Others have already discussed this news into realms of fantasy and paranoia so I'll just point out one aspect I think no one has addressed yet: security.

Blogging and syndicated data technologies in general have yet to fully test the fires of hostile computing world. As their prime time nears, they will be subject to abuse and exploitation.

For example, the primary mechanism behind podcast, RSS enclosure, can be used to deliver worms and worse to the desktops. If there are any vulnerabilities in iPod (or any MP3 player hooked up to podcast sync client) codec, then podcasting is a good way to deliver overflow inducing content.

While some might consider social networking aspect of blogging and syndicated data as enhancing security, I see it more as a potential problem because I think trust itself is a primary source of vulnerability.

If you subscribe to 1000 feeds, you are hanging on a chain with 1000 links. Each of those 1000 links (feeds) are potential targets for hackers to attack to gain control over its content. All they need is one vulnerable feed hosting server to change what is delivered to your desktop. If you are using an insecure news client that pools news items from multiple sources, a hacker in control of Ponzi's Schemes feed (hi Ponzi :-)) will be able to send out posts that looks as if they came from the American Express feed.

Some of these problems are easy to fix, some are not. But it's difficult to fix them if you haven't thought about these issues and not many have so far because we were too busy enjoying the heat of creation and smelling the morning rose petals.

I think engineers at Microsoft who had more than their fair share of security-related criticisms will be able to help out in enumerating and addressing the security issues in blogging and syndicated technologies.

That's all.

Update:

FYI, this post is being slashdotted today. You can find their comments at Slashdot and AlterSlash. So far I am happy to see this blog withstand being Slashdoted and Farked at the same time. My fingers are still crossed though. Back to my work pile.

EvolGrafiX, a small SVG tool developer, is working hard to ship Renesis, an apparent Flash killer, by end of this year. Where Flash plugin renders SWF, a proprietary format, Renesis will render SVG (100% of 1.2 mobile profile and 94% of 1.2 standard profile) version of the same graphics faster and at higher quality than Flash can. For scripting language, Renesis will use C# instead of as well as JavaScript (technically EcmaScript) which Flash uses. They will be using a handrolled C# interpreter so .NET won't be a requirement.

I've been using the Anti-grain Geometry engine (AGG), the open source 2D graphics engine Renesis uses, and have tracked Maxim Shemanarev, Renesis lead developer who also wrote AGG, for the past couple of years. As ambitious as the Renesis project seems, I think they will get the job done.

As to killing Flash, I doubt that will happen, even with all the interest in SVG. Rather, I think SVG and Renesis will find their own market in areas where Flash is weak.

It's interesting that Microsoft AntiSpyware (in beta currently) is written in Visual Basic 6. Polished consumer-oriented GUI like that is difficult to code in C++ because of all the detailing work that has to be done. Since .NET still hasn't reached primetime as a client platform, VB6 makes a lot of sense.

Update:

By primetime, I didn't mean that .NET platform is less capable than VB6. The problem with building client software on .NET currently is that a) it's still moving at a speed some might find unstable, b) .NET Framework footprint is quite a bit bigger than VB6 runtime and is not yet available widely enough, and c) Visual Studio .NET series remains half-cooked.

Delegated authentication differs from federated authentication model in that the authentication authority delegates authentication yet again. It's a double-sided star system where the authentication authorities sits in the middle acting as a directory of sort.

Delegated authentication model is not appropriate for weak authentication uses. So I doubt we'll see banks pushing customers to some federated authentication authority whenever they click on the sign-in button. Where it makes sense is protecting high-value transactions with strong and/or multi-party multi-factor authentication.

As cryptic as what I wrote above may sound, the net effect is that a) consumers will be able to buy their favorite secure token at Fry's and use it to protect their bank account without worrying about whether the bank supports the device or not, b) banks of all sizes will be able to support a wide range of authentication methods cheaply, and c) strong authentication vendors will be able to market their products and services directly to consumers.

The biggest hurdle for delegated authentication is that the cost of fraud risk have already become part of the balance sheet. Risk exposure is aggregated and taxed horizontally so that finanical risk is shared as part of operating cost. The net result is that individual customers face minimal financial risk which leaves them little incentives to be interested in strong authentication unless they are required to use them by their banks.