http://www.thearchitect.co.uk/weblog/ Thoughts and experiences from an enterprise software architect. This is a personal weblog by Jorgen Thelin, a Senior Program Manager for Windows Live Identity Services at Microsoft in Redmond. The opinions expressed here represent my own views and not those of my current, prior or future employer(s). en-us webmaster@TheArchitect.co.uk Mon, 05 May 2008 16:42:43 GMT Sun, 04 May 2008 16:40:19 GMT http://www.thearchitect.co.uk/weblog/archives/2008/05/000497.html Sun, 04 May 2008 16:40:19 GMT http://www.thearchitect.co.uk/weblog/archives/2008/04/000496.html Thu, 24 Apr 2008 08:00:07 GMT http://www.thearchitect.co.uk/weblog/archives/2008/04/000495.html Fri, 18 Apr 2008 10:41:27 GMT After a lot of effort trying to fight comment and traceback spam, I'm afraid I've finally had enough and decided to turn off all the comment and traceback features on this weblog. Sorry, but some bad guys are ruining everything for the rest of us in the blogosphere.... http://www.thearchitect.co.uk/weblog/archives/2008/04/000494.html Thu, 17 Apr 2008 22:09:50 GMT Today sees another a huge step forward for the social networking world by enabling sharing of contacts and friends lists BETWEEN different social networks - yet in a safe and secure way that firmly gives users the choice of how to use and control their information. In a move that further demonstrates Microsoft's commitment to user-centric data portability, Microsoft has partnered with some of the world's top social networks to make data portability for contacts a reality. Earlier this month at MIX08, Microsoft announced the release of the Windows Live Contacts API, which web developers can use to enable their users to transfer and share their Windows Live Contacts in a safe and secure way. Starting today, Microsoft is working with Facebook, Bebo, Hi5, Tagged and LinkedIn to exchange functionally-similar Contacts APIs, allowing all partners to create a safe, secure two-way street for users to move their relationships between our respective services. Along with these collaborations, Microsoft is introducing a new web site at www.Invite2Messenger.net that people can visit to invite their friends from our partner social networks to join their Windows Live Messenger contact list. For quite some time now, Microsoft has been making investments in the pursuit of data portability to put users at the center of their online experience, while at the same time being thoughtful about balancing user security and privacy with the experience. Today’s announcement is another step in that direction. More details about this announcement, and the principles that underlie it, can be found on this blog posting on dev.live.com by John Richards. Resources Blog posting - Microsoft launches Invite2Messenger.net and announces deal with 5 top social networks Blog posting - Windows Live Platform MIX08 Announcement Blog posting - Delegated Authentication SDK v1.0 Update: Angus Logan provides a detailed look at how the sharing experience works for the first two implementation - Facebook and Bebo, including some great screenshots. Two way contact APIs with the top Social Networks and Windows Live - invite to WL from Facebook; invite to Bebo or facebook from Windows Live - SAFELY!... http://www.thearchitect.co.uk/weblog/archives/2008/03/000493.html Tue, 25 Mar 2008 01:00:00 GMT Since moving to a team that handles the user accounts for everyone who uses any of Microsoft's web property, I've started to take a much more informed look at how I use my own account credentials and which web sites and applications I hand over those credentials to. Angus Logan posted a great summary of the way Microsoft and Windows Live handles credential capture, which is worth a detailed read by everyone: No Microsoft web site will ask you for your Live ID credentials except login.live.com (and accounts.live.com when linking accounts). Any other web site which asks you for your credentials may not be evil.com but they could be sloppy coders or they could be hacked -- putting your credentials at risk of being stolen. This equates to the First Law of Password Hygiene: Only hand over your account credentials to your Identity Provider (for example, Windows Live ID),... http://www.thearchitect.co.uk/weblog/archives/2008/03/000492.html Sun, 16 Mar 2008 15:49:32 GMT After yesterday's net-buzz about a rogue mailbox archive application it's worth reminding ourselves about a classic security article: 10 Immutable Laws of Security Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore Law #4: If you allow a bad guy to upload programs to your website, it's not your website any more Law #5: Weak passwords trump strong security Law #6: A computer is only as secure as the administrator is trustworthy Law #7: Encrypted data is only as secure as the decryption key Law #8: An out of date virus scanner is only marginally better than no virus scanner at all Law #9: Absolute anonymity isn't practical, in real life or on the Web Law #10: Technology is not a panacea Item #1 is particularly important in relation to yesterday's news! If you install an application on your machine, you are implicitly granting it a certain level of trusted access -- so you better be sure you know and trust the source of that application.... http://www.thearchitect.co.uk/weblog/archives/2008/03/000491.html Tue, 11 Mar 2008 09:00:00 GMT The net is abuzz today about a scam application that is stealing people's G-mail account credentials. Or rather, the app is mis-using those account credentials when people hand them over to the application. Sound familiar? Yes, that's exactly the sort of issue that Windows Live ID Delegated Authentication is intending to combat. If I think about an archiver application for an online mailbox, then I would want to allow it to do this action on your behalf: Read a copy of each e-mail in your mailbox But NOT allow it to do these things: Send e-mail on your behalf Delete items in your mailbox Access any of your other data (Contacts, Calender, etc) apart from your mailbox So how does Delegated Authentication help in this case? Delegated Authentication is a way to permit access to personal information, but with more precise control over access and usage permissions than the current binary decision (that is, fully on or fully off) that comes with the generally bad practice of handing over your account credentials to another Web site. [ Delegated Auth Whitepaper ] In other words, if I were using this particular app, I would want to grant it something like a Mailbox.Read permission only, but not Mailbox.Write or Mailbox.Send or Calender.Read or Contacts.Read, and definitely not giving it my full acccount credentials. The core principles here are that people should scope the permissions they grant to an application to access their data in the cloud, and they should get out of the bad habit of handing over their account credentials (such as passwords) Angus Logan posted an impassioned statement showing why Live ID users should only even enter their account credential into their identity provider (login.live.com), which is a timely reminder to all Live ID users. We also took a very strong stance on this in the Delegated Auth Whitepaper: Only hand over your password and account credentials to your identity provider (for example, Windows Live ID), and to NO ONE else. Hopefully today's issue will act as a wakeup call to the industry and result in a very serious look at consent-based data access techniques like Windows Live ID Delegated Authentication... http://www.thearchitect.co.uk/weblog/archives/2008/03/000490.html Mon, 10 Mar 2008 11:52:47 GMT After the announcement of the launch of the new Windows Live Platform enhancements, the new technology got lots of coverage in sessions at MIX08 last week. Here's the MIX08 presentation from Angus Logan covering the overall Windows Live Platform developer functionality, and heavily emphasizing lots of great Live ID technology. Windows Live ID Web Authentication is covered from 24:18 through 35:21 Windows Live ID Delegated Authentication is covered from 35:30 through 46:43 The 3D Virtual Earth geo-coding example around 59:00 through 1:00:29 is really cool too! Developing with Windows Live Platform http://sessions.visitmix.com/?selectedSearch=T29... http://www.thearchitect.co.uk/weblog/archives/2008/03/000489.html Sat, 08 Mar 2008 10:00:13 GMT Today the Windows Live ID team released the Delegated Authentication SDK v1.0, which provides a platform-neutral way for Web applications to access customers' information from Windows Live services while the customers remain in firm control of their own data. This is a big step in delivering real, user-centric data portability - giving Windows Live customers explicit control over sharing their information from Windows Live services. Full details are on the Windows Live ID team blog and the Windows Live Developer portal Delegated Authentication whitepaper Delegated Authentication SDK v1.0 blog posting Windows Live Platform Announcement blog posting... http://www.thearchitect.co.uk/weblog/archives/2008/02/000488.html Thu, 28 Feb 2008 07:30:00 GMT http://www.thearchitect.co.uk/weblog/archives/2008/02/000487.html Sun, 24 Feb 2008 12:00:59 GMT The wait is over - it's Halo 3 day launch day today! I got my copy - did you get yours? It's time to FINISH THE FIGHT! I expect there will be a lot of Out of Office auto-replies like this across Microsoft and Corporate America today: Tuesday 9/25 - Today is Halo 3 day, so I will be unavailable for most of the day, evening and night to "finish the fight" against the Covernant and Flood. Expect e-mail replies to be delayed during this time.... http://www.thearchitect.co.uk/weblog/archives/2007/09/000486.html Tue, 25 Sep 2007 10:00:00 GMT MSR-TR-2007-112 - Niobe: A Practical Replication Protocol by John MacCormick; Chandramohan A. Thekkath; Marcus Jager; Kristof Roomp; Lidong Zhou http://research.microsoft.com/research/pubs/view.aspx?tr_id=1355 The task of consistently and reliably replicating data is fundamental in distributed systems, and numerous existing protocols are able to achieve such replication efficiently. When called on to build a large-scale enterprise storage system with built-in replication, we were therefore surprised to discover that no existing protocols met our requirements. As a result, we designed and deployed a new replication protocol called Niobe. Niobe is in the primary-backup family of protocols, and shares many similarities with other protocols in this family. But we believe Niobe is significantly more practical for large-scale enterprise storage than previously-published protocols. In particular, Niobe is simple, flexible, has rigorously-proven yet simply-stated consistency guarantees, and exhibits excellent performance. Niobe has been deployed as the backend for a commercial Internet service; its consistency properties have been proved formally from first principles, and further verified using the TLA+ specification language. We describe the protocol itself, the system built to deploy it, and some of our experiences in doing so.... http://www.thearchitect.co.uk/weblog/archives/2007/09/000485.html Tue, 04 Sep 2007 11:27:18 GMT Following on from yesterday's Halo 3 theme, here's another great video entitled "Halo 300". Someone has re-edited the current Halo 3 trailers with the soundtrack for the 300 movie trailer - and both the theme and the voice-over are incredably applicable to Halo 3 - not least because both sets of soldiers are known as "Spartans" with a philosophy of "Who Needs Numbers?" By the way, I'm not sure where the "2008" bit at the end of this videa clip comes from, because yesterday's news confirmed that Halo 3 has gone Gold and is ready for the scheduled release date of 25-Sept-2007.... http://www.thearchitect.co.uk/weblog/archives/2007/08/000484.html Thu, 30 Aug 2007 13:14:50 GMT Check out these two new live action videos based on Halo 3 - "Arms Race" and "Combat Part 1" - including real working Warthog vehicles! There are only 26 days left before Halo 3 Day - so reserve your copy now!!... http://www.thearchitect.co.uk/weblog/archives/2007/08/000483.html Wed, 29 Aug 2007 08:26:39 GMT