|
|
Browse by Tags
All Tags » .NET » Security (RSS)
-
For those of you who were at the Cinncinnati NFJS show, please continue on to the next blog entry in your reader--you've already heard this. For those of you who weren't, then allow me to make the announcement: Hi. My name's Ted Neward, and I am now a ThoughtWorker . After four months of discussions, interviews, more discussions and more interviews, I can finally say that ThoughtWorks and I have come to a meeting of the minds, and starting 3 September I will be a Principal Consultant at ThoughtWorks. My role there will be to consult, write, mentor, architect and speak on Java, .NET, XML Services (and maybe even a little Ruby), not to mention help ThoughtWorks' clients achieve IT success in other general ways. Yep, I'm basically doing the same thing I've been doing for the last five years. Except now I'm doing it with a TW logo attached to my name. By the way, ThoughtWorkers get to choose their own titles, and I'm curious to know what readers think my title should be. Send me your suggestions, and if one really strikes home, I'll use it and update this entry to reflect the choice. I have a few ideas, but I'm finding that other people can be vastly more creative than I, and I'd love to have a title that rivals Neal's "Meme Wrangler" in coolness. Oh, and for those of you who were thinking this, "Seat Warmer" has already been taken, from what I understand. Honestly, this is a connection that's been hovering at the forefront of my mind for several years. I like ThoughtWorks' focus on success, their willingness to explore new ideas (both methodologies and technologies), their commitment to the community, their corporate values, and their overall attitude of "work hard, play hard". There have definitely been people who came away from ThoughtWorks with a negative impression of the company, but they're the minority. Any company that encourages T-shirts and jeans, XBoxes in the office, and wants to promote good corporate values is a winner in my book. In short, ThoughtWorks is, in many ways, the consulting company that I would want to build, if I were going to build a consulting firm. I'm not a wild fan of the travel commitments, mind you, but I am definitely no stranger to travel, we've got some ideas about how I can stay at home a bit more, and frankly I've been champing at the bit to get injected into more agile and team projects, so it feels like a good tradeoff. Plus, I get to think about languages and platforms in a more competitive and hostile way--not that TW Read More...
|
-
Apparently, I'm drawing enough of an audience through this blog that various folks have started to send me press releases and notifications and requests for... well, I dunno exactly, but I'm assuming some blogging love of some kind. I'm always a little leery about that particular subject, because it always has this dangerous potential to turn the blog into a less-credible marketing device, but people at conferences have suggested that they really are interested in what I think about various products and tools, so perhaps it's time to amend my stance on this. With that in mind, if you are a vendor and have a product that you'd like me to take a look at and (possibly) offer up a review here, here's the basic rules: No guarantees. Sending me something will in no way guarantee that I will review your product, for several reasons, two of which being (a) I get really busy sometimes, and (b) I may have no interest whatsoever in your product and I refuse to pretend to do so. (Readers can usually tell when the reviewer isn't all that excited about the subject, I've found.) If you're not going to send me a "real" version (meaning not the time-locked or feature-crippled demo), don't bother. I have no idea when I will get around to a review, and I have no desire to review something that isn't "the real deal". I will in turn promise that the licensed version you send me (if necessary) will not be used for any purpose other than my own research and exploration (signing contract if necessary to give you that "fresh-from-the-lawyer's-office" warm and fuzzy feeling). I say what I think, pro and con. I will not edit my review to suit your marketing purpose, and if you ask me to do so I will simply note in the review that you have asked me to do so. I retain full editorial control over what I say about your product. Having established #1, I will try to be as fair as I can about your product, and point out things that I liked and things that I didn't. (Of course, if I hated it from top to bottom, I may end up with the only positive thing being "It didn't set the atmosphere on fire when I started the app", but hey, that's something positive, right?) Also in the spirit of #1, if you send me mail answering questions or complaints in my review, I will of course amend the review with your comments. You are always welcome to post comments to the blog entry itself, too. Unless you insult my grandmother, then I will have to get all DELETE-key on you. The reason I'm posting this here is Read More...
|
-
A couple of people have asked me over the last few weeks, so it's probably worth saying out loud: No, I don't work for a large company, so yes, I'm available for consulting and research projects. If you've got one of those burning questions like, "How would our company/project/department/whatever make use of JRuby-and-Rails, and what would the impact to the rest of the system be", or "Could using F# help us write applications faster", or "How would we best integrate Groovy into our application", or "How does the new Adobe Flex/AIR move help us build richer client apps", or "How do we improve the performance of our Java/.NET app", or other questions along those lines, drop me a line and let's talk. Not only will I cook up a prototype describing the answer, but I'll meet with your management and explain the consequences of the research, both pro and con, for them to evaluate. Shameless call for consulting complete, now back to the regularly-scheduled programming. Enterprise consulting, mentoring or instruction. Java, C++, .NET or XML services. 1-day or multi-day workshops available. Contact me for details . Read More...
|
-
Just recently, I got this bit in an email from the Redmond Developer News ezine: TWO IF BY SEA In the course of just over a week starting on Jan. 30, a total of five undersea data cables linking Europe, Africa and the Middle East were damaged or disrupted. The first two cables to be lost link Europe with Egypt and terminate near the Port of Alexandria. http://reddevnews.com/columns/article.aspx?editorialsid=2502 Early speculation placed the blame on ship anchors that might have dragged across the sea floor during heavy weather. But the subsequent loss of cables in the Persian Gulf and the Mediterranean has produced a chilling numbers game. Someone, it seems, may be trying to sabotage the global network. It's a conclusion that came up at a recent International Telecommunication Union (ITU) press conference. According to an Associated Press report, ITU head of development Sami al-Murshed isn't ready to "rule out that a deliberate act of sabotage caused the damage to the undersea cables over two weeks ago." http://tinyurl.com/3bjtdg You think? In just seven or eight days, five undersea cables were disrupted. Five. All of them serving or connecting to the Middle East. And thus far, only one cable cut -- linking Oman and the United Arab Emirates -- has been identified as accidental, caused by a dragging ship anchor. So what does it mean for developers? A lot, actually. Because it means that the coming wave of service-enabled applications needs to take into account the fact that the cloud is, literally, under attack. This isn't new. For as long as the Internet has been around, concerns about attacks on the network have centered on threats posed by things like distributed denial of service (DDOS) and other network-borne attacks. Twice -- once in 2002 and again in 2007 -- DDOS attacks have targeted the 13 DNS root servers, threatening to disrupt the Internet. But assaults on the remote physical infrastructure of the global network are especially concerning. These cables lie hundreds or even thousands of feet beneath the surface. This wasn't a script-kiddie kicking off an ill-advised DOS attack on a server. This was almost certainly a sophisticated, well-planned, well-financed and well-thought-out effort to cut off an entire section of the world from the global Internet. Clearly, efforts need to be made to ensure that the intercontinental cable infrastructure of the Internet is hardened. Redundant, geographically dispersed links, with plenty of excess bandwidth, are Read More...
|
-
In a post on January 25th , I said, "I posted yesterday that we had shipped our Enterprise Collateral Management solution based on our new architecture. As I said, we still have a lot more to do ." I provided a concise list of the methodologies, technologies and tools that we used in our 14 month cycle. To update where we are now, it will be necessary for me to give a little more context. First, when I mention "our company", we are actually a Division exclusively devoted to Collateral Management. This division, in turn is part of a much larger worldwide company that has at least 6 more financial sector products dealing with other aspects of managing risk. That company then, in turn is part of a huge Ratings company. The rest of the products are (mostly) integrated into one suite that we sell. Ours is not. One reason is that the various products have been organized into self-contained product groups. That means that we had our own development, marketing, sales, product and management for just Collateral Management. Five or six weeks ago, our company went through a rather large reorganization that aligned things by a global R&D, global Marketing, etc. I think this is an extremely good thing. Our product is now "owned" by R&D which also owns all the other products that are part of the suite and otherwise and we are detached from product so we can focus on development. We can also look at integrating into the suite and bi-directional learning. One consequence of this is now instead of my boss reporting to a VP of Collateral Management, he reports to a Senior Director in R&D who owns a product out of our large offices in Manhattan. The cool thing is that Josh Madden is a 20 year+ veteran developer/architect like me who has done great things in the Financial area for companies like Reuters. He gets development. The other cool thing is that his other product group also uses a lot of Agile techniques and greatly appreciates our total XP environment. One more thing: Read More...
|
-
Architecture More competition! No, I am very glad to see my good friend and Architect Harry start a series like mine and Mike's with his Morning Coffee 10 . I'm going to have to quicken the pace-) Software Development/Tools JetBrains has released their 1 .2 version of their new CI and build solution, Team City . This is very intersting from three perspectives. The first is that Jet Brains arguabally makes the best Java IDE on the planet, IntelliJ . The second is the Extreme Programming/Agile angle in that Jet Brains has always understood thsi community much better than Microsoft/VSTS and this has been reflected in IntelliJ and now Team City's support of NAnt, NUnit, and many others. The third is (much needed) competition for VS.NET/VSTS/TFS so that they can get better as well. As Scott said very well, if Microsoft is going to ignore us (Hugo the Agilist), people will look more and more to IDEs and tools that directly support the way they do work. WCF/Security A new series starts on CardSpace [via Mike ] Other Two new papers from Ralf Lämmel, who is the man behind LINQ to XSD , on Function OO Programming and the second is on XML Steaming [via Steve ] Technorati Tags: .NET , Windows Communication Foundation , WCF , Agile Development , Extreme Programming , IDE , Team City , Software Architecture , Microsoft Share this post: Email it! | bookmark it! | digg it! | reddit! | kick it! Read More...
|
-
WPF/Avalon One thing I had forgotten about in Avalon is the XAML Browser Apps (XBAPS) sandboxed in the browser. Karen Corby has two posts here on features and the second on security levels . [Found via Lester's WPF Blog ] One of the things I am looking at architecturally for 2007, is rationalizing the different code bases and development frameworks for UI (i.e. the grand convergence of the smart client and browser client). So in that, I would like to rationalize our WinForms/CAB code base and our soon to possibly be ASP.NET projects and have one WCF code base. So the question is; is it XBAPS or WPF/e? Walt reminds us all that there is no Cider goodness in the Orcas drop and " In the meantime, use the beta version of Expression Blend, to layout your controls. The Visual Studio 2005 extensions are very rough around the edges ." Yup. Sahil on WPF Freeable Objects Windows Workflow I talked about that WCF and WF are not at all currently integrated and how that will change in the Orcas timeframe. Microsoft has put up a sample showing how to use WCF from WF. [via Thom ] K. Scott Allan has a nice piece on Managing the Workflow Runtime from ASP.NET . WCF/Indigo Dominick Baier has an interesting post on ASP.NET Control for CardSpace WCF RSS/ATOM Endpoints for dasBlog Customizing the Metadata Resolver Architecture Welcome to the January 15, 2007 edition of Carnival of Enterprise Architecture. Technorati Tags: .NET , Windows Communication Foundation , Windows Presentation Foundation , WCF , WPF , Windows Workflow , Software Architecture , Microsoft Share this post: Email it! | bookmark it! | digg it! | reddit! | kick it! Read More...
|
-
A N&N from Brussels Belgium where I am up in the middle of the night (again I wake up at 3AM!) with my sleep hours all screwed up. I am enjoying my week here nonetheless. I don't know quite what to make of Brussels. Some parts remind me quite a bit of Paris but there is this weird mix of "modern" glass buildings although the style is a bit "older" than such US buildings. I don't know, I'm jet lagged and probably making no sense. The (potential) customer we are visiting is actually quite large > 3,000 employees most in one large building and I have been working hard on a "High Level Technical Document." Its' certainly some BDUF but this is a large SaS type architecture across 3 data centers that has many Enterprise issues (levels of Failover, SLAs, SQL Server Hot Mirroring, Perimeter Zone Security, etc. to deal with and get right. Anyhow, the food is good and there is a lot of espresso-). Architecture The Open Group (the TOGAF guys) has scheduled what appears to be an interesting conference on Enterprise Architecture and SOA in San Diego [via Architecture Blog ] Avalon/WCF Karsten gives an update on the North Face In Store Explorer WCF application that floored many of us at PDC05 and has now been deployed . He also reminds, "Note that the white paper written about this application is still relevant and worth reading. The code samples all work just fine on the final bits and have some useful code as far as state management, image montages and a 3D carousel." My good friend and fellow Smart Client track speaker, Walt Ritscher has started a new WCF blog at http://wpfwonderland.wordpress.com - Subscribed! Check out XAML to IL Explained Part 1 , WPF/e Example - Game of Life WCF/Indigo/SOA Nicholas Allan has his best of 2006 (and what a year it was for him/them!). Also check out Zen Faults Other Ted Neward has his predictions for 2007 , of which I mostly agree with all of them but one of the best qualities of Ted Read More...
|
|
|
|