Sep/Oct 2010

The Developers Magazine published for members by The Developers Group incorporating the DotNET Developers Group and the Delphi Developers Group September/October 2010

Contents First Look at Delphi XE ................................................................................2 Bob Swart examines the new version of Delphi

Syslog....................................................................................................................6 Angus Jack discusses Syslog, a mature protocol for the transmission of messages across networks

Balsamiq Mockups ........................................................................................10 Neil Parrish shows a quick and easy way to prototype user interfaces

Some snippets from the Zen Internet newsletter

..............................11

Some cautionary tales and some good advice Events diary 2010 September

Monday 20th

DG meeting at Sybase, Maidenhead

th

Monday 27 / th

Tues 28 /Weds 29 October

DevCon, London th

Wednesday 20th th

Weds 27 /Thurs 28 November

Monday 15th

DG meeting at EMC, London Bridge th

VBUG conference, Loughborough DG meeting at Magic Software, Bracknell

The Developers Group, run by Joanna Goulson and friends, is a division of Richplum Ltd, 7 Devizes Road, Upavon, Wiltshire SN9 6ED, U.K. telephone 01980 630032 fax 0800 066 4336 email [email protected] web sites www.dotnet.uk.com and www.richplum.co.uk

First Look at Delphi XE A new Delphi 7? by Bob Swart The RAD Studio Team at Embarcadero has produced its annual upgrade product again, and this time the version numbers – replaced by year annotations in 2004 – are replaced by the XE label to close the ranks with the other Embarcadero database and development tools. Apart from that, RAD Studio XE now consists of four tools again: Delphi XE, C++Builder XE, Delphi Prism XE (hosted in Visual Studio) and finally RadPHP XE, formerly known as Delphi for PHP, in its own IDE. In this article I will mainly focus on Delphi XE, and at a later point I will return to cover Delphi Prism XE. I’m afraid I haven’t used C++Builder a lot in the recent years, and left PHP aside (but may want to check it out now that we can build DataSnap clients with RadPHP XE).

Delphi Roadmap First of all, for those of you who haven’t seen the updated roadmap, yet (at http://edn.embarcadero.com/article/39934), Delphi XE is not the cross-platform version of Delphi that can produce executables for Win32, Mac OS X and Linux. Neither does it contain any 64-bits support. These bits are delayed, and covered by the new roadmap. According to this, we can expect the 64-bits preview command-line compiler in the first half of 2011, and is followed by the other projects that slowly but surely introduce compiler support for Mac OS X clients, followed by Linux Servers and 64-bits Servers and Clients. Apart from the 64-bits compiler preview, there are no longer dates associated with the roadmap projects, which is smart in my view, since it prevents the usual disappointment when target deadlines slip and functionality is not delivered when people hope for it.

No Mac OS X… Anyway, without Mac OS X and Linux support, what do we find in Delphi XE? The main answer is bug fixes. There has been a growing sense of quality assurance within the Delphi Team, and the fact that Mac OS X support is not part of Delphi XE can probably be explained by this new desire for high quality releases. Better not to ship something (Mac OS X support) than something which would result in a bad first impression (anyone remember Kylix or Delphi 8 for .NET?).

Delphi XE – Bug Fixes According to Quality Central, almost 1000 bug fixes have been implemented for the release of Delphi XE. Not all were bugs introduced with Delphi 2010 – some go as far back as 10 years or longer (i.e. before the new IDE, with bugs in the VCL or RTL). If your favourite bug(s) is not on the list of fixed bugs, then there’s a good chance it wasn’t on the list to begin with. I know a number of people who complain about Bug X or Bug Y but never report the bug, which results in a small chance it will be fixed. If you find a bug, please report it, and if you don’t want to enter it in QC yourself, then use the newsgroups or send it to me (as a last resort), so I can enter it in QC, which will significantly increase the chance of the bug being worked on and fixed. This applies especially to people who have used Generics in previous version of Delphi who may have encountered bugs and issues, and there has been a lot of work on the improvement of Generic support, so you may as well give it another go (if you gave up earlier).

Developers Group Magazine

September/October 2010

Page

2

New Features There aren’t really that many new features in Delphi XE, although some are worth a mention. A fairly complete list can be found in the online help (which is now becoming truly online, as the help is also growing in the form of a wiki page) at http://docwiki.embarcadero.com/RADStudio/en/What%27s_New A very small new feature but welcomed by me is the option to select the form in the form designer, and then do Edit | Copy. This will place a copy of the form’s DFM contents (in plain text format) as well as a bitmap of the form at design-mode in the clipboard. When pasting in Word, for example, you can then select either the bitmap or the textual representation of the DFM file (and you can paste one after each other if you wish, for a complete description of what’s on the form). Ideal for people who need to make documentation or want to write articles or courseware manuals. After Delphi 7, with the introduction of the embedded designer, the process of producing screenshots of forms at design-time was not as easy as with Delphi 7 (or earlier versions of Delphi), where we could just select the form, press Alt+PrintScrn and paste the contents. I reckon not a lot of people will use it, but my productivity as a writer has gone back up. Another small feature enhances the process of working with different build configurations. In previous versions of Delphi, the Release and Debug builds would end up in the same place. And I sometimes accidentally shipped a Debug build to a customer, where I meant to ship the Release build. Especially embarrassing if you include code snippets in the main project file to report any memory leaks at shutdown using: {$IFDEF DEBUG} ReportMemoryLeaksOnShutdown := True; {$ENDIF}

With Delphi XE, the output of the Debug and Release builds are placed in different directories on your hard drive. Sure, this could be configured in Delphi 2010 as well, but now we get this functionality out of the box, which is helpful, and avoids any future embarrassment for me. The RTL and VCL haven’t been extended a lot, compared to previous releases, although there is now a new TRegEx record (not a class), which offers regular expression support. It’s actually the open source project from Jan Goyvaerts, which mimics the regular expression support found in the .NET Framework. For SOAP v1.2 clients, there is now new support for client certificates. Previously, we had to override the THTTPRio class and override a number of methods and events, but now there is a new property ClientCertificate of the HTTPWebNode property, which exposes the CertName, Issues and SerialNum subproperties, including a nice dialog where we can select the certificate at design-time (of course, this certificate must be present at run-time on the client’s machine in order to run). This greatly reduces the effort to release SOAP clients that require certificate support. Web development in general has been extended as well: the WebBroker, Web Service and DataSnap Web Service web server application wizard now offers two new choices: an Indy VCL application and an Indy Console application. These offer the ability to build web server application with a built-in Indy HTTP server, so no IIS deployment is needed for these projects. This also greatly reduces the need for Web App Debugger executables, since we can now debug the Indy VCL applications just as easily.



Page

3

Another nice feature, especially when working with someone else’s code, is the fact that the Code Formatter can now be used to format the entire project at once (even from the command-line), instead of just the active editor file at a time. And what’s even better is the fact that I can not only customise the Code Formatter’s settings, but I can also save (and on another machine load) my personal preferences and reformat a project’s source code to my liking. This significantly increases the readability of code written by others (which sometimes uses a less than ideal coding style). This brings me to another point: version control. Delphi XE now includes a SubVersion integration in the IDE, which means we can add projects to a SVN repository and then submit files to the repository, update files (from the repository to the local project) and view the SVN history. All from within the Delphi XE IDE. What’s missing – and a big miss in my view – is IDE support for Locking and Unlocking source files. This is a normal part of SVN, but for some reason doesn’t get exposed in the Open Tools API project (which is also open source by the way) for the SubVersion integration. Since it’s open source, my initial request for adding the Lock and Unlock got a response of “why don’t you have a look at the project [and add it yourself]”. Having looked at the Open Source project, I think it would be a better idea for the original authors to add this to their project (instead of me branching out and overwriting some working version of the code). If you agree with me, then please vote for Quality Central feature request report #87736 at http://qc.embarcadero.com/wc/qcmain.aspx?d=87736

Third-Party Add-Ons Apart from the bug fixes, and new features, the so-called Tool Chest for Delphi Developers has increased again with the release of Delphi XE. And this makes me think back to the release of Delphi 7. There were not that many new features in Delphi 7, most were bug fixes, but there were a number of third-party tools included in the box (such as IntraWeb 5.x, Modelmaker, Bold) to make development easier. This time, the list of included third-party tools has grown by at least five new offerings. AQTime standard adds a number of profilers to Delphi, that can be used to profile not just performance, but also memory and resource usage, code coverage, unused units, and more. Raize CodeSite is probably known by a large number of readers, and the Express Edition is now available for all Delphi XE users. Same thing with FinalBuilder and Beyond Compare, two tools that are now bundled with Delphi. A final set of new components is from /n Software, and contains a subset of IP*Works!. These components do not mark the end of Indy, but they are mainly included because IP*Works! offers the same set of components for Delphi, C++Builder and RadPHP. The downside is that you can only have IP*Works! for Delphi or for C++Builder installed, but not both at the same time (and speaking of installing: the IP*Works! Setup is not done by the initial install – you need to download it from the Registered Users page on the Embarcadero website).



Page

4

DataSnap and Cloud A lot of effort has been put into DataSnap, REST and Cloud functionality (although the latter is only at the “getting started” level, and we should expect more functionality in the next releases). DataSnap has been extended with HTTPS support for IIS servers (ISAPI DLLs) and HTTPS support in DataSnap clients. Note that there is no built-in HTTPS support, yet, for stand-alone or Indy DataSnap servers. This is in theory possible (Indy supports HTTPS), but needs manual tweaking. Another enhancement is the two-phase communication protocol for filters, that now allows public/private key exchange between client and server. Note that if you use symmetrical encryption, then these keys are exchanged before the actual encryption takes place, which means that you need to use HTTPS to ensure that the keys themselves were passed safely. There are two encryption filters included in the box now, PC1 and RSA. I must admit that I’ve never heard of the former before I saw it appear in DataSnap. Another enhancement of DataSnap in RAD Studio XE is the new TDSAuthenticationManager, which not only supports authentication but also authorization. Apart from logging in people, we can now assign roles to the session, and use these roles to disable certain functionality. For example in the Server Methods unit, it’s easy to disable certain methods by using a special custom attribute to specify that a certain role is needed to allow the method (or a certain role is used to disallow that particular method). I’ll come back to this topic in more detail in a later article for the magazine. With DataSnap we can now build servers using Delphi or C++Builder Enterprise, and we can make clients in Delphi, C++Builder, Delphi Prism and even RadPHP. The DataSnap servers can use REST or DBX for the communication with the clients. The REST protocol is ideal for thin clients, but the thin clients have no support for DataSnap filters, so you must keep this in mind when designing your security. Microsoft Azure support is added in the form of four components: TAzureConnectionString for the connection to Microsoft Azure is the starting point. TAzureBlobManagement supports Windows Azure Blob Storage - unstructured storage as it is used for storing large pieces of data such as images, video, documents, etc inside a defined container. TAzureTableManagement supports Window Azure Tables; these provide scalable structured storage. Think NOSQL type tables where each entry stored in a table can have a different set of properties made up of different types, such as string or int. And finally TAzureQueueManagement supports Windows Azure Queues. Unlike blobs and tables, which are used to store data, queues serve another purpose, persistent asynchronous messaging, where each message is up to 8kb long. The Amazon EC2 Cloud support is surfaced in the special “Deploy to Cloud” wizard in the project menu, which can be used to deploy DataSnap Servers to the Amazon EC2 cloud. The dialog can be used to specify a username and password, and then select a region as well as the specific target machine to deploy the DataSnap server application(s) to. The only downside is that you still have to start the DataSnap server manually (unless it’s an ISAPI DLL deployed to a virtual directory), and also need to stop the DataSnap server before you can replace it with another version using the same dialog (otherwise the application will be running and hence locked). But it’s a nice dialog for initial cloud deployment.

DG 5%-off offer If you want to purchase an Upgrade or New User license of Delphi XE or RAD Studio XE, remember that DG members get a 5% discount on the license price (when purchased from me – see http://www.bobswart.com). This does not include the subscription price, for which no discount is available. Right now, it looks like I’m cheaper than the Embarcadero UK shop when it comes to a RAD Studio XE Professional Upgrade, but more expensive when it comes to a Delphi XE Professional Upgrade.

Summary Delphi XE does not overflow with new features, but it does include almost 1000 bug fixes as well as a number of new features that tend to make the developer more productive. The addition of half a dozen third-party tools to the IDE help to expand the tool chest of the Delphi developer (except for those who already own these tools, of course). Delphi XE does not contain the long awaited 64-bits capabilities or Mac OS X support – for that we have to wait at least until the first half of 2011. The best way to stay current with Delphi is to purchase a subscription with your next upgrade, so you’ll be assured of regular upgrades for an annual price (which is cheaper than buying an upgrade every year).



Page

5

Syslog by Angus Jack Syslog is a mature protocol for the transmission of messages across networks. It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them. Syslog allows messages transmitted by multiple applications and devices to be collected at single points for subsequent analysis. By implementing the protocol in applications developers and administrators can easily monitor messages and identify critical errors or informational messages. My interest in syslog began back in early 2000 when I first started work with The Developers Group. The team, based in Upavon, required connections to various sites across the UK; at the time this was achieved using TCP/IP over ISDN connections. The cost of using ISDN was comparatively expensive, there was no ubiquitous broadband for small businesses as there is now. Considerable cost was involved in maintaining connectivity and the policing of the various systems which ran a mixture of Linux and Windows was problematic. Applications, services, and daemons might send out a packet to an external IP address resulting in the ISDN line going live and incurring cost. The ISDN routers had (according to their manuals) a syslog service that could send out event notification messages to ‘receivers’ running on local machines, or even remote machines, although this would have defeated the objective of keeping the ISDN lines down as much as possible! It was my belief that obtaining such event notification messages would provide a clue as to which machine on the internal network was behaving in an inappropriately public manner. I never got to the bottom of the syslog issue during my time with The Developers Group. My interest was reawakened after the demise of my Linux firewall; a beautiful implementation of Linux provided by Smoothwall (see: http://www.smoothwall.org/) that provided sufficient logs for even the worst affected insomniac. I duly purchased a ‘traditional’ firewall supplied by a well known manufacturer and installed it. There appeared to be very limited log information apart from a small entry in the manual referring to syslog messages. Now maybe is the time to briefly explain syslog. Syslog is defined in rfc5424 (see: http://tools.ietf.org/html/rfc5424), this supersedes rfc3164 (which is in fact a much better read). The concept of the syslog protocol is to provide a standard method of transport of event notification messages from many transmitters to far fewer receivers so that administrators are required to inspect fewer logs. Originally syslog was developed on the University of California Berkeley Software Distribution (BSD) TCP/IP system implementations. The protocol has since been ported to many other platforms and embedded into many networked devices that may not have readily accessible local storage (routers, printers, hubs, switches, etc). You may be surprised what is broadcasting syslog messages on your network. Although rfc5424 and rfc3164 are quite prescriptive about how messages should be formatted, it would appear that many devices do not follow the protocol religiously. The common parameters are that the messages are sent using UDP on port 514. A quick way to understand the protocol is to build a syslog transmitter using Delphi. To keep matters simple I have used the Indy component set for this example. Put the following on a form. A button, an IdSysLog client, and an IdSyslogMessage:



Page

6

The IdSysLog component organises the transmission of the message from an application. The following properties may be defined: Active: Is the component active (this does not need to be set to true to send messages) Broadcast enabled: Set to true to send messages as a broadcast Buffer size: The size of the message in bytes Host: The address of the machine to which you wish to send messages or relay messages Port: The port used (rfc5424 suggests 514)

The IdSysLogMessage is a convenient component to use to build up the message. The following properties may be defined:



Page

7

Facility: A numerical code from 0 to 23 that assists in defining the nature of the process issuing the message. Convention suggests the codes are used as follows: Numerical Code

Facility

0

kernel messages

1

user-level messages

2

mail system

3

system daemons

4

security/authorization messages

5

messages generated internally by syslogd

6

line printer subsystem

7

network news subsystem

8

UUCP subsystem

9

clock daemon

10

security/authorization messages

11

FTP daemon

12

NTP subsystem

13

log audit

14

log alert

15

clock daemon (note 2)

16

local use 0 (local0)

17


18


19


20


21


22


23


Hostname: The IP address of resolved domain name of the device sending the message (note this can be spoofed as in this example by using any name) Msg.Content: The human readable content of the message Msg.PID: The PID of the issuing process (can be extracted programmatically) Msg.PIDAvailable: Boolean to append the PID or not Msg.Process: The name of the process Msg.Text: The text that is appended to the Process and PID information PRI: The priority of the message (see below) Severity: A numerical code from 0 to 7 that assists in defining the severity the message. Convention suggests the codes are used as follows: Numerical Code:

Severity

0

Emergency: system is unusable

1

Alert: action must be taken immediately

2

Critical: critical conditions

3

Error: error conditions



Page

8

4

Warning: warning conditions

5

Notice: normal but significant condition

6

Informational: informational messages

7

Debug: debug-level messages

By putting the following code in the click event of the button the following message will be sent to 101.1.1.21: IdSysLog1.SendLogMessage(IdSysLogMessage1); Sep

8 14:04:18 bogus myprocess[123456]:this is my message

: This is the priority of the message and is calculated by using the numerical values assigned by the facility property and the severity property. The value of PRI is calculated by multiplying the facility value (17) by 8 and then adding the severity value (2). The higher the value of PRI the lower the priority of the message; this is intended to allow administrators to easily filter messages by priority. Sep 8 14:04:18: The time stamp put on the message by idsyslog bogus myprocess[123456]:this is my message: The body of the message including the hostname (in this case a bogus one) the process, process ID, and the actual message. To capture syslog messages is very easy. Again using the Indy Component Set all that is needed is a IdSyslogServer component. On the Onsyslog event put code such as the following: Memo1.Lines.Append(ASysLogMessage.RawMessage)

In this case the IDSyslogServer puts the contents of the message to a memo. IDSyslogServer has to be set to true at some point prior to receiving the message.

The active property of the

I have been running a syslog server for a number of months and have been able to find a number of applications that make connections to outside of my network for no apparent reason. Although with the availability of broadband this does not have the cost implications that originally got me interested in syslog, I have identified a number of applications (downloaded by my daughters) that make heavy use of apparently random and unnecessary connections to remote servers. Earlier I mentioned that it was possible to spoof the host name of the message originator. This should be a consideration for administrators of large networks. Care should be exercised when interpreting these hosts as unscrupulous applications could generate voluminous messages and hide their source potentially causing hours of time wasted.

Many of you will remember Angus who worked with us for several years and made huge contributions to the group. Since then, Angus has used Delphi to understand the workings of the avi and jpg file formats during his career working for a major construction R&D company. He has also used assembler to optimise byte transactions when working with image and video file streams within the Delphi environment to optimise run-time efficiency in understanding transient thermography analysis. He recently was involved in a major development programme at director level to provide environmental performance benchmarking of real estate (actual commercial buildings) across Europe. He is currently looking for work, any offers gratefully received. – do contact him on [email protected] if you know of any opportunities for him.



Page

9

Balsamiq Mockups by Neil Parrish How do you design the interface for your applications or web sites? Maybe you reach for pen and paper or perhaps you put together a prototype application in your favourite IDE. Now, the first may seem a little unprofessional to your clients, particularly if you draw like I do, the second could leave the client thinking you are almost done or get you caught up in discussions about minutiae. Well, Mockups could be a tool for you - it lets you build wireframe mockups quickly and easily. So easy that everyone in the project can get involved, be they developers, project managers, designers or clients. The mockups produced have a deliberately hand drawn low-fidelity feel to encourage as much feedback as possible. Neil showed us this at our May meeting in London – for those of our members who were not able to come to the meeting, he explains here what Mockups does and why you might want to use it. Article to be added imminently.



Page

10

Some snippets from the Zen Internet newsletter http://www.zen.co.uk/newsletter by kind permission of the editor HACKED OFF Hackers have siphoned off almost one million pounds from British bank accounts recently using a variant of the Zeus Banking Trojan, according to M86 Security Labs. The theft was discovered after M86 gained access to a server in Moldova, the company revealed in a paper published last month (PDF, second link below). In July alone, hackers stole £675,000 from the customers of one of the biggest UK high street banks, according to Mark Kaplan, M86's chief security architect. He said that 37,000 British computers had been infected by the Trojan as part of the attack, with around 3,000 bank accounts compromised. The Zeus Trojan, also known as Zbot, steals data by logging keystrokes and is acquired when users click on links in unsolicited messages and on pages at misappropriated Web sites. http://short.zen.co.uk/?id=f3e http://short.zen.co.uk/?id=f3f BRITS GO PHISHING A new report from Internet security company BitDefender says there have been significant changes in the UK's 'ethreats' landscape during the first six months of 2010. Britain has emerged as one of the top five countries harbouring malware, the result of successful penetrations of UK computers and Web sites by international cyber-criminal gangs. The UK ranked 3rd amongst the top global Web hosting locations of phishing pages, behind Russia and China, and was 4th, one place above the USA, in the world's top countries hosting malware. Full report (PDF): http://short.zen.co.uk/?id=f40 DISLIKE LOOKALIKE If somebody sends you an invitation to get a Facebook 'Dislike' button, think twice before you click on the link. It's likely to be part of a new scam from malware or spam creators, according to security firm Sophos. Facebook's Like button is spreading across the Web and the ability to indicate approval of something with a simple click is making it very popular. Users have been asking Facebook to take the logical next-step and provide a Dislike button too, but the social network operator hasn't taken to the idea, claiming "it would create too much negativity". A third-party developer, FaceMod, stepped in to meet the demand for a Dislike button, but this was soon followed by a scam substitute that tricks you into giving permission to access your profile and post spam messages from your account. If you want to try the genuine FaceMod button, you can get it directly from the Firefox Add-ons page (second link below). http://short.zen.co.uk/?id=f41 http://short.zen.co.uk/?id=f42 MALWARE SEARCH RESULTS A new security study claims that of all malware served up by major search engines in a two-month period, Google came out on top with 69 per cent; Yahoo! came in a distant second with 18 per cent and - with a 12 per cent score Bing's search results included the least number of listings that had links to dangerous Web sites. Google's popularity with users - it deals with many more search queries than any other search engine in every country except China makes it the prime target for cyber criminals, especially those using quickly generated rogue sites that claim to have information about breaking news. The complete Barracuda Labs 2010 Midyear Security Report (an 80 page PDF) can be accessed via the second link below. http://short.zen.co.uk/?id=f44

http://short.zen.co.uk/?id=f43 MORE SECURE INTERNET

The organisation that oversees the Internet's unique identifier naming system has joined forces with Verisign and the US Department of Commerce to make Web site visits safer. The Internet Corporation For Assigned Names and Numbers (ICANN) has arrived at a solution for the security flaw found in the Domain Name System (DNS) more than a year ago by ex-Cisco scientist Dan Kaminsky. DNS is used to convert Web addresses - such as www.zen.co.uk -



Page

11

into the numerical sequences used by computers to route Internet traffic around the world. The flaw involves the way that DNS Root Servers, some operated by Verisign, translate Web addresses into the numbers that handle the requests they get. Unresolved, the flaw makes it easier to operate phishing scams, in which users are directed to fake banking sites and tricked into disclosing credit card details or other personal data. The ICANN task force deployment - known as DNSSEC (short for DNS Security Extensions) - provides a new level of assurance that Web users will arrive at the site address they typed, rather than a convincing copy site operated by criminals. http://short.zen.co.uk/?id=f45 INTERNET ADDRESSES TO RUN OUT IN 340 DAYS The Internet is coming to the end of the road in its present form because it is running out of digital addresses. IP (Internet Protocol) addresses are individual numbers given to each computer on the Net. The last 234 million numbers in the system will all be used within the next 12 months, according to one expert. The present system is based on 32digit numbers. A new system with four times as many digits - already used by Facebook - has enough addresses for everyone on the planet to have millions each. http://short.zen.co.uk/?id=f47 NHS LEAKING MONEY ON THE WEB The NHS spends £86m a year on thousands of Web sites that are difficult to find, badly designed and irrelevant to patient needs, according to a leaked government report. The Department of Health's digital communications review, which looked at more than 4,000 NHS sites, found that a quarter were no longer accessible and a third of the rest had "at least one notable deficit in standards". The current NHS budget is more than £100billion, roughly equivalent to a contribution of £2,000 per year by every man, woman and child in the UK. http://short.zen.co.uk/?id=f48 TOWN LOSES TUNNEL VISION Bournemouth's ambitious scheme to sink miles of fibre-for-broadband below ground without digging, by routing it through the ready-made network offered by the town's sewers, has been axed. Wessex Water, the company that manages Bournemouth's sewerage systems, told ZDNet UK that plans to run core fibre through its waste-water infrastructure never got past the pilot stage. Instead, the deployment will have to rely on digging up roads and pavements, like most other fibre rollouts. http://short.zen.co.uk/?id=f49 GRAND THEFT AUTO FIRM CRASH The Dundee-based computer games company Realtime Worlds - founded by the creator of Lemmings and Grand Theft Auto - went into administration last month. Professor Bernard King, principal of Abertay University, said the collapse was sad news, adding: "As the jewel in the crown of Dundee's computer games development sector, Realtime Worlds epitomises the creativity and determination of the entire Scottish industry and the university will deploy all its resources, including the new games industry business support mechanism launched by the government in July, to support whatever new business structures might emerge from the administration process". http://short.zen.co.uk/?id=f4b

http://short.zen.co.uk/?id=f4a LINKS FROM THE WORLD'S FASTEST CAR

A car design task that at key moments needed more computing power than the Met Office has produced a vehicle capable of setting a new world land speed record for Britain. The current record of 763 mph was achieved by Andy Green OBE in the twin turbofan jet-powered ThrustSSC in 1997, but a new project, dubbed Bloodhound, is aiming to trounce that figure by topping 1,000mph (Mach 1.4). The team behind the Bloodhound Project announced several milestones last month on the way to their goal of setting a new world land speed record. The biggest was the unveiling of a 1:1 scale replica of the car at the Farnborough International Airshow, alongside its principal power source - a Eurofighter Typhoon jet engine - that will help to drive the rocket-shaped 3-wheeler from standstill to 1,000 mph in 42 seconds. Intel's Atom processors, normally found in netbooks, will be helping to keep things steady, running the car's propulsion and in-car control systems. Supporters and sponsors are being welcomed. Individuals



Page

12

can get their name on the car's stabiliser fin, in something like 12 point type, for as little as £10. For £50, businesses can get a more prominent showing, plus a linked entry on the project's Web site. http://www.bloodhoundssc.com

http://short.zen.co.uk/?id=f4c

COMPANIES CATCHING COLD Could 'social viruses' ruin your company's reputation? Can you insure against disgruntled customers or envious competitors using social networks to sow fear, uncertainty and doubt about your products? There's no 'click here' solution, but there are ways to grow a healthy resistance to such infections. Building sensitivity and concern for customer communities is part of the answer. Unfortunately, says one critic, this business philosophy may be alien to the majority of companies, which still treat their social networks only as sales and marketing tools, rather than living, breathing symbiotic organisms. http://short.zen.co.uk/?id=f4e INVOICE BUBBLE If you are a freelancer or a small business owner who frequently creates and sends invoices to clients via the Web, you might find Invoice Bubble useful. It is a free and simple online invoicing system with a straightforward, intuitive interface that integrates well with Paypal. http://www.invoicebubble.com SNAPPY LOGO DESIGN If you need a logo and your small budget doesn't allow you to hire a professional, head to LogoSnap. It's a userfriendly Web site that can be used by anybody to create an instant logo online - and it's a free service. http://short.zen.co.uk/?id=f4f WORDLE A picture may be worth a thousand words, but can a thousand words - or even just a few - be worth a picture? Wordle is an entertaining online toy that lets you create a wordy masterpiece from a passage of text or the words on any Web page. The results can be anything from the basic cloud type of graphic seen on many blogs to something much more telling. After all, Cubist painters integrated letters and words into their still life works, linguistic manipulations were key to Dadaists, and Marcel Duchamp, best known for conceptual art objects that came from plumbing merchants, was also a master of artistic wordplay. http://www.wordle.net/create CYBERCASING Before you post photos online of your expensive new motorbike, classic car, or your latest valuable antique acquisition, you might want to stop and consider that computer-savvy burglars will probably be able to use that image to find out where you live. The same goes for pictures of your family, or anything else that you don't want strangers to be able to locate. Tracking people and things via posted photographs is known as "cybercasing" and it's possible because many digital cameras and smart phones, including the iPhone, automatically geotag images by embedding the longitude and latitude at which they were taken. Even after being uploaded to a Web page, the images can retain the location coordinates, which can be used with Multimap.com and services like Google Street View to find an address or nearby identifying landmark. In a report published by the International Computer Science Institute (ICSI), researchers explain how they obtained the home addresses of people who had posted photos in online classified ads, despite having opted to keep their addresses hidden when using the advertising site. http://short.zen.co.uk/?id=f50 SOARING SOCIAL SPENDING According to new research released by eMarketer, US businesses will spend $1.7 billion on social networks advertising in 2010, accounting for 6.7 per cent of all online ad spending. The dramatic rise - with growth of 20 per cent this year and a projected 24 per cent next year - helps to explain why Google, the biggest player in online advertising, is busy with its own plans to enter the market with a social network offering that will sell advertising space. http://short.zen.co.uk/?id=f51 http://short.zen.co.uk/?id=f52



Page

13

SHOPPING FOR ME It seems Google hasn't finished acquiring companies to bolster its rumoured social networking product, Google Me. Early last month, the search giant announced that it had purchased social application startup Slide and three days later TechCrunch was reporting the purchase of Jambool, the maker of a payment platform for social games. Jambool confirmed the acquisition on August 13th. http://short.zen.co.uk/?id=f53

http://short.zen.co.uk/?id=f54

http://short.zen.co.uk/?id=f55

NORTH KOREA BRANCHES OUT After a difficult summer with football battles lost in South Africa and the threat of all-out-war with its southern neighbour, North Korea marked last month's 65th anniversary of the country's liberation from Japanese rule at the end of World War II by joining Twitter. Under the user-name @uriminzok - Korean for "our people" - the republic headed by Kim Jong-il opened its first micro-blogging account with tweets with links to speeches by the regime's "dear leader" and rejections of allegations about its involvement in the sinking of a South Korean navy vessel earlier this year. In July, North Korea introduced the country's official YouTube channel and has been uploading 2-3 videos per day since its launch. Professor Hazel Smith, a North Korea expert at Cranfield University, said we shouldn't be surprised. "It is not a technologically underdeveloped country. It's extremely poor, but by no means isolated. They've been investing in IT-related training for at least 30 years". http://short.zen.co.uk/?id=f56 SEARCH WITH THE STATE A new search engine, likely to go by the name "Goso", is planned to compete with Baidu and Google in the Chinese market. The Chinese regime's Xinhua News Agency and state-owned China Mobile have signed a contract to cocreate the new resource. The move by the two government companies comes amid upheaval in the Chinese online search market following Google's partial exit from the scene after a dispute over censorship. Xinhua says the purpose of the new search engine will be to "better serve the work of the Party and the nation and to practically protect national interests and to expand the reach and the ability in and outside China of the country's mainstream media to guide public opinion". China's 420 million Internet users already make up the world's largest online audience, but search providers see years of further growth ahead. http://short.zen.co.uk/?id=f57 MOVING TO BING The transition by Yahoo! to Microsoft's Bing for its search results began last month for users in North America. Although results will be coming from Bing, Yahoo! says the typical search experience will remain much the same and Bing isn't expected to replace Yahoo! search globally until 2012. Microsoft claims that Bing will account for 31.6 per cent, or 5.2 billion searches every month, when the transition is complete. http://short.zen.co.uk/?id=f58 SEARCH ENGINE OF THE MONTH Nibbo.com is nicely done and different enough to make a refreshing change. It's also useful if you want to get away from the helpfully UK-centric view that Google and Bing tend to impose on British users. Where most search engines offer only one type of search at a time, Nibbo offers a configurable mix, and shows an unobtrusive preview of its multiple search types along with the number of results that can be expected from the different sources. The type and order of previews can be changed as well as the default search settings. As an option, Nibbo also lets signed-up users create custom search engines by providing a list of keywords or specific site addresses. http://www.nibbo.com



Page

14