In Part I of this article I introduced you to Microsoft's .NET, a collection of concepts and technologies which promise to transform the Internet into your own personal supercomputer. Here's a quick refresher on the key features of 'dot-net':

Some questions

There's no doubt .NET, or some similar model, is a sensible way for Internet development to go. After all, here we have millions of computers linked together and all we do with them, today, is share documents. What a trivial use of all that computing power!

So, you'll hear little disagreement about the need for something like .NET. The devil, of course, is in the details. Let's examine some of the many questions that immediately spring to mind.

Why .NET?

Why should we use Microsoft's vision of distributed computing instead of one of the other models? It's not the only company, nor the first, to suggest something of this sort, and there are certainly a number of alternatives when it comes to the nitty gritty of developing Web services. Supporters of Sun's Java, a language designed to build Web-based applications, have accused Microsoft of  "giving developers an updated set of handcuffs" in its .NET development tools. Of course, Sun would far rather developers – and the rest of us – use its own brand of handcuffs.

Equal access?

What will life under .NET be like for those without access to high-speed Internet connections? Microsoft's vision is skewed by the broad availability of high-speed Internet access in the US. If you live in the US and you don't have high-speed access, then it's almost certain you have cheap, unlimited connect-time, dial-up access. The same can't be said for most other countries in the world, where Internet access is billed by the hour and many people are still on slug-slow connections.

How will .NET work for those of us without a high-speed connection? And what about those of us who pay hefty hourly connection fees? Just how palatable will it be to depend on a creaking 56k feed for our applications and services?

Who owns your info?

Under .NET, who owns your personal information – you or the site where it's garaged? Do you get charged for garaging, too? Who, if anyone, can the host site share that information with?

Would you trust your data to this company? Microsoft is counting on the convenience of universal sign-on (no more usernames and passwords!), automatic data entry, rapid online shopping and access to diverse new services to earn your acceptance of Passport, Wallet and other .NET services.

What do we get charged for?

.NET sounds like a profit-fest for businesses, and that is exactly how Microsoft is selling it to companies. Services, data storage, encryption controls, software. All of these are candidates to become subscription-based items. The dot-com shakeout has already lead to a dramatic reduction in the number of free or advertising-sponsored services on the Web. .NET will take that process much, much further.

Is there no escape?

.NET's ability to deliver services to you no matter where you are also means that your location is part of the information stored about you. Switch your computer off, go out, hop in the car, and .NET will come right along with you, courtesy of your mobile phone. Some people will lap this up; for others, it's Big Brother all over again.

How can security be guaranteed?

This is perhaps the most crucial question of all. Regular readers of my Bug and Virus Report column in Australian PC User or my Windows updates in Woody's Windows Watch will be painfully aware that Microsoft operating systems and Web software spring security leaks on an almost weekly basis. Even worse, towards the end of 2001 a gaping flaw was discovered in Microsoft's Passport. Passport is a service for identifying and authorising users online, and a key component of .NET. Microsoft was forced to disable the service altogether for several days in order to avoid having customers credit numbers stolen while it patched the security hole. And now this self-same company is asking us to store our personal, financial data using its technology?

geekgirl tip: Avoiding an XP Passport
If you're running Windows XP, you'll find yourself badgered to obtain a .NET Passport. Don't give in! If you don't want to use Microsoft services such as Instant Messenger, Remote Assistance and Hotmail, there's no need to get one.

Of course, if you do want to use any of those services, you'll have to bite the bullet and sign up. If you already have a Hotmail account, you already have a Passport – just sign in with your Hotmail user ID and password. If you don't have a Hotmail account, then avoid this spam-ridden service and sign up for the Passport only.

If you do sign up for a Passport, preserve your privacy and security as much as possible by providing the absolute minimum amount of information. That minimum should be nothing more than a valid e-mail address. Make sure you don't tick the Share My E-mail Address box and read the terms of use!

Microsoft's response

These are just a few of the questions raised by .NET. You're sure to have your own. Microsoft, is not unaware of these issues. It is actively seeking support from banking organisations which have a better record for online security than Microsoft can claim for itself. It has also announced that it is opening up key sections of .NET – including Passport – to allow inter-operation with other vendors' services. It's making noises about using non-proprietary technologies to implement some components of .NET. Comforting words such as "consent", "privacy" and "user control" abound in Microsoft's .NET information.

For instance, according to Microsoft, data ownership lies solely with the user:

"The user owns the data. Any access to that data, any changes to that data, and any use of that data requires the explicit consent of the user. That consent has limited scope (what data can be accessed?) and limited lifetime (when does the permission expire?). .NET My Services uses legal and technical mechanisms to prohibit any unauthorized use of the user's data, and that limitation on use will extend beyond the specific transaction in which the data was obtained."

That, once more, begs the question of whether Microsoft can guarantee data security.

Our .NET future

Despite the many questions raised by .NET, of one thing you can be certain: It – or something remarkably similar –  is coming to an Internet-connected device near you. In fact, many components of .NET are already in place.

Microsoft has a lot of work to do to make .NET workable. My guess, though, is that while there'll be plenty of conscientious objectors who will hold out against it – some of them simply because it's a Microsoft initiative – the majority of us will eventually be seduced by .NET's power, convenience and inevitable ubiquity. Let's hope Microsoft and its partners can hammer the kinks out of the system and turn it into something which – to use Microsoft's own marketing parlance – truly is user-centric.

A .NET Timeline

.NET is coming to us in dribs and drabs, with many elements already in place. This table shows Microsoft's timetable for introducing elements of .NET. The elements have been divided into the five main components which make up Microsoft's vision of .NET – Experiences, Clients, Services, Tools and Servers.

 

Pre-2001

2001

2002 and later

Experiences

 

  • Windows XP

  • bCentral

  • MSN

  • Additional .NET experiences

Clients

  • Windows CE

  • Embedded NT

  • Windows 2000

 

  • Windows XP

  • Embedded XP

  • Windows CE .NET (Talisker)

  • Stinger OS for smart phones

  • Xbox

  • Tablet PC and other smart devices

Services

 

  • .NET MyServices (formerly Hailstorm, and including Passport)

 

Tools

  • MSDN Online

  • Visual Studio .NET

  • .NET Framework

  • .NET Compact Framework

  • SOAP Toolkit

Servers

  • Windows 2000 Server

  • SQLServer 2000

  • BizTalk Server 2000

  • Mobile Information 2001 Server

  • Windows .NET Server

  • Embedded .NET Server

  • Additional servers

 

© Rose Vines, 2002

  

top home net archives menu