.NETly News

Lots of .NET stories in the news today and yesterday; it's a total coincidence that Microsoft started a huge marketing push on Wednesday, including the occasional Doubleclick ad running on Slashdot. BrendanL79 writes: "Peter Wright at Salon.com contributes to public awareness of Microsoft's .NET with this exuberant piece. The praise borders on sycophancy ("Gutenberg ... Babbage ... now Gates") with no apparent tongue in his cheek. Comments?" Reader vw writes: "Active State has just released Visual Perl 1.2, Visual Python 1.2, and Visual XSLT 1.2 as plugins for Microsoft's Visual Studio .NET. Wonder how long it will take for a Mono hack." Numerous readers pointed to several stories about a buffer overflow problem in Visual Studio .NET which was supposed to be immune to buffer overflows - but it had passed Microsoft's stringent new security audit.

congrats

[HCase (533294)]

i would like to be the first(maybe) to congratulate the newly engaged couple in the comments of the wrong article

Am I the only person who is hesitent about this?

[frob2600 (309047)]

In Bill Gates' version of the way things will be, we will all carry around hand-held computers that will allow us to access our e-mail, trade our stocks, send video and photos to the family and generally manage our daily lives. Those hand-helds will also be phones and navigation units, and will carry our electronic wallets. They'll communicate with our computers at home to manage the heating, order the groceries and, when we get home, set just the right ambience for that all-important date with a mix of appropriate mood lighting and Barry White.

Am I the only person who is just a little afraid to have all of my personal information online? There is just too little right now to keep it secure. Maybe when we are on IPv6 it will be better. But it becomes too easy to hit a few buttons and accidentally abort your new baby instead of inform your parents. ;-)

Re:Am I the only person who is hesitent about this

[DutchSter (150891)]

No, you're not. I think that the overall concept might have some promise, but I do have a problem with the idea that an entity will running the whole show. What scares me most is that ultimately, we are moving towards zero human contact. No longer do you go to the grocery store and run into your old friend from across town and chit chat for 15 minutes while making your selections.

I'm reminded of the movie Sneakers when Martin and his old friend (the villian) are on the roof and the villian is going on about how it's a new world, it's all electrons, just little ones and zeros. Everything is the information, the information is everything. It's a brave new world for humanity.. Martin's response is 'yeah, and there's nobody there' -- So we'll all have our PDAs and phones and everything, but who is there really to talk to? Get out, get some air, meet some REAL people and have some fun the old way.

Not does the technology have the ability to move our lives into greater convenience, but at the same time, to isolate us from ourselves and each other.

That, to me, is the scary part - not so much some marketer having a profile on me.

Re:Am I the only person who is hesitent about this

[frob2600 (309047)]

I also agree that the lack of human contact would be a bad thing. First off, we could not drink anymore as popular definition defines someone who drinks alone as an alcoholic. But seriously, I think that we are moving away from personal contact which is very important to mental health. It is true that you can converse with people online but it is not the same as sitting around a table with a pitcher of beer and shooting the sh?t for a few hours.

Although I think that this new technology is going to take away from those accidental meetings I hope that, if it delivers on its promise, it will provide more time to create opportunities for human interaction. But then again, all the technology that we create to save time seems to require more time than we save to keep the technology saving us time. Wordy but true. I don't advocate a return to simpler times... I would die without my connection to the internet. But a week or two where I could just focus on getting to know the people around me while also getting to know more about the earth I am on would be a great thing.

Anyone for a camping trip? If you have 15 km of optical cable just laying around... we could run it down to our site and not miss /. around the campfire.

Re:Am I the only person who is hesitent about this

[clontzman (325677)]

I agree that we still need people, but never having to deal with a rude customer service person, distracted airline reservations agent or disinterested store clerk again is a future I can get behind.

At Kroger in Atlanta you can check yourself out with a mostly automated system (you still need a guy to manage every four units to check IDs and whatnot) that allows you to check out without having to deal with lines or bored cashiers.

Let's face it -- there are some things machines do better than people and ringing up groceries is only one of them (booking most airline tickets is another). The only advantage a cashier has over a machine is the ability to smile and ask how my day is, and if he/she isn't going to bother to do that, I'll take a machine any day.

Re:Am I the only person who is hesitent about this

[Soko (17987)]

Take off the tin foil hat for a second, would ya?

How long did it take for Microsoft to dominate the desktop market? They released Windows 1.0 a long time before OS/2 fell off the competitive map.

Microsofts domination kinda snuck up on everyone, since the IT industry assumed that there would allways be a company to compete with Bill&Co in the OS/Office Productivity space. This time, no such assumptions will be made. If they actually get something like this off the ground, there will be lots of people (Miguel) making great things that compete with Microsoft's offerings by the time it gets pervasive enough.

I'd suggest you take this for what it is at a base level - something that could be useful and cool. Remember, it is possible to enter a cage with a dangerous beast [crocodilehunter.com], as long as you know what to expect and how to counter it's natural responses.

IMHO, it's time to accept Microsoft as an industry leader. You just have to think of them in the same way that you do a clueless PHB.

Soko

What will more LIKELY happen

[Matey-O (518004)]

Sure, you'll have a device to be able to do all this, but people won't use them for one of two reasons:

1) They'll be paranoid of having all that info available
2) There will just be too many friggen features for folks to care.

I don't know about you, but I programmed the addressbook for my FIRST phone. Three phones later, I pick the thing up and use it to dial numbers. I don't use the IR, I don't have it sync with my palm pilot, and I don't send two way messages, I just use it as a digital 'can and string' to talk to people.

Us Slashdot folks are pretty savvy gadget freaky people. That doen't mean my Mom's going to program her favorite MP#^H^H^HWMA's to play on Tuesday when the humidity is high and she's the only person at home.

Perl, Python under .NET?

[Ed Avis (5917)]

I don't think there's any big deal in ActiveState's visual Perl/Python/whatever editors. They are 'compatible with Visual Studio .NET'. What that means is that they integrate with the Visual Studio IDE - *not* that ActiveState have managed to compile Perl into .net bytecode.

At least, I assume that's the case. If somebody had managed to create .NET compilers for Perl and Python, we'd surely have heard about it by now...

Re:Perl, Python under .NET?

[costas (38724)]

I would like to know the answer to that as well. I went looking for Visual Python earlier today and there's zero info (that I could find at any rate) on Active State's site on interoperability with the other Python implementations (cPython and Jython mostly). No word on the standard library (that has a few C extensions; how will those be managed in .NET?) or win32all and the Python-COM bindings.

As a python fan I had high hopes that Python would be the only language to bridge the JVM-CLR religious war and allow you to work in both.

It seems that ActiveState is just plugging in Python to VS, not compiling python to IL.

Re:Perl, Python under .NET?

[pb (1020)]

Well, I agree, and if they had, they wouldn't be compatible with Perl or Python.

However, I think they managed to do something else, like use the .NET framework within Perl, and somehow wrap Perl programs into .NET components.

ActiveState [activestate.com] has a lot of documentation about this on their site, specifically under PerlNET; it's worth taking a look.

Re:Perl, Python under .NET?

[beme (85862)]

Mark Hammond did a lot of work on a .NET compiler for Python. Info available at http://www.activestate.com/Initiatives/NET/Researc h.html [activestate.com]
Last I looked, they weren't going to pursue a complete implementation.

Re:Perl, Python under .NET?

[by Anonymous Coward]

Just to clarify:

Visual Perl and Visual Python are development environments for Perl and Python for people that are using Visual Studio.

PerlNET takes any Perl code and wraps it up as a .NET component so that it can be used in any .NET application.

If there is enough interest in a PythonNET, we will build that.

-- Dick

the beer went thru my nose...

[gTsiros (205624)]

..."microsofts new stringent security audit".

am i the only one who reads this as

"we now pay attention to compiler warnings"

;)

Re:the beer went thru my nose...

[frob2600 (309047)]

Drinking at noon? You must be a sysadmin (or an alcoholic). Either way, I recommend that you seek help.

gcc -Wall is for wimps -- you should follow the Tao and *just know* when you have a possible security problem. Besides everyone knows that MS codes in INTERCAL... what does the error
240 ERROR HANDLER PRINTED SNIDE REMARK
ON THE WAY TO %d
or
222 BUMMER, DUDE!
ON THE WAY TO %d
really tell you?

Sycophants?

[Shuh (13578)]

The praise borders on sycophancy ("Gutenberg ... Babbage ... now Gates") with no apparent tongue in his cheek.

Microsoft has apologists? No way!

Salon article

[baruz (211342)]

Wright says, "Without Microsoft, the PC we have today would be a very different beast."

As if this were a bad thing.

Story not complete

[estar (261924)]

.NET is many things and many people are confused by what .NET exactly refers too. In the context of this story .NET is refering to the compilers, and libraries that make up Visual Studio.NET. VB.NET, & C# are both geared toward using the CLR and .NET Framework. Visual C++.NET can use the CLR and .NET Framework but, unlike VB, you can work with Visual C++ like you could in previous versions and ignore the CLR and .NET Framework. So what is the security error reported? This is the detail as reported by Cigital. The protection afforded by the new feature allows developers to continue to use vulnerable string functions such as strcpy() as usual and still be "protected" against some forms of stack smashing. The new feature is closely based on an invention of Crispin Cowan's called StackGuard and is meant to be used when creating standard native code (not the new .NET intermediate language, referred to as "managed code"). This is a problem with Microsoft's Version 7 C++ compiler not with the CLR and .NET Framework.

I dare you.

[leuk_he (194174)]

Please post a link, possibly one from Microsoft.com that explains what .net is. I failed to find it a few months ago. All i found was buzz and stuff you could buy. Some link that is useful for a developer beyond "XML and VB and can do everything and more productive. "

hmm, might be a good one for ask slashdot.

Re:I dare you.

[Oink.NET (551861)]

Please post a link, possibly one from Microsoft.com that explains what .net is.

The Simplest Way to Define .NET [microsoft.com] by Sanjay Parthasarathy, Vice President, Platform Strategy, Microsoft Corp.

Re:Story not complete

[kawika (87069)]

Exactly. All Cigital seems to be saying is that unmanaged (unsafe) code is still subject to buffer overflow problems. This is not news, and it's why you have to jump through some hoops in .NET to use unmanaged code. Those of you who visited Slashdot yesterday may remember this item about .NET [slashdot.org] that explains it a bit.

Microsoft's alternative, of course, was to create a totally safe environment that wouldn't run any legacy code and wouldn't allow direct calls into the OS. But of course that's been done before (Java). Remember, .NET isn't just for developing network apps, it's for developing local ones as well. If there's already a proven DLL, COM object, or system call that does what I want to do for a local app, I would prefer to use it than reinvent the wheel inside the sandbox.

Tone of the article

[rlowe69 (74867)]

I'm a little surprised with the article's tone, especially coming from Salon. While reading this article I'm reminded of marketing drivel coming directly from Redmond itself. This is not a news story, it's just straight-out gushing and it's the disgusting type of a "article" I'd expect from a heavily sponsored e-rag like ZDNET. Frankly, I will never look at Salon the same way.

Re:Tone of the article

[rlowe69 (74867)]

Articles are part fact part opinion, and they're bound to have some kind of slant.

FYI, articles with opinion are called editorials. They usually have a picture of the person writing the article (in Salon's case it's a sketch). As was said in the post, I don't think this is tongue-in-cheek ... this is honest-to-goodness gushing.

I have nothing against .NET itself - in fact, I'm buying a copy of VS.NET tonight.

The point I'm making is that gushing like this is usually reserved for lesser publications. If I want to read a guy's opinion, I'll go read Dvorak on ZDNET. Salon had a pretty high standing in my books as a reputable news source, not some place that kissed the feet of new technologies - the downsides of .NET were merely brushed over as an afterthought. This is not Salon's style, IMO, and its editors never should have allowed this very slanted editorial to go online.

Python Dev Under VS.NET IDE

[questionlp (58365)]

Although I have tried Visual Python in a while, but I think it's nice to see that Python/win32 developers have a great IDE for development. Right now, I use the PythonWin Environment, which is a great development environment, but it still lacks some of the flexibilities of the VS.NET IDE (like true Visual SourceSafe add-in; ya I know, CVS is great but I work in a Windows-dominant dev environment and the other devs don't like nor use CVS).

Speaking about Python, does anyone know when the final release of ActivePython 2.2 will be released? It has been in "Alpha" for a while and the product page hasn't been updated in a while.

Those opening paragraphs...

[Asikaa (207070)]

From the article:

"In 1454, Johann Gutenberg changed the world forever when the first of his Bibles rolled off the world's first printing press. Three centuries later, in 1791, Charles Babbage was born. Best known for his Difference Engine and Analytical Engine, his work is widely acknowledged as providing the earliest steppingstones from which the modern computer would emerge. Again, the world would never be the same. From the article:

William Henry Gates arrived on the planet in 1951. Whether you love him or detest him with every ounce of your moral fiber, there is no denying the contribution Bill has made to this earth. Without Microsoft, the PC we have today would be a very different beast."

Does anyone truly believe that Gates has made a positive contribution to "this earth", other than his (admittedly laudable) charitable works?

From a technological standpoint, the only thing you can really say he has helped (and I say helped because he certainly cannot claim sole credit) achieve is the positioning of computers in everyday non-geek life. Even that would have happened sooner or later has Gates not existed.

This type of melodramatic, snivelling hyperbole is starting to crop up all over the IT press, with reviews reading like commercials and biographies gushing with misplaced hero-worship.

Ick.

Guttenberg, Babbage, & Gates

[biglig2 (89374)]

Didn't Babbage never actually get as far as a working prototype? I recall the Science Museum in London had to use computer controlled machining in order to build their working model of the analytical engine - without them they'd never have been able to make the parts accurately enough.

Ballmer on Mono

[by Anonymous Coward]

I heard Steve Ballmer speak Tuesday night in Chicago at the VisulaStudio.net kickoff. In response to an audience question about the Mono project he said two things. "First, we're not afraid of competition. Second, we're not used to competing with our own intellectual property and we will defend ourselves. So I guess you could say I don't think very much of it."

I put this in quotes but I'm paraphrasing based on my best recollection. I gotta give him credit for being accessible and for answering questions. Still can't help hating him, though. :-)

.Net fails the pr0n test

[Kushana (206115)]

Peter Wright seems to have been given a few too many Microsoft T-shirts, for his critical facilities have completely left him.

Human history has shown that with the advent of any new important media, pr0n has never been far behind. The printing press? One estimate says that within 10 years 30% of all presses were being used for pr0n. Glossy magazines? Pr0n. Pictures on your computer screen? Pr0n. The Web? Pr0n.

The simple fact is that .Net will not assist in the distribution of pr0n, and therefore will never be as important to humanity as the printing press, the computer, or the Web.

"betting the company" on a buffer overflow

[BroadbandBradley (237267)]

I've always heard there's a lot of "smart people" working at microsoft, if this is the case, they must also be disgruntled employees to let this slide in the middle of "security month"

Compiler: Stackguard!

[irregular_hero (444800)]

Look here [cigital.com] for additional details on the compiler buffer overflow.

It's not actually a _compiler_ overflow.

Instead, it's a subversion of the "buffer overflow protection" that's built-in to the compiler. The most startling piece of this technical review is that the Microsoft "Overflow Protection" in the compiler appears to be a port of StackGuard. The reviewers point out that an examination of the binary output reveals that the compiled code is nearly identical to the StackGuard output.

But stackguard is an option.

[Otis_INF (130595)]

You can decide not to use it: /GS is the compiler switch flag to turn it on. When I check the C++ project I worked on the last couple of days in VC++.NET, it sets the flag ON by default. (which is ok by me, it saved my already yesterday when it reported the stackframe was corrupted after a bad memset() ;))

Switching it OFF will turn off the stackguard functionality and you can build your code without it, but have to check buffer overflows yourself.

So it's perhaps wise to switch it ON in debug builds plus release builds that are tested, and switch it OFF in release builds that are deployed to customers.

Six weeks early?

[Mr. Neutron (3115)]

Please tell me that Salon article was tagged for release on 1 April, and slipped out early.

I'm scared.

Peter Wright makes his money from MS

[isaac (2852)]

Read the bio blurb at the end of the article - the author has written a pair of books on programming in VisualBasic and has 2 books on .Net coming out this year. Hmmm... might he have some stake in .Net's widespread adoption?

-Isaac

This is not news. Doesn't ANYONE study history

[Maury Markowitz (452832)]

Once again I find myself ashamed to be a part of an industry that can't remember anything five years into the past. .NET has been done before, many times. The only news here is the hype, as always.

Let's see, unified runtime, libraries of code with multiple versions, simplified networked object support, standardized metadata...

OpenStep circa 1995.

Sure, OS used plists instead of XML (which didn't exist), a private system instead of UDDI (which didn't exist) and was aimed at C people instead of Java (whichy didn't exist) but the broad strokes are the same:

A multi-platform runtime with standardized libraries, which can exist as multiple versions (with resources) at the same time, with objects that can write themselves out so they can be manipulated as flat data (for storage or network invocation).

The differences are interesting too, .net includes more security features (useful in some contexts) and is multi-language instead of multi-platform. This last issue is a practical one only, at least until Mono is working. And they decided to go multi-language via an IDL, which I consider to be moronic (OpenStep used fat binaries, faster, smaller, better, realistic).

I'm sure other "old timers" will have their own similar systems to include for comparison, but the real point is not that OpenStep did it, but that SOMEONE did it.

And years later no one is using OS (mostly), whereas I'm sure five years from now .net will be one of the most used systems out there. That's the power of marketting. Look how well it worked on the droid on Salon.

Maury

Re:This is not news. Doesn't ANYONE study history

[Melantha_Bacchae (232402)]

Maury Markowitz wrote:

> Once again I find myself ashamed to be a part of an industry that can't
> remember anything five years into the past. .NET has been done
> before, many times. The only news here is the hype, as always.
>
> Let's see, unified runtime, libraries of code with multiple versions,
> simplified networked object support, standardized metadata...
>
> OpenStep circa 1995.

You can go back even farther than that. OpenStep was based on NeXT, which was created by Steve Jobs in 1989. In 1990, it was used to create the world's first web server and client. NeXT was the cradle of the web itself! (http://www.netvalley.com/intvalnext.html)

> And years later no one is using OS (mostly), whereas I'm sure five
> years from now .net will be one of the most used systems out there.
> That's the power of marketting. Look how well it worked on the droid
> on Salon.

The plists are in XML now, but NeXT lives on in its beautiful child: Mac OS X. In fact, the new G4 iMacs running OS X are the only desktop computers on the planet that can be said to be "selling like hotcakes".

Apple is still selling WebObjects, only at $699 instead of $50,000. OS X ships with the Apache web server included. OS X is the best Java 2 desktop, with a full set of J2SE development tools in the OS X boxed version or as a free download or for $20 FedEx shipping. J2EE tools are readily available in open source or commercial form. If you don't care about portability, you can rapidly create a Cocoa front end on your application, and use any J2SE or J2EE classes on the back end to create a native compiled application with all the power of Java. If you are careful to separate the GUI classes from the rest, you can use the RAD Cocoa front end for prototyping, and replace it with a Swing front end after the back end is tested.

Apple's big goal in life right now is 10% of the market (probably with 20% coming after that ;) and happy customers that come back for more. That is a far cry from Microsoft's bid for world domination: Millenium.Net. Apple gives me hope that the computer industry can have a bright future. ;)

Microsoft? Well they mostly give me the urge to loose my lunch. :b

On December 14, 1996, Mothra resurrected an apple tree.
On December 14, 2001, she returned to see its fruit:
OS X, the Apple of Mothra's Aqua eye.

Salon lost major tech and street cred

[coyote-san (38515)]

When I read that Salon puff piece last night, I had to check my calendar. Twice. Yet it stubbornly refused to be April Fools Day.

I wouldn't have minded a piece on .NET. I wouldn't have minded, much, a softball piece on .NET.

But that fawning piece of crap was inexcusable. It was clearly written by the marketing department - no tech would ever favorably compare Bill Gates to Guttenberg - but it was presented as a straight story.

Now I'm going to find it impossible to take any other story the post seriously. I will always have to ask who really wrote the piece.

That's a shame - Salon has been a good thorn in the side of the powerful for a long time. Look at the old stories on the "Drug Czar" paying for anti-drug messages in prime time entertainment shows, or their coverage of the RIAA. But now there will always be a loud voice in the back of my head asking if this is another PR piece by the powerful.

.NET is SCRUMTRILESCENT!

[MillionthMonkey (240664)]

I think the average Salon reader is not the kind of reader who takes things at face value. I think the editors know it too. Look at it as a subtle editorial troll, designed to provoke an outraged response. Which it has.

I don't think you can discount it so easily:

About the writer
Peter Wright is a software consultant and the author of numerous books on Visual Basic programming. He is currently working on two .Net titles for Apress slated for release later this year.

Have you read some of these quotes?
Bill Gates has already changed the face of the world as we know it, but his magnum opus has yet to be fully appreciated. On Wednesday, Microsoft unveiled Bill's greater masterpiece -- in the guise of the Visual Studio.Net development tools suite.
It would be easy to dismiss this as just another Microsoft product launch, just another example of the Redmond behemoth rolling ever onward in its quest to gain enough funds to brand a continent. Don't. Visual Studio.Net will have as profound an effect on the way that we live our lives as the labors of love Babbage and Gutenberg gave us. To dismiss Visual Studio.Net and the technology it encompasses is to go back in time and dismiss Henry Ford's automobile as a passing fad.
[several pages of excited babbling deleted]
As developers move to embrace .Net, the Internet will be transformed from a complex, un-standardized mishmash of awkward static views of data to a dynamic pool of data connected by a true web of Web services all working together to make your life easier.
.Net marks the dawn of the third age of computing -- embrace it.

It reminded me of Will Ferrell's Actor's Studio sketch as well. ".Net is such a masterpiece that there are no words to describe it- so I will make one up: Scrumtrilescent."

I guess if you've been stuck with Visual Basic for the past several years, an MS ripoff of Java would look pretty interesting. I doubt that Java programmers are going to flock to .NET, however. It seems that the people most excited about it are the VB types. .NET will probably end up displacing VB, not Java. Personally, I think James Gosling has a pretty good take on Java vs. .NET. After all, he invented both. :)

Re: Now Waaaaait a Minute here....

[coyote-san (38515)]

... or that guy sucking up to ObL in one of the tapes found in Afghanistan.

I thought about this, but two things make it hard for me to dismiss it as just a troll:

• It was published under the "Technology & Business" banner, not "This Just Posted" and then rotated down into the "Recently in Salon" catchall.
  
• It's well-known that Salon has been having financial troubles, not least because many of the people who would have paid for subscriptions have been caught in the economic slowdown and are unable to justify even $30 on a luxury.
  

I want to dismiss it as a troll. If there was any type of framing by the usual staff, or it was within a week of April 1st I wouldn't give it a second thought.

But now I keep coming back to the fact that the Microsoft PR machine can link to this seemingly glowing comment in "Linux friendly" Salon. We may know it's totally out of character, but a PHB concerned about Hailstorm or .Net implementation issues will take it at face value.

That makes me wonder if I've been playing the fool on other stories. Salon has been valuable precisely because the articles often surprise me, but it's precisely because I'm not knowledgeable about those topics that I'll mistake a 'wink, wink, nudge, nudge' troll for a serious piece.

Re:BS

[Tony-A (29931)]

Impressive funeral music for the damned. Somebody had a wicked sense of humor. Thanks.

The Microsoft emblem. Doesn't the trailing edge look like it's been out in the elements too long. Shattered. (Well it is Windows)

"Microsoft servers for small business let you connect with customers in ways you never have before." Somehow that sounds omnious.

My guess is that he has to say something, has nothing to say, and starts blithering.

Company releases new software. Film at 11

[Keith Russell (4440)]

Lots of .NET stories in the news today and yesterday; it's a total coincidence that Microsoft started a huge marketing push on Wednesday, including the occasional Doubleclick ad running on Slashdot.

In other news, Motor Trend covered the 2002 North American International Auto Show with two sentences: "Cobo Hall was filled with cars. Some of them were brand new."

Let me get this straight. Microsoft is, for better or worse, the most significant software company in the world. They have just released a profoundly significant update to their development environment. The computer trade media is paying more than just lip service to it all. And Michael somehow thinks it's media bias, simply because it's a company he doesn't like?

It's not a "total coincidence". It's news!

This "revolutionary" Bill Gates idea...

[Karpe (1147)]

...once again was not Bill Gates' at all. It was what Sun proposed with the Java platform (and possibly others that I don't know before them). When will people realize that Bill does not have that "vision" thing? Perhaps the same day they learn that Bill Gates did not invent the personal computer, nor the Internet.

About the author...

[Karpe (1147)]

Peter Wright is a software consultant and
the author of numerous books on Visual
Basic programming. He is currently
working on two .Net titles for Apress slated
for release later this year.

Hmm. That explains a lot.

Michael, why must you be so ignorant?

[Zico (14255)]

From the summary (yes, it was written by Michael, not the submitters): Numerous readers pointed to several stories about a buffer overflow problem in Visual Studio .NET which was supposed to be immune to buffer overflows - but it had passed Microsoft's stringent new security audit.

Where to begin with this mess of falsehoods?

• This isn't a VS.NET buffer overflow, it's about a way to attack code generated by the Visual C++ compiler when the /GS compiler switch is used.
• Nobody ever came close to claiming that VS.NET would automatically create C++ code that would be immune to buffer overflows. The boldest claim I've seen Microsoft make is "Also, the Microsoft® Visual Studio® .NET C compiler has support for a new /GS switch that protects your code from many common buffer overrun problems." There does indeed seem to be a flaw, similar to what makes StackGuard attacks possible, but even if you get rid of this problem, it wouldn't be immune to programmers writing potential buffer overflows into their code -- the only thing that these tools do is try to get rid of the most common errors.
• The security audit was about making sure that one's computer/network isn't made vulnerable by having Visual Studio.NET installed on it.

On a side note, since this only affects unmanaged code, it's not really related to the .NET/CLR stuff.

.Net as a marketing strategy

[NumberSyx (130129)]

First, let's get the myth out of the way. .Net is not a product. It's a marketing term,

This is probably the most telling statment of the whole article. .Net is not about a new way of using computers, cool technology, security or any of the other things Microsoft is spouting. .Net is a buzz word driven marketing push and nothing else. It is not going to solve any problems that have not already been solved, introduce any new technology or bring world peace. Microsoft is going to spend the next several years spending billions of dollars to bring us .Net Notepad, .Net Solitaire and the new and improved .Net Virus.

I capped my karma a few days ago, so feel free to moderate me down, just don't expect me to care.

I love the productivity claims

[overshoot (39700)]

Wow! 50% improvement in programmer productivity.
Fine print:
... at shops like Microsoft where the entire design cycle consists of coding. In more mature shops where requirements analysis, specification, design, and QA take up 80-90% of the design cycle things may be a bit different.

CFR

[istartedi (132515)]

Microsoft started a huge marketing push on Wednesday, including the occasional Doubleclick ad running on Slashdot.

This simply won't do. We must have Campaign Finance Reform for the IT industry. Because Slashdot is receiving money from MS, they must be corrupt. Therefore, it should be illegal for MS to place ads 60 days before the release of a new product.

In all seriousness, if you only read Slashdot you might think that the DMCA is the only threat to free speech. Peal yourself away from the CRT a little bit and wake up to what a bunch of jerks we have in congress. It's like the constitution just fell of a high-wire, and fell through the first net. Now if the president signs this bill it will fall through the 2nd net, and if the Supreme Court doesn't wack it our freedom will fall into the abyss. You would never know that if you just read Slashdot.

This post paid for by the Radical National Committee to Criticize Politicians less than 60 days before an election.

Python and Perl under .NET

[fxj (267709)]

When you go to the activestate site and look under more betas you will find perl for asp.net,
which seems to be a .net version of perl.
they say on the web-site:

"PerlNET provides the following functionality:

Perl code runs at the same speed within .NET as it does outside
All extension modules, including the ones using XS code, are supported
PerlNET code is completely compatible with the standard Perl language, including the string form of eval and the runtime use of require
Features

Create .NET applications using .NET components
Wrap existing Perl modules into .NET components
Create new .NET components written in Perl
Extend existing .NET component with Perl "

(http://aspn.activestate.com/ASPN/Downloads/Perl NE T/)

It seems that they really have done it !

python.net seems to be in a pre-alpha stage, as they say here:

"The Python for .NET compiler is written using CPython. It compiles Python source code, and uses the .NET Reflection::Emit library to generate a .NET assembly."

and further:

"Probably the biggest single issue with Python for .NET is the performance of both the compiler and the runtime. The speed of the runtime must be the more critical issue, as the fastest compiler in the world would not be used if the generated code is too slow to be useful."

(http://www.activestate.com/Initiatives/NET/Pyth on _whitepaper.doc) sorry word-doc.

But it is only a matter of time that a python.net will exist.

Hahaha... The author bio on the Salon piece says

[mutzinator (156030)]

About the writer

Peter Wright is a software consultant and the author of numerous books on Visual Basic programming. He is currently working on two .Net titles for Apress slated for release later this year.

Re:No buffer overflows?

[Prisoner Of Gravity (555440)]

Wrong. Java 1.4 has the same thing, an undocumented feature with the exact same name that hypocrit Bill Joy bashed. Yes that's right, Sun included something called 'Unsafe' mode for Java code, that lets it write all over memory to its hearts content. Don't tell Bill Joy though, he's likely to spasm from being called on his lie.

(PS I love Java. But Bill Joy is a LIAR and should be called on his LIE.)

Re:Wait a second

[benploni (125649)]

No, you're thinking of Slate.

Re:Perl, Python, Mono, what next for Billy's Borg

[BitwizeGHC (145393)]

To answer your questions:

1) Larry Wall, who gave a ringing endorsement of Visual Perl a few years ago (that was before .NET though); and

2) Yes! It's called Visual J#.