Slashdot Mirror

Ethereal writes "InternetNews.com reports that Microsoft has begun beta-testing a built-in virus scanner for its Windows XP Service Pack 2 (SP2) that will be included in the final product in mid-2004. The tool is among the operating system enhancements the Redmond, Wash., company is developing as part of its Security Center initiative to rebuff viruses, worms, trojans and crackers. Microsoft will also provide free online training to help developers make the most of SP2's security features, Chairman Bill Gates said at today's RSA Security conference. It's the first time the company has offered training with a Windows service pack release."

fudgefactor7 writes "Powerhouse software vendor Microsoft and the venerable Sendmail, have formed an alliance to launch a sender authentication plug-in which is hoped will combat email fraud and spam. The plug-in lets organisations verify a message's source before accepting it by automatically checking to see if an email came from where it claims it did. Could this be a sign of the beginning of the end of spam?" Update: 02/26 08:01 GMT by S : Though Microsoft and Sendmail are both working on solutions, there's no official alliance in place between the companies.

An anonymous reader writes "Broadand Reports notes that Microsoft is now sending snail mail warnings to downloaders of the leaked source code. They're also apparently working in conjunction with several un-named peer to peer vendors to send out legal warnings to any users who search for the leaked code. The notice on Microsoft's website has been updated to reflect the new warnings."

NickFitz writes "MacWorld UK has some comments from industry analysts on the question of whether Total Cost of Ownership, Microsoft's favourite metric, is lower for Apple Mac versus Windows. The MS website has no figures to refute the claim that 'An Apple technician may cost twice as much, but he comes to see you half as often.'" Bottom line: neither platform is the clear winner.

WhoDaresWins writes "Ever wonder how to make a Knoppix-like live Windows bootable CD (or DVD)? Well its now possible using Bart's Preinstalled Environment (BartPE) bootable live windows CD/DVD. It's basically an expansion of the Microsoft's own Windows PE (Preinstallation Environment) idea which is a minimal Windows (XP/2K3) based bootable live CD with a command prompt and the ability to run some basic Windows GUI. Bart's PE allows anyone to make a bootable CD using their own Windows XP/2K3 media with Bart's PE Builder. What's more many people have contributed quite a few plugins that allow you to use the BartPE discs as quite a nifty system administration tool and with some work an almost usable quick system."

shystershep writes "It's official. Microsoft admits that 'portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet.' No more details, although it seems clear that it is only a portion of the code. Microsoft is, naturally, downplaying its impact, while everyone else is busy speculating about how serious this could get." A lot of you apparently haven't read yesterday's story. An investigation of the code is already underway.

eMilkshake writes "There is an MS security bulletin that reads, in part, 'A security vulnerability exists ... because of the method by which Virtual PC for Mac creates a temporary file when you run Virtual PC for Mac. An attacker could exploit this vulnerability by inserting malicious code into the file which could cause the code to be run with system privileges. This could give the attacker complete control over the system.' Guess VirtualPC really brings the Windows experience to the Mac!" An update is available from the Microsoft site. On the flip side: sking writes "Australian IT reports on Microsoft's continuing development for the Mac: 'I just want to thank Apple for providing all those great innovative technologies that let us do what we love best: creating great applications,' gushed head of Microsoft's Macintosh Business Unit Roz Ho."

Supp0rtLinux writes "According to this article over at Linux Devices and noted on here at NewsForge.com, Motorola has released a newer version of its A76x line of cellular phones. This newest release, the A768, boasts of open source softwares from Monta Vista Linux, Trolltech, and Sleepycat. The only downside is that it appears to only be available in China right now. And the older A760 released last August is still only available in Europe and Asia. Why are we in the U.S. always the last to get new cellular toys? The good news, though, is that with a Linux base and an integrated PDA and MS Office file compatibility, at least syncing this to either a Linux system or a Windows one should be fairly seamless. (A760 Review)"

scubacuda links to this Infoworld article, which reads in part "TVI charges Microsoft's autoplay feature infringes on four of its U.S. patents. TV Interactive Data Corp. (TVI) of Los Gatos, California, claims that Microsoft infringes on four of its U.S. patents, three entitled 'host device equipped with means for starting a process in response to detecting insertion of a storage media' and one entitled 'method for starting up a process automatically on insertion of a storage media into a host device.", writing "I hope no one has a patent on the shift key, because that's what I hit when I insert a CD. (That is, when I haven't already edited the registry)" Wouldn't automount / autofs fall under the same shadow?

pmf writes "Yet another critical vulnerability affecting Windows 2000/XP/2003 has been just announced by eEye. It is worthy to note, that it took Microsoft over 6 months to fix it. The bug affects ASN.1 library and is remotely exploitable through authentication subsystems (Kerberos, NTLMv2) and applications that make use of SSL certificates." The AP has an overview.

prostoalex writes "Bruce Eckel (from the Thinking in C++/Java/Patterns/Enterprise Java fame) and Bill Venners have interviewed programming legend Anders Hejlsberg. After 13 years in Borland and joining Microsoft in 1996, Hejlsberg now leads the development of C# language and talks about the development process, reasons some things exist in C# and some not, as well as future directions."

Zenin writes "Microsoft has graciously released the source code to Allegiance for free on their site. Allegiance was released back in 2000, and rated the 'Best Game No One Played' by GameSpot - this little- known multiplayer space-combat/team-RTS was pretty innovative, yet never took off in the mainstream. Nevertheless it quickly developed a fanatical following - a dedicated community who reverse engineered the game to enable complete mods, expand server power, and much more. A million thanks to Joel 'solap' Dehlin and the rest of the Allegiance development team for making this happen!"

Zenin writes "Microsoft has graciously released the source code to Allegiance for free on their site. Allegiance was released back in 2000, and rated the 'Best Game No One Played' by GameSpot - this little- known multiplayer space-combat/team-RTS was pretty innovative, yet never took off in the mainstream. Nevertheless it quickly developed a fanatical following - a dedicated community who reverse engineered the game to enable complete mods, expand server power, and much more. A million thanks to Joel 'solap' Dehlin and the rest of the Allegiance development team for making this happen!"

Decaffeinated Jedi writes "GameSpy is running a feature looking at the editors' picks for the top real-time strategy games of all time. Included on the list are such classics as StarCraft, Command and Conquer: Red Alert, and Age of Empires. The article looks at each game's significance to the genre as a whole, as well as offering some reader feedback on the editors' choices. Why not grunt rush their server, have a look at their picks, and share some of your own RTS favorites here?"

MBCook writes "I just notice that Microsoft has a new Windows XP 64-Bit Customer Preview Program starting today (February 3rd). If you have a AMD Opteron or Athlon64, you can go to the download page to get your copy. It's a pre-release copy that will expire in 360 days (which probably means the final will be out by then). Now Intel just changed their 64-bit plans, and all of a sudden this appears. Speculate away!"

MBCook writes "I just notice that Microsoft has a new Windows XP 64-Bit Customer Preview Program starting today (February 3rd). If you have a AMD Opteron or Athlon64, you can go to the download page to get your copy. It's a pre-release copy that will expire in 360 days (which probably means the final will be out by then). Now Intel just changed their 64-bit plans, and all of a sudden this appears. Speculate away!"

loteck writes "Microsoft has just released Security Update 832894. According to their official information, it affects all NT kernel versions of Windows and most versions of Internet Explorer. Here's a rundown of the important fixes, notably 'A vulnerability that involves the incorrect parsing of URLs that contain special characters' in Internet Explorer, as previously discussed on Slashdot."

loteck writes "Microsoft has just released Security Update 832894. According to their official information, it affects all NT kernel versions of Windows and most versions of Internet Explorer. Here's a rundown of the important fixes, notably 'A vulnerability that involves the incorrect parsing of URLs that contain special characters' in Internet Explorer, as previously discussed on Slashdot."

bllfrnch writes "The NY Times (account required, yada yada) has an article about the suggestion of email postage to stop the advent of spam. Apparently, both Microsoft and Yahoo! support such an initiative, as they are the largest email service providers. Best quote: ''Damn if I will pay postage for my nice list,' said David Farber, a professor at Carnegie Mellon University, who runs a mailing list on technology and policy with 30,000 recipients'."

spacehug writes "In a recent Microsoft Knowledge Base article, they provide 'Steps that you can take to help identify and to help protect yourself from deceptive (spoofed) Web sites and malicious hyperlinks.' These steps include always using SSL/TLS, typing 'JScript commands' in the address bar, and typing in URLs instead of clicking links! I have a suggestion that's not in the Knowledge Base: don't use IE!"

prostoalex writes "The topic of starting your own software company was recently brought up on Ask Slashdot as a way to fight current employment trends. Eric Sink from SourceGear, who shared his software company-building experience before has written a new article published on MSDN. Getting started with your own software company suggests several simple steps to evaluate your abilities, count your estimated expenses and then start the software company, if the idea still seems feasible."

damohasi writes "According to Microsoft Knowledge Base, MS "plans to release a software update that removes support for handling user names and passwords in HTTP and HTTP with Secure Sockets Layer (SSL) or HTTPS URLs in Microsoft Internet Explorer". Whether this will break rfc 1738 or not, it might get webspace provider in trouble who offer @-domains like the German 1und1."

mr.big_pig writes "The Seattle PI had a front page article analyzing the Microsoft's Get The Facts website and related ads compairing Windows to Linux. The short and sweet: follow the money and see just how 'independent' is this research. What caught my eye was that this was on the front page and not buried in the business section."

securitas writes "RFID Journal reports on the first Microsoft RFID software pilot project. Microsoft launched the six-month pilot in December with KiMs, Denmark's largest snack food producer. Microsoft plans to bring the new RFID-enabled supply chain management software (Axapta Warehouse Management) to market next year, targeting small- to medium-sized businesses. The news comes after Microsoft announced its Smarter Retailing Initiative, tools based on RFID and .Net Web services. More on this latest development at CNet and InformationWeek."

securitas writes "RFID Journal reports on the first Microsoft RFID software pilot project. Microsoft launched the six-month pilot in December with KiMs, Denmark's largest snack food producer. Microsoft plans to bring the new RFID-enabled supply chain management software (Axapta Warehouse Management) to market next year, targeting small- to medium-sized businesses. The news comes after Microsoft announced its Smarter Retailing Initiative, tools based on RFID and .Net Web services. More on this latest development at CNet and InformationWeek."

GillBates0 writes "CNN's reporting that Microsoft Corp has settled with Mike Rowe, persuading the teenager to give up his domain name in exchange for costs of changing the existing domain to a new Web site, Microsoft certification training, an Xbox, an invitation to a technology festival at Redmond and some other gifts. Includes a choice quote from Microsoft spokesman Jim Desler: 'We wanted to do this in a way that's going to foster his interest in technology'. Mike had received a 25-page letter from Microsoft informing him he was committing copyright infringement, and threatening legal action, as reported earlier on Slashdot."

balster neb writes "CNET News.com has a piece titled 'Seeds of Destruction' on monoculture in software and its effect on security. The article talks about similarities between software attacks such as last year's MSBlast, and agricultural catastrophes such as the Irish Potato Famine. Isn't this another good argument against monopolies?"

Jsf72672 asks: "With the recently-passed Sarbanes-Oxley legislation, and the looming HIPAA compliance requirements a constant thorn in the side of IT staff, Enterprise Instant Messaging seems to be overlooked. Most users are using AIM or MSN. Microsoft and Yahoo! both have products tailored to the Enterprise, but no one wants to rely their technology to keep them out of jail, or from paying huge fines. Jabber looks attractive but our already overtaxed IT staff does not have the time to compile, secure and test homegrown solutions. What are Slashdot-reading IT Managers doing? I found these guys and their InterIM line of products, and they look pretty good. Is anyone using them? Are there other low-cost solutions you have employed?"

jdkane writes "CNET News reports that security flaws have been found in products that use VoIP and text messaging, including those from Microsoft and Cisco Systems. What's interesting, in Microsoft's case, is that the Internet Security and Acceleration Server product that's also affected is designed to help protect companies' networks from online attacks. Specifically, a filter used in the server that secures VoIP communications is vulnerable to the flaw."

mr_tommy writes "Neowin has posted a link to a court ruling (pdf) on the controversial MSfreepc.com website. The court ruled that claims in the Microsoft antitrust settlement made via the site were not legitimate, and as such all submissions made through it would be rejected. The website, operated by Lindows.com, attempted to use the Californian settlement against Microsoft to its own benefit by getting users to signup and make a claim. Lindows saw an opportunity to capitalise on the ruling by getting Microsoft to pay for users to have Lindows software and hardware; undoubtedly too bitter a pill for Microsoft to take. Microsoft filed suit against the website Michael Robertson, owner of Lindows and a strong anti-Microsoft voice, will undoubtedly be disappointed with the ruling. The 'legitimate' site for claims is still available."

Anonymous Coward writes "Microsoft has launched a new ad campaign that purports to give 'objective third-party information' comparing Windows to Linux." See the ad campaign website for more, uh, facts.

frooyo asks: "I'm an currently looking for a good reverse proxy caching solution (server-side caching) for the Windows platform. This would be used as a transparent proxy between the corporate website and the outside world. Products that I have seen available include: Microsoft ISA server, Squid for NT and some others. I'm not completely opposed to using a non-windows platform for this type of solution, but I would prefer a Windows solution. I need a product that handles middle-large numbers of current users (10-30) with easy on one server. Additionally features such as caching pools and easy handling of FTP connections (since this will be used as a 'transparent' proxy) would be a much needed benefit."

Thanks to Empires Heaven for their interview with Stainless Steel Studios' head Rick Goodman regarding the PC RTS title Empires: Dawn Of The Modern World. He discusses why the game will become a trilogy by using expansion packs ("One of the compromises I think you make in Civilization 3 is, to cover that [large of a] period of time, you can't cover any one period very in-depth"), and the circumstances that led to his split with Age Of Empires creators Ensemble Studios, which he co-founded ("Ensemble wanted to do their next game in a year, and I told them that I wasn't the kind of guy that could do a game in a year and I should probably go off and take whatever time I needed and let them take the time they needed.") He concludes by discussing the difficulties of development: "One thing you learn [in the industry] that most gamers don't understand: that game development is a series of compromises."

Via_Patrino writes "According to Microsoft on january 16, MS Windows 98 and 98se will end Extended Support Phase, that means they'll became obsolete and assisted support will no longer be available from Microsoft, affecting about 27% of the internet users. That means even if 98 is working well for your needs (and especially computer specifications) and you want to pay for support (because that might cost less than switching hardware) you can't, because who will be able to patch eventual new bugs (security related or not) besides Microsoft? So if you're not planning a switch it might be your last opportunity to update MS Windows 98, after that some software might disappear from MS website (just like MSIE 5.5 for 95 did)."

Via_Patrino writes "According to Microsoft on january 16, MS Windows 98 and 98se will end Extended Support Phase, that means they'll became obsolete and assisted support will no longer be available from Microsoft, affecting about 27% of the internet users. That means even if 98 is working well for your needs (and especially computer specifications) and you want to pay for support (because that might cost less than switching hardware) you can't, because who will be able to patch eventual new bugs (security related or not) besides Microsoft? So if you're not planning a switch it might be your last opportunity to update MS Windows 98, after that some software might disappear from MS website (just like MSIE 5.5 for 95 did)."

Via_Patrino writes "According to Microsoft on january 16, MS Windows 98 and 98se will end Extended Support Phase, that means they'll became obsolete and assisted support will no longer be available from Microsoft, affecting about 27% of the internet users. That means even if 98 is working well for your needs (and especially computer specifications) and you want to pay for support (because that might cost less than switching hardware) you can't, because who will be able to patch eventual new bugs (security related or not) besides Microsoft? So if you're not planning a switch it might be your last opportunity to update MS Windows 98, after that some software might disappear from MS website (just like MSIE 5.5 for 95 did)."

gameaxx writes "Back in 2002, Slashdot ran a piece on what the best mouse for precision PC gaming was, and there was a debate over whether the optomechanical Razer Boomslang running at 2000 dpi was the uber gaming mouse, or the optical mice from Logitech or Microsoft Intellimouse Explorer 3.0 running at 800 dpi were the best precision gaming mice to have. Now, Razer has just announced (PDF link) the upcoming February 2004 release of a ultra-precise 1000 dpi gaming mouse called the Razer Viper. At 1000 dpi, this breaks all the boundaries set by bigwigs like Logitech and Microsoft, whose mice max out at 800 dpi. Whether this settles the optical 800 dpi vs Boomslang optomechanical 2000 dpi debate once and for all with the release of a 1000 dpi gaming mouse remains to be seen until we actually get our hands on it."

securitas writes "The New York Times Technology has an excellent feature by Ken Belson about the coming battle over the next-generation DVD format that consumer electronics and technology giants are already preparing for. The article covers the (high-definition) HD DVD group, led by Toshiba and NEC, and the Blu-ray Group, led by Sony and Matsushita (Panasonic/JVC). Mass production is expected to begin in 2005, but both sides are expected to show prototypes and aggresively pursue partners at the Consumer Electronics Show (CES) in Las Vegas next week. Add to the mix a nine-company Chinese faction that says it will develop its own DVD format because - fearing their technology could be used by Chinese rivals - the Japanese manufacturers haven't shared much information, even within the DVD Forum. Finally, Disney, Microsoft, IBM and Intel have yet to weigh in. The worst thing that could happen would be another Betamax/VHS-type war. In that case, 'Everyone is a loser, particularly Hollywood studios, the retailer community and, most importantly, the consumer,' says Warren N. Lieberfarb, developer of the original DVD format."

prostoalex writes "Eric Sink from SourceGear, well-known in the open-source world for AbiWord Suite, shares his thoughts on starting and running a software business. One of the keys to a successful business, as Thomas J. Watson once said, was to double the rate of failures. Eric Sink tells the story of what mistakes he personally made, what could be avoided, and what's important for geeks to know when starting a software company."

An Anonymous Reader writes "If you recently set up a new PC with Windows XP, or if you had the pleasure to do a 'reinstall from scratch,' you probably found that many XP systems as they are shipped today are not patched against common issues like Blaster. Given that these worms are still going strong, it doesn't take long for a new system to be infected. In particular, if you have to connect it to the Internet to download all the patches. Well, help is in sight. The SANS Institute released a paper entitled Windows XP: Surviving the First Day." (Read on below.) Update: 12/24 17:59 GMT by T : Thanks for reader Bill Curnow for the updated link. Update: 12/24 19:15 GMT by T : Besides the workaround suggested below, Roblimo has a good suggestion on avoiding the first-day-of-Windows altogether.

"With many screen shots, it will walk you through the procedure to enable the XP firewall and downloading the patches without getting infected while doing so. This could be the (free) stocking stuffer that may save Christmas for your folks ;-). Given that its probably to late now to start downloading your favorite Linux distro."

But if you do have the time and bandwidth, and you're stuck on Windows, a nice live-CD distro like Knoppix or Mepis means you can download patches without racing the worms, and install your patches while offline. (And if you have time to download 50MB, you have time to grab Damn Small Linux.)

An Anonymous Reader writes "If you recently set up a new PC with Windows XP, or if you had the pleasure to do a 'reinstall from scratch,' you probably found that many XP systems as they are shipped today are not patched against common issues like Blaster. Given that these worms are still going strong, it doesn't take long for a new system to be infected. In particular, if you have to connect it to the Internet to download all the patches. Well, help is in sight. The SANS Institute released a paper entitled Windows XP: Surviving the First Day." (Read on below.) Update: 12/24 17:59 GMT by T : Thanks for reader Bill Curnow for the updated link. Update: 12/24 19:15 GMT by T : Besides the workaround suggested below, Roblimo has a good suggestion on avoiding the first-day-of-Windows altogether.

"With many screen shots, it will walk you through the procedure to enable the XP firewall and downloading the patches without getting infected while doing so. This could be the (free) stocking stuffer that may save Christmas for your folks ;-). Given that its probably to late now to start downloading your favorite Linux distro."

But if you do have the time and bandwidth, and you're stuck on Windows, a nice live-CD distro like Knoppix or Mepis means you can download patches without racing the worms, and install your patches while offline. (And if you have time to download 50MB, you have time to grab Damn Small Linux.)

Thanks to the Korea Herald for its article outlining the disappointing performance of Microsoft's Xbox compared to the PlayStation 2 in South Korea. The article notes: "Just a year ago, Microsoft Korea, a unit of U.S.-based software giant Microsoft Corp., envisioned a bright future for its spiffy Xbox video game console... [they] initially aimed to sell 150,000 units during the first year. However, sales have fallen far short of this target at just 60,000 units." In comparison, "The Korean market has so far snapped up 600,000 PlayStation 2 game consoles since its debut 22 months ago." The piece attributes Microsoft's problems to the Xbox lacking "killer titles that instantly grab the attention - and the pockets - of game lovers", but also notes that "some critics attribute the glaring failure of Xbox on the Korean market to Microsoft Korea's poorly managed marketing."

prostoalex writes "Scott Hanselman shares a document from Microsoft Research internal Web site on Gina Venolia's latest research in user interface design. Since half of the e-mail conversations require reply and then further replies, the model is not too different from current Web forums. Future Outlook versions might integrate the nested interface for e-mail conversations." Gotta say, that'd be pretty nice to have.

Shafe writes "Space.com confirmed suspicions that Microsoft co-founder Paul Allen was the secret investor in Burt Rutan's SpaceShipOne, which completed a successful supersonic flight on the same day as the centennial of flight. Allen hopes Rutan's ship will win the $10 million X-Prize to help kickstart private manned space flight."

kylef writes "As we know from independent sources, Microsoft is busy readying Service Pack 2 for Windows XP. They have published on their website a changelist document (link goes to TechNet download page) detailing the nature of the security-related fixes and updates. The document is targeted towards XP admins and covers some interesting things such as the new Internet Explorer Pop-up Manager and various security policy changes. Some other juicy tidbits from the document: Internet Connection Firewall will be enabled by default, and there will be new support for something called "Execution Protection" which allows developers to make use of the NX (no execute) page guard flag on Intel's Itanium and newer AMD processors. An interesting read."

An anonymous reader asks: "I manage my kids' computer, running Windows XP Professional, with an iron fist. They have limited access rights as I do not want them accidentally deleting the wrong file or downloading trojan software. However, software products, particularly games, fight my user management schemes at every turn. Each user on the computer is member of the 'Gamers' group. This group has full access to the games directory, the place I install all of the game software. I did this since games often need to update configuration files or write save files. Despite these changes, I still run into problems. Our latest two games, Age of Mythology and Battlefield 1942, require administrator privileges irrespective of the file privileges. I have not been able to overcome the problem and it seems, based on Googling, that others are in the same boat. Fellow Slashdot readers, what have you done to overcome this problem?"

William Ryan writes "SQL Server CE is Microsoft's preferred database backend for its Compact Framework initiative. Compact Framework is a cool technology, but it's still in its infancy. This book does a lot to help you get started using SQL Server CE." Read on for the rest of Ryan's review, or revisit his November review of a related book, The Definitive Guide to the Compact Framework . SQL Server CE Database Development with the .NET Compact Framework author Rob Tiffany pages 450 publisher Apress rating 10 reviewer William Ryan ISBN 1590591194 summary A start to finish discussion of using SQL Server with SQL Server CE on the Compact Framework

This book comprises 10 Chapters in just under 450 pages, including the indexes and usual book stuff. Since CE supports ASNI Sql, there are a few chapters that discuss using SQL to manipulate databases, which are probably not necessary for most database programmers. Chapters 4-8 are dedicated to DDL (data definition language), DML (data manipulation language), and taking advantage of metadata. It's a good discussion of these subjects, and I guess an author must include them to be thorough, but if you aren't that familiar with SQL, you probably have some learning to do before diving into data-driven PDA apps.

Enough about the background, though. The book really excels in two areas, one of which I think is probably useful to any developer, even if you don't use the Compact Framework or Microsoft Products. That area is security.

Far too many developers blow off security concerns, or claim to care but do little or nothing about actually increasing security. Let's face it: no matter how secure your OS is, no matter how killer your firewall is, today there are a lot of people trying to break your app and they aren't always outside of your company. Tiffany points to a GIGA Information Group article criticizing the industry for ignoring security on mobile devices.

A lot of what he says is focused on security issues that are 'common sense,' and yet ones that people ignore all the time. It's kind of a shame that a writer needs to explain the benefits of using 'Strong Passwords,' but let's face it, no matter how well you write your app, it won't be secure if you leave the front door open.

In no way am I saying that the author's discussion of security is limited to such elementary topics, but he does a great job of bringing many issues into focus and suggesting ways to deal with them.

The other area that this book really excels in is getting you through replication. This is not a fun topic if you don't know what you are doing and there isn't a lot of literature out there to help you get through PUSH/PULL subscriptions and the like. Pragmatically speaking, of the topics this book covers, Tiffany's coverage of replication is probably going to benefit people the most, because if you can't sync your PDA with your server, you are effectively out of gas. If you aren't a Sql CE user you won't appreciate the value of this chapter, but love MS or hate them, the newsgroups and forums are filled with folks with the same sorts of problems that the author works diligently to get you through.

It's hard to know what will and won't work yet on the Compact Framework and CE. It's quite helpful to have a list of common functions that are supported listed in depth -- another thing I liked about this book.

What else? Well, the text was well written, very similar to his last book on Pocket Access (Pocket PC Database Development with eMbedded Visual Basic) and easy to read. If you are a total newbie to CE, you can use this book and hit the ground running. Everything that you need to write professional apps is included, and I can't find anything that Tiffany omitted.

I really appreciate the fact that the author wrote an entire book on such a niche subject. Many areas, particularly the Compact Framework, don't have a lot of literature on them and if you are writing SQL Server CE, you are on your own...until now.

If you develop in CE, or plan to, this book is a Must Have.

You can purchase SQL Server CE Database Development with the .NET Compact Framework from bn.com. Slashdot welcomes readers' book reviews -- to submit a review for consideration, read the book review guidelines, then visit the submission page.

prostoalex writes "It was recently reported that Microsoft will integrate its own XML-based language for application programming into the next edition of Windows (codename Longhorn). This Introduction to XAML (Extensible Application Markup Language) provides an insight into how it's possible to build a Windows application with Microsoft's brand-new XAML language."

Norman at Davis writes "ZDNet is running a story on a new security flaw in Microsoft's Internet Explorer which could let hackers use a technique to display a false Web address on a fake site according to an advisory from the Danish security company Secunia. The Danes report that 'the vulnerability is caused due to an input validation error, which can be exploited by including the "%01" URL encoded representation after the username and right before the "@" character in an URL.' PC World reports that 'Microsoft says it is investigating reports of the vulnerability. When that inquiry is complete, the company will take whatever steps it deems necessary, such as issuing a new patch, a spokesperson says.' And for good measure, here's what Google news is covering on it right now."

dnxthx asks: "After performing a fairly comprehensive web search (including Slashdot) I came to the (possibly incorrect) conclusion that there were no high-visibility sites that comprehensively reviewed and compared data modeling tools such as ER/Studio, ERWin, DeZign for Databases, System Architect, or Visio for Enterprise Architects. Since some of these tools can be quite expensive (ERWin is about $4K US it seems), I was wondering what the Slashdot community's experiences were with data modeling tools such as these, or some that our group has overlooked."