Wednesday, January 31, 2007

Goodbye IE. I wish I'd never met you.

An interesting article that puts some of the browser vulnerability in perspective. Granted, the story is only dealing with IE6, so I imagine that IE7 on Vista will be marginally better in terms of security. Funny, that's pretty much the same story we heard about WinXP SP2, wasn't it?

Boiling the article down into one, easy to understand statistic:

Number of days in 2006 your computer could be completely p0wn3d through no fault of your own on a completely patched computer because of the browser you are running:

IE: 284 days
Firefox: 9 days

Why are we unable to convince US management that this piece of software is just too dangerous to use? And yet, it is not unheard of to have an organization bolt down the use of gTalk for security reasons, although I've yet to hear of a single exploit going through the system. I imagine that what they are really irritated about is that the jabber back end uses TLS to provide encrypted connections that they can't look into.

Have you found evidence of a gTalk exploit? An article somewhere? Please post a link if you have.

Internet Explorer Unsafe for 284 Days in 2006 - Security Fix

Tuesday, January 30, 2007

Joining the Light side

Well, I finally did it. After dealing with repairing a head crash and a 5 hour reinstall of windows xp (plus patches), I broke down and decided to join the light side.

My new 17" PowerBook Pro is arriving tomorrow. I can hardly breathe. I have a feeling an iPhone may be in my future, too, when my Verizon contract is up.

Friday, January 26, 2007

CFEclipse 1.3 released!

CFEclipse.org

The new version of CFEclipse has just been released. I use this program every day now. The only time I revert back to dreamweaver for ColdFusion coding now is for doing visual interface work.

I think the real strength of the CFEclipse IDE has to be that it's built on Eclipse. The number and variety of plugins for the environment allow you to build your own best of breed development environment.

For me, of course, plugin #1 is CFEclipse. But there are several others I regularly use that allow me to work in this editor and rarely need to leave.

Some of the features I like are native to Eclipse, like support for xml and javascript code hinting. Others are built by professional outfits like Adobe (FlexBuilder being plugin #2 for me). And still others are built by the open source community, like the columns plugin that lets you do things like cut and paste a column in your text editor or line things up on a specific character.

The plugin for vss is top notch and works better and more reliably than anything I've ever seen in an IDE including Visual Studio. Sorry Adobe, but it's even better than the vss integration in either CFStudio or DW.

Back to the new version of CFEclipse. One of the more interesting features that made it into this version has to be integrated support for unit testing with both CFUnit and CFCUnit. I've only used the CFUnit side of things because of the ANT integration thats available, but it totally rocks! If you haven't looked into unit testing your OOCF, this should help encourage you to do so, especially if you work on projects that have lots of far reaching cfcs developed by different people.

If you've been putting off looking at CFEclipse, now is a good time to reconsider getting over that initial learning hump. Once I got comfortable with some of the differences in terminology (workbench, perspectives, etc.) I've never really looked back.

Friday, January 19, 2007

Where's my aPhone?

Ok, we've seen the razr, the krazr, the proposed iPhone, etc. It's time to announce the "aPhone". A breakthrough in cellular technology brought to you by Adobe. Here are some of the interesting features we are likely to see when the product is released:\
  • Usable with all major cellular networks
  • dual 5.5in touch screens allowing multiple applications to be viewed at the same time.
  • More stylish than an iPhone.
  • Allows you to make phone calls in Dolby 5.1 surround sound.
  • Sound enhanced by THX
  • Dropped calls credit your account for the cost.
  • Uses Flash Lite as the programming environment.
  • open architecture that lets you build whatever applications you want and service them with whatever you want.
  • Touch screens are protected when folded in half.
  • 5TB of mp3 data available.
  • TASP interface lets you plug the phone directly into your head (neurosurgery available for an extra fee).
  • Utilizes high speed networks for internet and media connections.
  • Only costs $1 with a 3 year contract.
  • Above all else, it is A phone.
Ok, so this is a bit facetious, but the more I hear about the iPhone vaporware, the more I think there is an opportunity for somebody to one up them. Why only the one network? Why the low speed data network? Why the completely closed software stack? Why compete directly with the iPod? So many things about the iPhone make me thing that it may not be the next great thing.

Are there any features you'd like to see on the iPhone that are not being delivered?

Monday, January 15, 2007

CFUnit in CFEclipse

I've been playing with the new unit testing features built into CFEclipse for about two weeks now, and I have to say that they work GREAT! This is definitely a step forward for all of us cf developers.

The new tools built into CFEclipse will make it easier for you to develop you tests quickly, but you'll also want to look into the ant integration that's mentioned on the cfunit site. The ant approach will fire off your test suites whenever you save a file, helping to make sure that your new code doesn't break something elsewhere in your app. This is really helpful when you have several developers working on a large project where you might be unaware of how your code is actually being used.

Another situation where unit testing becomes even more important is where you are tasked with wring the cf side of a flex app. It's very possible that you will outstrip you flex compatriots since they are fighting a learning curve right now. Unit testing allows you to validate that your code works as expected before there is an interface that uses it.

Great Stuff!

Hats off to:
Mark Drew for the CFEclipse work
Robert Blackburn for the CFUnit work
Andy Jarrett for the nice quickstart