Staffan Malmgrens blogg

Lately, I’ve only been blogging about what’s going on in my world. Time to go through the last few days of blog postings that I found interesting for one reason or another:

• pHatidic writes about the fact that Wikipedia does work, despite all the theoretical arguments detailing why it cannot. It’s like the bumblebee, which by the law of physics cannot fly (well, actually of course they can), but since the bumblebees have never taken even remedial physics, they are blissfully unaware of this fact.
• At first, I thought Microsoft was patenting su. After further examination, it’s not as bad as it looks. Still, if you subscribe to the newly granted Microsoft patents RSS feed, you’ll get several examples each week of why software patentability is not a good idea.
• Spamamusment continues to churn out brilliant spam-inspired comics.
• A new beta of the next-generation windows shell (Monad) is out. I no longer have MSDN beta access, but I’m really looking forward to trying this out when it becomes more widely available. I just hope they focus as much on the accompanying programs as the core shell technology. If one has do download Monad-compliant utilities from all over the place, much of the value of the shell will be lost. I’m looking forward to see how the functionality of tools like sed and awk could be expressed in a .Net object environment.
• Raymond is shocked to find out that Swedes are mis-using the right to sick leave. “Everyone” has known that the sick-leave system is widely abused, but this is the maybe the first time that the politicans in charge admit it. But I’m mainly linking to this since I, like most Swedes, am deeply curious about how this country looks through the eyes of someone outside of it.
• Scoble continues to act as the Kibo of the blogosphere. This post is yet another cheap attempt to get mentioned on his blog.
• This story about scientific experiments with swimming in syrup has been seen everywhere today, but I first read it in jwz’s livejournal, as usual.
• Cedric’s talking about his experiences after 6+ months of working with JDK 5.0. Interesting stuff.
• Edward W. Felten has an interesting take on the recent story about online-poker-playing bots. “There’s a sucker at every poker table, and if you can’t see him, it’s probably you”

And some links to interesting swedish blog posts. If you’re not a swedish speaker, take a page from Raymond Chen’s book

• My friend and colleguage Erik has published his report on the state of the web security of swedish political parties. It has sparked some debate, and Erik has also published a follow-up article detailing why it’s important to fix security problems, even if they can’t be exploited right away.
• Karl Jonsson writes about the latest controversy involving swedish bittorent site The Pirate Bay. The TPB guys come off more immature than ever in their email exchange with Uppsala Universitet. Those advocating stronger copyright protection must love TPB, since they provide so many examples of how irresponsible the filesharing community can behave.
• Niklas Lundblad is holding a lecture about information security and philosophy, and has put up his slides with comments. Certainly a unique perspective on security, I would have loved to attend the lectures.

So, I’m setting out to do interesting stuff on the PocketPC/Windows Mobile platform, mostly to do with hardware integration, particularly bluetooth and IrDA communication, so I’m not interested in that sissy Compact Framework stuff that MSDN seems to want to push. Through MSDN Home > Mobile & Embedded Developer Center > Product & Technology Information > Platforms > Windows Mobile, I finally get to “Windows Mobile Developer Resource Kit“, which sounds about right:

The Windows Mobile Developer Resource Kit is essential for developers seeking knowledge about the latest platform advances for mobile technologies.

Bring it on!, I say. But it turns out that the Windows Mobile Developer Resource Kit (WMDRK) is only available on DVD, you can’t download it. Hello? This is 2004, why do I have to wait for a physical disc (and pay $16 for S&H) to get the bits? This is so Amish!

Of course, i understand that the entire WMDRK is a big download, but I really don’t need it all. I have the IDE’s and the SDK’s already, I just want to have a look at the case studies, technical articles and developer power toys. Of course, I’m not sure of any of these actually are, as there is hardly any information about them at all. Hell, those things might already be available for download somewhere else (the SDK’s are), but where?

It feels like I’m back developing for the Epoc/Symbian platform, circa 2000. And that’s not a compliment.

Noone in the Microsoft development space can have missed the big change that has taken place within Microsoft during the last year. The company goes further in trying to build ties with the developers, employees are blogging, they are trying to get people involved.

Now, I have a healthy amount of suspicion towards Microsoft. I feel I’ve been fucked over by MS a number of times, from when I tried to use Perl with ASP 1.0, through when I tried to make sense of CDO (sparsely documented, 300+ byte IDs,…), to when I tried to use Pocket Outlook Object Model (POOM) on PocketPC for real-world scenarios (ID’s that change when record contents change — you’ve got to be KIDDING me??!).

Posts like Chris Pratley’s post about Word file format disclosure: “We don’t do that because it is our intellectual property. People who want to work with us can get it by contacting us; people who want to compete with us need to work harder. That’s business. We might change our minds […] but really it is our prerogative” do nothing to change my suspicion

Microsoft, look; if you’re going to be both platform provider and competitor, you’ll have to accept that people care more about your position as a competitor rather than your position as a platform provider. In that sense, Robert Scoble’s post about “Mozilla should adapt Longhorn tech” was spectacularly naive considering the history of Internet Explorer and Netscape.

I don’t take anything that Microsoft says at face value any longer. I always factor in what they have to loose and what they have to win. In the POOM case, we were doing a product that competed with Microsoft, so it makes sense (from a shareholder-earning standpoint) that they wouldn’t go to any great length to make my life easier. I’m thinking about this when reading the email thread that wasn’t “created with public consumption in mind“. I can’t help to think that it was — it seems pretty sanitized to me.

When it comes to redefining Microsoft’s public image, comment’s like Chris Pratley’s don’t help. You’re an established monopoly, now deal with the new rules and expectations. If you want to be a platform vendor, then document your platform. This includes full documentation of the Office formats, CDO, Extended MAPI, and Pocket Outlook Object Model (POOM). This will undermine your position as a application vendor on that platform. Deal with it. Don’t make us rely on undocumented properties and sites like CDOLive. Don’t just skirt the issue by saying that “it’s your prerogative” to keep things secret.

Anil John points me to the Microsoft Pattern and Practices site. I’ve stumbled over the “Application blocks” examples that they have up once or twice, but I never went to their front page to see what it’s all about. I took a glance at the “Improving Web Application Security: Threats and Countermeasures” guide, and… godDAMN this is a comprehensive guide (900+ printed pages, not much filler) to just about everything you need to know about secure web development on the Microsoft platform, including how to harden the base services (like IIS and MS SQL Server) your application uses. Much of the stuff (like the chapters on Code Access Security and Data access) is useful in non-web development as well. So far I’ve only skimmed through it, but it looks to be a must-read.