More on Xi-Soft Netransport to download webcasts

How to download Microsoft webcasts posted September 2005
References the original post by Georgeo Pulikkathara from 2004:

Is Microsoft going to an Open Standard for Office File Format

The news has carried stories that Microsoft is going to submit the document file formats in the forthcoming Office 12 to ECMA as an open standard. Here is an interesting post on the subject:

Microsoft ECMA/ISO move could give Office formats new lease on life by ZDNet's David Berlind -- I'm trying to grab a few vacation days here during the short week. But the news that Microsoft is looking to establish its Office XML Reference Schema (the new file format for it's Office productivity suite) as an International Organization of Standardization (ISO) ratified standard has pulled me out of hiding for at least one [...]

Local Microsoft Events in November

There have been plenty of Microsoft events locally this month. The biggest may have been the VS2005 Launch Event. It was good to see Rocky Lhotka again, and chat with him in the Q&A booth. He is anxious about the impact of offshoring.
The last talk, (by Tim Landgrave?), on using the Component Application Block in Smart-Client apps showed stuff I had not seen before. And it finished with a BANG when he blue-screened!

CNUG had another Day of .NET on Saturday the 12th, just two days after the launch event. Pretty good turnout (>200) but somewhat disappointing lineup of speakers. The highlight for me was a talk on AJAX (even though Joel Spolsky and others enjoy pointing out that there is nothing new there).

Wednesday night "The Scripting Guys" (Dean Tstatas & Peter Constantino) were in town, and gave a good presentation. They have a great web site at Technet. Sample resource script.

Cross-Site Scripting and Tracing

Reading about WinINet I came across a "HttpOnly" attribute for cookies that Microsoft added to IE6 in SP1 (Note there is no hyphen in the attribute name).
That led me to some other good articles about cross-site scripting.
Mitigating Cross-site Scripting With HTTP-only Cookies
Scott Hanselman blogged about it over the summer, but I missed it then.

And to an article that uses the TRACE function as a technique to circumvent this attribute.
I don't know whether it is common to turn off the TRACE functionality on IIS servers.

Jeff Prosise wrote and lectured on website hacking during 2004. He came to Bloomington(IL) as part of an INETA-sponsored tour a year ago. I guess I wasn't blogging then, so I didn't post about his presentation, but other user groups and bloggers (Robert Hurlbut) have posted summaries and his sample code. Jeff wrote Stop Cross-site Scripting Attacks in their Tracks in ASP.NET Pro Mag in 2003 (subscription only) and on Foiling Session Hijacking Attempts in his Wicked Code column in MSDN Mag for August 2004 and

==============================================
Other topics:
Where is that artcle about script reading the clipboard?
--------------------------------------------------
Retrieving Data using Script

Audio Encoding - Tools and Quality tests

HydrogenAudio is an excellent resource for information on audio technology it has active forums and a useful wiki (which I found through Wikipedia).

It points to several sites which describe comparison tests of different sound systems:

ABX Double Comparator at ABX Company site of David Carlstrom.
Roberto's public listening tests page has some samples and results of encoding.

Newly found tools

• MonkeyAudio for lossless compression.
• MediaMonkey as a general tool.
• MP3Tag just for tag editing.

Sites with lists of tools

• free-codecs has a lot of codecs
• mp3-converter.com has even more stuff, and is better organized

Interesting web sites

Searching the web after the Nerd Dinner last night I came upon some sites of interest:


http://www.programmableweb.com/

Speaking of Mapping

Yahoo has released their mapping update to compete with maps.google.com and VirtualEarth.msn.com. It looks appealing, but I tested a somewhat odd address that is a restaurant in a shopping mall - "44 Yorktown Convenience Center, Lombard, IL 60148". Only google got it right. And it got it JUST right. Impressive.

On the other hand, google, and the others emphasize their money making local links, which diminish the useful size of the actual maps. Sometimes the google map is full width, and sometimes restricted by local lists on the left. It is tough to figure out how to get the full width map.

Chicago Nerd Dinner - Nov 15, 2005

We had another enjoyable and educational evening last night, as organized by Jeff Key and Ryan Rinaldi. Also in attendance were Brian Beatty, Brian Scott, Chris X, Rob X, and I. Eric was only there in spirit. Jeff raffled off the tools package from JetBrains which was won by Eric.

We had a wide-ranging discussion. Here are some of the questions and topics which came up that have stuck with me.

Web sites and services:

• Amazon's new "Mechanical Turk" web service pays humans a (very) small fee to perform simple tasks (HITs) which are hard for computers. Very creative. They reference an article at Business Week.
• 37signals.com is an ASP which provides inexpensive organization, collaboration and management tools for small business and individuals. It is built using the "Ruby on Rails"(RoR) framework, which has been getting attention lately. eWeek has a good article on RoR and they also have an interview with its creator, David H. Hansson. There was extended discussion of it, which I missed since it was at the other end of the table.
• http://www.writely.com/ is a web-based site for creating and collaboratively editing documents. It is also mentioned in Ten Blogging Hacks by Steve Rubel

Some other topics, issues:

FLICKR was bought by Yahoo last spring. It caused quite a stir back then, and more recently Wired has reported some resistance to its integration into the Yahoo superstructure.

Ryan was talking about a seminar by Juval Lowy at DevConnections, who he said was very instructive, if a little too full of himself, and about working with Clemens Vasters (whom I confused, thinking instead of Ingo Rammer, the .NET Remoting guru.)

Where, if anywhere is pluralsight based? Bill Williams, who is their administrative contact was, and I think, still is based in Massachusets. They do a lot of training in Redmond, WA. I guess the issue was where Ryan's blog reading went when he hit their server. Need to do one of those IP mapping requests to figure that out.

And there was also some discussion of whether there might be a new Internet bubble. I mistakenly confused Ted Neward with Dave Winer, who sold his weblongs.com site to Verisign earlier this year. Scoble blogged about it here in October. Verisign talked about it here. There is a good bio of Dave at Wikipedia.