Archive for Jun 2005


Legislative Solutions to Security

Senators Patrick Leahy (D, VT) and Arlen Specter (R, PA) have proposed legislation to "deal with" losses of personally identifying information and the security problems that lead to it. I'm not convinced it's the right architecture. Comprehensive legislative solutions seldom are. I've written more about the legislation at "Between the Lines." One thing I learned working for government is that if you don't solve your own problems, the legislature will do it for you–and you probably won't like the results. So it was with Sarbanes-Oxley and, perhaps, now with a data privacy and security. From | Between the Lines
Continue reading...


Grokking Grokster

Doc Searls has a very thorough and thoughtful commentary on the Grokster ruling at IT Garage.
Continue reading...


Memo to David Pogue: We're Geeks!

David Pogue, the influential NY Times tech columnist doesn't like the name "RSS". This is how you know a technology is going mainstream: the tech columnists in newspapers start to complain about the names. Just how does David believe these things get named? Not by some product manager. They get named by some geek (Dave Winer in this case) late at night in the heat of programming. The name isn't a carefully thought out product name, quite the opposite. By the time, it reaches the mainstream, it's too late to change the name. Editor's note: Numerous people have written
Continue reading...


The UK's Universal ID Card Proposal

Kim Cameron discusses the proposed universal ID card system in the UK. Stefan Brands has a four part discussion at The Identity Corner. Here they are: part I, part II, part III, and part IV. Stefan's posts discuss a London School of Economics report that critiques that proposed UK system. (Note: I had to use the Adobe Reader to view this document rather than Preview). Here are the conclusions of the report: The Report concludes that the establishment of a secure national identity system has the potential to create significant, though limited, benefits for society. However, the proposals currently
Continue reading...


iTunes and Podcasts

Yesterday Apple released version 4.9 of iTunes. The big change was built in support for podcasts. I've been using iPodder and have been pretty happy with it, but I'm giving iTunes a go just to see how it compares. The integration is bound to be nice, but I'm not wild about the podcast directory in Apple's Music Store. I'm hoping that I'll be able to manage my podcasts more automatically. One thing for sure, having built-in support for podcasts will make the medium much more mainstream. Doug Kaye reports that yesterday, because of the release of iTunes 4.9, was
Continue reading...


Free Mobile Calls to Anywhere in the World

The latest Cringely has some interesting analysis about why Adobe bought Macromedia, but skip past all that an read the part in the middle about ipDrum: Mobile Skype Cable and comes from a Norwegian company called IPDrum (or will come when it ships in August). The cable connects a mobile phone to your computer. The illustrations all show one phone and one computer, but the power of the system can only be realized if you have at least two phones. One phone stays at your PC as the interconnect with Skype. I'm hoping the cable also charges the phone,
Continue reading...


Don't Send Word Documents to Norway

Norwegian Minister of Modernization Morten Andreas Meyer announced today that "Proprietary formats will no longer be acceptable in communication between citizens and government." eGovernment sites, including Utah.gov, haven't been as good about this as they should be. The proposal goes beyond proprietary formats and calls for proposals from the national and local governments to propose plans for using open source solutions wherever possible. On the identity front, the plan also calls for every citizen to be given a personal electronic identifier to replace the numerous usernames that people have for interfacing with the Norwegian government. We worked on this
Continue reading...


T-Engine: Ubiquitous Computing

Back when I started computing, I used Fortran on an IBM 370 and timesharing via an IBM Selectric-like teletype. Many users--one computer. At that same time, I got my first taste of microcomputers, what we'd call personal computers now, by building a MITS Altair with an 8080 CPU and 4K of RAM for the College of Mines (my undegrad is in Metallurgical Engineering). One user--one computer. Now, of course, I routinely carry 4 or 5 computers around with me all the time (if you count things like my iPod and Canon S500) and I'm dependent on computers being everywhere.
Continue reading...


Content Watch Quality Assurance Manager

Content Watch is looking for a Quality Assurance Manager.
Continue reading...


XQuery Efficiency

In my earlier post on XQuery, I said that XQuery was "imperative" and that's not strictly true. It is true that the for construct makes it look familiar and approachable to an imperative programmer, but it turns out that FLWOR blocks can be compiled to relational operators and have close analogs in SQL. I was discussing XQuery over lunch with some colleagues and we got talking about XQuery efficiency. The bottom line for me is that if I'm using XML, I've got more confidence in the efficiency of the XQuery engine in DbXml than I do in the quick
Continue reading...


OpenID

Doug Kaye wrote to ask me about OpenID.net. I actually don't remember having ever seen it before, but it looks kind of cool. in OpenID, identities are just validated URLs--nothing more, nothing less. All the system does is say that you own a particular URL. I like the idea of a distributed identity system without any single points of failure. Glancing at the OpenID Wiki, it looks like there still quite a bit to do to make it all work. I'll have to dig into this sometime when I've got a bit of time.
Continue reading...


XQuery is Cool

If you've been involved in XML and particularly XML databases, you probably already know this, but since I'm just discovering, I've got to say that XQuery is cool. I've used XPath for a while now and it's nice, but expected given what we all know about paths in file systems. XQuery goes beyond (literally extends) XPath to provide sophisticated query capabilities for XML documents. It's imperative rather than declarative, since XML doesn't have the nice set-theoretic properties of relational databases, but it's still quite capable. Suppose, for example, that I had an XML document representing configuration information for RSS
Continue reading...


Where's the Control Panel?

I'm sitting here working and my eight-year old asks "Dad, where's the control panel?" He's on the iMac G5. I didn't think he could possible be asking about the real control panel, so I asked "why?" He says "the mouse is too slow, I want to speed it up." I showed him where the system preferences are. It blows my mind that my eight year old knows you can change the mouse speed in the control panel.
Continue reading...


Squarespace

I just ran across Squarespace, a hosted blogging tool. Their example sites look pretty good.
Continue reading...


DirectPointe Board

Yesterday I was appointed to the Board of Directors for DirectPointe, a managed service provider based in Utah. I've been talking to Mike Proper, the CEO off and on for a few years about his business and have always been fascinated by it. They have made great progress so far, and if I know Mike, they're going to be one to watch. I'm excited for the opportunity to be part of it. DirectPointe is definitely a "longtail" kind of business since they service the network, server, and desktop needs of businesses with less than 150 people per site. They're
Continue reading...


Philip Evans on Lowering Transaction Costs

Dan Farber is blogging some of the talks from Supernova 2005 over at Between the Lines. He just posted an article on Philip Evan's talk about the key to lowering transaction costs. Evans is the author, along with Thomas Wurster, of Blown to Bits: How the New Economics of Information Transforms Strategy. When Evans talks about transaction costs, he means something different than what you might first think of: "First, it's the time and effort expended to reach an agreement, and secondly, it's the difference between the value to the parties of the actual agreement reached and the value
Continue reading...


Printing PDF from the Command Line

I had about 20 PDF files I needed to print out on my Powerbook and I didn't want to open each file in Preview and then tell each one to print, so I went out looking for ways to print PDF from the command line. I found this handy chapter about Unix-style printing in OS X (from an O'Reilly book) that told me that the lpr command on OS X just knows about PDF. So, in the end it was no more complicated than this: for f in *.pdf > do lpr -PCSOffice $f > done
Continue reading...


Hooking DbXml to Scheme

This morning I completed a small project to build an RSS feed crawler in Scheme. My main purpose was to exercise a recent integration we've done of Sleepycat's DbXml database to Scheme. The integration isn't ready for general distribution yet--it's still pretty rough around the edges--but I'd gladly make it available to others who are interested in experimenting with it. The program reads configuration from on DbXml collection (think of it as a table) and then grabs the RSS feeds for each feed in the configuration. All of the channel information is inserted in one collection and the items
Continue reading...


Eric Norlin on Federation and the Data Protection Red Herring

Eric Norlin makes his debut on Between the Lines with an article discussing the red herring of data protection. Speaking of the many, mulitple losses of personal data by corporations, Eric argues that the answer is in not letting them store the data in the first place. Much has been said or written about federated identity, but I'd like to ground federated identity in one simple statement: Federated identity is an infrastructure that makes security follow the transaction. It does this by making the identity associated with the transaction "portable" across heterogeneous security domains. In short, federated identity (whether
Continue reading...


Pervasive Digital Media and Customer Service

A few year ago, Steve Fulling and I installed a waste gate on our plane. The waste gate allows the turbo charger system to self-regulate by dumping unneeded exhaust gas instead of running it through the turbo charger. It's wasn't cheap, but it makes operating the plane a little nicer. The other day Steve was contacted by the manufacturer of waste gate for a written testimonial for the product. A year ago Steve had taken some detailed pictures of various things in the plane with his digital camera. Consequently, Steve responded not just with words, but also a picture
Continue reading...


Trying Out InfoCard

If you're interested in exploring InfoCard, Microsoft's implementation of the identity metasystem proposed by Kim Cameron, Andy Harjanto has detailed instructions on how to get started.
Continue reading...


OSCON 2005

I registered for OSCON today. I'll see you there. I'm hoping we can do an identity meta system BOF there and discuss open source opportunities in the metasystem Microsoft is proposing.
Continue reading...


Digital Identity Book Back Cover

I recently finished reviewing the first draft of the page proofs for my upcoming book, Digital Identity. I think it's turned out how I wanted it to and I'm excited to have it out and get people's reaction to it. I reviewed the index and saw the back cover copy today. Here's what it says: The rise of network-based, automated services in the past decade changed the way businesses operate, and not always for the better. Offering services, conducting transactions and moving data on the Web opens new opportunities, but many CTOs and CIOs are more concerned with the
Continue reading...


Challengers to Hatch

Sen. Orrin Hatch has made all kinds of enemies in the Tech community with his support for the DCMA and the INDUCE act. I've got a piece over at UtahPolitics.org on potential challengers to Hatch in the 2006 election. So far, no credible Republicans have stepped up for an in-party challenge, but it's early. Should be an interesting election year, at least in Utah.
Continue reading...


Bluetooth Can Be Hacked in Milliseconds

A presentation by Yaniv Shaked and Avishai Wool of Tel Aviv University at MobiSys2005 showed how Bluetooth devices can be hacked, even with security enabled, in 0.6 seconds. A story at TechWeb gives some details and the full paper is also available. It's a real shame that things like Bluetooth are aren't designed with better security in mind from the start. It's just getting some traction and the convenience is unbelievable.
Continue reading...


Tidy Extension for Scheme

Last Saturday I needed to clean up some HTML (that I'd read into Scheme as a string) into valid XML for storing in Sleepycat's DbXml database. HTML Tidy is a great way to do this, so I put together a small, single-function extension to the Tidy library for PLT Scheme. The library's easy to build and use. Here's an example: (require (lib "tidy.ss" "tidy")) (define bad_string "<p>Foo!<ul><li>first<li>second") (display (tidy:string bad_string)) This displays <p>Foo!</p> <ul> <li>first</li> <li>second</li> </ul> I've run several hundred HTML snippets that I've gotten out of RSS feeds through the function over the last week and it's
Continue reading...


Automatic Namespace Declarations

I'm using SAX (inside the Scheme SSAX library) to parse an RSS feed (Jon Udell's actually) and he uses some dublin core tags inside his RSS feed, like so: <dc:date>2005-06-15T09:30:39-05:00</dc:date> Jon doesn't declare the "dc" namespace anywhere in his feed, and yet SAX still expands it to "http://purl.org/dc/elements/1.1/". How and, more importantly, why? This doesn't seem right... Update: Jon wrote to tell me what was causing the namespace to seemingly expand without being declared. It is declared, as you can see by viewing the source, but Firefox hides namespace declarations when you view XML in the browser. There's probably
Continue reading...


Flying the Shoreline of Utah Lake

N9472C in the air. An old friend of mine from Southern California was in town the last few days to buy a plane. He bought a Piper Archer from a guy in Montana. Yesterday Steve Fulling and I flew with him down to Richfield to have breakfast and see him off on his trip back home. I was riding shotgun with Kevin, so I got some great shots of our plane in the air. On the way home, we flew over the eastern shoreline of Utah Lake behind West Mountain. Lots of fun.
Continue reading...


Decoding the WS-Alphabet Soup

devX has a handy reference on various WS-* standards, what they're good for, and when to use them. The article starts out: The alphabet soup of WS-* is difficult to master and yet, very essential for the immediate future. Here's our pocket guide to the basics of the 12 most important WS standards and in what situations they apply, for both .NET and Java. From Pocket This Decoder for WS-Alphabet SoupReferenced Wed Jun 15 2005 20:41:43 GMT-0600 (MDT) I disagree. I think these standards are more like TCP/IP in the sense that plenty of people write usable, even great, networking
Continue reading...


Protecting Your Customer's Data

Yesterday I published an article at Between the Lines called Staying Out of the News that describes some things IT shops can do to reduce the risk that they'll end up in an embarrassing situation where they've lost personally identifying information for their customers. The most recent Baseline has an in-depth look at ChoicePoint the company that sold information on 35,000 people to a fake business out of Nigeria. Good reading if you've a strong stomach.
Continue reading...


Identity in Financial Services

Speaking of Eric Norlin, I just found out from Eric that DIDW is going to do a Financial Services Identity Summit in NYC in November. Very good.
Continue reading...


Joe Sixpack and Security Tokens

Eric Norlin asks whether anyone else believes "Joe Sixpack in Ogallala, Nebraska [will whip] out his USB token to encrypt and secure his online banking transaction." This is in response to recent comments by Dave Steeves of Microsoft on using USB security tokens to secure online transactions. Eric, for the record, I'm with you. Further, I'm wondering whether the security of online transactions is even that big of a deal at present. Phishing, pharming, and Spam fraud seem to be much more likely to separate Joe Sixpack from his dinero.
Continue reading...


Does Your Platform Matter?

A friend asked me if his company ought to switch from .Net to LAMP. He's firmly convinced that in the long run LAMP will scale better. There's apparently some ongoing discussion within the company about what platform to use for an Internet-based business that expects to have millions of users. My answer probably wasn't as definitive as he'd have liked. If I were starting a company and had no legacy, I'd choose LAMP. I believe it scales better. I agree with Peter Yared that there's no better tuned Web platform on the planet than Apache on LAMP. That said,
Continue reading...


Another CTO Breakfast

It's time for another CTO Breakfast. We'll be meeting in the usual place (food court at Canyon Park Technology Center) this Friday at 8am. This month, I've moved the CTO Breakfast from the 24th to the 17th to accommodate UITA's Utah County event that was scheduled for the same place at the same time. Also, mark July 29 and August 26 on your calendars. If you've never attended, the breakfast is an informal discussion of technology, with a particular interest in product development and other CTO issues. CTOs, future CTOs, product managers and anyone else interested in technology are
Continue reading...


Environment Matters: No Data Known

Last week I moved the server that hosts this Web site. Ever since then, I've been getting a very strange error whenever the server tries to send email. Here's a sample: Jun 13 14:21:27 lynx sendmail[14437]: j5DKLQ7I014435: to=, ctladdr= (0/0), delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=30303, relay=windley.org, dsn=5.1.2, stat=Host unknown (Name server: windley.org: no data known) Googling the error message, ("no data known") was almost no help at all. Seems lots of people have seen that error, but no one knows how to fix it. In general, it means that sendmail couldn't get DNS information for the host. But, running "host
Continue reading...


Service Oriented Enterprise Architectures

John Gotze wrote to point me at one of his student's blogs. Rasmus Knippel is studying where service oriented architectures fit inside enterprise architectures and so his blog is called Service Oriented Enterprise Architecture.
Continue reading...


Wi-Fi- and Remote Connections Security Presentation

Ed McGarr, a friend who works at Senforce, wrote to tell me that they're sponsoring a free wi-fi and remote connections security presentation next Tuesday from 12:30-3:30pm in Draper. Send a note to Nick Gordon if you'd like more information.
Continue reading...


McNealy Was Right

A recent post by Don Park about a girl who refused to clean up after her dog and was "outted" by a camera phone totting netizen shows that Scott McNealy may have been right when he said "You have zero privacy anyway, get over it." The girl is apparently being hounded in a nationwide witch hunt.
Continue reading...


Where's My Stuff?

Jon Udell says, referring to OS X's Spotlight that "desktop search feels like an anachronism in 2005." I have to disagree--at least a little. Now, I understand exactly where Jon's coming from. In San Jose a month ago, we discussed his approach to workstations at some length over dinner one night. Jon's trying to move to a world where as little of his data as possible lives on specific machine and his tools are platform agnostic. Hence he uses Firefox to access Gmail, del.icio.us, and other network based tools. Jon's not alone: the next day I was talking to
Continue reading...


Open Source's Place in the Sun

Neil McAllister's column at InfoWorld on RedHat's challenge to Novell with its open source directory product reminded me that I've been meaning to mention Geoffrey Moore's talk at the OSBC called Open Source has Crossed the Chasm...Now What? Neil talks about how companies are replacing non-differentiating pieces of their product offerings with open source. This is just what Moore was talking about, although he takes it a step further and discusses why it's a good thing.
Continue reading...


Some Thoughts about Building InfoCard on REST

Kim Cameron has a very cogent piece on WS-Policy. In fact, read it and forget the standard. Everything you need to know is in Kim's description. This was timely because I've been considering my article at Between the Lines on a RESTful alternative (or augmentation perhaps) to the InfoCard proposal, something that was sparked by some questions from Doc. As I read Kim's description, I realized that there really no need to redo WS-Policy for REST--it can be used as is. One way to think about the RESTian argument is to separate out those parts of the WS stack
Continue reading...


Google Sitemaps

I just generated a Movabletype template to create a Google XML sitemap for Technometria and UtahPolitics.org. It was very simple, following the instructions from Niall Kennedy. The only thing I did differently was to use this URL to enter the URL of my sitemap. You can enter multiple URLs and see a status report.
Continue reading...


Server Up

The server move went off without a hitch. This time I was smart enough to change all the network configuration information before I took it down, so when it rebooted it was online and ready to go. Please let me know if you experience any weirdness.
Continue reading...


Server Moving

I'll be moving the server that hosts Technometria and UtahPolitics.org tomorrow morning between 8:30 and 10:00am MDT. Hopefully the downtime will be short.
Continue reading...


RESTful InfoCards

Doc has asked some great questions about whether RESTful equivalents of the InfoCard SOAP-based interfaces are possible. I responded at Between the Lines that I thought it was possible. The problems, however are political, not technical. Meanwhile Jon Udell is wondering whether we need InfoCard at all. I don't think the Web needs it, but I think companies do. Whether that means people need it or not, however is an open question.
Continue reading...


XML is the New Default Format for Office 12

The next version of Office (for Windows and Macs) will support and XML file format as the default. Scoble has an interview with Brian Jones at Channel 9 that's worth listening to. Brian says that the majority of corrupt files that get sent to the Office team for review have been corrupted by third party applications. This would make life easier for those third party applications. What's more, new applications will be easier to write. Dan Farber also has some additional information, including how to get a preview, at Between the Lines.
Continue reading...


Dynamic Range: A New Utah Blog

John Dougall, VP of Technology at WaveTronix and one of Utah's most technically astute legislators has a new blog called Dynamic Range. There are entries on politics, technology, and transportation--John's three favorite topics. If you've got an interest in Utah politics, I think you'll enjoy John's perspective.
Continue reading...


Firefox and Safari Up; IE and Mozilla Down

I reported the browser usage on Technometria for the first two months of the year a while back. I just checked for May and the numbers show steady gains for Firefox up 2% to 30% of visitors. Safari is also up over 1% to about 7.5% of visitors. Those gains come at the hands of IE and Mozilla. IE is down nearly 2% to 56%. Pretty heavy changes for just a few months.
Continue reading...


Recent BTL Articles

Two of my recent posts over at Between the Lines deal with enterprise computing: Does Your CEO Trust You? is a review of a recent Bain survey on what CEOs think of their IT departments. Tools for IT Transparency talks about things you can do to measure the performance of your IT organization and communicate that to the business units.
Continue reading...


Qwest Files Suit to Block UTOPIA

Unable to get the Utah Legislature to kill municipal broadband in Utah and rebuffed time and again at City Council meetings, Qwest has now taken the battle to the courts. Qwest filed suit Monday alleging that UTOPIA is unfairly using its status as a government agency and offering services below market prices. There were stories in the Deseret News and the Salt Lake Tribune. In its lawsuit, Qwest points out that UTOPIA, as an agency of the cities that created it, is exempt from sales and property taxes, which will enable it to operate and offer services over its
Continue reading...


Digital Identity Book Status

Lots of people ask about the status of my book on digital identity. I hope that means lots of people will buy it. :-) I just received the first page proofs from O'Reilly yesterday and have begun reviewing them. I think it's getting close.
Continue reading...


FEC Rules May Apply to Bloggers

I was just interviewed by Laura Jones at KCPW on the recent news that the FEC may apply campaign finance laws to bloggers. If you don't take money from a campaign or a PAC, the rules wouldn't apply and so, I think it makes it a pretty narrow application. I actually think its good for blogging for two reasons: This is one more mark that the Internet has come of age in campaigns. After Dean showed that the Internet was a viable medium for raising money and connecting with people, it's inevitable that FEC rules would be applied. This
Continue reading...


Transparent Expertise

I'm a little late reading this, but in case you are as well, be sure to read Jon Udell's critique of the WSJ article on the future of media. One important point from many is that it's now possible to check up on the expertise of reporters and analysts: Who, for example, is Brian Steinberg, the author of the above recommendations? The Journal asserts that he is one of "our experts." Google tells me he's a WSJ staff reporter. At ad-rag.com I learn that he's the Journal's "advertising reporter" and I dig up a reference to an audio appearance
Continue reading...