Tuesday, March 19, 2002

 
Great News. Two items that made my day:
  1. My 26 February entry announced the sad news that Process Dashboard was withdrawn. This open source application was designed as a Personal Software Process support tool. I am happy to announce that Process Dashboard is once again available.
  2. Doug Kaye has launched a newsletter titled IT Strategy, which will come out weekly and cover news items about web hosting services and managed services, and web services. If these topics interest you (and they should) you can sign up for a free e-mail subscription.
  3. Spin Control Out of Control. Today was intense and I'm getting caught up. Going through a backlog of unread e-mail I came across two message that, combined, made me chuckle. The first is from an old friend who now works for Microsoft. I'm on his distribution list and I read anything he sends. Here is an excerpt from the announcement that went out to the list:
    Internet security is a worldwide issue that affects not just Microsoft's customers, but also anyone connected to the Internet- no one is immune to the problem.

    Microsoft has taken a proactive approach to this problem by introducing the Microsoft Strategic Technology Protection Program (STPP). This two-phase program represents an unprecedented mobilization of Microsoft's people and resources to integrate product, services and support. In January, Microsoft Consulting Services presented an initial seminar that introduced the components of the STPP program, which includes" Get Secure" and "Stay Secure."

    It sounded sincere enough. I paid a brief visit to Microsoft's security page, noted the proclamations, then mentally filed it away and planned to follow up at a later time.

    Ironically, the next message was from a service to which I subscribe: e-Week. Here's the stories for today:

    • IE, Apache Clash on Web Standard, ...The incompatibility lies in how Microsoft has implemented digest access authentication, a World Wide Web Consortium standard (RFC 2617) that specifies how users can securely log in to Web servers. Digest authentication is widely acknowledged to be the best available Internet standard for this purpose.
      The upshot is that IE cannot be used as a Web client for any Apache-based Web application that uses digest authentication. In addition, every non-IE browser we tested couldn't be used as a client for any Internet Information Services-based Web application that uses digest authentication.
    • Security Flaws Found in IE 6.0 followed by Microsoft Patch Repairs 6 IE Flaws
    Microsoft seems to be doing a lot of spinning and not much else.

    On the other hand, e-Week also discussed the opportunities that more mature and proven technologies have, including an article titled Java: Potent Security that discusses the strengths of Java from a security viewpoint compared to Microsoft's newer .NET initiative. Another article from the same publication, Apache Avoids Most Security Woes, indicates that Apache is vastly superior from a security perspective than IIS.

    Back in the Fast Lane. I'm caught up and will resume my entries here and in Postcards from the Revolution starting tomorrow.





<< Home

This page is powered by Blogger. Isn't yours?

Subscribe to Posts [Atom]