Tech.Ed.Day.3.Track.Sessions

ARC213 - Microsoft Architecture Vision & Direction
by Gurpreet Pall

Started my day with this. Was 15 minutes late but I manage to get most of the things. Here we get to see Microsoft's commitment and vision in bringing more tools to us. Yeah! More tools! But like what I always say, "When the process is not defined, tools and fools don't make a difference".

But I'm glad anyway to see their release plan and also get to know about the new diagraming ability in VS 2005 (which I have casually toyed with sometime back on the beta). As expected, he didn't demo the real thing (because it is rather unstable) but instead he showed screenshots.

I'm personally looking forward to the Team System and Team Foundation stuff.

Gurpreet did a good job in illustrating the different expectations of developers and infrastructure engineers. That's why I feel that developers should know abit about infrastructure so that they won't be a helpless kitty-cat when their notebooks crash or when their applications don't work in a domain environment. *Hehe*

ARC311 - Achieving Web Application Security: Threats and Counter Measures
by Steven Cheah

This session is rather dry and feels like daddy giving you a lecture on what you should do to secure your applications. I wasn't impress with Steven's demos on the Validators that are available in ASP.NET because I expect everyone to already know them. Maybe not the RegularExpression validator but still ... nothing to shout about.

Most of the stuff I guessed can be picked up from a book but heck, it is always good to have a revision and someone telling you what to do. Good effort!

ARC214 - Metropolis: Envisioning the Service Oriented Enterprise
by Harry Pierson

This was my last architecture session for today. *Make that for this Tech.Ed* I figure I have to do that to keep myself sane. Too much theory can really make me crazy. Harry was quite funny in this session *Must be the morning* He said, "We are going to spend 1 hour talking about my country".

He compared and contrasted the similarities and evolution of Metropolises with the software industry - thus why we need Service Oritentation. He also explained that SOA can help expose our 'silos' (applications) and allow them to work with other systems regardless of platform. He also envisioned that in future, there will be large organizations (i.e Walmart) that dictate the standards or schemas to integrate with their systems in order to conduct businesses.

I like most of his examples. This session gets 5 stars for architecture sessions.

DEV305 - An In Depth Look At Developing Tablet PC Applications
by Chan Wei Min

Wanted to checkout the Information Bridge Framework session but it was already over by half an hour early. So I came here to give our local speaker some support and also to see if WeiMin really have an MVP logo stucked on his head. Wah! that guy is really good man. Bravo for the logo on the forehead!

Glad to learn how to differenciate clone Tablet PCs from the original (guessed not only Panadol tablets have clones huh? *Hehe*). Nice to see some ink application demos too. The ink recognition was cool. It can recognise Bahasa Malaysia as well (provided you have a dictionary lah). Well, was a little disappointed that we cannot develop Tablet PC applications conveniently with just a 'table' PC. Tablet PCs really cost a bomb here.

But then, WeiMin upgraded his Tablet PC to a Toshiba! That fella ... He definitely gets my Gadget King award!

DEV311 - Extending ASP.NET
by Brian Noyes

I always wondered about those HTTP Handlers and Modules in ASP.NET. Very curious in making IIS to serve my own page extensions - maybe something like .serena *Hehe* And Brian just demonstrated that you don't have to be a rocket scientist to do it. While coding the stuff is easy, it does require you think carefully on how to apply them properly (so that you don't do it just for the kicks).

I guessed custom handlers can equate to servlets in Java which can be a good candidate for coding UI Process components.

DEV406 - Secure Coding Techniques
by Malek Kemmou

This is the coolest session for the day as Malek demonstrated several (no-brainer) methods in hacking web-sites and logins. I guessed most audience were looking forward to that anyway when Malek asked "Who came here for a hacking demonstration?". He candidly demonstrated SQL-Injection and cross-site scripting.

I find him quite funny in this session. We were giggling over his silly fumbles and we joked, "He is definitely a lousy hacker". *Hehe* But he did showed us a lot of ways to secure our web site. I like the concept of "Validate what you want instead of what you don't want". Makes lots of sense. When he explained Buffer-overflow (or buffer overrun), I was just blur-blur because he was flashing C++ codes. :I

I overheard some girls saying "I oso donno what he say. All these security thing I oso don't know wan" when the session was over. Who cares man, this session gets my 5 stars award for the day!