8 minutes read

Data as a Service and the Applications that consume it

Over the past few months I have seen quite a few really cool technologies released or announced, and I believe they have a very real potential in many markets.  A lot of companies that exist outside the realm of Software Development, rarely have the opportunity to use such technologies. Take for instance the company I work for: Woodbine Entertainment Group.  We have a few different businesses, but as a whole our market is Horse Racing.  Our business is not software development.  We don’t always get the chance to play with or use some of the new technologies released to the…

1 minute read

Visual Studio 2010 RTM!

Earlier this morning, Microsoft launched Visual Studio 2010.  Woohoo!  here’s the jist: Watch the Keynote and Channel 9 Live here: http://www.microsoft.com/visualstudio/en-us/watch-it-live Get the real bits here (if you have an MSDN license): http://msdn.microsoft.com/en-ca/subscriptions/default.aspx Get the trial bits here: Microsoft Visual Studio 2010 Professional Web Install ISO (DVD-9) Microsoft Visual Studio 2010 Ultimate Web Install ISO (DVD-9) Microsoft Visual Studio Team Foundation Server ISO (DVD-9) Get the Express versions here: http://www.microsoft.com/express/ All the important stuff you want/need to know about Visual Studio 2010 development: http://msdn.microsoft.com/en-ca/ff625297.aspx Enjoy!

8 minutes read

Bad User Interfaces are Insecure

The Best of Intentions So you’ve built this application.  It’s a brilliant application.  It’s design is spectacular, the architecture is flawless, the coding is clean and coherent, and you even followed the SDL best practices and created a secure application. There is one minor problem though.  The interface is terrible.  It’s not intuitive, and settings are poorly described in the options window.  A lot of people wouldn’t necessarily see this as a security issue, but more of an interaction bug — blame the UX people and get on with your day. Consider this (highly hyperbolic) options window though: How intuitive…

1 minute read

A Stab at a New Resume

While I am definitely not looking for a new job, I was bored and thought I would take a stab at a stylized resume to see if I could hone some of my (lack of) graphics skills.  It didn’t turn out too badly, but I am certainly no graphics designer. What do you think?

2 minutes read

Putting the I Back into Infrastructure

Tonight at the IT Pro Toronto we did a pre-launch of the Infrastructure 2010 project.  Have you ever been in a position where you just don’t have a clear grasp of a concept or design?  It’s not fun.  As a result, CIPS Toronto, IT Pro Toronto, and TorontoSQL banded together to create a massive event to help make things a little more clear.  To give you a clearer understanding of how corporate networks work.  Perhaps to explain why some decisions are made, and why in retrospect, some are bad decisions. Infrastructure 2010 is about teaching you everything there is to…

2 minutes read

My First CodePlex Project!

A few minutes ago I just finalized my first CodePlex project.  While working on the ever-mysterious Infrastructure 2010 project, I needed to integrate the Live Meeting API into an application we are using.  So I decided to stick it into it’s own assembly for reuse. I also figured that since it’s a relatively simple project, and because for the life of me I couldn’t find a similar wrapper, I would open source it.  Maybe there is someone out there who can benefit from it. The code is ugly, but it works.  I suspect I will continue development, and clean it…

16 minutes read

Six Simple Development Rules (for Writing Secure Code)

I wish I could say that I came up with this list, but alas I did not.  I came across it on the Assessment, Consulting & Engineering Team blog from Microsoft, this morning.  They are a core part of the Microsoft internal IT Security Group, and are around to provide resources for internal and external software developers.  These 6 rules are key to developing secure applications, and they should be followed at all times. Personally, I try to follow the rules closely, and am working hard at creating an SDL for our department.  Aside from Rule 1, you could consider…

10 minutes read

Security, Security, Security is about Policy, Policy, Policy

The other day I had the opportunity to take part in an interesting meeting with Microsoft. The discussion was security, and the meeting members were 20 or so IT Pro’s, developers, and managers from various Fortune 500 companies in the GTA. It was not a sales call. Throughout the day, Microsofties Rob Labbe and Mohammad Akif went into significant detail about the current threat landscape facing all technology vendors and departments. There was one point that was paramount. Security is not all about technology. Security is about the policies implemented at the human level. Blinky-lighted devices look cool, but in…

3 minutes read

ASP.NET WebForms are NOT Being Overthrown by MVC

It’s always a fun day when the man himself, ScottGu responds to my email.  Basically it all started last week at Techdays in Toronto (pictures to follow, I promise).  Quite a few people asked me about MVC, and whether or not it will replace Web Forms.  My response was that it wouldn’t, but I didn’t have any tangible proof.  I discussed new features in .NET 4.0, and how the development is still going strong for future releases.  Some didn’t buy it. So, earlier today I emailed Scott and asked him for proof.  This was his response: Hi Steve, Web Forms…

4 minutes read

The RACI Model

Definition: a model used to help define who is responsible / accountable; The RACI model is built around a simple 2-dimensional matrix which shows the ‘involvement’ of Functional Roles in a set of Activities. ‘Involvement’ can be of different kinds: Responsibility, Accountability, Consultancy or Informational (hence the RACI acronym). The model is used during analysis and documentation efforts in all types of Service Management, Quality Management, Process- or Project Management. A resulting RACI chart is a simple and powerful vehicle for communication. Defining and documenting responsibility is one of the fundamental principles in all types of Governance (Corporate-, IT-Governance). What…