Daily Archives: July 6, 2011

Microsoft, Tech

The fall and rise of Microsoft Silverlight

Before hitching up with Windows Phone and Windows 8, Microsoft’s cross-platform rich Internet application framework gets a modest upgrade

Microsoft Silverlight has had a topsy-turvy year. Apparently doomed or at least marginalized by HTML5, Silverlight found a foothold in Windows Phone and has more recently emerged as a key component of the Jupiter application framework and programming model for Windows 8. If Silverlight has become less important as a rich Internet application (RIA) framework, it has become more important to Microsoft’s desktop and mobile platforms overall.

 

Best Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

 

In the meantime, the cross-platform RIA framework is still kicking — though development has clearly slowed. More evolutionary than revolutionary, the “new” capabilities in Microsoft’s Silverlight 5 beta merely incorporate existing Microsoft technologies and port functionality previously seen in WPF (Windows Presentation Foundation).

[ Also on InfoWorld: Microsoft offers developers early access to Windows Phone “Mango.” | Keep up with the latest developer news with InfoWorld’s Developer World newsletter. ]

More than a year has gone by without a major Silverlight release, and with none due until late 2011, I expected the forthcoming version 5 to be a major rev that would cement Silverlight’s superiority over Adobe Flash. Instead, I was disappointed to find that many promised Silverlight 5 features are still missing or meager. Even the included code previews for satellite projects — such as Windows Communication Foundation (WCF) RIA Services and Expression Blend — do little more than gussy up existing capabilities.

In short, the Silverlight 5 beta looks more like a dot revision with feature creep than a major upgrade. Rather than extending Silverlight to continue hammering away at Adobe Flash, Microsoft seems to be working toward a desktop smackdown with itself — adding Windows-specific platform invocation calls, Component Object Model (COM) support, and untethered file system access that push Silverlight deeper into the domains of .Net and WPF.

This blurring of these lines shouldn’t come as a total shock. After all, Silverlight was originally code-named WPF/Everywhere. Plus, it undoubtedly makes good fiscal sense for Microsoft to consolidate internally with Windows 8 and a new version of Windows Phone on the horizon. Microsoft has said that the next version of the Windows Phone OS (aka Mango) will sport the Silverlight 4 runtime, and that there will be no support for running Silverlight applications in the Windows Phone browser.

Silverlight 5: Improved tools
I appreciate that Silverlight 5 is prerelease, and perhaps I shouldn’t be looking at it so critically. Stepping in from the big picture, there are a number of improvements to Silverlight’s runtime and development tools that shouldn’t be ignored.

I installed the Silverlight 5 Tools Beta to Visual Studio 2010 SP 1. The Beta included the Developer Runtime, SDK, and a new preview of WCF RIA Service v1 SP2. Instead of Visual Studio, you could use Visual Web Developer Express 2010 SP1 as the development platform.

Facebook, Google, Microsoft, Tech

How to live with malware infections

Get used to it: Malware can’t be completely blocked or eliminated. But you can manage your PCs, mobile devices, and networks to function despite being infected

How can you be sure your organization doesn’t have insidious viruses or other malware lurking within systems and applications, waiting to inflict damage? You can’t.

 

Best Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

 

Malware has grown sophisticated to the point where there’s no guarantee that it’s actually gone, even when you’ve applied the latest antivirus software. Making matters worse, IT infrastructures are becoming much more complex — with an ever-growing population of devices that give malware even more possible entry points.

[ Your executives are big, fat, juicy targets for spearphishing attacks. Learn how to protect them from being harpooned. | Find out how to block the viruses, worms, and other malware that threaten your business, with hands-on advice from InfoWorld’s expert contributors in InfoWorld’s “Malware Deep Dive” PDF guide. ]
Malware Deep Dive

These days, you have to assume there are some infected PCs or other devices on the corporate network.

Get used to it: Malware is everywhere you go
The malware problem is getting worse. According to the Ponemon Institute’s 2011 State of Endpoint Risk study, 43 percent of the 782 U.S.-based IT and IT security professionals surveyed reported a “dramatic uptick” in malware in 2010. Fully 98 percent of the organizations surveyed by Ponemon experienced a virus or malware-based network intrusion, and 35 percent said they had experienced 50 malware attempts within a span of just one month, or more than one intrusion per day.

“The current batch of malware we’re seeing is very sophisticated and well written, and it hides itself well and avoids detection well,” says Fred Rica, principal in the information security advisory practice at the PricewaterhouseCoopers consulting firm.

The good news is that this “living with malware” scenario doesn’t have to lead to lost data, unavailable systems, or other problems. Companies can and do function despite these intrusions.

Here are some approaches that can help minimize the effect of malware on your network and in your systems so that your company can carry on with business despite the nagging presence of these troublesome programs.

Malware survival tip No. 1: Practice good data governance
You can help minimize the damage caused by malware by more effectively protecting the specific types of data that many of the malware programs are going after in the first place. In a lot of cases, they’re looking to exploit sensitive data such as personal information, trade secrets, research and development findings, and other intellectual property, Rica says.

PricewaterhouseCoopers is working with many of its clients to create a strong data governance model that helps the organizations better understand what their most critical data is, where it’s stored, how it moves on the corporate networks, and how they can put the right controls in place to maximize the security of that information.

An audit of the information assets at many companies will show that sensitive data such as customer credit card numbers is initially well-guarded, Rica says. But eventually it ends up in less-protected applications such as spreadsheets or emails, where it is more susceptible to malware.

“We’ve seen clients lose tens of millions of credit card or Social Security numbers because they’re in spreadsheets somewhere outside the HR system,” Rica says. “Our approach is to use better data governance models so that this data has the same [security] controls around it regardless of where it resides. Make sure the data is protected through all stages of its lifecycle.”

Because all data is not equal, a key part of data governance involves categorizing information so that you can identify which data is most critical to the company and its customers. From there, you can apply more stringent access controls.

“Start to separate the infrastructure based on what are your crown jewels versus what’s costume jewelry,” says Patricia Titus, chief information security officer at technology services provider Unisys. Titus says Unisys uses guidelines created by the National Institute of Standards and Technology (NIST) designed to help organizations characterize the importance of their data and select the right security controls.