Thursday, March 19, 2009

Waiting for my Netbook

There are rumors about a netbook made by Apple. Beside many other sources, Gizmodo came up with a couple of information and pics (touchscreen, …). The assumption that this gadget will be available before Christmas sounds logically. It makes my life easier picking up the right present for myself … :-)

Silverlight 3 at Mix09 / Las Vegas

The most important fact is that Silverlight 3 Applications (basically a subset of WPF) can be deployed and executed outside the browser in a sandbox. Beside this deployment scenario, advanced video features (H.264) and an updated version of Blend are the most remarkable renewals for the smart client ecosystem.

Thursday, March 12, 2009

More testing tools for parallelization

Intel® offers a so called “Application Concurrency Audit Tool” for free. The Intel® Concurrency Checker 2.1 is available for Windows and LINUX and can be downloaded from their software network. I started to play around a little bit with the tool. It provides a decent overview on CPU utilization, elapsed time, parallel time, utilization regarding threads, and levels of concurrency. It allows to attach running application executables as well as to test java apps.

Wednesday, March 11, 2009

What's on my reading list?

Four books, basically:
  • the Long Tail by Chris Anderson
    ... recommende for all people interested in the new economy and e-commerce
  • Outliers by Malcolm Gladwell
    ... its about genius
  • Das Scheekind by Nicholas Vanier
    ... a musher travels BC and Alaska with his wife and a baby
  • Mechanics of User Identification and Authentication, by Dobromir Todorov
    .. it's for geeks

Friday, March 06, 2009

Offline-Web Applications & Security

We can read a lot about Computing in the Clouds these days, even in ordinary newspapers. It’s a big business with SOME open questions. I started to compile a couple of thoughts in Web Browser, Web-OS and the Era of Cloud. Beside the real differences to Client-Server Computing (“Dude, sometimes I can spot them, and sometimes not!”), I do have my concerns pertaining to security. Take the so called Offline-Web Applications (sometimes called Web 3.0) for example. Beside the fact that this word is a contradiction in itself, the vulnerabilities are an existing problem. Running web servers everywhere increases the attack surface. The HTTP-servers on the client machines are needed to keep the applications (that are web applications) running in case of a network blackout. In addition, to maintain state is another must to allow a kinda real application feeling. Maintaining state in the scope of web application based on HTTP with all consequences has been a security problem from the beginning. Nowadays, state is maintained by using cookies and other remnants initiated and used by browsers and plug-ins. Talking about Offline-Web Applications, small databases on client-side are in use. But this list is not complete yet. HTML 5 specifies a Structured Client Side Storage which includes database storage (local and relational). Some Web-browser vendors are planning to support to a certain degree (session, local, database). This will change attack scenarios as well as attack surface. Combined with excessive scripting, but this is another story …

Dresden’s castle got a (new) roof

webduke pics 2009