New DNS exploit

A couple of weeks ago I read about a vulnerability in the DNS protocol that could potentially affect every DNS server in the planet. Note that this is not a problem in the implementation of the protocol, but in its design.

Today I read in Ars Technica that a security company called “Matasano Security” had published “accidentally” in their blog, some information that led to revealing the vulnerability, until that point kept a secret. Now there’s a new DNS exploit causing havoc all over the net.

I’m not into conspiracy theories, but this does sound like one to me. First of all, because it just seems like this could only be beneficial to the same security companies keeping the vulnerability a secret while issuing a fix for it.

Second, “Matasano”. In spanish, a matasano is a doctor who basically will end up killing you when you don’t even need treatment: mata = kill, sano = healthy.

It could just be ideas, but it does seem very suspicious how a vulnerability like this could “accidentally” be revealed.

New Warcraft Expansion Details

An anonymous blizzard employee has revealed new details of the expansion to this blog. Blizzard is aiming for a whole new market with the expansion, which has now been renamed WoW: Wratch of the Munchkin.

The players will travel to new lands, to ultimately reach the frozen stoned king Arthas, the munchies lord.

New abilities include:

• Herbalism 375 – 450 “dealer” (past artisan):
  • Will make Netherweed dubbie:
    • Character will gain -10 intellect and stamina
    • Character will randomly add “dude!” to whatever he says.
    • Character will gain the munchies for 1h. No matter what they eat, they will never be well fed during that time.
    • Users will forget where they left their mount and pets
• Alchemist 375 – 450″laboratory specialist”:
  • Will make “Elixir of The Acid”
    • Character’s mana will degenerate 100 per 5 second causing them to drink a lot.
    • Will increase agility by a 1000
    • Will inverse keyboard and mouse controls.

Safari on Windows: Why is it important

If you haven’t heard yet, Apple (Jobs) just announced that Safari will be available to Windows users. This is important for 2 main reasons.

First of all, web developers will be able to test their applications in Safari now, which means they can assure a consistent design across browsers. People won’t have to have a mac to test how their sites look in one.

Second reason is related to the first one. Safari is the browser for the iPhone, which means that Steve Jobs has opened a way for developers to reach it. Not only Apple developers, but any web developer, and they can test their applications in Windows or Mac, they won’t need to buy an iPhone for development purposes.

There are a few “bad” things to take in consideration. Since Safari is now available in any platform, it will get the atttention of hackers, malware, spyware, etc. It is a start point for Mac holes to be exploited. This is also re-ignite the old “IE is unsafe just because it has more users” discussion. Let’s not forget Safari is in the iPhone too, why can’t it be a target? A omnipresent web browser sounds like a nice juice pray for hackers.

Now, on a user level, I don’t think Safari will become a leader, I don’t think it will take a lot of market share from IE o FF. I think it will remain a browser to enable developers to access several platforms, unless you are a mac fanboy trapped in a windows shell.

Microsoft Surface

Ok, this is after me recovering from the shock of watching Microsoft Surface. It is totally impressive, but I think most people will be judging it from the wrong point of view (wow it looks so nice).

It isn’t just a neat product, I personally think it is the next paradigm shift. Computers, GUI, Post PC devices (is it?) and Surface. This “natural form factor” that keeps you from realizing you are dealing with a computer just blows me away (as Steve Jobs would say) . I definately think is something my grandpa could’ve used.

Flash, YouTube, Apple TV and Silverlight.

This is a “6 degrees” kind of thing, but it’s actually 4. I don’t know if anyone thinks this way of relating things is ok, but here’s what I think.

With Microsoft releasing Silverlight preview, and it being dubbed the “Flash Killer”, there are a lot of questions arising about wether Microsoft can pull this one off or not. It obviously depends on the client adoption for the technology. Flash is currently installed in [put your favorite estimate here, it is still a lot] PCs. Silverlight has to beat that. But there are so many sites working with Flash already, and a huge developer base too.

I think Microsoft has a good chance to take Flash’s place, first because they have a history fo building a developer base. Some might disagree but they have done it before with .Net.

Another reason is that Microsoft is a lot more mature as a software development company than Adobe is. In my personal opinion their development tools are far more efficient.

But now there’s another twist to take in consideration, and that’s why I think this is sort of a “4 degrees to the demise of Flash” thing (ok, might be a little exagerated but still). YouTube is encoding it’s videos for the AppleTV in H.264 instead of FLV. Which means a change like that could be done in favor of Silverlight too, or a Silverlight version of YouTube. It doesn’t seem so hard to me that they can switch to Silverlight completely with some *minor* (compared to what I thought before) changes. Maybe YouTube won’t (I don’t really think Google would support Microsoft like that) but other non Google sites could.

Now you also have to take in consideration the fact that Flash comes with XP or SP2 and that Microsoft can install Silverlight in millions if PCs with just a simple update via Windows Update. Shazam!

Like I said, Microsoft has a very good chance. I want to hear counterpoints!

Microsoft doesn’t care about IE6 anymore?

Today I was looking to learn something new, so I thought I should take a look at Microsoft’s new “Flash Killer” Silverlight. This post isn’t really about Silverlight, but about the Silverlight website.

This is how it looks to me in IE6: SilverLight WebSite (image).

This really bothers me (to say the least). Just a few days ago I was struggling with IE6 bugs to hav ea site displayed properly, not to mention the IE6 poor PNG transparency handling. And now I see this, Microsoft, the author of this – lacking a better word – hell, decided that it is ok to have IE6 users have their site displayed this bad. First they say “to hell with standards” and now they say “to hell with IE6″…

Google Widgets and IBM

I don’t have much time today, si I’m gonna blog this real quick: Google and IBM have announced that Google Gadgets (Widgets) will run on IBM’s websphere portal. This open a whole new world of possibilities.

I work with Sharepoint Portal Server and finding or developing WebParts is a pain in the ass, opening this to deevlopers enables portal solutions making htem a much more accesible platform.

Like I said, possibilities are infinite. I hope to share my thoughts about this soon, right now, Sharepoint is down again and I gotta find out why.

WordPress & OpenID: Not really!

WordPress recently announced that they now support OpenID… to me this is a bit tricky. This is a portion of the post on the wordpress news:

Are you fed up with having to remember dozens of usernames and password? Does the idea of creating yet another account on yet another site leave you cold?

Yes, I am fed up. Why do I think they are not helping? While they allow you to use your blog as an OpenID, they do not support signing in to WordPress with a non WordPress.com OpenID account. Imagine every service (any service) provider did that. Blogger, MySpace, Digg, and so on. You would still have 3000 OpenID accounts because none of them would allow you to sign in with the OpenID provider of your choice.

Discussion can come around this: Should the OpenID providers be OpenID providers only? What does “supports OpenID” really mean (to me WordPress is just creating hype)? And so on…

I’m not using this *new service* I already have a different OpenID provider, and they DO NOT support the use of that.

Smart Monday: Web Design for the Colorblind. Kuler!

Kuler is a not so new web application from Adobe, I use it every time I have a chance. It allows you to make color schemes based on certain rules or no rules at all. You can save and share your combinations and see what other peoples have done.

Basically if you are colorblind like me (not really, I just don’t have the greatest taste in color) you can use this to know what matches and what doesn’t… Now that I think about it, my girlfriend might be happier if I start using these before I buy and wear clothes…

Enjoy!

PS: Sorry for the 1 week absence, been busy. I still owe this blog the last month’s roundup!

Jesus and Usability

This is a crazy thought I had going out for lunch. Usability has been present since the time of Jesus. God gave us man the 10 commandments. Then Jesus came and I’m sure he must’ve thought “gee… people won’t get this is too complicated…” and he said: “Love each other as I have loved you”.

Usability is everywhere…