Special Edition of Developer Update--Using Technology for Evil--September 15, 2006

Although developed with good intentions, AJAX and CAPTCHA can be used for evil.

7 Min Read
ITPro Today logo in a gray background | ITPro Today

This issue of Developer Update is sponsored by

Application Health Monitoring and Modeling http://www.windowsitpro.com/go/whitepapers/avicode/apphealth/?code=DEVTop0915

Enhance SQL Reporting and Increase Server Performance http://www.sqlmag.com/go/whitepapers/doubletake/reportingservices/?code=DEVMid0915

Free Download or CD: Learning to Program in C# 2005 http://www.appdev.com/promo/RN00453

How Effective is Your Antivirus? http://www.windowsitpro.com/go/whitepapers/sunbelt/antispyware/?code=DEVHot0915

~~~~ In This Issue ~~~~

Using Technology for Evil

eLibrary Short Takes - Article Talks About How to Break Down the Great Divide - White Paper Discusses End-to-End Rights Management

Tech Talk - For 'um Developers - Letters to the Editor

Info to Go

~~~~ Sponsor: AVIcode ~~~~

Application Health Monitoring and Modeling Ensure successful application deployment, monitoring, and management when you share architectural and operational requirements. Learn how to use application models, use MOM to monitor the health of business applications, and explore a practical example of health modeling and monitoring application deployment. Download the free whitepaper now! http://www.windowsitpro.com/go/whitepapers/avicode/apphealth/?code=DEVTop0915

~~~~~~~~~~~~~~~~~

Using Technology for Evil by Scott Swigart, [email protected]

Asynchronous JavaScript and XML (aka AJAX) promises to make Web sites interactive in ways that simply weren't feasible in the past. And with various AJAX frameworks, such as the Atlas framework from Microsoft, AJAX programming is getting easier and the developer is largely freed from browser nuances. Some examples of AJAX functionality include input fields that auto- complete and dialog boxes. Hmmm. Dialog boxes. A claim to fame for the early Firefox browser was pop-up blocking. Today, if I actually want a pop-up to appear, I have to convince the MSN Search Toolbar, Yahoo! Toolbar, or Google Toolbar that I really know what I'm doing. (Some Web sites don't function properly without pop-ups.) Despite the rings of defense that keep me safe from pop-ups, none of these blockers seem to give a hoot about AJAX and floating panels. As a result, AJAX is the perfect technology to resurrect the pop-up ad. Unfortunately, you're already starting to see it. Another "great" use for AJAX would seem to be capturing site statistics. It's one thing to know page counts; it's another to have script on the page inform the server of the amount of time the user kept the page open, how far the user scrolled through the page contents, and a list of anything moused- over. AJAX enables every page to contain a statistics surveillance camera. Besides pop-up blocking, another technology that seems destined to fail is CAPTCHA. If you've ever been asked by your computer to decipher a distorted string of characters, you've encountered a CAPTCHA. CAPTCHA stands for "Completely Automated Public Turing test to tell Computers and Humans Apart". The purpose of CAPTCHAs is to prevent computer-powered spam attacks on forums, wikis, blog comments, and any other place where people are allowed to post arbitrary content. To tell computers apart from humans, CAPTCHA programs ask you to solve a test. But, telling computers and humans apart may expose the weakness of this scheme. Last week, I discussed the various Amazon Web services, including an intriguing one called Mechanical Turk. Mechanical Turk effectively reverses the roll of computers and humans. Typically, people use computers to get work done, but Mechanical Turk lets computers use people, almost like turning people into a function call. A technology like this might be an ideal tool for spammers who want to crack CAPTCHAs on a large scale. However, spam works because there's virtually no cost involved in sending it. Raising the cost of sending spam, even a tiny amount, shatters the business model. Still, if running a World of Warcraft Gold Farming (http://www.world-of-warcraft- gold.com) business works, something tells me there's got to be money in breaking CAPTCHAs.

~~~~ Sponsor: Double-Take Software ~~~~

Enhance SQL Reporting and Increase Server Performance Increase your SQL production server's performance by offloading Reporting Services to a secondary server. Gain additional insight into your important business data quickly and effectively. Download the whitepaper today! http://www.sqlmag.com/go/whitepapers/doubletake/reportingservices/?code=DEVMid0915

~~~~ eLibrary Short Takes ~~~~

Article Talks About How to Break Down the Great Divide A long history of Chinese walls has separated traditional development teams (who some regard as cowboys who just throw together software without any fore- or after-thought) from the DBA community members (who some regard as inflexible 9 to 5-ers who implement and maintain those systems). The walls between these two camps often hinder development and therefore decrease the quality of the final software. To read how these teams might reach a common ground, check out Matt Nunn's article "Database Development Teams: The Great Divide" in the September issue of SQL Server Magazine. To read this article, which will be open to the public until September 22, go to http://www.sqlmag.com/Article/ArticleID/92843/sql_server_92843.html

White Paper Discusses End-to-End Rights Management Extend Microsoft Windows Rights Management Services (RMS) to support enterprise requirements for information protection, including proprietary business data. Download the free whitepaper today! http://www.windowsitpro.com/go/whitepapers/liquidmachines/rightsmgmt/?code=0913featwp

~~~~ Tech Talk ~~~~

For 'um Developers Forum participant dba123 can't get his custom .ascx page to work with FuseTalk global forums. FuseTalk's support staff hasn't been helpful. If you can help, go to http://forums.windowsitpro.com/web/forum/messageview.aspx?catid=51&threadid=48780&enterthread=y

Letters to the Editor What's on your mind? Let us know at [email protected].

~~~~ 2006 Watch ~~~~

Free Download or CD: Learning to Program in C# 2005 Get 3 hours of award-winning Visual Basic 2005 training from AppDev -- FREE! You'll receive step-by-step instruction by industry experts plus printable courseware -- a $115 value. Get your free download or CD now http://www.appdev.com/promo/RN00453

~~~~ Info to Go ~~~~

SQL Server Magazine Connections Conference Now in its sixth year, SQL Server Magazine Connections returns November 6-9 to Mandalay Bay Resort in Las Vegas. Get down to business today with SQL Server 2005. Interact with and learn from an all-star lineup. Register for one event and attend sessions of the concurrently run events for FREE! http://www.devconnections.com

Linux + Unix + Windows - TechX World Pure-play IT shops are a nice idea, but the reality today is that we are all faced with interoperability issues. TechX World 2006 gives you access to leading experts in the field and will prepare you to master interoperability issues in your environment. http://www.techxworld.com/?code=0913emailannc

Tired of using separate products on your Microsoft Exchange server for antivirus, antispam, attachment filtering, disclaimers, content auditing/filtering? This webcast will address the latest threats to messaging security and spotlight Sunbelt's Messaging Ninja that enables system administrators to easily secure their messaging infrastructures and stop threats at the Exchange Server. http://msd2d.com/WebSeminar/webSeminar_viewDL_04.aspx?category=security

Randy Franklin Smith outlines five evaluation points to consider when choosing your antispyware solution in this free podcast. Download it today! http://www.windowsitpro.com/go/podcasts/pctools/antispyware/?code=0913emailannc

Special Invitation for VIP Access Become a VIP subscriber and get continuous, inside access to ALL of the content published in Windows IT Pro magazine, SQL Server Magazine, Exchange and Outlook Administrator newsletter, Windows Scripting Solutions newsletter, and Windows IT Security newsletter. Subscribe now and SAVE $100: https://store.pentontech.com/index.cfm?s=1&promocode=eu2769uv

Get the SQL Server 2005 System Table Map FREE SAVE up to $30 on SQL Server Magazine and get a SQL Server 2005 System Table Map poster FREE with your paid order! You'll also get unlimited access to the entire online article archive, which houses more than 2300 helpful SQL Server articles. This is a limited-time offer, so order now: https://store.pentontech.com/index.cfm?s=9&promocode=eu2169us

~~~~ Hot Spot ~~~~

How Effective is Your Antivirus? Just anti-virus or patching software isn't enough to protect your valuable systems from spyware. Learn how an enterprise antispyware solution gives you an affordable - and most importantly, effective, solution to spyware. Download the free whitepaper today! http://www.windowsitpro.com/go/whitepapers/sunbelt/antispyware/?code=DEVHot0915

~~~~ Contact Us ~~~~

About Developer .NET Perspectives -- [email protected] About the newsletter -- [email protected] About technical questions -- http://www.sqlmag.com/forums About product news -- [email protected] About your subscription -- [email protected] About sponsoring an UPDATE -- contact Richard Resnick, [email protected], or Lisa Kling, [email protected]

To ensure that future email messages you receive from Developer UPDATE aren't mistakenly blocked by antispam software, be sure to add [email protected] to your list of allowed senders and contacts.

Developer UPDATE is brought to you by SQL Server Magazine, the only magazine devoted to helping developers and DBAs master new and emerging SQL Server technologies and issues. Subscribe today. https://store.pentontech.com/index.cfm?s=9&promocode=eu215xdb

Manage Your Account You are subscribed as %%$email%%

You are receiving this email message because you subscribed to this newsletter on our Web site. To unsubscribe, click the unsubscribe link: %%UNSUB_HREF%%

You can manage your SQL Server Magazine email newsletter subscriptions by going to http://www.sqlmag.com/email .

You can view the SQL Server Magazine Privacy Policy at http://www.sqlmag.com/aboutus/index.cfm?action=privacy .

SQL Server Magazine is a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538, Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All Rights Reserved.

Read more about:

ITPro Today
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like