Broadcasting LIVE from BummerWare Pte Ltd
whats important to the widerspread adoption of OpenID is for everyone to understand some of the latent risks
1) you must not provide password to the site authenticated by OpenID, and the user needs to visually inspect the redirected URL is the OpenID provider you specified. For the obvious reason, OpenID is a single sign-on, thus the authentication should only take place at the identity server, else the once-stolen password will throw open all web services you have accounts with to the malicious thief.
2) OpenID servers themselves aren’t strong enough and the implementation differ widely, be full aware of the limitations provided by the authentication service. (Preferably i’d love to see 3-, 4-factor authentications in the near future)
3) OpenID does not presently provide session log-off at the server, thus, it presents a danger that sessions are left open between resets of passwords.
no doubt to me, RubyOnRails is a fantastic highly-productive framework but mostly bolstered by very enthusiastic, passionate developers… [which is the key recipe to any successful framework anyway, insert django, codeigniter etc…] I would tell any PHP developer, rather than build on mud (that is, PHP) for the same effort, you could yield in excess of 10x in RoR.
still the most key obstacle is that it is built onto a very loose set of almost ad hoc libraries and components. even the Ruby language isn’t defined over a standards process (please move out of C Ruby). nor do most Ruby efforts tend to be well updated or geared to support broad adoption. (put it this way, had not there been Rails, there wouldn’t even be that much interest in Ruby) and this is where Java has an unassailable advantage.
I’m not biased against Ruby, I adore this language, even pre-Rails, I had been playing with ruby since 1.4 - installed on my Zaurus PDA.
the vision i see: is Ruby heading up the forerunning berzerkers, the wildchild that steps on the landmines in the wilderness of WWW. and Java being the core engine on which future tools and application servers operate on. (ps: possibly offlineable web applications being the form which actual user applications will be written)
probably the only time you simply “do a project” is in school, where you are actually marked on how you project-manage, track etc… anywhere else
doing a project means achieving the tasks and targets set forward.
I think in this, goalposts need to be pliable, too oft a team goes off defining and specifying herculean targets and get frustrated when things don’t pan out. It’s important to have set and fixed ‘greater’ goals- and a plan of tasks that will gear towards that (over many phases).
i like to term that the Drunken Walk of PM
I purchased the Professional Android Development book yesterday, definitely very interesting what Google is going to achieve with Android and it has the technicals well well covered.
Besides just putting the pressure onto the Symbians, Palms, BlackBs and iPhoneOS by having a viable alternative, this can be a truly open (read ‘hackable’) environment.
I used to own a Sharp Zaurus (thats the Linux PDA no longer produced) it was a device ahead of its time. In its heyday, it had an active community contributing and porting software (though still limited in titles) to this environment. Greed tends to prevail and the market share went to their un-innovative rivals with their expensive tools, controlled communities and proprietary licences.
Would love to see Android community unravel in coming years to be open and vivacious, creating many interesting (groannn…not another geo-location tool) “lifestyle” software that can run on different form-factor devices. I will see to that this does not get excessively clouded by Google’s own (domination) interests
This will then be a true step forward for pervasive computing.
