Re: Advice to Microsoft (not mine - the IT press and developer blogosphere)
Well thats a loaded question to which I'd say objection your honour leading the witness and goes to state of mind .. Today if i were to reboot the web I'd be ok with a XML flavour like similar to HTML5/MXML (and in parts XAML). I'd also double down on ECMA4 or above (either one) and i'd ignore CSS existence all together as that's just an after thought hack of style properties anyway. --- Regards, Scott Barnes http://www.riagenic.com On Fri, Feb 14, 2014 at 10:59 AM, Williams, Thomas twilli...@phcn.vic.gov.au wrote: Hey Scott - I have to admit I'm not particularly imaginative - if you were building the internet from scratch, what do you think would be better than JavaScript? Does this product exist? Thomas *From:* ozdotnet-boun...@ozdotnet.com [mailto: ozdotnet-boun...@ozdotnet.com] *On Behalf Of *Scott Barnes *Sent:* Friday, 14 February 2014 11:42 AM *To:* ozDotNet *Subject:* Re: Advice to Microsoft (not mine - the IT press and developer blogosphere) David: I think the words your seeking are JavaScript Stockholm Syndrome .. I object strongly to a language who's surrounded by frameworks that are hell bent on abstracting developers from the said language as much as possible because the said language is so far behind the evolution curve. Had JS moved to ECMA4 - ECMA6 ..sure.. i'll play along but this JS ciricle jerk that's going on because everyone's given the defeatist attitude... bleh... And yes, I will concede I see my future with me standing on the roadside way WILL CODE JS FOR CRACK... --- Regards, Scott Barnes http://www.riagenic.com On Fri, Feb 14, 2014 at 9:23 AM, David Connors da...@connors.com wrote: On Fri, Feb 14, 2014 at 8:42 AM, Scott Barnes scott.bar...@gmail.com wrote: better, faster? O.o... did you just say JavaScript is better than WPF? . I said 'someone's 10kb of JS is better. JavaScript is just Internet assembly language. It's the frameworks that matter. I used to hate JS with a passion, but the momentum around it is undeniable and the things people accomplish with frameworks on top of it are staggering. David Connors da...@connors.com | M +61 417 189 363 Download my v-card: https://www.codify.com/cards/davidconnors Follow me on Twitter: https://www.twitter.com/davidconnors Connect with me on LinkedIn: http://au.linkedin.com/in/davidjohnconnors Peninsula Health - Metropolitan Health Service of the Year 2007 2009
Re: Advice to Microsoft (not mine - the IT press and developer blogosphere)
On Fri, Feb 14, 2014 at 1:38 PM, David Connors da...@connors.com wrote: On Fri, Feb 14, 2014 at 10:42 AM, Scott Barnes scott.bar...@gmail.comwrote: David: I think the words your seeking are JavaScript Stockholm Syndrome .. I object strongly to a language who's surrounded by frameworks that are hell bent on abstracting developers from the said language as much as possible because the said language is so far behind the evolution curve. Had JS moved to ECMA4 - ECMA6 ..sure.. i'll play along but this JS ciricle jerk that's going on because everyone's given the defeatist attitude... bleh... And yes, I will concede I see my future with me standing on the roadside way WILL CODE JS FOR CRACK... Frameworks like AngularJS aren't designed to abstract developers from the language. I'm sure the creators of AngularJS had every intention on solving variety of issues but I think it's a bi-product of the end result that the very nature of what it represents is an abstraction ontop of abstractions. For all its faults and however badly it started out, JS has been hardened in the market to fit a lot of use cases. In terms of the *outcomes* you can create with it and a modern browser, it is exceeding the capabilities of most other ways of getting apps in the hands of users. Not entirely true. You can get to certain level with BREADTH UX (which to be fair is weak Ux) but to get into a DEPTH engagement there is horror story after horry story of abandonment around why that isn't working or has yet to work. Point and case Facebook went all in and it backfired so they retreated back to Native. Pumping out crappy Wordpress like Admin UI or Twitter.com UI isn't what i would call our best foot forward in Ux.. especially when you see experiences like Flipboard or Paper highlighting just how much we've regressed back to DataGrid/TreeControls in terms of great UX. Like I say to anyone who wants to hear my soap box rants... HTML (Good Ux), Plugins (Great Ux) and Native/Destkop (Ultimate Ux) ... it has to do with the spectrum of depth vs breadth engagement and just because one can sneak in with the bare bones of Ux doesn't qualify it as the best story of the day. There are just far to many use cases where that is not true. It might not be as elegant as C# and WPF, but WPF is obscenely slow, platform bound ... and dead. Well Windows Vista - 7 rendering pipeline has always been slightly retarded and to be fair it really never got much love since Windows Vista but to say WPF is the root cause of that issue is not the point because in truth the dependency on that rendering pipeline would of hamstrung any solution that Microsoft threw up given it was some ass backwards retreat position after they had to pull out of the Windows Longhorn reset. The Windows 8 approach apparently has killed in terms of performance but because the team decided to rename variety of small things in the framework(s) (namespaces, xaml attributes etc) this in turn caused this stalemate between Adopt me or f***k off So if you were to imagine the current new bits in Windows 8 to be brought back down the version pipeline into the Windows 7 way of life, the naughty word that which is WPF could probably self-heal itself... or screw it, call it MetroPF for all I care just give me something to build depth experiences with that works on Windows, Surface and Phones.. and if it means a locked in existence to Microsoft whatever, I do that anyway with Apple so why not add one more to the mix. In all honesty most companies could really give two shits as to who they hitch their ride with when it comes to Ux Platforms because its such a dogma discussion anyway - not just that they just need to direct their workforce onto something to solve some actual needs... (especially my work... we use Lotus Notes still..you have no idea how easily we will unzip for the right solution). No user of your application gives a shit what the source code looks like, so long as it exceeds their expectations and provides values. Thems where the money is. Yeah its Attractive Bias... Ooh pretty, take my wallet but you do your best HTML UX and i'll raise you my DEPTH UX and we'll see who wins that wallet :) David.
Security scaremongering
Folks, one of our customers has an IT admin guy who is a Linux fan and runs a farm of Linux servers. He has the typical cultural anti-Microsoft bias that I'm sure we encounter now and then. Not normally a problem, but he's forwarding around scary emails warning of vulnerabilities in IE and Silverlight which could put our deployment at risk. I became suspicious when yesterday he said something like because IE is 'closer' to the operating system than other browsers, a flaw in IE makes Windows more vulnerable. This seems preposterous to me, and it's vague, but it pleases me to imagine that the User/Kernel mode boundaries between IE and Windows are no different than any other normal application. Anyway, in his email he links to these pages: http://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-19887/Microsoft-Silverlight.html http://cwonline.computerworld.com/t/8857906/669819191/656856/12/ I don't see anything particularly scary in these. It looks like a Silverlight app would have to be specifically crafted to be a threat (and I'm not intending to do that!). The other stuff about IE is just the usual stuff you see on quiet news days. Any comments anyone to help us slap this Linux guy down? *Greg K*
Re: Security scaremongering
Why so much hate? Haters are going to hate. I wouldn't bother, it would be like that cartoon about someone being wrong on the internet... On Feb 15, 2014 8:00 AM, Greg Keogh g...@mira.net wrote: Folks, one of our customers has an IT admin guy who is a Linux fan and runs a farm of Linux servers. He has the typical cultural anti-Microsoft bias that I'm sure we encounter now and then. Not normally a problem, but he's forwarding around scary emails warning of vulnerabilities in IE and Silverlight which could put our deployment at risk. I became suspicious when yesterday he said something like because IE is 'closer' to the operating system than other browsers, a flaw in IE makes Windows more vulnerable. This seems preposterous to me, and it's vague, but it pleases me to imagine that the User/Kernel mode boundaries between IE and Windows are no different than any other normal application. Anyway, in his email he links to these pages: http://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-19887/Microsoft-Silverlight.html http://cwonline.computerworld.com/t/8857906/669819191/656856/12/ I don't see anything particularly scary in these. It looks like a Silverlight app would have to be specifically crafted to be a threat (and I'm not intending to do that!). The other stuff about IE is just the usual stuff you see on quiet news days. Any comments anyone to help us slap this Linux guy down? *Greg K*
Re: Security scaremongering
I don't see the correlation between IE and Silverlight here - sure the browser has some exploits that *POTENTIALLY* are available but to throw Silverlight out is to throw Java, Flash, Quicktime etc also out. Focus on the role not the person is your first approach, if this person is trying to build their Security Empire and using anti-Microsoft bias as a way to fuel the flames, ask questions about the role, interrogate their actual position boundaries to determine if its a person with accountability authority or just some loud mouth (like me) shooting shit from the sidelines? Next is risk assessment, ok so there's a flaw in the system. There are 1000's of flaws in every corporations systems (even Microsofts) now comes back to Consequences vs Likelihood of that actually being a risk. It's all well and good to argue If 1x genius finds this flaw and triggers it, well its Zombieland for mankind... but what's the consequences really of that activity from happening and lastly how likely is it from actually happening. If you're tucked snugly inside a DMZ it comes back to now What's the likelihood of an employee exploiting this hole to add further pain to other employees? because once a corporations firewall gets penetrated... IE flaws become 1 of 1000+ problems that company will face (not saying it should be patched, just ...i dunno...reality check that shit). It reminds me of the virus scanner debates where Security Essentials got a low rating because it didn't track something like 100+ virus signatures... and Microsoft Security came back and said something like Yeah but nobody has seen those virus's since the 90's and even today the likelihood of them working is still low ..basically they apparently (dont quote me on this) outlined the risk matrix and told these other jackasses to calm down but in their own polite manner. I'm pretty confident Silverlight is secure to the point where during its creation there was a lot of effort that went into making sure there was 0 security issues known, because ultimately during that period had one existed we'd have been crucified and Adobe would have seized that as a moment to choke us PR wise. I can't say for sure exactly how secure Silverlight is but I do remember Program Managers saying with high confidence I'd like to see them try.. Just tell the dude fine you win, we'll use Chrome. so back to Silverlight..where's the data champ... :) as personally I think IE should have been taken out to the woodshed long ago...so idiots like these don't get to use the branding cancer against its ACTUAL technical rehabilitation ... --- Regards, Scott Barnes http://www.riagenic.com On Sat, Feb 15, 2014 at 10:57 AM, Stephen Price step...@perthprojects.comwrote: Why so much hate? Haters are going to hate. I wouldn't bother, it would be like that cartoon about someone being wrong on the internet... On Feb 15, 2014 8:00 AM, Greg Keogh g...@mira.net wrote: Folks, one of our customers has an IT admin guy who is a Linux fan and runs a farm of Linux servers. He has the typical cultural anti-Microsoft bias that I'm sure we encounter now and then. Not normally a problem, but he's forwarding around scary emails warning of vulnerabilities in IE and Silverlight which could put our deployment at risk. I became suspicious when yesterday he said something like because IE is 'closer' to the operating system than other browsers, a flaw in IE makes Windows more vulnerable. This seems preposterous to me, and it's vague, but it pleases me to imagine that the User/Kernel mode boundaries between IE and Windows are no different than any other normal application. Anyway, in his email he links to these pages: http://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-19887/Microsoft-Silverlight.html http://cwonline.computerworld.com/t/8857906/669819191/656856/12/ I don't see anything particularly scary in these. It looks like a Silverlight app would have to be specifically crafted to be a threat (and I'm not intending to do that!). The other stuff about IE is just the usual stuff you see on quiet news days. Any comments anyone to help us slap this Linux guy down? *Greg K*
Re: Security scaremongering
On Sat, Feb 15, 2014 at 10:59 AM, Greg Keogh g...@mira.net wrote: Folks, one of our customers has an IT admin guy who is a Linux fan and runs a farm of Linux servers. He has the typical cultural anti-Microsoft bias that I'm sure we encounter now and then. Not normally a problem, but he's forwarding around scary emails warning of vulnerabilities in IE and Silverlight which could put our deployment at risk. I became suspicious when yesterday he said something like because IE is 'closer' to the operating system than other browsers, a flaw in IE makes Windows more vulnerable. Inasmuch as you cannot remove it in lieu of another browser? Well, in terms of attack surface, that increases Windows because you can't remove it, but MS are doing a much better job of managing this these days. This seems preposterous to me, and it's vague, but it pleases me to imagine that the User/Kernel mode boundaries between IE and Windows are no different than any other normal application. Anyway, in his email he links to these pages: http://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-19887/Microsoft-Silverlight.html http://cwonline.computerworld.com/t/8857906/669819191/656856/12/ I don't see anything particularly scary in these. It looks like a Silverlight app would have to be specifically crafted to be a threat (and I'm not intending to do that!). The other stuff about IE is just the usual stuff you see on quiet news days. That's standard threat assessment, isn't it? (doesn't mean you would, means you could, I mean) Any comments anyone to help us slap this Linux guy down? Yeah, I'd question why he's doing this. IOW, motive. *Greg K* -- Meski http://courteous.ly/aAOZcv Going to Starbucks for coffee is like going to prison for sex. Sure, you'll get it, but it's going to be rough - Adam Hills