* Posts by Mary Branscombe

12 posts • joined 30 Mar 2006

Comments are disabled

Mary Branscombe

Ignatius has joined the group

Ignatius: I saw on Catullus' profile that you were discussing my famous dental health techniques. Of course health and beauty are key to true happiness, so I'll just tell you all a bit about the philosophy of my business..

Microsoft launches no-code mashup tool

Mary Branscombe

less CSS, more real languages

Daniel V

while you can style controls with CSS, the nice thing about Silverlight is that you're developing in Windows Presentation Foundation rather than a browser; Popfly is written in Silverlight.

Daniel B-T

When Silverlight 1.1 is available, Popfly developers who want to get into the code will be able to use languages like IronPython and you can already code in Visual Studio or VS Express and use Popfly just for the sharing. I'm with you - JavaScript is not a real programming language in my book. Popfly is trying to be inclusive; my sister could use it to make a custom flickr badge without coding, my Real Programmer friend could use it to share Java apps without exposing my sister to sourceforge...

Steve Ballmer may have said something interesting; we couldn’t possibly comment...

Mary Branscombe

Steve B does take questions in keynotes

Last time I was at the partner conference, in Seattle, a large proportion of it was Steve taking written and verbal questions - I think he covered one I'd written in. He did it with the usual energy - enough to propel a chair a long way - and with little bullshit because the partners know the nitty gtitty of the programs. But that was open and public. My guess, he was announcing the Home Server going to system builder news they wanted to be fresh for WinHEC, or something similar, because there were no big announcements at WinHEC beyond the already-leaked name of WS 2008. WinHEC isn't about news, but it does MS PR more good if it gets into the news cycle with something than with the headline 'nothing new since Vista'. The headline 'Ballmer talks in secret' isn't a good one either, of course ;-)

Programming for Silverlight: a Q&A with Microsoft

Mary Branscombe

I didn't ask them to spell it

and other 'softies have shuddered at the word, so I think the world is safe ;-)

Hmmm; devign has more letters from design but divine looks better. Which suits designers better?

Microsoft flashes up Silverlight media challenge

Mary Branscombe

That was no crash...

That was no crash, that was a demonstration of the fast restart option in Expression...

Adobe edits the development cycle

Mary Branscombe

3 months vs overnight is a difference

smallduck - Adobe wasn’t suggesting it was a revolutionary process or even utterly new – the point about them trying it before and the VP having been involved in similar at previous companies might give that away ;-) But this time they feel they’ve switched fully to incremental development – and 3 months to a working versions versus a working version every day is one big difference. Plus, that description is of quite a classic waterfall method of coders working on one feature after another in the main source tree; having features in isolated source versions and having a much firmer emphasis on bug fixing and a lower limit of bug are practical differences.

Imagine communities

Mary Branscombe

follow on

I've been looking at the Imagine Cup solutions for a few years now and it's always seemed a shame that none of them have gone on to turn into products. yes, there are plenty of rough edges and yes, students leave college, get a job and run out of time. At least one of the solutions has been picked up by a university incubator now and I did hope the accelerator might make some of the students feel they could get somewhere might continuing one of the projects. Am I asking for a US-style VC culture here?

Blog: Changing your bank details

Mary Branscombe

Direct debit Big Stick

If you believe a direct debit has been overcharged, start by having your bank reclaim the disputed payment; First Direct did this in seconds over the phone for me once. That gets the attention of the business focussed, because after a very small number of breaches of the direct debit guarantee they lose the ability to use any direct debits at all. After the incident where I reclaimed a payment, the other financial institution involved changed its terms and conditions for dealing with cases where customers claimed fraudulent transactions. I couldn't have had that effect; but the banks did.

Filemaker 8.5: small but useful upgrade

Mary Branscombe

Friendly FileMaker

I'll confess to being a FileMaker fan if you'll admit to being a DB2 devotee. I think the big advantage of FileMaker is that it's friendly and approachable. You can treat it like an Excel spreadsheet (home to data in small businesses around the world) and get your data in without too much planning; and if that planning is insufficient you can update the database easily; and if you need another step there are the FileMaker developers who can take it over for you. I'd go so far as to call FileMaker cuddly - and you just can't say that of any other database!

More thoughts on identity

Mary Branscombe

illegally speaking

I would never impute that laws are logical; like building documents, they throw away any information that doesn't fit the template when they're framed and then recreate it in legal discussion later. Language is an imperfect way to crystallise intention.

But legally fraud or not, deliberately subverting a policy that takes effort to work around it can't look accidental and breaking policy is a disciplinary or sackable offence. And it gets things back from the technology to the business process and the organisational control - which most managers are more comfortable with.

Reports of death of MS Passport exaggerated

Mary Branscombe

Perhaps the best word is successor?

InfoCard isn't Passport 2.0 and Passport isn't going away - but I certainly hope that InfoCards and the new security policy guidelines will improve the Passport experience!

I do think of the ideas behind InfoCard and the identity metasystem as a replacement for the ideas behind Passport. It's a replacement for the existing version in the sense that MSN et al will at least supplement their use of Passport with InfoCard logins that will be part of the identity metasystem if other sites choose to honour them - but it certainly doesn't work the same way or do the same thing and the Passport team is adding infoCard to Passport rather than dropping the Passport system.

I didn't have space to go into the claims handling and other basic functionality of InfoCard, which make it very different from Passport per se. The way I think of it - and the way Kim Cameron phrases it when people hail him as the slayer of Passport - is that that he was one in a long line of people to explain what was wrong with Passport and that acknowledgement led to a search for what would be right.

Of Infocard: Who keeps an eye on the guardians?

Mary Branscombe

Trusting the trusted third parties?

The higher value certificates proposed for InfoCard - and for the IE 7 phishing filter, and which other browser developers are evaluation - are one attempt to improve on devaluaed certificates. The lock in the IE status bar tells you nothing about the site you're connecting to, just that you've got a nice secure connection to whatever it happens to be. The plans for the high -security SLL certificates are that a business might have to supply the history of their company bank account, they might need to give a power of attorney to say that John Smith in the web development team is allowed to apply on behalf of the bank. The idea is not to rely so much on trusting the registrars as on having a trusted and secure process. And once there are higher-security certificates we'll need to expect businesses to get them or give us consumers a good reason why they haven't.

One problem with using PKI certificates is that they don't allow anonymity; one area both InfoCard and Higgins want to support. As Paul Trevithick puts it, "if we use today's certificates we'll build a digital wake that leads back to the poster". PKI certificates give everybody an id that's technically secure - but they don't give us much help with limiting the information we disclose. And certainly, they're not accessible to the average naive user. Nick and I could probably find someone in between us who we both trust enough to certify our reputations. But with the identity metasystem we could use the eBay, Amazon or Slashdot reputations we've acquired as identities.

And because the identity metasystem interconnects identity systems rather than replacing them, if you want to interact with PKI certificates to allow access to your site, you could do it with an STS. The identity metasystem will give sites more of a choice of identity providers; a site can accept Open IDs or NetMesh InfoGrid LIDs or PKI certificates or all of the above without having to code up for them all individually. Abstracting what an identity is from who certifies it makes identity far more flexible and useful. Verisign is signing up for it - but they don't have to be the identity provider we all use.


Biting the hand that feeds IT © 1998–2021