Wow - more good news in the wake of the announcement that SilverLight was “born”.
On the SilverLight Live site you can get 4GB of hosting space for free – so if you want to try your hand in SilverLight head on over and start tapping those keys.
Cheers and happy coding!!!
Here’s some great news for the Perth MSFT Partners – the roadshow is here. 5 more sleeps and it’s rock and roll.
I’d suggest you hurry up and register if you haven’t already!!!
The Microsoft for Partner Roadshow Plus kicks off in Perth in just six days! If you haven’t already registered for one of the cities on the Roadshow tour, then make sure you register today.
A Microsoft for Partner Roadshow Premiere
For the very first time, Microsoft Australia is introducing interactive and instructor-led technical training sessions at the Microsoft for Partner Roadshow. So, in addition to the valuable business update and product roadmap information you will get at no charge, you can also choose to attend two of the very affordable technical training sessions.
For just $129 per person, you get six hours of hands-on lab training, delivered by Microsoft Technical Specialists. At this price, you can’t afford NOT to miss it!
Don’t forget: Partner Briefings in Hobart and Darwin
The Partner Briefing sessions have been designed exclusively for our Partners in Hobart and Darwin, and will provide the latest product updates, complimentary technical training, and the opportunity to chat with the Microsoft team and experts.
The Microsoft Australia Partner Team
Please note: The Microsoft for Partner Roadshow Plus Registration Web site takes credit card only, so make sure you have your credit card details handy.
Blocking Unwanted Parasites with a Hosts File
http://www.mvps.org/winhelp2002/hosts.zip (135 kb)
http://www.mvps.org/winhelp2002/hosts.txt (563 kb)
Note: the “text” version makes a good reference for determining possible
How To: Download and Extract the HOSTS file
HOSTS File – Frequently Asked Questions
Sign up for HOSTS file update notices
Visit the Hosts News blog
VoIP is scary, if you rememeber. Now, there’s something else that is scary: WWW, the World-Wide Web. And thanks to Tim O’Reilly and his invention of Web 2.0, it’s scarier than ever.
As in: there’s much more to FUD about. Here’s a perfect example: Web 2.0 Threats and Risks for Financial Services (by Shreeraj Shah). It’s full of dung, as pretty much any other FUD. But being targeted at the financial industry (people with your money) it excels at that. Let’s analyse:
The financial industry estimates that 95% of information exists in non-RSS formats and could become a key strategic advantage if it can be converted into RSS format.
RSS is just a way of delivering dynamic content (not quite a format), and not much of financial information really can use RSS. Market news (think of Reuters and Bloomberg services) and that is pretty much all. And the model is simple: authenticate and deliver content securely. RSS has no security implications here. And where the figure of 95% came from?
Ajax, Flash (RIA) and Web Services deployment is critical for Web 2.0 applications. Financial services are putting these technologies in place; most without adequate threat assessment exercises.
Of all corporations, financial industry is one of the most conservative. Every technology that is used undergoes rigorous assessment. And adequate (to the organisation’s risk management and regulatory requirements) security is one of the top priorities there. The process of the evaluation may not be the most efficient, but that’s a different issue – nothing to do with Web. Besides, Flash belongs more to entertainment industry: it’s neither critical nor required by financial institutions for business-critical applications.
AJAX doesn’t add any new dimension to the XSS attacks: both the attack techniques and the ways to prevent cross-site scripting haven’t changed.
One of the key elements of Web 2.0 application is its flexibility to talk with several data sources from a single application or page. This is a great feature but from a security perspective, it can be deadly.
And may be not. The decision to use multiple data sources is driven by functional requirements. And it can be well-secured.
Web 2.0 based financial applications use Ajax routines to do a lot of work on the client-side, such as client-side validation for data types, content-checking, date fields, etc. Normally client-side checks must be backed up by server-side checks as well. Most developers fail to do so; their reasoning being the assumption that validation is taken care of in Ajax routines.
At this point, an example is necessary. Abstract applications and developers aren’t good enough. In the past couple of years the developers actually have learnt server-side data validation and more often use it than not. And the risk is of stupid developer, not of AJAX – if anything, AJAX is raising the bar for developers.
Web Services are picking up in the financial services sector and are becoming part of trading and banking applications. Service-oriented architecture is a key component of Web 2.0 applications. WSDL (Web Services Definition Language) is an interface to Web services. This file provides sensitive information about technologies, exposed methods, invocation patterns, etc. that can aid in defining exploitation methods. Unnecessary functions or methods kept open can spell potential disaster for Web services. Web Services must follow WS-security standards to counter the threat of information leakage from the WSDL file. WSDL enumeration helps attacker to build an exploit. Web Services WSDL file access to unauthorized users can lead to private data access.
Mr. Shah seriously suggests that security though obscurity is essential. That’s rubbish.
A lot more analysis needs to be done before financial applications can be integrated with their core businesses using Web 2.0.
If we need analysis, that must be nothing like Mr. Shah’s.
Si eres como yo y no pudiste ir a Las Vegas y asistir a Mix puedes ve el Keynote de Ray Ozzie (Microsoft CSA) en: http://visitmix.com/Blogs/Joshua/ray-ozzie-and-scott-guthrie-keynote/
TambiĂ©n puedes ver toda la otra informaciĂłn relacionada a Mix en: www.VisitMix.com.
Snowjoy has released his First XNA Endeavour “XPong”, included in the post is the Binaries, Source, and Creators Package for the project.
In this project SnowJoy makes a complete game package, including menus, game states and different input functions (Game Pad, Keyboard and the WiiRemote). One of the features that I like is the Clock, when the system is on one of the menus the system will display the time in the background. It does this by having the hours as one sides score and the minutes as the other.
Well worth the Download.
Cross Post from www.virtualrealm.com.au
While checking those out, be sure to take a look at Bill’s post introducing Dillingham Field in Hawaii – simply stunning!
SimHQ, a site that covers the entire spectrum of simulation software from air, land, & seaÂ combat, and driving genres, is celebrating ten years of community service starting this week.Â One of their contributors, John "Spoons" Sponauer,Â has written a nice commentaryÂ called "Ten years of SimHQ"Â telling his perspective ofÂ thoseÂ ten years.Â He includes a couple of screens showing how the site has changed over time (and he mentions that the site is due for a redesign this year).
On each Monday from now until the end of the year, they willÂ present what they call SimHQ DejaNews.Â I’m sure it will bring back many memories of yesteryear in the world of simulation.Â This week, they talk about a review done on Jane’s F-15, MiG Alley previews, and news related to Rendition and VooDoo2 video cards – boy, those were the days!!Â Be sure to check it out before the day is over!
Was lange wĂ¤hrt, wird meistens gut…oder?
Seit heute (30.04.2007) sind die Microsoft Windows Server Update Services 3.0 nach langer Betaphase verfĂĽgbar. Erfreulicherweise stehen auf der Downloadseite sowohl eine 64-Bit- als auch eine 32-Bit-Version bereit. Ebenfalls stehen einige Whitepaper und HowTo’s zur VerfĂĽgung.
Bitte wie immer unbedingt vor der Installation in einer produktiven Umgebung Release Notes etc sorgfĂ¤ltig lesen und testen, testen, testen…
MVP ISA Server