Better think twice before using those nice Ajax desktops to lighten your daily burden of password submissions.

These “startpages” are very commonly used to quickly access a growing collection of online services: webmails, to do lists, calendars, blogging tools, photo and video sharing, instant messaging, bookmarking, …

Just one login to display your whole online ecosystem in one neat page. How convenient! But what about security?

AJAX applications will remain unworthy of serious business (at least for risk-conscious people).

This is quite a bold statement, especially considering the source: The Center for Education and Research in Information Assurance and Security (CERIAS), a prestigious academic institution. The author is Pascal Meunier whose current hobby is fighting all client-side scripting technologies, especially AJAX.

CERIAS has certainly some excellent thinkers when it comes to security, but in this case we respectfully disagree. Yes, there are security problems with browsers and web applications, but there are security problems with regular client software too. This fact has never prevented anybody (especially the risk-conscious people) from evaluating all the solutions available and selecting the ones with a better security architecture.

In his blog post, professor Meunier says there is problem with “same origin policy” and shared servers and he proves it by adding some nasty links from his Purdue homepage to the homepage of another collegue. True, but I cannot see how this could affect the happy users of so many well-designed web 2.0 applications. Then he signals that browsers can be made unusable by visiting pages with malicious Javascript. But this is old story: do you remember the funny sites with never ending loops of dialog boxes? Then he moves to analyze other vulnerabilities, but again I could see very weak relations with the present web 2.0 environment.

I can’t tell if these “Ajax horror stories” are episodic or endemic, but I believe that serious Ajax developers won’t cause any more harm than those working with a different software paradigm.

Gmail, the poster child of Ajax applications, is perfect for serious businesses. Combine it with Freenigma and you realize the security dream of any sysadmin: a robust mail service accessible from the Internet, with a very good spam filter, strong encryption and generous mailboxes. And please note that without the revolutionary Ajax interface there would be no chance to win user acceptance and the dream would vanish!

(Very good products like IMP and SquirrelMail never took off because corporate employees were reluctant to abandon the sleek and fast interface of traditional mail clients such as Outlook.)

Amazon launched S3 in mid March and yesterday claimed to manage over 800 millions data objects. It is indeed a successful and quick start. I agree with Marshall Kirkpatrick that, besides being a good business model, services like S3 are also a key factor for innovation. They make true the dream of a solo developer able to deploy an AJAX application to the web without worrying about how to scale it out, if it becomes popular.

Having almost limitless resources does not mean you can waste them. The calculator feature of Google web search is a tiny, perfect example of a such a waste. Every time you write something like 1500/1.208 into the search field of Google, the string is sent over to a Google server, a Google CPU computes the results and send it back to you.

While there are numerous efforts to launch web based MS Word replacements, it seems that MS Excel risks no real competition from Web 2.0.

This sounds strange because in the past spreadsheets have always played a key role in determining the success of new technologies. It was Dan Bricklin with his VisiCalc to move accountants and analysts from mainframes to personal computers. For many of them the appearance of Mitch Kapor’s brainchild Lotus 123 was the main reason to migrate from Apple II to the IBM PC world. Later on, Excel was one of the best justifications to graphical interfaces, i.e. to operating systems with pull down menus and a point and click capability using a mouse as pointing device.

NumSum by TrimPath is today the only project in this arena. It just mimics Excel’s basic functionalities and adds a “social” flavour with the introduction of tags and easy spreadsheet embedding in weblogs.

What I’d really like to see is a nice Ajax application that overcomes the two big issues that makes me uncomfortable with Excel.

• my spreadsheet are not ubiquitous
• the present spreadsheet paradigm is bad

The first point is quite self explanatory. The second refers to the awful way of mixing data structure, formulas and presentations. Excel and the OpenOffice clone did nothing to keep them apart. To change one of this three components you need to rebuild the entire spreadsheet.

Quantrix Modeler is a very nice and professional solution that embraces a new and sound paradigm, a paradigm that solve Excel inconsistencies. It doesn’t come cheap though. Flexisheet has an identycal approach, it’s open source but just for Mac OS X and it seems it will never get out of Beta.

I see a lot of space here for real Web 2.0 companies and VCs. It’s not as quick and easy as building an online to-do manager, but it could be a huge win. Move fast before big players enter this market. The more likely to launch are those that already owns a lot of the customer’s data: Salesforce.com is the first I could think of. It would be very easy for Marc Menioff to offer an Excel replacement to play with sales, invoicing and accounting data. Unless Google decides otherwise, see here and here.

What will Microsoft do to counter this trend? I agree with Paul Graham, when in Hackers & Painters he wrote

I expect Microsoft will develop some kind of server/desktop hybrid, where the operating system works together with servers they control. […] I don’t expect Microsoft to all the way to the extreme of doing the computations on the server, with only a browser for the client, if they can avoid it.

Recent news and comments seems to confirm this strategy.

PS: Of course the ability to import Excel file could be a nice feature for any “good enough” Web 2.0 solution, as it was for Excel the ability to read Lotus 123 files.

Eventually I found someone that is able to explain in human readable language what SPARQL is, which role it plays in the semantic web arena, and the potential outcomes of merging it with Web 2.0 appli