February 2004 Entries
In SQL Server you have a choice of default languages for users. Of those choices you have English or British English? So what's that unqualified English referring to then? Presumably Microsoft feel that Microsoft English (yes, they do make up words - "Outdent" anyone in PowerPoint?), or maybe they mean US English is now the definitive version and does not need qualification, whereas British English does. I would beg to differ...
Then of course, as British English users we have to suffer US English spellings throughout the Windows UI (and countless other apps). Color instead of Colour anyone? I know it is a small thing, but surely it is not beyond Microsoft to help my children not get confused over which spelling is correct. After all if I had an French installation I'm sure the spelling of colour would be correct for that language (Couleur).
And recently I learn that .Net does not support Welsh as a culture. I'm not sure how many Welsh speaking citizens there are out there, but I bet it is more than some of the more obscure cultures that are supported.
So come on Microsoft - this can't be a big deal - lets have proper recognition and support for the British English and Welsh languages...
Just came across this site: http://research.microsoft.com/research/downloads/ - there are some intesting things on there, that I am going to explore at a later date. A couple that jump out:
- ILMerge - ILMerge is a utility for merging multiple .NET assemblies into a single .NET assembly
- Treemap .NET- NET components that display hierarchical data as a set of nested boxes.
Cheers
Ian
Microsoft have released a resourse kit for asp.net - you can download it here. (134399 KB).
While it contains lots of sample web sites, code and presentations, the thing that really got me was that it includes the following asp.net controls for free (usually a single developer license meaning that one developer can use it, and can redistribute to anyone)
ComponentOne
This special edition of ComponentOne Studio for ASP.NET includes a development license for all of the Q2 2003 versions of ComponentOne Studio for ASP.NET (WebForms) components.
Infragistics
The NetAdvantage ASP.NET grid is an advanced grid with true hierarchical support and unbound mode, allowing you to provide a rich-client look-and-feel in your ASP.NET application.
/n software
IP*Works! CC ICharge provides and easy-to-use interface for communicating with major Internet Payment Aggregators (Payment Gateways).
SAX.NET
Sax.net Security for ASP.NET allows you to protect your server from automated programs.
telerik
telerik r.a.d.rotator is a multipurpose component for DHTML content rotation and personalization.
telerik r.a.d.spell enables developers to add multilingual spellchecking capabilities to their ASP.NET applications.
Not bad for free!
If you are a start-up or an established Independent Software Vendor, producing Microsoft products, take a look at this program.
It gives an easy (and cheap - currently £240/$375) way to partner with Microsoft, without certification or testing requirements up front. You get an MSDN universal subscription with 5 user licenses plus other benefits for a year. In return you commit to releasing a packaged product, running on MS technology within the year. Pretty good value if you are an established ISV anyway.
bbits have just produced a new Understanding Xml Technologies course which is focussed around using xml in the .net environment.
Thought I'd let you know...
Details here
Just upgraded my Navman software on my ipaq with Navigator 2 from Tom Tom - it's a big improvement for me. The main things is that you can have custom overlays, and that they have a sdk that can be used to create neat utilities that can talk to the sat nav. So I now have the uk speed camera database on the Tom Tom software has been extended to warn me when I'm approaching a camera - neat. And I can find a wi-fi spot anywhere in the country!
What it doesn't have is traffic information. So I am looking for a web service that would provide live traffic information. TrafficMaster don't appear to offer that as a service, so if anyone knows of one, then please let me know.
Over a week after I notified the tech support of my bank that I had stumbled across a basic security flaw in their web site, the flaw is still there. I was informed that this would be taken seriously, but this doesn't seem to be the case. So what next...? I will contact them again and see if they can do something this time, but I hold little hope. Even if I threaten to move my account, I get the impression that this would never get to the ears of someone who cares, or understands the implications of the flaw...perhaps the press is the only way to get something done...
Anyway I'll keep you informed...
Actually it's a big fat yes! Saw them at Wembley arena and it was a cracking gig, with Ian Astbury (from the Cult) doing a fine job as vocalist, and Robby Krieger and Ray Manzarek absolutely superb.
If you get a chance, and you are a Doors fan - go see the Doors of the 21st Century, or buy the cd of the nye gig at Kodak Theatre in Hollywood, Ca., I don't think you will be disappointed.
21st century Doors
If your web site relies on the http(s)://username:password@server/resource.ext syntax to pass user authentication, then you need to know that support for behaviour this will be dropped in a future update of IE. See here for details: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q834489
It seems a bit strong to drop this whole approach to avoid the phishing attack, and it could have a big impact on some sites, I would have thought. So if it affects you, it's time to change your approach...
It amazes me that there are still sites out there that do not even have the most basic error handling on them. I recently hit an error on a banks web site, which displayed the default asp error handler. This exposed the name of the include file that was being used. It had a .inc extension. Surely, they would have protected that .inc extension from being requested via IIS? No - the inc file could be downloaded and the source was available for all to see, including the location and authentication details for a database that was used.
It should be a no-brainer to have turned off the default error messages for asp on a live site, and to have protected those inc. files - especially for a bank!
I'm sure everyone knows that you can do this in IIS admin easily for asp sites. And asp.net sites make it easy to control using web.config. If you don't and you have some responsibility for the security of your site, then you need to look up that information now!
As far as this bank is concerned, I'm considering how to approach them, because this lack of concern for basic security procedures is worrying. This bank is no small player either...you will have heard of them...