There are something I really don't understand about today economy. After the fed repeatedly lower increase rate and our government saving package, our economy should become better, or at least, I should start feeling better.
However,
- Mortgage rate actually is going up instead of going down (http://www.bankrate.com)
- The home price is keep decreasing (http://www.zillow.com)
- The exchange rate of dollar is continue to go down (http://www.xe.com)
- The salary is not up as much as the inflation (from my personal feeling)
- Financial market earning should go down in the future when one of their main income, sub-prime mortgage, in the past disappeared.
I guess it is mainly because I am small potato and I don't have the same vision our fed chairman or president have.
Firstly, I would say that no matter which technology, when more user and more user start using it, it will always increase decrease performance, even for the most popular search engine around the world. I am confidence that if suddenly every people start using the application together, the application will slow down. The real issue on scaling basically is what is "trigger" and by "how much".
If you design your application which can scale to 100 million users and the "trigger" happening when 50 millions user start using the keep and performance start degrade significantly after it, then we have a scaling issue.
Also, if we design an app and expect average wait time is 5 seconds, and when more people user our app and we see the expected wait time go beyond it, we have a scaling issue.
Here is a good article from MSDN magazine talking about ASP.net scaling issue.
http://msdn2.microsoft.com/en-us/magazine/cc500561.aspx
In general, ASP.net as a platform itself doesn't really have scaling issue. The issue is whether we know how to measure scaling issue and how to resolve them using the right tool provided.
http://www.microsoft.com/windows/products/winfamily/ie/ie8/default.mspx
http://www.nytimes.com/interactive/2008/03/18/us/politics/20080318_OBAMA_GRAPHIC.html
Recently, I watched a Hong Kong TV, which talk about how secure is WiFi.
Basically, if you are using WiFi network in a public area and without using encryption, it is equal to speak out loud in public, every people around can hear what you say if they wanted to.
So, you should encrypt your network connection for sure. However, there are commonly two type of encryption method available in the market. One is WPA and another is WEP. WEP is a pretty old encryption method. If you search in youtube, you could find there are plenty of video clip explain to you on how to break the encryption.
So, in here, I would recommend you that if you are planning to use WiFi network to gain access to internet, do it right. Encrypt your connection using the right technology.
One of the must read article for security
http://msdn.microsoft.com/msdnmag/issues/02/09/SecurityTips/
Recently, there is an incident in Hong Kong that a famous artist have multiple sensitive photos got stolen possible when he take his computer to repair.
After reading the news, I believe you will start thinking of how secure is your data.
Let me share my through on how we could secure how data.
-- Using secure Encrypting File System to encrypt your data -- Similar to using a safe deposit box
-- Follow the best practices outline in here (http://support.microsoft.com/kb/223316) -- Find a bank you can trust
-- Save your certificate somewhere away from your computer -- Don't put the key in front of your safety deposit box
How will you do it?
There are multiple snowing days in seattle area in Jan/Feb. Because of my bad driving skill and poor little old car, I would prefer to work from home when road condition are bad.
However, can we as effective working from home as working in office? I guess it depends, it really depends on how many meeting we need to attend per day. If I am writing code, I am more productive working from home instead of working in office since I can concentrate on my program and less commute time. However, if I need to attend meeting or discuss about complicate design issue, it is otherwise.
Microsoft have multiple products around this area trying to improve the situation like Office communicator or live meeting. For office communicator, I found it pretty amazing. Even I am not an IM person, if I want immidiately feedback from the other people, I could ping them right away, however, it is limited to simple program, when there is complicate program need to discuss, I still want to discuss in person. Why? I guess body language make up 80% of our communication.
Not sure whether the computer industry will put more innoviation in this area? Will it after 100 years, every people can work from home? What will the security model look like on those area? It will be fun to see.
In the old day, software security is not a feature, is not a selling point and is not something people care about. People install their software into their own computer and the most important thing is that it work. People even can tolerate the application crash from time to time. For example, when you buy a DVD writing application, as long as it can write something in the DVD, you are happy
Then, it come to a day people start to care about the quality of the software, the don't only want to buy a piece of software with 10 features, they want their software to be reliable and easy to use. For example, when you buy a DVD writing application, you are not only want it be able to write DVD, you want it to be easy to use and work without any issue.
Nowadays, a lot of company could write software with a lot of functionalities, however, not every company can guarantee the quality of their software. It is kind of like when you buy a car from BMW, you know there is certain quality involve, it is not only a car from company ABC.
With more than 7 years working in Microsoft, I clearly saw the improvement on software quality of all Microsoft product. Do you know how many quality check point we need to go through to be able to ship a product? I am working in Linq to SQL team before, do you know how many tests we have wrote to ensure the quality of it? It is closed to a million... I will not claim the product is bug free, however, I am confidence and comfortable using the product shipped by Microsoft.
MS used to have a not so good reputation on software security, however, I don't think MS product is not secure, it is mainly because our product have wide audience base.
I am glad that I have chance to see how MS trying to improve the security story of its product and participate into. We created something call Security development lifecycle (SDL) which is a self evolve process. It helps us to make security to be part of the every product we shipped. I am also not claiming we will have zero security bug, however, with SDL in place, our product will only become more secure every day.
I know that there are someone who joke about the security feature in the MS product.However, security feature is similar to "backup/restore", you will only know that you need to do it when there is something happened.
By using SDL, MS if not already the leading company in security space, it will become the leading company in security space very soon. And it will help the industry to make security become standard feature on all software application in the market.
I am not sure about you, but I am those person who are very easy to be confused when other talking to me which a lot of new tech buzz word.
One of the most common technology term I start to hear again and again is WCF. Honestly, I always confuse on what WCF really stands for. Is it
- Window Communication framework?
- Web Communication framework?
- etc.
Actually, WCF stands for Windows Communication Foundation. But what WCF is about? I recently read an article from the MSDN magazine, I found that WCF is not as complicate as I imagine.
http://msdn.microsoft.com/msdnmag/issues/08/01/WCFinOrcas/default.aspx
Why WCF become more and more common? After reading the article, I found that WCF basically is a tech which help you to write app which need to communicate with another app in different platform or language. To simplify it, it set a standard on how message should be communicate (like http), and it provide a lot of useful functions for programmer to use it.
After reading the article, I would highly recommend you to read it too. Even you may not be interested in WCF, but the paragraph which explain how http work may refresh your memory on how something great like internet actually construct with several simply api and a standard.
I am a dad who have one two years old and 1 month old boy and I was not born in US. So, the education system in US is unfamiliar to me.
Since my boy probably is time to go to kindergarden, I started to pay attention to people surround me who have kid and ask questions regarding education.
Suprise me, the education system in US is complicated. There is no simple way or instruction telling you what to do, and I don't even know how to apply for school for my kid and when should I do it. I found a web site which contains pretty good information on it, I hope it will be useful to you too.
http://www.essortment.com/in/Children.Education/index.htm
BTW, there are plenty of different way to save for your child college education, and other stuffs.
It would be nice if we can have a place to discuss education about kid. Does anyone know any good blog site which I can go to?
Yeah. I read an article recently which support my believe on SDL. In today ever changing software security environment, we need a self evolve process like SDL.
http://blogs.zdnet.com/security/?p=697
One of the reply by of my recent post on car security catch my eye.
"My favorite security feature about GPS, somewhat related, is the PIN number for the "Take me home" feature... Imagine a thief steals your car downtown then says "Take me home" and your GPS delivers him at your residence... "
Can we do something similar in software security? For example,
- Can user put an email address in a web site which require log in. If people failed to log-in, it send an email to the registered email address and review the IP address which attempt to do the log in?
The more I think about car security, the more I believe we could exchange security ideas in two different domain.