Monthly Archives: July 2012

.net, cloud computing, microsoft, professional, software development

Microsoft opens up Office 365 and Azure single sign-on for developers

Remember Passport and Hailstorm? Well here it comes again, kind-of, but in corporate-friendly form. It is called Windows Azure Active Directory, and is currently in Developer Preview:

Windows Azure AD provides software developers with a user centric cloud service for storing and managing user identities, coupled with a world class, secure & standards based authorization and authentication system. With support for .Net, Java, & PHP it can be used on all the major devices and platforms software developers use today.

The clearest explanation I can find is in John Shewchuk’s post on Reimagining Active Directory for the Social Enterprise. He makes the point that every Office 365 user is signing on to Microsoft’s cloud-hosted Active Directory. And here is the big deal:

The Windows Azure Active Directory SSO capability can be used by any application, from Microsoft or a third party running on any technology base. So if a user is signed in to one application and moves to another, the user doesn’t have to sign in again.

Organisations with on-premise Active Directory can use federation and synchronisation (Shewchuk fudges the distinction) so that you can get a single point of management as well as single sign-on between cloud and internal network.

Is this really new? I posted about Single sign-on from Active Directory to Windows Azure back in December 2010, and in fact I even got this working using my own on-premise AD to sign into an Azure app.

It seems though that Microsoft is working on both simplifying the programming, and adding integration with social networks. Here is where it gets to sound even more Hailstorm-like:

… we will look at enhancements to Windows Azure Active Directory and the programming model that enable developers to more easily create applications that work with consumer-oriented identities, integrate with social networks, and incorporate information in the directory into new application experiences.

Hailstorm failed because few trusted Microsoft to be the identity provider for the Internet. It is curious though: I am not sure that Facebook or Google are more well-trusted today, yet they are both used as identity providers by many third parties, especially Facebook. Spotify, for example, requires Facebook sign-in to create an account (an ugly feature).

Perhaps the key lesson is this. Once people are already hooked into a service, it is relatively easy to get them to extend it to third-parties. It is harder to get people to sign up for an all-encompassing internet identity service from scratch.

This is why Azure Active Directory will work where Hailstorm failed, though within a more limited context since nobody expects Microsoft to dominate today in the way it might have done back in 2001.

microsoft, sharepoint

SharePoint security update stops SharePoint working

2 Comments

This morning I noticed that my test SharePoint 2010 installation was not working. Browsing to the site got me HTTP Error 503. The service is unavailable.

The problem seems to be related to the update KB2553365 which I noticed had been installed last night, following an initial failure.

image

Note this point in the description of the update:

After you install this security update on all SharePoint servers, you will have to run the PSconfig tool to complete the installation. For more information about how to use the PSconfig tool, visit the following TechNet webpage:

PSconfig command-line reference (SharePoint Foundation 2010)

In other words, if your server is set up update automatically, this update breaks SharePoint until you manually run the PSconfig utility which applies SharePoint updates.

Further, there is no automatic notification of this requirement. You have to figure it out.

SharePoint administrators know about PSconfig, but companies with Small Business Server or other small-scale environments are not always familiar with the problem.

Worse still, in my case PSconfig has not fixed it. I am restoring last night’s backup.

microsoft, professional, security, software development, windows

Macro virus reborn: ACAD/Medre.A steals drawings using AutoCAD AutoLISP

Remember the Concept virus? Someone wondered if you could make a self-replicating virus with a Microsoft Word macro. It worked; and the proof of concept soon became a real virus causing the usual mayhem and spoiling our clever VBA templates.

Microsoft locked down Office macros fairly effectively; but the idea lived on and has re-emerged as an AutoCAD virus which runs automatically when a drawing is opened. It is not quite the same, as in AutoCAD the code has to be in an external .lsp file, but you can have code in the S::STARTUP function run when a document loads, as explained in the documentation here. The malware relies on the fact that when drawings are emailed, users often archive an entire folder rather than sending a single file. This is how the virus spreads.

Most of the actual malicious code is not in AutoLISP, but in the more familiar form of VBScript files to which the code calls out. The malware then emails AutoCAD drawings to addresses in China – a rather crude mechanism for stealing data, but apparently somewhat effective since on investigation the target mailboxes were found overflowing with messages.

The threat is serious though. Much intellectual property and many future product plans are contained in AutoCAD drawings.

Security vendor ESET’s white paper [PDF] describes the attack in detail.

According to ESET, the combined efforts of Autodesk, Chinese ISP Tencent, and the Chinese National Computer Virus Emergency Response Center have contained the virus for now. There is also a free clean-up utility here: http://download.eset.com/special/EACADMedreCleaner.exe.

professional, software development, visual studio, web authoring, windows

Telerik releases Kendo UI components for ASP.NET MVC

Component vendor Telerik has released an updated version of Kendo UI, its HTML5 framework. This is the first non-beta release with support for ASP.NET MVC server wrappers, with components including Grid, ListView, calendar and date controls, tree view, menu, editor and more. Kendo UI supports the MVVM (Model View ViewModel) pattern popular with Microsoft developers.

image

 

Telerik seems to be treading a careful path, maintaining its strong links to the .NET developer community while also creating a framework that can be used on other platforms.

I spoke to Todd Anglin, VP of HTML5 tools. Why the support for ASP.NET MVC – is Telerik seeing this becoming more popular than Web Forms, the older ASP.NET approach to web applications?

“Something in the range of 70% of ASP.NET developers are on web forms. We do see a bit of a trend that as they start new projects, developers are adopting ASP.NET MVC and HTML5, which is where it makes sense to use Kendo UI,” he told me.

The main reason though is that Kendo UI is less suitable for Web Forms, where more of the client-side code is generated by the framework. “Web Forms are a very high level abstraction,” said Anglin. “With MVC developers are a little closer to the metal.”

That said, he is not ruling out a Web Form wrapper for Kendo UI long-term.

Anglin says Kendo UI’s use of JQuery is a distinctive feature.  “Over the last few years JQuery has clearly risen above the pack to be the most common core Javascript library and the one most developers are familiar with. Unlike most commercial libraries out there Kendo UI chooses the JQuery core as the starting point and builds on that, so developers that adopt Kendo UI have a smoother on-ramp.”

Kendo UI supports both mobile and desktop web applications, but with different controls. “We believe that developers should offer experiences that are tailored to each device class, which is why you have Kendo UI web for keyboard and mouse, and Kendo UI mobile with a mobile-specific interface. We share code behind that, like the data source, between web and mobile, but we don’t think the interface on a mobile device should be the same as you show on a desktop browser,” said Anglin.

What about the tools side? Although Anglin says “We want to be agnostic on tools”, there is particularly good support for Visual Studion. “Kendo UI integrates with anything that supports HTML and JavaScript well, which includes the latest version of Visual Studio. We are delivering full vsdoc support for Visual Studio so that developers in that environment get Intellisense for JavaScript. But if you’re on a Mac you can use other tools,” he told me.

More interesting is a forthcoming cloud IDE. “We’ve just revealed a new tool called Icenium which is a cloud-based development environment for creating apps in HTML and JavaScript. It’s an incredible environment for building apps with Kendo UI.”

How about HTML5 apps that target the Windows Runtime (Metro) in Windows 8 – will Kendo UI work there? Apparently not:

“It’s certainly something we’ve paid attention to. Telerik’s primary position for Windows 8 runtime and Windows 8 development is with the traditional .NET targeted tools. Our RAD tools later this year will focus on introducing XAML and HTML tools for Windows Runtime. The HTML tools that we introduce will have a shared engineering core with Kendo UI, but we’ll make a tool that is specifically targeted at that runtime.

“Kendo UI is really focused on the cross-platform, cross-browser experience. You write once, at a core code level, and then use all the runtimes out there for HTML and JavaScript. Whereas Windows Runtime is leveraging familiar technology in HTML and JavaScript, but when you write a Windows Runtime app you are writing Windows software. It’s very platform-specific.”

professional, software development, visual studio

The Development Game: Achievements in Visual Studio 2012

Microsoft has created an Achievements extension for Visual Studio 2012. Borrowing from achievements in games such as those on Xbox 360, and perhaps also inspired by the Office Ribbon Hero,  Visual Studio Achievements lets you earn awards for completing certain tasks, and share them on Facebook and Twitter. You can download Visual Studio Achievements from the Extension Gallery within the IDE.

image

Once installed, you will see a notification each time an achievement is unlocked.

image

You can also check your progress via the Achievements option in the Tools menu, though mine seems slow to update.

image

It sounds a terrible idea, though there are some entertaining ones. Here are a few I like:

Job Security (0 points)

Write 20 single letter class level variables in one file. Kudos to you for being cryptic! Uses FxCop

and

Regional Manager (7 points)

Add 10 regions to a class. Your code is so readable, if I only didn’t have to keep collapsing and expanding!

and

Interrupting Cow (5 points)

Have 10 breakpoints in a file.Where’s that bug? Could here, could be there, could be anywhere!

and

Architect (5 points)

Add 10 items to a sequence diagram. You’re not just a developer; you’re an architect!

You get the idea.

Microsoft is using this to do some not-so-subtle promotion, with plenty of Windows Azure achievements, though it seems to short on Windows 8 badges as yet.

Unfortunately Visual Studio crashed shortly after I installed this extension and I am suspicious.

All pretty silly; yet I like the idea of friendly notifications when you breach some coding guideline.

amazon, cloud computing, development, software development, sql

Microsoft SQL Azure versus SQL Server on Amazon AWS

Amazon RDS for Microsoft SQL Server offers cloud instances of SQL Server. Amazon’s offering even supports “License Mobility”, Microsoft jargon that lets volume licensing customers use an existing SQL Server license for an Amazon’s instance. But how does Amazon’s cloud SQL Server compare with Microsoft’s own offering, SQL Database running on Azure?

Peter Marriott has posted on the subject here (registration required). The key point: despite the obvious similarity (both are SQL Server), these two offerings are radically different. Amazon’s RDS SQL is more IaaS (infrastructure as a service) than PaaS (platform as a service). You choose an edition of SQL Server and rent one or more instances. The advantage is that you get full SQL Server, just like the on-premise editions but hosted by Amazon.

Microsoft’s Azure-hosted SQL on the other hand is more abstracted. You do not rent a SQL Server instance; you rent a database. Under the covers Microsoft provides multiple redundant copies of the data, and if traffic increases, it should scale automatically, though the database size is limited to 150GB. The downside is that not all features of SQL Server are available, as I discovered when migrating data.

Marriott adds that SQL Azure supports encrypted connections and has a more usable administration interface.

A further twist: you can also install SQL Server on an Azure Virtual Machine, which would get you something more like the Amazon approach though I suspect the cost will work out higher.

delphi, development, embarcadero, software development, windows

DevExpress offering Metro-inspired Tile control for Delphi VCL, plans to drop support for Delphi 7

4 Comments

DevExpress has released an update to its VCL component suite, version 12.1, which includes a Metro-inspired tile control. That is, it looks like a Windows 8  Metro-style application, but in reality it runs as a desktop application. The VCL components support Embarcardero’s Delphi and C++ Builder, but not the FireMonkey library that runs cross-platform.

image

The new release also adds a “Server Mode” for  the ExpressQuantumGrid grid control, which retrieves only those rows needed to populate the current view.

DevExpress CTO Julian Bucknall has posted about the update. He says it is time to drop support for Delphi 7 (though this is supported in 12.1):

12.1 will be the last version to support Delphi and C++Builder 2010. I will sound a further note of caution: it’s likely that in 2013 we shall drop support for Delphi 7 and Delphi 2007 (what you might call the “ASCII IDEs”), so that we can concentrate on the latest run-times and environments.

Delphi 7 is significant because it was the last version to use its own dedicated IDE built with Delphi itself, and by today’s standards is delightfully small and fast.

Bucknall has reservations about Embarcadero’s move to Clang and LVVM for 64-bit C++ Builder and eventually for the other languages too:

I’m going to say we shall treat it with kid gloves. Re-engineering a compiler so fundamentally says “breaking changes” to me, especially given the necessary extensions that are present in the current C++Builder to interface with Delphi. So, fair warning: if the changes are too severe, we shall not support 64-bit C++Builder in 12.2. It took us long enough to support 64-bit Delphi across our entire product line, and this year we don’t have the resources. That doesn’t mean we won’t ever do this (after all, Embarcadero are saying that they’ll switch completely to Clang/LVVM at some point), just that we won’t this year.

Returning to the Tile Control: it will be fascinating to see if this sort of approach, mimicking Metro with a desktop app, becomes popular. Microsoft is promising some of the same with Office 15, though we have not seen much of this officially yet. The advantage is that you can make desktop apps just as touch-friendly as Metro apps. The disadvantage is that you do not get Windows Store support, Contracts, app isolation, or other benefits of the Windows Runtime which underlies the Metro side. Users may be confused.

I doubt Microsoft will mind though. It all helps to promote the Metro style which is the distinctive feature of Windows 8.

apple, cloud computing, laptops, mobile, smartphones, tablets

Tablets, laptops, smartphones: which form factors will win?

1 Comment

There have been several thoughtful pieces recently on device form factors and what you can and cannot easily do with tablets versus laptops versus smartphones.

Richard Gaywood says the iPad (it’s an Apple site) is “heavily skewed towards, but not entirely about, consumption” rather than creation. His observation is based partly on app statistics, partly on the lack of a keyboard (if you add a Bluetooth keyboard, he argues, an iPad becomes as bulky as a laptop), and partly on weak multitasking and the lack of an accessible file system.

Tim Bray currently carries a laptop, a small tablet (a Nexus 7 I guess) and a phone. He does not seem to be considering abandoning the laptop, but suggests that he might be able to manage without a phone:

I spent several months back in 2010-11 carrying around the original Samsung Galaxy Tab, which may have only been Gingerbread, but included a first-rate phone, and my handset rarely left my pocket.

John Gruber writes at unusual length about why Apple might or might not do a smaller iPad.

On the eve of the Windows 8 launch this is an interesting discussion. Windows 8 will renew the debate: is a tablet all I need, at least when travelling? And where will Google’s 7” Nexus fit in? I foresee this selling well simply because it is great value, but will it be packed in the flight case alongside a laptop and a phone, or left at home, or could it even replace laptops and bigger tablets?

We in the the great unknown; but I will make a few predictions.

First, laptops and indeed desktop applications (that is, not apps) are in permanent decline. That does not mean they will disappear soon, just that they will be used less and less.

The implication is that tablets will be used for content creation as well as consumption, and for work as well as for play. Will developers and designers still want huge multi-display setups? Yes, of course; but most people will get most of their work done with tablets.

Second, that unadorned tablets will win over complicated solutions like laptops with twisty screens (the old Tablet PC concept), styluses, transformers, and the like. My guess is that we will see lots of clever and expensive Windows 8 x86 devices that will only achieve niche sales. The ones that succeed will be the slates, and the traditional laptops.

Third, there may be merit in the keyboard case concept, particularly when the keyboard is very thin, as in Microsoft’s Surface with Touch Cover. On the other hand, keyboard cases that make tablets into laptops, like one I tried for the iPad, also tend to give tablets the same disadvantages as laptops: clam shell design, difficult to use without a desk, and so on. I have found that I prefer a loose keyboard in my bag. It does not take much space, and does not get in the way when not needed.

What about mid-sized devices like the Nexus? I am not convinced. They are too small for all your work, and too big to be phones. The large-size Smartphones like Samsung’s 5.2-inch Galaxy Note sort-of work: they sell to people who do not mind having a large phone. But most of us will end up with two devices in constant use, a phone and a tablet. In the office or study, add a large screen and keyboard to taste.

design, development, software development, web authoring

Book Review: Smashing UX Design (a great read for developers too)

3 Comments

That the abbreviation UX can appear in a book title without expansion says a lot about the extent to which user-focused design is now embedded in the web development industry. The theory behind it is that User Experience is primary when designing a web site. The word "experience" suggests that this is not just about usability, or attractiveness, or performance, or enjoyment, but rather about all those things and how they combine when the end user is navigating your site.

image

This book is for professional designers who want techniques for putting UX design into practice. The authors, Jesmond Allen and James Chudley, work for UX consultancy Cxpartners, based in Bristol in the UK, and the book is written from their perspective, including tips on how to work with your clients. That said, this is an excellent read even if you do not fall into that niche, thanks to the expertise and professionalism which informs the content.

There is a note right at the start of the book about the interaction between development and design teams which seems to me of key importance:

In order to produce designs that development teams can utilize, it is helpful for UXers to understand the development process they will be using. As external consultants, we do not always have the opportunity to work with development teams on a daily basis as they create a functional product from our designs, although we always strive to make ourselves available to developers as they work. Internal UX staff will likely have a much closer relationship with their development teams.

Some developers may see UX activities as troublesome big design up front. However, UX activities contribute to requirements gathering and backlog prioritization activities. These activities typically take place long before development sprints begin.

In order to produce robust products, it is important that UX research and design activities take place throughout the design and build cycle, whether it is product managers, UXers, or developers who perform the activities.

The emphasis is mine. A bad scenario, for example, runs like this. The project is initiated and handed to a design team, who come back with good-looking sketches and mock-ups. The developers then implement the design, but discover that it does not quite work as-is, maybe because the designers did not appreciate every nuance of the workflow, or because of evolving new requirements, or performance problems, or any number of other issues.

At this point the developers may endeavour to match the not-quite-working design as closely as possible, blaming shortcomings on the “bad design”. Or they may adapt the design to work better technically, potentially wrecking the design concept and delivering something which users will perceive as odd. This scenario is more likely to occur when budgets are particularly constrained and the design team external.

Note that Agile methodology has always emphasized that the team is the whole team – stakeholders, developers, designers, users, everyone – so it makes sense to keep designers involved right through the process. Put another way, do not allocate a design budget and spend it all up-front, before development begins.

It all comes down to communication, respect and understanding between team members, which is why this book is one that developers as well as designers should read.

Be clear: this is not a book about technology, so look elsewhere (perhaps to one of the other Smashing titles) if you want help with making beautiful web pages using CSS, or a how-to guide for building web sites. Smashing UX Design is about the process rather than the outcome, though there are plenty of practical tips along the way.

The book is in four parts. Part one is a general introduction to the concepts behind UX design and planning UX projects. Part two covers tools and techniques for UX research and evaluation, such as running requirements workshops, usability tests, surveys, analytics, and expert reviews.

The third part is about tools and techniques for UX design. If you are wondering what an Ideation Workshop is, you will find out how to run one here. Another technique described is how to create a "user persona", a fictional user who represents a category of users. There is also a discussion of wireframes, sketches and prototypes.

Finally, the fourth part looks in more detail at UX design for specific site pages, including the home page, search, product pages, shopping carts, images and tables. This is the section of most general interest, being full of practical suggestions and thought-provoking comments on what makes web pages work well for the user.

There is a too-brief chapter on mobile UX and this is a weakness of the book: not much on how tablets and smartphones are impacting UX design.

If you run or plan to run a web design business, then the book is perfect. It is also a great read for professional web developers. Individuals who are doing their own web design, or just want to understand it better, will find good content here but also a rather jargon-heavy style and probably more information than they need about working with clients and running workshops of various kinds.

 

microsoft, professional, windows

Microsoft announces launch dates for Windows 8: software will be done early August

Microsoft’s Tami Reller has announced the launch dates for Windows 8, the company’s controversial new operating system which combines the familiar desktop with a new touch-based user interface and associated runtime. She was speaking at the Worldwide Partner Conference under way in Toronto.

image

The team is on track to complete the software in early August, a milestone known as RTM (Release to Manufacturing).

This means that the final version of Windows 8 will be available for download by developers and enterprises from August – just a couple of months from now.

PCs and tablets preloaded with Windows 8 will be in the shops from late October.

The appearance of Windows 8 hardware is more significant this time round than is usually the case. One reason is that most PCs currently on sale do not have touch screens; and even those that do will lack the range of sensors expected in Windows 8 tablets.

Even more significant is that the ARM build of Windows 8, called Windows RT, is only available with new hardware. This means it will not be generally available at all until the hardware appears in October.