The Rational Edge E-zine has a good article on Web Services titled Web Services: The Same, Only Different. Essentially what this article discusses is that whether Web Services change everything or that web services are just another piece of software and normal software development practices and tools apply to these. The article comes up with few notes at the end all of which I find very relevant.

For the most part, developing Web services applications is the same as
developing any other type of software application.

There are, however, two important differences:

Service-oriented architectures are loosely coupled.

Web services development relies on HTTP and TCP/IP networking.

These differences enhance the importance of:

Designing Web services that fit into an overall service architecture.

Optimizing component and application design specifically for Web
services technologies -- especially to compensate for the slow and
unreliable nature of HTTP and TCP/IP networks.

Utilizing lifecycle software management tools and best practices that
enforce architectural control.

Continuous regression testing for service producers and consumers,
both of whom risk serious consequences if a Web service fails.

This is a really really cool tool. Off late We've been doing stuff which always required looking at the HTTP headers and we employed a number of ways to do that. ieHTTPHeaders leave everybody behind.

ieHTTPHeaders is an explorer bar for Internet Explorer that will show you the HTTP Headers IE are sending and receiving.

Best part is that it is employed as an explorer bar in IE and second it color codes request and response headers. While there do check out the other tools. All very useful especially COMTrace.

Here's a great utility for no-touch deployment by Rocky Lhotka.

This program can be installed on a client workstation, along with the .NET runtime, and can then be used to launch .NET programs from a URL. The .NET program will be automatically downloaded into a cache on the client machine and will run from there. Any dependant DLLs will also be automatically downloaded to the client machine. The program and DLLs will also automatically update when new versions are placed on the server.

The source for this information, Rocky himself. He was the speaker yesterday for the monthly .Net Developers group meeting at Columbus. He spoke on architecture choices and best practices for putting the .Net Framework to work. It was a nice talk and we actually understood Remoting and Web Services concepts and when to use which. Cool.

In his latest executive e-mail, Bill Gates talks of the continuously evolving Security challenges and outlines the steps Microsoft has taken over the last year to address these challenges.

In the past year we have created new product-design methodologies, coding practices, test procedures, security-incident handling and product-support processes that meet the objectives of this security framework: Secure by Design...Secure by Default...Secure in Deployment...Communications

And he needs some help from the customers on three things,

1) stay up to date on patches, 2) use anti-virus software and keep it up to date with the latest signatures, and 3) use firewalls.

JD Lasica writes about RSS Feeds and News aggregators in this OJR column. Another cool thing he did is that he has published the complete transcripts of the interviews he had to collect views and opinions of people using RSS and aggregators. Your's truly was one of them. Read my interview on this page and others here. Writes Dave Winer about this:

JD does something extremely cool, on his weblog he provides full transcripts of the interviews he did for the piece. Much more interesting. Very nice. Someday all reporters will do this. Hey maybe they'll skip writing the polished piece, esp when the article isn't appearing in print.

I agree. This is the way online journalism will shape in the near feature.

Informationweek has a story of a company called NetDive which allows you to download software a la Priceline.com and then allows you to determine the software's value before making an offer.

The Priceline.com approach has come to business software. NetDive Inc., which makes software for messaging, collaboration, and real-time customer service, has launched a name-the-price feature on its Web site. Customers can download test versions to determine the software's value before making an offer. A desperate move for hard times? The strategy acknowledges that a piece of software may provide different value at different companies, so pricing flexibility is key to attracting cost-conscious customers, CEO Dean Ansari says. Plus, it caters to human nature. Says Ansari, "If people could haggle about everything, they would."

A new website, Always On by Tony Perkins, editor-in-chief of Red Herring Magazine.

AlwaysOn (AO) is a media company dedicated to serving the global community of executives, entrepreneurs, investors, academics, and government officials who are helping to create and shape the Always On world. The AO founding premise is that most of the innovation associated with the global digital network developing on the Internet is still largely ahead of us.

Just checked the Founding Partners and saw a company by the name of Devi Yoga. What's that doing here?

Blue Fly in a urinal. A very clever UI design !!!

But this innocuous little fly just invites being peed upon, if such a thing makes any sense, but in a non-insistent, gentle, and entirely effective way. If you're the user interface specialist Donald Norman, I suppose you'd say the fly affords being peed on.

Matt Jones has provided a PDF document titled The Glass Wall which details the design process and thoughts behind the BBC home page. It's a very interesting document. I encourage you to read it even if you are half a web designer/architect.

New essay by Joel Spolsky:

When Apple releases a new product, they tend to surprise the heck out of people, even the devoted Apple-watchers who have spent the last few months riffling through garbage dumpsters at One Infinite Loop.

Microsoft, on the other hand, can't stop talking about products that are mere glimmers in someone's eye. Testers outside the company were using .NET for years before it finally shipped.

So, which is right? Should you talk endlessly about your products under development, in hopes of building buzz, or should you hold off until you've got something ready to go?

Some days back Dave Winer blogged about SMBBeta initiative. SMBmeta Initiative, which stands for small and medium-sized business metadata, is an open, distributed way for small and medium-sized businesses (with a web presence) to communicate information such as the physical location of the business and the area it serves, as well at the type of business, the working hours etc to search engines and other services. SMBmeta works using an XML file named smbmeta.xml:

The smbmeta.xml file is an XML file stored at the top level of a domain that contains machine readable information about the business the web site is connected to. It is an open, distributed way for small and medium businesses to communicate information such as the physical location of the business and the area it serves, as well at the type of business, to search engines and other services. Hopefully, it will open up innovation that will result in a wide variety of new services that will benefit the SMBs and their customers.

In my opinion, This is very much like meta tags that you place in the head section of your html file. So what's the big deal. Meta tags (for e.g. keywords meta tag) are used to make your site favourite of search engines and this lead to a widespread abuse of meta tags. As far as I know Google no longer gives importance to meta tags because of this abuse. So how will we make sure that people are not abusing this XML file by entering all kinds of keywords. Any thoughts? I had thought that it was limited to just US SMB's but apparently it's not.

The Open Web Application Security Project (OWASP), an Open Source community project has released the top ten vulnerabilities in web applications. The top ten vulnerabilities that makes the cut are:

Unvalidated Parameters
Broken Access Control
Broken Account and Session Management\
Cross-Site Scripting (XSS) Flaws
Buffer Overflows
Command Injection Flaws
Error Handling Problems
Insecure Use of Cryptography
Remote Administration Flaws
Web and Application Server Misconfiguration

You can read the complete report in this PDF document. I don't think this is the complete list but yes even if we follow this, we can make our applications much much secure.

I just stumbled upon this great site containing encyclopedias of astronomy, scientific biography, chemistry, and physics. Especially check the Mathworld. Cool.

At 2003 International Consumer Electronics Show (CES), Microsoft released SPOT based wrist watches. From the Microsoft SPOT website:

Smart Personal Objects Technology devices are built on a brand new computing platform incubated in Microsoft Research (MSR). Microsoft worked with National Semiconductor to develop a chipset, which consists of an application chip and a tiny radio frequency receiver. The platform has been optimized for low power draw, miniaturization and low cost. To provide connectivity to SPOT devices, Microsoft created DirectBand, a set of radio technologies that enables the transmission of Web-based information to smart objects. DirectBand includes the custom radio receiver chip, a nationwide wide-area network based on FM subcarrier technology and new radio protocols created specifically to meet the unique communication requirements of smart objects.

Content such as news, weather and sports information is broadcast to smart devices as wireless "channels." Subscribers can customize the channels and the information within each channel so they see only the information that is important and relevant to them. They establish their preferences by interacting with a simple SPOT device Web site from their PC. A personalized Web site makes the care and nurturing of multiple smart devices easy and convenient.

But will these devices work outside of US. From what I've read so far, only Japan features as another country where these devices will work. I am really eager to know whether these will work in India, since the chips that goes in these devices were designed at the National's design centre in Bangalore.

Wired.com has a piece today on Hotmail being vulnerable to Spammers attacks and that they are not doing anything to avert this. I disagree. Over the last couple of months there has been a drastic reduction in the number of spam mails on Hotmail. Infact I get more spam in my yahoo email than hotmail today.

Clay Shirky compares the offering by Telephone companies to ZapMail, a fax service offered by FedEx in 1984(Two years and billion dollars later this service vanished). FedEx failed to understand that Fax was a product and not a service and that it's competition were it's own customers and not DHL/UPS.

FedEx misunderstood who its competition was. Seeing itself in the delivery business, it thought it had only UPS and DHL to worry about. What FedEx didn't see was that its customers were its competition. ZapMail offered two hour delivery for slightly reduced prices, charged each time a message was sent. A business with a fax machine, on the other hand, could send and receive an unlimited number of messages almost instantaneously and at little cost, for a one-time hardware fee of a few hundred dollars.

Telephone companies are making the same mistake with Wifi and VoIP. He writes:

If the economics of internet connectivity lets the user rather than the network operator capture the residual value of the network, the economics likewise suggest that the user should be the builder and owner of the network infrastructure.

So many applications being built around RSS. Greg Reinacker has come up with Outlook News Aggregator. This requires Outlook 2002 (Outlook XP) and uses parts of Aggie (open source). This is cool. Eventually it will take away one more application from my desktop (Currently I have NewzCrawler running for most part of the day). Scripting News points to few more aggregators based on .Net.

Here's the Fortune Magazine's list of 100 best companies to work for(in US??). There are so many fairly unknown companies which make up this list. Edward Jones tops the list, one of the reasons being that 25% employees have stake in the company. Now I wonder How many non-stakeholder employees were sent the Questionairres...:)

This question comes up on almost every ASP.NET list every now and then. This article shows one of the several ways of authentication, Forms based Authentication. 15 Seconds has another good Forms based authentication article.

Pitsburgh Steelers spoiled what would have been a perfect weekend for us sitting in front of the TV. They rallied from a 17 point deficit to defeat Cleveland Browns 36-33. Three touchdown passes in the last 19 minutes, awesome. We kept believing final 54 secs of the game will bring some of the last minute Browns magic back again but no, not this time. In another game, San Fransisco 49ers came back from a 24 point deficit to beat NY Giants 39-38. What a game that was? One word, Intense. Weekend got a great start with Ohio State Buckeyes getting a win over Miami Hurricanes 31-34 to win the Fiesta Bowl. What a season for Buckeyes. The party that begun friday night in Tempe, Arizona will continue for a long time in Columbus. Cheers !!

Update: The NFL issued a press release on Monday stating that officials should have flagged a 49ers defender for pass interference on the final play of the game, allowing the Giants a second chance at a game-tying field goal. Does that take anything away from Garcia and his men, I don't think so.