partnership remained.

I Googled. Dear me. I hit the Windows Sync Center Blog. An archetypal example of how not to blog. Here’s the blurb:

With the advent of the new Sync Center folder in Windows Vista and a brand new programming model, the team felt that it was important to provide a way for those using these interfaces to interact with us and provide feedback.

Just what I wanted. Thing is, there are just two posts, the most recent in September 2005. And lots of comments, like this:

Please, oh please help me remove this thing from my machine. I just got Vista and an external drive. Created a sync partnership which didn’t work. Cannot delete the sync.Cannot remove systray application.

or this:

does anyone who can fix this mess read our blog? PURGATORY!!!!!

or this:

HELLO…….. BILLLLLLLLLLLLLLLL RU listening to us?

You guys call this a blog?! You’ve answered NONE of your customer’s questions! And you’ve had, what, two posts in two years??

Not the best place for help apparently. Fortunately I realized that what I really wanted was the Windows Mobile Device Center, and hit this post instead. Downloaded and installed version 6.1, and everything worked. Easy. Though the comments to that post are almost equally depressing.

I’m also puzzled. I use Microsoft Update. Why hadn’t my Mobile Device Center been updated automatically?

Never mind. Time to look at the other problem. I looked at the storage card in the device explorer, which now worked. It was almost empty, yet had very little free space. I removed it and put it in a card reader. Right click – Properties – Tools – Check for Errors. As I’d guessed, it was corrupt. The error check restored my missing documents. It also revealed the likely cause of the problem. Live Search had created around 1200 temporary files on the card. I deleted them all. Replaced the card in the device, upgraded Live Search to the latest version. All seems to be well.

Was I just unlucky? I’m not sure. Windows Mobile devices do seem prone to this kind of runaround. Then again, my older Qtek 8100, running Windows Mobile 2003 2nd Edition, worked reliably for a couple of years. Oddly enough, it is not the errors themselves that are frustrating, but the lack of helpful error messages or troubleshooting tips that actually work.

It strikes me that Windows Mobile and the whatever-you-call-it sync software still has some way to go before it is truly user-friendly.

microsoft, software

450 fixes in Office 2007 service pack 1

5 Comments

Microsoft has released Office 2007 service pack 1. But what does it fix? If you go to this page you can download a spreadsheet which lists around 450 fixes. It is a little misleading, since many of the fixes reference pre-existing knowledgebase articles, which I reckon means you may already have the fix. SP1 is still worth it (presuming it works OK) – there are plenty of other issues mentioned.

Of course I went straight to the Outlook 2007 section, as this is the app I have real problems with. This one will be interesting to some readers of this blog:

  • POP3 sync is sometimes slow.  An issue that contributed to this issue was fixed in SP1.

I believe I have noticed this one too:

  • A large number of items may fail to be indexed.

As to whether Outlook 2007 will perform noticeably better after SP1, I am sceptical but will let you know.

As it happens, the top four search keywords for visitors to this blog who come via search engines, for this month, are as follows:

  1. 2007
  2. outlook
  3. vista
  4. slow

It is similar most months. Hmmm, seems there may be a pattern there.

internet, microsoft, software

Live Workspace: can someone explain the offline story?

2 Comments

I showed the Asus Eee PC to a friend the other day. She liked it, but won’t be buying. Why? It doesn’t run Microsoft Office (yet – an official Windows version is planned).

It reminded me how important Office is to Microsoft. No wonder it is fighting so hard in the ODF vs OOXML standards war.

Therefore, if anything can boost Microsoft’s Web 2.0 credentials (and market share), it has to be Office. I’ve not yet been able to try out Office Live Workspace, but it strikes me that Microsoft is doing at least some the right things. As I understand it, you get seamless integration between Office and web storage, plus some extras like document sharing and real-time collaboration.

I still have a question though, which inevitably is not answered in the FAQ. What’s the offline story? In fact, what happens when you are working on a document at the airport, your wi-fi pass expires, and you hit Save? Maybe a beta tester can answer this. Does Word or Excel prompt for a local copy instead? And if you save such a copy, how do you sync up the changes later?

If there’s a good answer, then this is the kind of thing I might use myself. If there is no good answer, I’ll stick with Subversion. Personally I want both the convenience of online storage and the comfort of local copies, with no-fuss synch between the two.

That said, I may be the only one concerned about this. When I Googled for Live Workspace Offline, the top hit was my own earlier post on the subject.

microsoft, software

Vista vs XP performance: some informal tests

15 Comments

After posting about the inadequacy of a recent test report I thought it would be interesting to conduct my own informal tests of Vista vs XP performance. I do not run a computer laboratory, but I guess my tests have the benefit of being real-world.

I tested several conditions on three computers. On two of them I was able to test XP 32-bit vs Vista 32-bit. I tried various combinations of Aero on or off, visual effects on or off, and UAC (User Account Control) on or off. I also tried setting Vista to run only basic services, using Msconfig.

The test suite I used was PassMark Performance Test 6.1. You can use this free for 30 days, so anyone can repeat the tests.

Caveat: perfect tests are hard to achieve. A big problem with Vista is that it has all sorts of background services that are meant to maintain your system, perform backups, check for updates, and so on. Further, if you have third-party software installed (and who doesn’t?) then it may also be running background tasks. The only compensation I applied was to wait a few minutes after start-up for disk activity to pretty much cease. I also switched off anti-virus software, and closed the Vista sidebar.

Here’s a few highlights. First, XP was fastest on the two dual-boot machines, and that was without any effort optimizing XP for performance. In both cases, the best Vista performance was about 15.5% slower than XP, based on the PassMark performance index. On one machine the worst Vista performance was 28% slower, and on the other 23% slower.

Graphics 2D – Ouch!

The most interesting result was the poor performance of the Graphics 2D tests on Vista. A series of PassMark tests cover drawing lines, rectangles, shapes, font rendering, and common GUI operations like scrolling listboxes, moving windows or filling progress bars. On both dual-boot machines, the best Vista performance was an amazing 70% slower than XP. Put another way, XP was 3 times faster. Since these are common operations, that is worrying.

That said, there are some specific reasons for this poor performance. See here for example:

The Windows Vista graphics system is designed to support a broad range of hardware and usage scenarios to enable new technology while continuing to support existing systems. Existing graphics interfaces, such as GDI, GDI+, and older versions of Direct3D, continue to work on Windows Vista, but are internally remapped where possible. This means that the majority of existing Windows applications will continue to work.

Hmm, re-mapping sounds slow. And here:

GDI primitives like LineTo and Rectangle are now rendered in software rather than video hardware, which greatly simplifies the display drivers.  We don’t think this will impact many real-world applications (usually when a GDI application is render bound its because it’s doing something like gradients that was never hardware accelerated), but if you do see problems please let us know.

See also Greg Schechter’s notes here on GDI-rendered windows.

In a nutshell, Vista is optimized for DirectX rendering at the expense of GDI; yet, as Schecter notes:

Today and for the near future, most applications use and will continue to use GDI to render their content.

This I suspect is a large part of the reason why some tests report that XP is twice as fast as Vista. Automating Office could well hit this slow GDI issue. Note that it is not all 2D graphics that are slow – CustomPC got less alarming results for its 2D graphics tests, which by the looks of it are not GDI-based.

Schechter does not cover the scenario where the DWM (Desktop Window Manager) is turned off, but it looks as if some of the factors which make GDI slow still apply.

What’s most effective at speeding up Vista?

I did some experiments where I compared Vista Basic with Vista Aero, or looked at what happened when UAC is switched off. I got inconsistent results. On an older machine, I found that disabling Aero made a significant difference, maybe an 8% speed-up. On another, more recent machine, Aero was actually faster. So much changes when you use DWM that I guess this is to be expected.

UAC? Not a huge difference in these tests – around 2%.

The biggest influence, on the basis of my imperfect testing, came when using Msconfig to switch off all but basic services and start-up programs. This speeds performance by around 10% overall.

In most other tests there were modest differences between Vista and XP. This includes 3D graphics, where Vista actually scored higher than XP on one machine, and CPU, where on one machine there was less than 2.5% difference between best and worst. Vista does come out significantly slower on the PassMark memory test suite, from just over 8% worse to over 20% worse.

Conclusion? First, my informal tests suggest that XP is faster than Vista, but not normally twice as fast. Second, an application written to use DirectX rather than GDI should perform better, other things being equal. WPF (Windows Presentation Foundation) uses DirectX, but unfortunately has its own performance overhead.

If this analysis is right, then Vista is at its worst when rendering the GUI in traditional Windows applications. That will make them feel less snappy, but would not impact the non-visual aspect, like say recalculating a spreadsheet.

Then again, I only tried one test suite, so please don’t take the above too seriously.

I’d be interested in further informed comments.

Technorati tags: , , ,
internet, software, web authoring

Buzzword gets word count, easier sharing

Adobe’s online, Flash-based word processor has been revised and now includes word count, handy for journalists and essay writers:

buzz_count

It also has easier sharing: simply copy the URL at the top of the document you are editing to create a link. I intended to demo this here; but cannot because Buzzword does not yet support public sharing. You can only share with other specified Buzzword users identified by their email address. Buzzword says public sharing is “a feature that we’re actively investigating.”

Amusing: I noticed that my document had a number of flagged words, wiggly underlines that indicate likely spelling errors. Two of these unrecognized terms were “Google” and “Zoho”. “Buzzword” on the other hand is in the dictionary.

Technorati tags: , , , ,