114 items tagged “microsoft”
2010
S.Korea ends Microsoft’s online shopping monopoly. The crazy rules mandating Active X based encryption for government and e-commerce sites have finally been dropped, after the Korea Communications Commission found them “unfit for a new Internet environment involving smartphones”.
We all think of Java as a boring server-side language now, but the initial idea behind Java was that software developers could write applications in Java rather than writing them for Windows, and that those applications would work everywhere, thus defanging Microsoft’s desktop OS monopoly. Microsoft took various steps to prevent that from happening, but they lacked a tool like App Store that would enable them to just ban Java. Apple has that card to play, so they’re playing it.
Internet Explorer Platform Preview Guide for Developers (via) Lots of SVG and CSS3 stuff, no mention of canvas here either though.
An Early Look At IE9 for Developers (via) Surprisingly, no mention of SVG or canvas and only a note in passing about HTML 5.
2009
Negative Cashback from Bing Cashback (via) Some online stores show you a higher price if you click through from Bing—and set a cookie that continues to show you the higher price for the next three months. It’s unclear if this is Bing’s fault—comments on Hacker News report that Google Shopping sometimes suffers from the same problem (POST UPDATED: I originally blamed Bing for this).
IE 6 and 7 hit by hack attack code. IE6 and 7 have what looks like a buffer overflow vulnerability caused by a strange intersection of CSS, innerHTML and large JavaScript arrays. No exploits in the wild yet but it’s only a matter of time.
Major IE8 flaw makes ’safe’ sites unsafe. IE8 has an XSS protection feature which rewrites potentially harmful code in HTML pages—I think it looks for suspicious input in query strings which appears to have been output directly on the page. Unfortunately it turns out there’s a flaw in the feature that can allow attackers to rewrite safe pages to introduce XSS flaws. Google are serving all of their pages with the X-XSS-Protection: 0 header. Until the fix is released, that’s probably a good idea.
Look at Sony, or Microsoft, or Google, or anyone. They still don't get it. They're still out there talking about chips, or features, or whatever. Or now they're all hot for design. But they think design means making pretty objects. It doesn't. It means making a system of pieces that all work together seamlessly. It's not about calling attention to the technology. It's about making the technology invisible.
Given the security issues with plugins in general and Google Chrome in particular, Google Chrome Frame running as a plugin has doubled the attach area for malware and malicious scripts. This is not a risk we would recommend our friends and families take.
Microsoft backs long life for IE6. Oh FFS... “The software giant said it would support IE6 until 2014—four years beyond the original deadline.”
Farewell to Mashup Editor. It’s not just Microsoft Popfly that’s shutting down—Google Mashup Editor will be gone in four weeks time (this was announced in January). You get to keep your code, but I don’t know enough about Mashup Editor to know if the code is usable once the system has shut down.
Popfly Shutting Down. Yet another reminder that building stuff on a closed-source platform (especially a hosted service) is risky business, even from a vendor as large as Microsoft. This certainly won’t help them make the case for Azure.
Microsoft was slowing development of new versions of Internet Explorer in the hope that Web-based applications would not be able to compete with Windows applications, and Windows applications would keep people locked in to the Windows operating system. Thus XHTML2 was developed with no expectation that the leading Web browser would ever implement it.
From Microsoft: C# and CLI under the Community Promise. Microsoft’s assurance that it won’t “assert its Necessary Claims” against alternative (including open source) implementations of the ECMA C# and CLR specifications. The promise doesn’t cover implementations of .NET, WinForms etc- so the Mono team have announced they will be splitting their project in to two packages—a safe, ECMA based package and a package containing everything else.
And that is why, in 2009, when developing in Microsoft .NET 3.5 for ASP.NET MVC 1.0 on a Windows 7 system, you cannot include
/com\d(\..*)?,/lpt\d(\..*)?,/con(\..*)?,/aux(\..*)?,/prn(\..*)?, or/nul(\..*)?in any of your routes.
Let's try to imagine what a Google Silverlight would have been. It would have been a fully open source product from Google, with a very liberal open source license (BSD or Apache). It would have all the technical specifications published openly. They would pledge to have the Silverlight VM interoperate with Javascript and HTML5. And a company like Zoho would have a ton of developers working on Google Silverlight based applications by now - as opposed to having exactly ZERO developers working on Microsoft Silverlight.
Imminent Death of the Net Predicted. Well, maybe not, but the way Windows Vista deals with round-robin DNS A records (using a new IPv6 algorithm from RFC3484 backported to IPv4) means that domains that serve up multiple A records to load balance between data centres will find that the IP nearest to the 192.168.* range will get the vast majority of Vista traffic.
2008
Microsoft: Big Security Hole in All IE Versions. Looks like a 0-day that’s being actively exploited.
Windows Live Adds Support For OpenID. I hope they include the option to log in to the provider using CardSpace, to address phishing.
The greatest coup Microsoft pulled with Internet Explorer was putting the word "Internet" in its name. It sits there, on the desktop of every new Windows computer, and it says "Internet". So you click it. [...] What better way to beat a browser with the word "Internet" in its name - a browser that seemingly can't be beat no matter how hard we try - than the Internet Company itself making a browser?
Unfortunately, we're not cool enough to run on your OS yet. We really wish we had a version of Photosynth that worked cross platform, but for now it only runs on Windows.
Why I can’t put Tibet in my Hotmail address. Apparently it’s because “TIB” is name of a bank in Florida, and Microsoft are trying to prevent phishers from creating e-mail addresses that include the names of financial institutions.
IE8 Security Part IV: The XSS Filter (via) IE8 will include an XSS filter to identify and neutralise “reflected” XSS attacks (where malicious code in a query string is rendered to the page), turned on by default. Sounds like a good idea to me, and site authors can disable it using Yet Another Custom HTTP header (X-XSS-Protection: 0).
Bill Gates has pulled off one of the greatest hacks in technology and business history, by turning Microsoft's success into a force for social responsibility. Imagine imposing a tax on every corporation in the developed world, collecting $100 per white-collar worker per year, and then directing one third of the proceeds to curing AIDS and malaria.
The point of “Open” in OpenID
TechCrunch report that Microsoft are accepting OpenID for their new HealthVault site, but with a catch: you can only use OpenIDs from two providers: Trustbearer (who offer two-factor authentication using a hardware token) and Verisign. "Whatever happened to the Open in OpenID?", asks TechCrunch’s Jason Kincaid.
[... 451 words]Velocity: A Distributed In-Memory Cache from Microsoft. I’d been wondering what Microsoft ecosystem developers were using in the absence of memcached. Is Velocity the first Windows platform implementation of this idea?
The Machine That Changed the World: The Paperback Computer. This third episode (the second has also been published) is awesome—Sketchpad (the first GUI), NLS, Xerox PARC, the Homebrew Computer Club, Apple and the Macintosh, Lotus 123, Microsoft, and Virtual Reality presented as the “future” of computing. Worth investing an hour to watch it.
CSS Compatibility and Internet Explorer (via) Official Microsoft guide to which CSS properties are supported by which versions of IE. This is the kind of documentation browser vendors should be providing as a matter of course.
IronPython, MS SQL, and PEP 249. How Dino Viehland got Django’s ORM to talk to the .NET database layer.
Django on IronPython. Dino Viehland demonstrated Django running on IronPython and SQL Server at PyCon.