February 2014 Archives

Microsoft scales up TypeScript in Visual Studio 2013 Update 2

bridgwatera | 1 Comment
| More

Microsoft has rolled out a second technical preview of Visual Studio 2013 Update 2.

The new release shows Microsoft adhering to its pledge to "regular cadence" in terms of how frequently it now brings developer updates to its programmer audience.

Microsoft Visual Studio 2013 Update 2 is released with the TypeScript language and tooling built in.

So TypeScript is now "in-the-box" (to use Microsoft's term) with Visual Studio 2013.

TypeScript 1.0 RC is also being made available for Visual Studio 2012 users as a standalone installer.

Microsoft developer division VP Soma Somasegar says that the new functionality in this release primarily spans (though is not limited to) five areas of investment:

• agile planning,
• quality enablement,
• Windows Store development,
• line-of-business development and,
• the general developer experience.

TypeScript is a language for application-scale JavaScript development.

First available as a test build to developers in October 2012, it is a typed superset of JavaScript (for large scale projects) that compiles to plain JavaScript and runs on any browser, any host and on any OS.

Father of C# Anders Hejlsberg is one of the key members of the TypeScript team.

JavaScript for thousands, not hundreds

Hejlsberg has explained that much of the reason for bringing TypeScript forward (as a Microsoft project) is that JavaScript was envisioned as a language to be used for 100-line applications and not applications with thousands of lines.

The language's "Types" enable TypeScript developers to use tools and practices including: static checking, symbol-based navigation, statement completion and code refactoring.

This release is cumulative and consolidated so that it contains everything Microsoft has already released in Update 2 CTP 1.

a VVVVVVV vwiugd.jpg

"Agile planning. Visual Studio 2012 introduced a wide range of capabilities focused on enabling agile teams, not only for development but also for planning. With VS2012.2, Team Foundation Server (TFS) has been augmented with an additional variety of features to help make it even easier for agile teams to do their planning, in particular around adapting to a team's preferences and work styles. For example, VS2012.1 introduced new project tracking options, including a Kanban board and a cumulative flow diagram; VS2012.2 augments those experiences with the ability to customize the Kanban board to adapt it for an organization's needs," wrote Somasegar, in a blog post.

CA Technologies: developers should view DevOps as a promotion

bridgwatera | No Comments
| More

Discussions between the Computer Weekly Developer Network and CA Technologies at Mobile World Congress this week lead to some real world feedback in terms of where the portmanteau-labeled discipline of DevOps might really be at today.

As many readers will know, DevOps is a compound term encapsulating both 'developer' and 'operations' i.e. sysadmins, DBAs etc.

But DevOps is just marketing isn't it?

In the real world, one imagines that DevOps is just a marketing label and that DevOps pros do not really exist.

Developers can't stand the operations crowd (they're programmers who didn't cut it right?) and operations thinks developers are a bunch of nerds.

Consequently then, DevOps is a marketing term made up by firms who sell management software and so-called "orchestration tools" to execute DevOps style tasks.

CA Technologies' EMEA president Marco Comastri says he speaks to his customers and has a different view.

"As many as 40 percent of organisations we speak to have a DevOps division, or at least they have senior developers with an operations-focused purview. DevOps professionals are very real and they often fulfil their roles as part of a very cross functional team," said Comastri.

What Comastri is suggesting then is that DevOps is a role that comes to those developers who have shown themselves to be effective and can carry out their function with an appreciation for operations from the start.

So, if anything, developers should view DevOps as a promotion right?

Comastri would rather we use a less forthright turn of phrase perhaps, but essentially this is what is happening.

a CA edhwoeidh.jpg

His firm used Mobile World Congress to launch what it calls the "industry first" Management Cloud for Mobility as a software portfolio (delivered as a cloud service) that includes: Enterprise Mobility Management (EMM), Mobile DevOps and Enterprise Internet of Things (IoT).

So with European mobile usage higher than any other world region, DevOps designed for mobile a delivered in a cloud model makes perfect sense on paper.

CA is also making its CA Mobile Device Management (CA MDM) compatible with Samsung KNOX, Samsung's secure mobile platform for advanced data and privacy protection.

Samsung KNOX has a secure boot chain and new container-based environment for Android.

"CA MDM, one of the products in the new Enterprise Mobility Management (EMM) suite, is a scalable product that provides enterprises with the capabilities necessary to secure and manage mobile devices, applications, and various end points including Windows and Linux desktops," said the company, in a press statement.

So is DevOps a developer promotion then?

It's a more progressive and positive way of looking at things for sure.

CA Technologies: same name, a more mobile game

bridgwatera | No Comments
| More

Computer Associates changed its name to CA for a reason.

The company has been apparently quite happy to remodel and reinvent itself to move with the shifts of the market over the decades since its formation in the mid-1970s.

From Computer Associates to CA Inc and then to CA Technologies, the marketing people appear to be happy now, so things have remained as they are since the turn of the millennium.

By whatever moniker, CA has always worked in what we might call the enterprise infrastructure distributed computing space.

Buying into cloud

One could almost forgive CA for renaming itself so regularly; the company has made a line of acquisitions over the last 15 years including 3Tera, Nimsoft, 4Base, Hyperformix -- and of course Layer 7 to extend (some would say significantly) its role in cloud computing.

NOTE: Layer 7 is arguably the darling of the acquisition crop (sorry Nimsoft) and CA has specified that its technology has been brought in to securely enable strategic cloud, mobile and "Internet of Things" initiatives through API security and management.

So to Mobile World Congress in 2014.

Why would a company famed for launching an initiative called Mainframe 2.0 back in 2008 be troubling itself with a parade of handsets, shiny gadgets and stand 'booth-babes' dressed in various shades of Lycra?

CA doesn't appear to be phased by the glitzy shenanigans and there are more pinstripes than Lycra on show, well, on the surface at least.

In reality, Mobile World Congress is now all about what happens at the back end and the firm is here to launch its "industry first" Management Cloud for Mobility.

This is a software portfolio (delivered as a cloud service) that includes:

• Enterprise Mobility Management (EMM) to manage and secure mobile devices, applications and content;
• Mobile DevOps and;
• Enterprise Internet of Things (IoT)

Ram Varadarajan, general manager of new business innovation at CA Technologies explains that customers have the choice to deploy the complete portfolio of solutions or individual components, with the ability to customise.

Smart Containerization

This CA Management Cloud for Mobility is powered by what has been called "Smart Containerization" technology.

Smart Containerization (don't forget the ™ on that term!) bids to manage the security, performance, compliance and support characteristics of any device, application, content or email while preserving the quality of the mobile user experience.

The omni-channel challenge

Use of Smart Containerization goes in line with comments made in a Forrester Research report suggesting that development shops are just starting to grapple with the biggest change to system architecture since the rise of client/server in the early 1990s: omni-channel clients deployed on smartphones, tablets and other connected devices.

So CA's Mobile DevOps is designed to accelerate continuous application delivery (with security) working across multiple development tools, languages and methodologies.

"Mobile DevOps makes it easy to build and test rich API-based mobile applications, gain deep insights into performance, user experience, crash and log analytics, and automate and support these mobile applications when deployed onto millions of devices," said CA's Varadarajan.

In terms of products here, we find: CA Mobile Application Management (CA MAM): fine-grained access control polices for mobile applications; CA Mobile Content Management (CA MCM): to secure content access and collaboration through file synchronization; CA Mobile Email Management (CA MEM): access to corporate email and group and policy-based controls; and CA Mobile Device Management (CA MDM): to provision, secure and manage mobile devices.

The Mobile DevOps suite itself also houses the new CA Layer 7 API Portal: for publishing APIs and streamlining the ability to develop applications based on these APIs; the CA Layer 7 Mobile Access Gateway: for unified access across web and mobile, which authenticates users based on risk levels and protects the datacentre against rogue applications; CA LISA Test for Mobile: a platform that simulates a list of user scenarios for testing, plus also CA LISA Service Virtualization for Mobile and CA LISA MobileCloud.

Does CA put its story across convincingly?

Yes it is a portfolio that has been strategically grown and nurtured with a logical fit throughout.

Are there any criticisms to be made?

CA probably still wants to talk big picture a lot. It wants to sell the corporate "hey, we're industry first doing something truly new" line. This won't do the firm a disservice as such, but there are other cloud mobile DevOps management tools out there and only snowflakes are unique.

Overcoming security barriers in application development

bridgwatera | No Comments
| More

This is a guest post for the Computer Weekly Developer Network by Jaime Ryan, director of product management & strategy at CA Technologies.

Enforced trending

a Dav.jpg

Overwhelming market demands for mobile apps have forced software developers to streamline the development process while focusing on "trendy" features and functionality.

It's no secret that functionality and user experience sell apps and rising pressure to get them to market quickly has left security on the back burner. Because security can be so esoteric, building it into each app takes time and resources; both of which are at a premium for many teams.

So what do you do?

By integrating developer-centric security tools from start to finish, companies are able to streamline the overall process and securely push apps, preventing future headaches.

This is true regardless of whether the software is mobile, cloud or web-based, as early consistent approaches to security and identity across the enterprise help developers and larger organizations avoid flawed systems with vulnerabilities.

Ed: As erudite and informed as CA's view here is, one can't help feeling that Ryan is a describing a 'perfect world of best practice development' and that real world scenarios often make this a big ask.

While organisations would still like to define and manage security policies from the inside, key pieces of identity security -- especially in a mobile environment -- require effective client-side development techniques.

OAuth tokens for authenticating & authorising

As an example, organisations need to rely on OAuth tokens when authenticating and authorising a user. Instrumenting this kind of software token interaction relies on developer expertise. Those who are not well versed in authentication practices will often do so incorrectly, exposing their application down the line.

TECHNICAL NOTE: OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.

Given that developers regularly focus their attention solely on functionality, the key to consistent security uptake starts with easy-to-use tools that eliminate guesswork, as flimsy solutions or one-off fixes work against consistency.

For example, gathering login credentials using a webkit or external browser can be risky, as browser compromises will often result in insecurity. This can be mitigated through an SDK that generates native credential prompts, eliminating the dependence on an insecure browser.

API connectivity & interaction


Another area where app development requires consistency to prevent security vulnerabilities is in API connectivity and interaction, which should remain uniform from app to app.

Accessing APIs through a solid security SDK can eliminate PKI challenges by provisioning certificates to the device and creating a secure tunnel (using mutually-authenticated SSL) that's tied directly into the native device keychain. When done correctly, this can also provide Single Sign-On across multiple apps using the tokens stored within the keychain.

Zero additional effort is required for this implementation when utilising the SDK to make API calls as one normally would.

PRACTICAL ADVICE: Through the use of SDKs that include important standards such as OAuth and OpenID Connect, developers can rely on lightweight and standards-based security which can be plugged directly into the application's code. Easily consumed solutions like this can also eliminate time spent and increase the likelihood of security measures being coded correctly and consistently.

Leveraging security standards and developer-centric tools allows enterprises to get apps to market more efficiently while minimising backend risks. An enterprise can ultimately manage its security posture from within the organisation while including SDKs at the development level to allow for deeper and more consistent security practices, which lowers risk and prevents headaches in the long run.

Just how complex is cloud DevOps anyway?

bridgwatera | No Comments
| More

Should cloud focused software application developers and DevOps professionals trouble themselves with the mechanics of application streamlining?

The Ops half of DevOps should surely find familiar ground here. But just how complex is cloud DevOps anyway?

Specifically we are looking at technologies such as the F5 Synthesis architecture model.

This group of technologies are designed to help deploy applications and (to use F5's own terminology)... "streamline the mix of services" for security, datacentre, cloud and mobility initiatives.

Here we find the firm's BIG-IP version 11.5 software for application delivery services and security.

a pcodcvhscv.jpg

There is also a set of virtual solutions with throughput levels of 25 Mbps to 10 Gbps to support hybrid and virtual appliance deployments across various types of hypervisors.

High-performance services fabric

In basic terms, what F5's Synthesis architecture does it to combine complementary technologies to form a "high-performance services fabric" for users to orchestrate device, application and network services.

The firm also provides a library of reference architectures that centre on specific solutions for common business challenges.

These reference architectures provide prescriptive deployment guidance for service implementation through a suite of Software Defined Application Services (SDAS).

"We're making it easier for organisations to deliver application services without relying on point solutions or isolated resources to support the applications that drive business results," said Manny Rivelo, EVP of strategic solutions, F5.

Just how complex is cloud DevOps anyway?

It's complex enough (or granular enough at least) to be focused on areas including multi-tenant density and consolidation of application services with a side order of dynamic resource scaling for zero operational disruption.

Maybe that whole "cloud is simple" argument needs some extra layers adding to it?

Why is the mouse cursor icon angled?

bridgwatera | No Comments
| More

Some design lessons in software application development are complex, multi-layered and based on extensive cognitive research of user behaviour in the face of different kinds of application use cases.

Some lessons, on the other hand, are just simple..


Discussion on various developer/hacker news and Q&A forums this week including User Experience Stack Exchange earths up the reasons why we use angled mouse pointers.

When mouse cursor inventor Douglas Englebart invented this modern classic icon for the XEROX PARC machine, his initial design was for an UP pointing arrow.

The XEROX PARC had a relatively low resolution screen and it was found that an angled mouse cursor was easier to distinguish on the screen -- possibly due to the "stepping effect" of the pixel blocks" rather than a single straight line.

Next time you try to design something everlasting, don't try too hard.

Image credit: Palo Alto Research Center -- The Optical Mouse, and an Architectural Methodology for Smart Digital Sensors by Richard F. Lyon

SAP renames TechEd conference series as d-code

bridgwatera | No Comments
| More

SAP has renamed its TechEd conference series as d-code.

Possibly redolent of an open homage to the developers, developers, developers cry now almost ubiquitously banded around the industry, SAP had to share the never-exclusively-trademarked TechEd name with other firms including Microsoft who have also used it for its events.


Described as a "technology education and developer event", SAP keeps its customer-facing event name Sapphire intact.

The firm says that SAP d-code will incorporate key elements of TechEd, such as hands-on workshops and demo-driven lectures, as well as meet-ups and hack sessions, SAP CodeJam, SAP DemoJam and SAP InnoJam.

The event is targeted at architects, developers, system and database administrators and security and business intelligence professionals.

"[This] is a learning event for us all and it will further cultivate our culture of software development and innovation. SAP d-code will further inspire us to move the world forward as it gets more and more reshaped by software," said Dr. Vishal Sikka, member of the executive board of SAP AG, products & innovation.

Also for programmers, SAP has officially sponsored its independent technical user group's developer conference which will be help in April (14-17) it Atlanta, Georgia.

The 2014 ISUG-TECH conference expects to host more than 500 technical users and customers of SAP products for lecture sessions, workshops, round-tables, etc. learning all they can about the latest SAP technologies, and hearing from the experts in their field.

Editorial disclosure: Adrian Bridgwater works in an editorial role for ISUG-TECH, a group that seeks to independently critique and challenge SAP on product direction, training and software functionality.

How do we program in playability?

bridgwatera | No Comments
| More

Games developers target key playability attributes when they design their 'next big thing' to beat Angry Birds (now perhaps Flappy Bird) and other confirmed favourites.

Great games have:

a) a high score challenge factor
b) levels to progress through
c) an intangible simplicity and addictiveness factor
d) a skills learning curve
e) tension, surprise and excitement
f) a level of 'win-ability'

Today that list is augmented with collaborative connectivity by virtue of the Internet.

But the really important factor (as we know) is playability.

So here's a rationale based upon playing the Race Driver: Grid port to Apple Mac from Feral Interactive. This is a game that has been carried over to this platform with what appears to be care, detail and an overriding devotion to playability.

Whereas most race driving games (from Pole Position back in the 1980s right through to the Forza series in this decade) are all good fun, the user is basically playing with a cartoon version of a car image that is good fun to speed, turn and crash.

Playing Race Driver: Grid, you will NOT want to crash for fun.

What Feral has done is produce a game with playability through realism. Corner scrapes feel like real scrapes, skids and barrier bumps feel personally emotional and write-off crashes feel altogether horrific.

Grid uses the Ego game engine and reports suggest that the "damage code" element has been altogether reconstructed and re-coded to create a gaming environment with the potential for persistent damage.

So an exciting and realistic racing game with great playability on the Mac? Yes it is something of a welcome surprise.

The company has also recently taken Tomb Raider 2013 over to the Mac platform and reviews suggest that the reproduction is faithful to the game as presented on the Xbox360.

a GRID_jp_chase_cam_Damage.jpg

a GRID_spa_replay_02.jpg

TIBCO champions data exploration, analytics & visualisation

bridgwatera | No Comments
| More

TIBCO has this week announced its cloud-based Spotfire data discovery and visualisation platform.

aacwecwed d .jpg

Spotfire offers enterprise analytics software for Business Intelligence, but here it is presented as a hosted service without the need for corporate IT management of an analytics software consideration.

Inside the box here we find Spotfire Cloud Personal: for individuals.

We also fine the Cloud Work Group version: for project teams and what TIBCO calls "serious analysts" who need application-building tools to visually explore data quickly and deploy analytic applications at a very low cost in SaaS format.

In case you missed it -- that was the "payoff" line i.e. real tools to address data's favourite three words...

... software application-building tools for data exploration, analytics and visualisation are to be found here. So this almost (but not quite perhaps) allows the product to rank as "platform" status.

CTO Matt Quinn says his company is focused on, "Developing and acquiring the foremost cloud services that enable businesses to discover new ways of connecting people, derive intelligence and improve operational efficiency."

The Spotfire Analytics family is getting bigger:

  • Spotfire Mobile Metrics - Your KPIs in a Mobile App
  • Spotfire Cloud - Analytics in the Cloud for Individuals, Teams and Enterprises
  • Spotfire Platform - Fast Analytics & Data Discovery for Everyone
  • Spotfire Advanced Analytics Products
TIBCO recently closed a series of acquisitions of cloud technologies, including Maporama, a cloud-based provider of location intelligence and geospatial analytics solutions, and Extended Results, a business intelligence software company that delivers mobile KPIs on the cloud. Spotfire Cloud is available as a 30-day free trial.

Subscribe to blog feed

About this Archive

This page is an archive of entries from February 2014 listed from newest to oldest.

January 2014 is the previous archive.

March 2014 is the next archive.

Find recent content on the main index or look in the archives to find all content.