Technometria

Home
Why Technometria?
RSS
Atom
Podcast Feed

Recommend This Site

About Phil

Brief Bio
Contact Info
Phil on Twitter
Speaking
InfoWorld
Photo Albums
Video Favorites
CTO Breakfast

Essays

2006
2005
2004
2003
CIO White Papers

Software

Packages

Topic Guides

Understanding RSS
Digital ID Policies
Understanding VoIP
Internet Application Performance
Setting Up a Linux Server
Public Service Tips

Categories

Blog TagCloud

Archives

May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
December 2002
November 2002
October 2002
September 2002
August 2002
July 2002
June 2002
May 2002

Utah Tech Organizations

BYU Unix User's Group
Provo Linux User's Group
Utah Valley Linux User's Group
Ubuntu Utah
Salt Lake LUG
USU Free Software and Linux Club
Greater Utah BSD User Group
Utah PHP Users Group
Utah Python User Group
Utah Ruby Users Group
Ogden Area LUG
Southern Utah Unix Users Group
UtahSAINT

Friends

Mike Jones
Chuck Knutson
Kristen Knight

Copyright

Copyright © 2002-2006 PJW LC. Some rights reserved. Technometria is a trademark of PJW LC in the United States and other countries.

« November 2003 | Main | January 2004 »

December 31, 2003

Announcing Cowster

No, its not a dating service for cowboys. Cowster is the nickname I've given to the notion of using Web services and XML to build a cattle tracking system. As Dave Fletcher points out The USDA is moving full speed ahead on a plan to implement a tracking system.

Under the plan, now in draft form, individual animals would be tagged with a unique number allowing officials to more quickly determine where it came from, where it has been and herds that it may have come in contact with.

It took U.S. investigators at least a few days to trace the infected Holstein from a Yakima County farm to its birth herd in Alberta, prompting calls for a national tracking system that would have enabled officials to response faster. Investigators reviewed cattle sale records to locate the origin of the infected Washington cow, but were slowed by lack of complete records.

Information about the animals and its owner would be entered into a national central database to be accessed by state and federal officials in case of an outbreak such as mad cow.

From USDA to speed up implementation of tracking system
Referenced Wed Dec 31 2003 11:44:39 GMT-0700

Its that last piece that has people worried. Quoting from an Associated Press story:

Resistance to the plan has come from meat producers who don't trust the idea of establishing a central database that would allow the government or rivals to know detailed information about their operations.
From deseretnews.com | Scare could hone cattle tracking
Referenced Wed Dec 31 2003 11:46:38 GMT-0700

This is a classic identity and privacy problem, although, of course, its not the cows themselves that are worried about their privacy.

I used to work in the nuclear industry and we knew the history of every single part that went into a submarine power plant. You pick out the smallest bolt and follow its history back to the day the ore was pulled out of the mine. Think about what that entailed in the 50's, 60's and 70's. There were (probably still are) large buildings full of people in Mechanicsburg, PA whose job it was to manage the supply system for the Nuclear Navy. Doing this for cattle is huge in scale, but modern technology has made it possible as long as we don't try to recreate those buildings full of people.

The answer is for the Government to avoid building a big centralized database---that's so 20th century. Rather, the USDA ought to establish XML schemas and Web services interfaces and let private industry establish the data repositories. If I'm a rancher, I have established relationship with entities whom I trust. Let those entities keep the data for their customers. Don't aggregate the data about a specific cow in one spot, but let the data and the systems stay distributed until its queried. If we can use FOAF to keep track of relationships between people, why not a similar scheme to keep track of a cow's history from birth to bistro?

12:06 PM | Comments () | Recommend This | Print This

Steve Gillmor on 2003

Tis the season of best and worst lists and Steve Gillmor has one that I pretty much agree with on both sides. One thing he bring up that I don't think has gotten enough attention is Sun's news licensing model:

Sun licensing model÷You may argue whether Sun has a chance against Office with its Java Desktop System (JDS), but there's no doubt McNealy and software chief Jonathan Schwartz have altered the enterprise licensing landscape with their $100-a-seat licensing model. The real game-changer: that's per employee, not user, internal and external. A hundred or a million÷same price. It's a marriage made in heaven for Web services, an eBay, an Amazon, a salesforce.com or even a virtual McDonalds. "Over a billion served" takes on a new meaning for the bean counters.
From Best and Worst of Messaging & Collaboration in '03
Referenced Wed Dec 31 2003 10:01:06 GMT-0700

As Steve says, this is especially important for new service-based business models. One of the things that really frustrated when I started building big systems was that everyone wanted to be my partner. Not in the sense that they wanted to help me, but they wanted a cut based on how many customers I had. I thought that was the deal shareholders had, but enterprise software vendors want that deal too. Moreover, they want their cut first. Flat licensing changes that and makes some new businesses economically feasible.

10:04 AM | Comments () | Recommend This | Print This

December 30, 2003

SOAP Interface to Danish Reference Profile

John Gotze has written a SOAP interface to the search function for Denmark's reference profile (often called an interoperability framework). Here's the WSDL file, here's the code for a SOAP::Lite example client, and here's the client in action. If you don't speak Danish, this won't be so useful as a reference profile, but its a great example of how you can do some simple things in a few days that provide some interesting possibilities for interoperability. Web services aren't about the big thing, they're about lots of little things, arranged correctly.

2:09 PM | Comments () | Recommend This | Print This

The Economics of SOA

John McDowall, CTO of Grand Central Communications, is writing about the economics of service oriented architectures:

Service Oriented Architecture (SOA) is changing how enterprise software is being designed and deployed. Part of the success of SOA is in the technology and is due to the convergence of web services standards creating a common interoperable set of technologies to build SOAs on. The other part of the success of SOA arises from its superior economic model for enterprises. SOA is evolving to the point where new applications will not be deployed as monolithic instances but will become a collection of services woven together in a loosely coupled framework.
From Fast Takes
Referenced Tue Dec 30 2003 13:29:32 GMT-0700

The heart of John's argument, I think is a very telling phrase in the center of his document: "a significant part of the cost of enterprise software provides no significant business value to the enterprise." That's true of many products. We all pay for things when we only need part of their functionality. We do this because the convenience of having things pre-integrated is worth the cost of the parts we don't need. The promise of SOAs is that the integration cost will go down and consequently we'll be more likely to demand unbundled functionality that we can put back together in a custom implementation.

There are nay-sayers out there who don't believe this is possible. I think its a trend that already has significant legs outside of software. John's argument is essentially the argument for the modern corporate organization over the organizations that existed 20 years ago. We're much more likely to see corporations that outsource much of the manufacturing and provide the initial engineering, the final integration and the sales and marketing. Where GM used to do everything, they now manage a supply chain. John's making the argument that this same trend will extend to IT and that SOA is a significant enabling technology. I think he's right.

1:38 PM | Comments () | Recommend This | Print This

The 100 Megabit Les Paul

Gibson is set to release a digital guitar. The pick-ups will go right into a D/A convertor and from there travel over ethernet. Kind of interesting that no one's done it yet. A Wired Magazine article has the usual quotes from people saying "this is a solution looking for a problem." There's some cool things you can do once you've got digital signals coming out of guitars.

In a concert hall, this means a bulky analog snake of cables could be replaced by a single Cat-5. It also means real-time collaboration. Stanford staged a concert last fall that linked several musicians at different locations who improvised with each other over a system developed by NetworkSound, the first company to build a business plan around Magic. The school was so pleased that its Center for Computer Research in Music and Acoustics will also tap the technology for its recording facilities. "We're dividing our studios across 2 kilometers, and we can just grab a fiber on the campus network and make remote studios with zero delay," explains music professor Chris Chafe. "It's foolproof."
From Wired 12.01: The 100-Megabit Guitar
Referenced Tue Dec 30 2003 09:36:37 GMT-0700

I bought my 15-year old son a guitar modeler for Christmas. If you haven't seen these things, they're amazing. The article talks about those as well:

More recently, advances in sound modeling, using complex algorithms that simulate other instruments, have created a sort of identity crisis in the guitar world. In 2002, California-based Line 6 unveiled its Variax, which mimics 26 classic guitars - everything from a 1935 Dobro Alumilite to a 1968 Rickenbacker - with remarkable precision. Juszkiewicz is taking Gibson in the opposite direction. "We're not synthesizing sound," he says. "We're putting out a much better original signal." His claim, in essence, is that Magic makes the Les Paul sound more like itself.
From Wired 12.01: The 100-Megabit Guitar
Referenced Tue Dec 30 2003 09:38:09 GMT-0700

The modeler I bought for my son is built by a company called DigiTech in Salt Lake City. For only $70 I've been incredibly impressed with the sound; it even has a drum machine built-in for solo practice. A good modeler and a powerful PA system is a much better set up than and guitar amp I've heard.

9:43 AM | Comments () | Recommend This | Print This

December 29, 2003

The Social Life of XML

If you've got an interest in XML and Web services, pop over to Jon Udell's article in XML.com on the Social Life of XML. I've liked Jon's ideas in this area and this is a pretty good compilation.

While you're at it, read his hilarious post about getting questioned by the local cop while sitting outside the local junior high downloading email through their unsecured Wi-Fi. I've been there, although fortunately I've never been stopped. If I had, I'd probably have been thrown in jail knowing my luck. If you're in Salt Lake and need broadband access, the Salt Lake Public Library has free Wi-Fi access as does the Marriott Library at the University of Utah.

10:09 AM | Comments () | Recommend This | Print This

Clark Going Open Source

Clarks' campaign is going open source with the launch of Clark TechCorps. Taking a page from Dean's book, Clark is looking for some volunteer programmers to build software to build an online Clark community. The software will be distributed under a BSD license. From a Wired news article:

Dean technology staffers said they welcomed Clark's open-source initiative. "We both have the same exact problem: We need to mobilize our grass-roots base. There are vendors who have tools that help, but the complete toolkit doesn't exist. The pieces are out there, but there's no solution," said Zack Rosen, a Dean technology developer involved with DeanSpace.

Like the Dean campaign, Clark supporters adopted open source for both idealistic and practical reasons. "Open source for us symbolizes organizational transparency. We really feel that it's important that all development we do has this methodology behind it," said Clark TechCorps project manager Josh Hendler.

Open source also offers concrete advantages in a campaign environment, where people are both chronically short on time and reluctant to spend money on anything but advertising and fund raising, Clark technology director Josh Lerner said.

From Wired News: Clark Campaign Going Open Source
Referenced Mon Dec 29 2003 09:55:12 GMT-0700

You might be asking yourself why they distribute the software. The answer is: they have to. If they run it all on their servers it becomes "official" campaign material. That leads to legal issues and makes it harder to distance yourself from some of the crap that will inevitably be posted.

9:58 AM | Comments () | Recommend This | Print This

Top Ten Utah Tech Stories

Dave Politis and Dave Fletch both have their own top ten tech stories for 2003. Fletcher focuses on tech in state government while Politis is general and give SCO top billing.

9:51 AM | Comments () | Recommend This | Print This

VoIP Growing Pains

I'm a big proponent of VoIP, partly because I've always liked the idea of getting rid of the additional burden inside the enterprise of maintaining the traditional phone network. I also have to admit that I like the idea that it challenges the way we think about communications regulation. But as this c|net News article points out, there is a big difference between VoIP in a controlled environment and using it for general purposes telecom services on the Internet.

The problem basically comes down to standards. There are two primary standards: H.323 and SIP, but I've found that even when you can agree on a standard (as you can in a controlled environment) that gear still may not be interoperable. The only way to assure that my AudioCodes boxes will work with a VocalData softswitch is to test them. The answer is that they will if you carefully match AudioCodes boxes and versions with VocalData versions. When its time to upgrade you may need to upgrade both ends simultaneously to ensure that nothing breaks.

Imagine the problem then of just giving your customers a SoftPhone and telling them they can call people on other networks with different equipment and software. Right now, its probably the rare exception when that works. The short term answer will be to route VoIP traffic destined for another network onto the PSTN. That hardly fulfills the promise of VoIP, however. The only thing that's going to bring it about is tighter standards and better interoperability testing. I'm confident that this will happen---some mighty big players are betting on it and they're going to push the VoIP vendors hard in 2004.

9:46 AM | Comments () | Recommend This | Print This

December 27, 2003

Making Spammer Pay

A BBC article describes a scheme to make Spammers pay, computationally. The idea is simple, attach a cryptographic token to each email that is expensive to compute, say on the order of 10 seconds. Since I typically send less than 100 emails per day, that little bit of computation would be inconsequential to me. When you receive my email, your email client sees the token and knows that I spent something to create it and thus deem my email worthy of reading.

This scheme leaves spammers with two choices: send emails without the token or spend money on many powerful machines to perform the necessary computations. The latter shifts the balance away from a strategy of carpet bombing the planet with ridiculous emails knowing that only a small fraction of a percent have to respond to repay the cost of sending.

11:31 AM | Comments () | Recommend This | Print This

December 24, 2003

UTOPIA Picks First Service Provider

UTOPIA announced yesterday that AT&T has signed a contract to be the "anchor tenant" service provider. This is the kind of support UTOPIA needs to get bonds issued. I think its funny how the world works. AT&T, who recently spun off AT&T Broadband (now Comcast), is now back in the local telephone market and competing with Comcast throught this deal. Mike Armstrong correctly predicted market forces years ago, but nothing turned out exactly like he'd dreamt it.

2:23 PM | Comments () | Recommend This | Print This

Login.Utah.gov: An Identity Case Study

Utah has announced a new enterprise web authentication system called Login.Utah.gov. The system is built on top of the Utah Master Directory. The system is designed so that it is usable from multiple applications and will provide a interoperable authentication infrastructure for multiple applications.

In addition to State employees, the UMD can contain user information for non-State employees who are users of State applications. Several public-facing applications are being developed to use UMD and Login.Utah.gov. The eREP project, a major social services system, will be using Login.Utah.gov for authentication on future application releases. All eREP users will have accounts in UMD. The Department of Healthâs Utah Notification Information System, or UNIS, which will notify medical providers throughout the state of Homeland Security alerts, will also use UMD. It is anticipated that many more public-facing applications will take advantage of these tools to bring more eGovernment services to the citizens of Utah.
From ITS Announces UMD and Login.Utah.gov
Referenced Wed Dec 24 2003 14:08:21 GMT-0700

This is just one more step in a multi-year effort to create a mature authentication and authorization platform that supports the identity needs of employees, citizens and businesses. Identity infrastructures are an example of the kind of painful infrastructural development processes that underpin eGovernment. Going beyond vehicle registrations and hunting licenses requires this kind of maturity. Unfortunately, its often unrecognized because its not flashy. I, for one, understand the pain and hard work that goes into this kind of announcement. Congratulations to all who made it happen.

2:15 PM | Comments () | Recommend This | Print This

December 23, 2003

Announcing the Emergent Democracy Workshop

O'Reilly will hold an Emergent Democracy Workshop in conjunction with their Emerging Technology conference this year. The goal of the conference is to create a forum for discussing the intersection technology and democracy. There are some interesting developments in this area this year, what with the stuff the Dean campaign has been doing and the issues surrounding eVoting.

The Workshop will be held the 9th of February (Monday) on the same day as the tutorials for ETech. The venue is the Westin Horton Plaza in San Diego. There will be speakers or panels on:

  • Open Source Government
  • Advocacy as Application
  • Electoral Democracy
  • eVoting

plus a few other surprises that aren't ready to be announced yet. I'm moderating the eVoting panel and while I don't have confirmations from panelists yet, I think it will be a good panel with some give and take.

We've been planning this workshop for a few months now and I'm very excited to see it taking shape. There's some very good people working on the workshop and some great speakers. We're looking for techies to attend, but also non-techies who have an interest in this interesting intersection of technology and the way we govern ourselves. I hope to see you there.

8:13 PM | Comments () | Recommend This | Print This

SCO vs Linux Developments

A few interesting stories on the continuing SCO vs. Linux battle:

The first article has a quote which I think sums the whole thing up:

Mark Radcliffe, an intellectual property lawyer with Gray Cary in Palo Alto, Calif., said the development suggested that the dispute over Linux's origins would probably drag on even longer until the courts sorted out who owned what. "What you have,'' he said, "is two companies that say they own the same copyright."
From Novell Registers Unix Copyrights
Referenced Tue Dec 23 2003 15:51:08 GMT-0700

Ugh! I have to hand it to Novell. This is more life than I've seen out of them for years.

3:52 PM | Comments () | Recommend This | Print This

IT's Coal Mining Jobs

I had the opportunity to speak for an hour or so yesterday with Bruce Daley, editor of the The Siebel Observer. Bruce asked the question "Where are the white spaces in enterprise software?", a topic at the upcoming Enterprise Software Summit which Bruce hosts. We had a great conversation; I wished I'd recorded it. The conversation centered around the IT hierarchy of needs and the problems facing most corporations.

The IT Hierarchy of Needs (click to enlarge)

If you haven't seen the IT hierarchy of needs before, the idea is pretty simply. There are some problems you have to solve before you even become aware of or appreciate the scope of other problems. The bottom level is called "base infrastructure" and includes things like desktops, networks, etc.--the stuff that it takes to just make the enterprise go everyday. At the top is "business processes" meaning automation of and support for business activities.

The problem is that while most CEOs are screaming for the top two or three levels of the hierarchy, most IT shops are struggling with the realities of the bottom three. Everyone ignores data.

Its not that the problems in the bottom layers are intractable, they're not. The first two, in particular are pretty well understood. So, what's the problem? The problem is that most IT shops are afraid to do what it takes to solve the infrastructure problems. I know, you're thinking that's ridiculous. Why should they be afraid? That was my first reaction too, but I've seen it with my own eyes, more than once. IT shops actively resist the infrastructure best practices that will lead to excellence.

At the heart of the problem is that most IT professionals enjoy troubleshooting PC and network problems. Its predictable work that has nearly immediate payoff because you solve multiple problems per day and people think you're a hero for doing it. No one gives you and attaboy when their PC just works.

On top of this positive feedback is lack of vision. They can't imagine what will fill their days if they're not fixing PCs and networks all day. They have trouble envisioning the work at the top of the hierarchy and what if will mean to them professionally.

This leads to the fear that there won't be any work left and they will lose their jobs.

I think that this same notion is behind the constant talk of off-shore outsourcing and the dire predictions that IT jobs will shrink as more and more work is pushed off-shore. Take another look at the hierarchy and ask yourself which of those tasks can be outsourced (off-shore or not). That's right, the bottom levels. You can't outsource the top levels of the hierarchy.

What's getting outsourced? The IT equivalent of coal mining jobs. My undergraduate degree is in metallurgical engineering and I've spent some time in mines. Its dirty, but high paying work that doesn't require much formal education. People love it. But its also subject to lots of ups and downs and over the years had steadily declined.

My prediction is that while hundreds of thousands of IT jobs will go off-shore in the next decade, we'll gain more than we lose as we move up the hierarchy. We do a poor job of meeting demands at the top of the hierarchy and there's plenty of work to do. When you think about the real problems that IT should be solving, its amazing how little attention we pay to them. Our goal ought to be to provide every employee with the information they need to do their job when they need it. Instead, we throw an email client and a word processor at them and say "good luck." We can do better and the first step is to embrace the changes that are required to solve the problems at the bottom of the hierarchy---even if that means some pain in the short term.

10:11 AM | Comments () | Recommend This | Print This

IT Bloggers

I'm proud to say that this blog was recognized as "essential reading" for people looking for IT understanding by Network Fusion magazine. In their annual review, Network World listed 10 weblogs. Here's what they said about this weblog:

Windley, the former CIO for the state of Utah, knows IT. His Weblog covers the breadth of stuff today's IS and networking pros need to keep up with - from security to network architecture to management (of devices and staff). As you might expect, he often discusses government networking issues, but also has a strong interest in identity management and network security in genera
From Blogging for power
Referenced Tue Dec 23 2003 08:54:23 GMT-0700

Another Utah-based weblog, that of Troy Jessup, also got the nod. Here are the others in the list:

9:00 AM | Comments () | Recommend This | Print This

December 22, 2003

Last Mile Broadband Deployment Creates Jobs

A new study by Citizens for a Sound Economy says that widespread broadband deployment will create jobs and benefit state economies.

The introduction of broadband holds great economic promise, not just for the companies providing broadband services, but for the businesses and consumers who rely on the service. Two recent studies suggest that full broadband deployment would generate roughly 1.2 million jobs throughout the nation--or more than twice the number of jobs lost in the telecommunications sector. These are estimates of net new job creation.
From State Economies Can Benefit from Broadband Deployment
Referenced Mon Dec 22 2003 09:27:36 GMT-0700

According to the report Utah is pretty far down the road in the job creation category: just 5000 jobs. The report blames fumbled regulatory practices for the barriers to widespread broadband deployment:

While there are many causal factors responsible for the economic downturn and the collapse of the telecommunications sector, federal and state regulatory policies should not be overlooked. Regulators have struggled with the implementation of the 1996 Telecommunications Act, with efforts to establish a more competitive market often creating disincentives for the capital expenditures necessary to deploy a broadband network to individual households across the nation.

I believe that we're in a period of confusion. Because more telecom regulations have been based on particular technologies, specifically, circuit switched, copper networks, it gets to be tougher and tougher to see how they apply to new networks and technologies. This leads to considerable uncertainty. The recent FCC hearings are a sign of this.

9:38 AM | Comments () | Recommend This | Print This

December 19, 2003

RESTful Tuple Spaces

Once upon a time, I thought David Gelertner's ideas around Linda and tuple spaces were pretty cool. I never decided they weren't just lost track. I even had a Master's student working on a formalization once, but he didn't finish. Today I came across a thoughtful article by Vanessa Williams on a RESTful implementation of tuple spaces that I don't want to lose track of.

2:15 PM | Comments () | Recommend This | Print This

Lydon Interviews Morris and Trippi on Politics and the Internet

Christopher Lydon has several interesting interviews on his site. If you're interested in the intersection of technology and politics, you should really listen to his interview with Dick Morris and his interview with Joe Trippi.

"I'm a Cortez guy," Joe TrippiÊroared at the end ofÊour conversation in the corner office of Howard Dean's headquarters in Burlington, Vt.Ê As in: Hernando Cortez, the Conquistador who faced the Aztec hordes five centuries ago withÊjust 400 Spanish troops at his side, and burned his own boats on the beach in caseÊhis compatriots thought of leaving prematurely.Ê Horses, gunpowder and steel made all the difference for Cortez.Ê The Trippi difference in the Democratic nomination fight has been the Internet.Ê
From Christopher Lydon Interviews... :
Referenced Fri Dec 19 2003 09:24:53 GMT-0700

These interviews, along with Doug Kaye's IT Conversations are a great reason to own an iPod. At this point, its got to be a business expense.

9:26 AM | Comments () | Recommend This | Print This

Court Rejects RIAA Subpoenas

A US Appeals court ruled (short CNN story) that the recording industry's methods for tracking down those accused of illegally downloading music are themselves not legal. A lower court had ruled in the RIAA's favor.

"In sum, we agree with Verizon that (the law) does not by its terms authorize the subpoenas issued here," Chief Judge Douglas Ginsburg wrote. You can read the the full pinion (PDF) if you're interested.

9:17 AM | Comments () | Recommend This | Print This

December 18, 2003

Instant Messaging InfoFest

If you've got any kind of interest in instant messaging, you owe it to yourself to read the many interesting articles in ACM Queue. Here are a few highlights:

One of the projects discussed in the last article talks about a system called Awarenex which puts activity indicators in the buddy list such as indicating when the person has a meeting scheduled on their calendar or even when they're on the phone. You can get some of this right now on the Mac using iChatStatus, a scriptable application that let's you automatically change your iChat status from a script. Mine let's people know what song I'm listening to in iTunes, but I don't see why it couldn't be programmed to tell people when I'm on a trip or have a meeting scheduled.

2:25 PM | Comments () | Recommend This | Print This

December 17, 2003

Political Machine in a Box

Last Sunday, Everett Ehrlich asked "What will happen when a national political machine can fit on a laptop?" The piece echos some of the information I've posted recently on connected democracy. The article plays off an interesting theory by economist Ronald Coase: "The cost of gathering information determines the size of organizations." Of course in the Internet age, the cost of gathering information has shrunk dramatically.

For all Dean's talk about wanting to represent the truly "Democratic wing of the Democratic Party," the paradox is that he is essentially a third-party candidate using modern technology to achieve a takeover of the Democratic Party. Other candidates -- John Kerry, John Edwards, Wesley Clark -- are competing to take control of the party's fundraising, organizational and media operations. But Dean is not interested in taking control of those depreciating assets. He is creating his own party, his own lists, his own money, his own organization. What he wants are the Democratic brand name and legacy, the party's last remaining assets of value, as part of his marketing strategy. Perhaps that's why former vice president Al Gore's endorsement of Dean last week felt so strange -- less like the traditional benediction of a fellow member of the party "club" than a senior executive welcoming the successful leveraged buyout specialist. And if Dean can do it this time around, so can others in future campaigns.
From washingtonpost.com: Q: What will happen when a national political machine can fit on a laptop? A: See below
Referenced Wed Dec 17 2003 17:20:03 GMT-0700

The Internet has given Dean a way to recreate assets that in the past could only be built by a large organization. Dean has done a one-off, but its not so far fetched to image a "political machine in a box" that you fire up and start using with very little effort. It could even be run as a service for a monthly fee---maybe a premium if the candidate wins. Who needs a party except for the brand.

Well, the Post article talks about a number of groups that don't need the brand so much as they want to mold the brand in their own image.

Here are some predictions. First, if Dean loses the nomination, he will preserve his organizational advantage and reemerge as a third-party force four years from now. He has done with technology what Ross Perot could not do with money alone. Second, the evangelical right will become a separate political party in the near future, and will hold its own conventions and primaries. Like the Conservative Party in New York state, it will usually endorse Republican candidates. But evangelicals will use their inherent party-ness to make the Republican candidate stand in front of them and give a separate acceptance speech. And finally, in the next six or eight presidential elections, a third-party candidate will win the presidency. Issues -- most likely the coming fiscal debacle and the inescapable abrogation of promises made on Social Security and Medicare -- will give the third-party candidate an opening. But technology will give him, or her, the means.
From washingtonpost.com: Q: What will happen when a national political machine can fit on a laptop? A: See below
Referenced Wed Dec 17 2003 17:25:33 GMT-0700

I think there's a real possibility that technology will allow a third party candidate to build a platform by shopping the various semi-independent groups to form a candidacy that cuts across traditional party lines and includes positions that have traditionally been seen as inseparable from the two primary parties.

5:28 PM | Comments () | Recommend This | Print This

Fake Property

I had dinner last night with Phil Zimmermann. We got to lamenting the "intellectual property" (known as ideas, code, and other thoughts to those who are not lawyers) that we'd both created that now lay buried in some dead corporation's filing cabinet's somewhere. When I think about all the ideas that have been lost to this common occurrence, it makes me want to cry.

This is one of the uncounted costs of "intellectual property." Congress hears all sorts of testimony about the money that will be lost to estates and others if the copyright period isn't extended, but there's never any way to measure the opportunity cost of lost or locked-up ideas that run-amok "intellectual property" laws cause. I''m sure that other's have made these points before, but as Phil and I talked, I realized two things about "intellectual property" that cause this problem.

  • "Intellectual property" isn't like real property precisely because it can be put in a filing cabinet and forgotten. People rarely forget they own 100 acres over in Spanish Fork. If they do, the property is in plain view for all to see and there are public land records that they can use to track down the owner and make an offer.
  • That leads to the second point. "Intellectual property" is not fungible in the same way that real property is. If I put some ground up for sale, chances are very good that there's someone else who will want to buy it. Maybe many others. There are maybe two people in the world who would be interested in buying some of the "intellectual property" of the old iMALL (I'm one of them). It just doesn't make sense to go to much effort to put something up for sale when there's not much chance that someone will buy.

All this says is that "intellectual property" is very different from property as most folks think about it. This means that making any analogies from real property to fake property is dangerous and should be avoided. A quick look at the pronouncements of many in Congress will show you that they don't understand that.

9:22 AM | Comments () | Recommend This | Print This

December 16, 2003

The Dark Side of Digital Identity

Steven Levy has an article in Newsweek about the dark side of digital identity. Levy ponders a world, very much in the offing, where the Internet becomes a tool for corporate and government interests by locking down every bit of data with strong identifying information and the authorizations to go with it. The upside, of course, is a world free of SPAM and viruses. The downside is that you might have to pay for every link you make in an HTML document. Sort of a virtual Singapore. This is a topic not enough people are paying attention to.

A related article, although not about digital identity, is this piece in the San Jose Mercury News by Michael J. Copps, a commissioner on the Federal Communications. Commission. He says:

If we continue down this path, the basic end-to-end openness that made the Internet great will be gone. Control will have been turned over to those who control the bottlenecks, just like Ma Bell controlled them in the heyday of its monopoly.

Some argue that competition will save us from this fate. But today only a minority of Americans has a choice between cable and DSL. The rest of us can take whichever one is available -- if one of them is available. Until real competition between technologies limits the power of incumbents, we must not abandon anti-discrimination rules.

From Welcome to the Mercury News on Bayarea.com
Referenced Tue Dec 16 2003 09:15:58 GMT-0700

Alternately, we can build networks like UTOPIA. Qwest and Comcast are busy building networks that will lock us into whatever they decide we need. I want more than that.

8:54 AM | Comments () | Recommend This | Print This

December 15, 2003

Atom and the Power of the Human Voice

Sam Ruby has posted slides for Atom (hint: the slide are the link at the very top). Atom is a new syndication specification that competes with RSS 1.0 and RSS 2.0. Yikes! Still, I think Sam makes a good case why Atom is better. Robert Scoble asks

I still wonder what would happen if Microsoft wrote those same slides? Imagine we take Atom's spec and then demonstrate 20 places we could improve Atom as justification for coming up with a new spec? Where does it end? I don't know. But, how is this not "embrace and extend" only this time Microsoft isn't behind it.
From The Scobleizer Weblog
Referenced Mon Dec 15 2003 15:19:16 GMT-0700

This is a good question and I have a theory. My theory is that because Sam is a real human, speaking with a real voice, we don't see it as an attempt by IBM to shove something down our throats for their own good. Rather we see it as a thoughtful attempt by a respected member of the community, who happens to work for IBM, to make improvements.

That said, I'm undecided. While I can clearly see the technical benefits to Atom, organizations like the Utah Legislature are just taking the first baby steps to using RSS and things like this scare them off. I don't want them scared off; I want to see RSS feeds for everything they do.

Sure, with the right content management tools, generating syndication feeds in multiple flavors isn't a big deal. I'll let you in on a little secret: a lot of the RSS feeds you see aren't generated by flexible content management systems. Others, like the feed for this blog are generated by software from organizations that have a horse in the race.

3:28 PM | Comments () | Recommend This | Print This

Most Overlooked Burning Issue of the Year

John Gotze says that digital identity should have won the award for "Most Overlooked Burning Issue of the Year" in 2003. Denmark is very progressive in eGovernment and facing issues that most governments won't see for a few years, so its a good idea for any government CIO to follow what Denmark does closely and anticipate the problems Denmark faces as they blaze the way.

One of Denmark's initiatives for 2003 was a nationwide digital signature program. Says John:

The certificates (OCES) are politically mandated for future online public services, but the banks and other players already have own established solutions and are reluctant to move on to OCES, so we're clearly not done yet, if anyone thought that was the case. The challenge is that digital identity management is about so much more than digital signatures.
From Gotzeblogged
Referenced Mon Dec 15 2003 09:24:29 GMT-0700

Another example of where digital identity is proving to be an issue is in Denmark's aggressive roll-out of Web services. A case study on Loosely Coupled talks about how Web services lead to digital identity:

Denmark's Immigration Service, which has embarked on a major web services initiative to provide information to other Danish government departments and ultimately the general public, fears that it faces growing costs to manage user access privileges unless it can automate the management of multiple identities. Its ability to do so depends partly on how quickly standards are ratified and, in turn, how fast its identity management software supplier can absorb the standards in its own applications.
From Information access waits on ID standards
Referenced Mon Dec 15 2003 09:27:37 GMT-0700

I think we're going to see more and more of this as organizations understand that aligning IT with business means that we have to stop worrying about controlling access to networks and servers and start worrying about access control for documents, records, and other fine-grained resources.

9:32 AM | Comments () | Recommend This | Print This

December 12, 2003

Some Weird Happenings at Utah.gov

Last Saturday I was trying to renew the registration on my truck at Utah.gov and lo and behold it was down. I thought that was funny, but it came back up about 3 hours later and I finished what I had to do. I don't know how long it was down before I noticed. In poking around, however to determine if it was them or me, I noticed that the IP address for Utah.gov isn't inside the State network anymore. Its on a network owned by ViaWest, a company out of Denver. So, I've got some questions:

  • Why, when the State already pays tens of thousands of dollars per month for Internet connectivity at UEN is Utah.gov being hosted on an out of state network?
  • Who approved this? Seems like the CIO's office would have to be involved.
  • The new contract with NIC (PDF) requires that UII move the machines that host Utah.gov into a state data center. This seems to be going in the opposite direction.
  • Who's paying for this?
  • Why did the outage last for at least three hours? Is anyone monitoring the site?

I'm going to do some more poking around and see what I can dig up. If you know more and would like to let me know, feel free to leave a comment below or to send an email or AIM me (PJWindley).

2:41 PM | Comments () | Recommend This | Print This

Utah.gov: A Directory Tale

When I was CIO of Utah directory issues seemed to take up a lot of our time and effort. When I became CIO, the state had been using the domain name state.ut.us. The domain name was not particularly easy to remember and when you tacked on one or two subdomains to identify a department or agency, the affect was almost comical. For example, my email address was pwindley@gov.state.ut.us. The Governor remarked that he could almost feel people start to dance to the rhythm when he told them his email address.

In addition to the official domain name, agencies in state government had gotten into the habit of registering domain names in the .org TLD for every publicly facing Web site they started and Utah managed over 100 domain names outside the official one. This was a huge problem in building brand awareness around the State's Web site and meant that it was impossible to know when you were on an official State Web site and when you were not.

Shortly after I came on board, I discovered that we owned the domain name utah.gov. Much shorter, much easier to remember, and more authoritative. By fiat and with the Governor's support, I declared that Utah was moving to utah.gov. Now, this is not a strategy I'd recommend as a way to endear yourself to people, but it did accomplish the goal: within a month, we were using utah.gov as a domain name for our primary Web server and contemplating how to migrate the rest of the organization.

There were two primary issues.

  • Utah.gov represented a namespace that had been delegated to the State of Utah and within which we could manage things like server names and email addresses.
  • The state had never had an enterprise strategy for naming and each department and agency ran its own directory service for email and passwords--some ran many with each division controlling their own directories.

The first problem called for the creation of a registration process and the appointment of a registrar though whom organizations within the State could reserve subdomains within utah.gov. In essence the job of the registrar was to create namespaces within utah.gov and ensure that the names were unique, meaningful and correctly recorded.

The second problem was more difficult. The first step was to create a voluntary program though which people who wanted a utah.gov email address would reserve a name. A simple program forwarded email sent to that name to their real mailbox. That step was only temporary while we went through the difficult process of creating a naming procedure for assigning unique names (which would become email addresses) to each employee. We finally settled on first initial/last name scheme with a series fall back schemes for duplicates. The policy specifically prohibited names not associated with a person's real name to prevent people having email addresses like dumbo@utah.gov (unless that happened to be their real name, of course).

We also set up a metadirectory so that the directories in the agencies could cooperate to formed a single large logical directory. This wasn't as easy as it should have been since many of the directories in use hadn't been updated for years and didn't support metadirectory linking. Creating such a logical directory from already existing directories means that the names in those directories had to be normalized according to the naming scheme we'd come up with first.

The use of multiple distributed directories had advantages in performance and local control, but caused some difficulties with integration with other enterprise systems like the HR systems. The ultimate goal is to provision entries in the directory and even access control rights based on the employee's status within the HR system. The technical problems faced here pale by comparison to the political challenges. To begin with, you're asking many people to change their email address-some of them many years old. This has personal and organizational costs. Second, there are some people who are more equal than the rest and cannot be asked to change their email address. They get first pick if there's a conflict. One executive director even insisted on having every possible permutation of her name and initials assigned to her to prevent anyone from accidentally sending mail intended for her to someone else with a similar name.

Ultimately we were successful, establishing a single namespace within utah.gov for all email and logins. We even converted the State's many Web servers to a name within the utah.gov domain name. The effort took almost two years to complete, but once done, enhanced our ability to brand the State's Web services and gave people email addresses they could give to people without having to break out the bongo drums.

7:54 AM | Comments () | Recommend This | Print This

December 11, 2003

BPEL Resources

If you've been wanting to explore BPEL, Grand Central Communications has added BPEL support to their network and put together a collection of resources on their developer site. The site include some sample scripts. You can sign up for developer accounts at Grand Central for free, so you should be able to learn about BPEL without buying or installing any software---a pretty good deal.

Also, Doug Kaye points to a BPEL tour by Paul Brown that is worth spending 10 minutes on.

4:57 PM | Comments () | Recommend This | Print This

Groupware Toolkits and the Benefits of Being Open

I attended a colloquium at BYU's CS department today by Saul Greenberg from the University of Calgary on "Enhancing Interactivity with Groupware Toolkits."

Saul starts off talking about the foresight of Doug Englebart who in 1968 started thinking about how to use computers to augment human intellect. He came up with three ideas that will seem obvious to anyone in the 21st century:

  • Desktop productivity tools
  • Hypertext
  • Groupware

    Saul points out that Desktop tools and hypertext have become mainstream, but groupware tools are unimaginative and unreliable. Groupware has had little impact: poor deployment, risky venture, little effect beyond IM, early adopters, and few products.

    What went wrong?

    Building groupware requires using low level tools and building programs from the ground up. Groupware systems are difficult to prototype. As a result programmers avoid groupware programming and the designs that do occur are overly simplistic.

    Saul talks about the technology maturity theories of Brian Gaines (see section 3 of Learning Models for Forecasting the Future of Information Technology) who said that technologies naturally progress through a series of stages:

    • Breakthrough
    • Replication - new ideas, evolve
    • Empiricissm - draw lessons from patterns
    • Theory - understand what rules mean
    • Maturity

    Because tools for groupware are so low lever, we throttle the replication stage and see little development beyond that.

    Tools influence design directions and so Saul's thesis is that we need to give programmers good tools and building blocks in order to foster replication and gain the experience necessary to gather empirical data and move down the road.

    This echoes with thoughts I've been having lately about open vs. closed systems. One of the real strengths of open source software is that it creates toolkits that are shared and used freely from project to project. I've got a long article on open and closed system brewing in the back of my mind.

    Saul discusses the explosion of groupware applications in his own lab as they've strengthened their toolkit. There are three or four commercial quality applications that have been spun out. The example code for video sharing, for example, is very short. Unfortunately its all in C#.

    The Notification Collage in Action (click for more detail)

    One of the applications that Saul says they use frequently is called the "notification collage" which reminds me a little of Etherpeg, except where Etherpeg just grabs JPEGs over the network and builds a collage from them, the notification collage provides users with an easy way to share snapshots of what their working on in a kind of collage like bulletin board that fosters group awareness of what others are working on and doing at the moment.

    So, don't just build prototypes, build good, well-documented toolkits with examples and tutorials and then disseminate them within our community. Saul points out that Computer Science is not very welcoming of engineering projects. We need more conferences that accept engineering efforts, including toolkits as viable research efforts.

    1:49 PM | Comments () | Recommend This | Print This

    December 10, 2003

    Utah Legislature Adds RSS

    The Utah Legislature has added an RSS feed (v2). The feed is described (in the RSS) as "The Official Newsfeed for the Utah Legislature." The feed contains links to PDF reports about interim day activities, audit releases, and some news. Its not clear how its being produced--I hope that its linked into what ever other systems they use for tracking news releases or it will probably fall into disuse. I'd like to see each piece in the Interim report listed separately and links to HTML rather than PDF, but that's a nit. This is a great first step and the Legislature ought to be commended for it. Here are some other RSS feeds I'd like to see from the Legislature:

    • Events. The calendar ought to be issued as RSS so that notice of public meetings and meeting changes go out as an feed.
    • Bill Status. The activities of each day surrounding each bill ought to be in an RSS feed.

    Syndicating this information would make it easier for interested citizens to follow the Legislature's activities and track legislation. These could also then be easily listed n other Web sites that follow Utah politics (like UtahPolitics.org)

    8:35 AM | Comments () | Recommend This | Print This

    December 9, 2003

    SSO on LAMP using SourceID

    Nick Chalko has a write-up on his work on intergrating SourceID (which has now been officially certified as "Liberty interoperable," by the way) with a LAMP (Linux, Apache, MySQL, Python) based Web site called the People Aggregator.

    9:27 AM | Comments () | Recommend This | Print This

    December 8, 2003

    An SOA Case Study: The Student Registration System

    I needed an SOA case study for my Large-Scale Distributed Systems class today. I wanted something that would be familiar to them so I created an SOA for the n-tier (J2EE) project they'd just completed. The project was to build a student registration system that allowed students to register and pay for classes and also had course, student and payment management interfaces. The goal of this exercise is to re-architect the EJB-based system into an SOA where the module functions are oriented to business context. The scenario I painted to envision why we might take a perfectly serviceable J2EE-based, n-tier architecture and put a SOAP front end on it was the following:

    The administration of BYU, BYU-Idaho and BYU-Hawaii have decided to use a single student registration system. The student, registration, and payment modules are to be located in Provo, but each campus will administer its own courses locally. The four modules in the system should be loosely coupled to foster re-use.

    Admittedly, its a little contrived, but was aimed at showing that we may want to break the architecture up to foster re-use, but the mixture of local and remote processing is better served by an SOA than a tightly-coupled EJB system.

    SOA diagram for Student Registration System (click to enlarge)

    The EJB project already exists, so the figure at the right shows how the EJB project could be re-architected to yield a Web services based architecture. The new architecture has made some significant changes:

    • The courses, schedule, student, and payment modules are all now thought of as separate programs.
    • The session beans must be stateless (or new stateless session beans must be created) since SOAP interfaces cannot by added to stateful session beans.
    • All interaction between the modules must happen at the SOAP interface (i.e. outside the colored boxes).
    • A major consequence of that is that the shared keys between tables in the database are no longer meaningful since the tables are split according to business function.
    • The schedule bean is now just a simple bean that manages the schedule (note the simple interface) rather than containing the complete business logic for completing a registration.

    There are several design decisions that must be made. First of all, where the business logic used to be in a registration session bean, we now have several options:

    1. We can create a new EJB for registration that uses the new SOAP interfaces.
    2. We could expand the Register JavaBean used by the register use-case to contain the business logic and call the SOAP interfaces.
    3. We could create a separate program that contains the registration business logic.
    4. We could use an orchestration server to tie everything together.

    I have simple created a box labeled "Register Orchestration Client" and left it at that to reflect that any of these options might be chosen.

    Another design issue concerns how data is transfered inside the SOAP calls. The data will be quite lengthy and complex. One choice would be to use complex types, but we're probably better off designing specific XML documents for transferring data back and forth between modules.

    The interfaces to the modules will need to talk about student, section, and course objects without reference to the keys in the database. There will have to be some namespace created and unique keys added to the namespace to represent these objects, so that, for example, a show method on the Student service will know which object to retrieve.

    Authentication and authorization for some of the methods will be required and we won't want to build that into the services themselves. This suggests using a Web services intermediary to serve as the security agent in the architecture. I'd probably use WS-Security in this design because I'm not sure that HTTP authentication is up to the challenge. Also the choice of HTTP authentication implies a strong tie to HTTP. Using WS-Security has other implications for an identity management system that is not shown.

    The Payments, Courses, and Student services will all be used directly in most cases without much need for orchestration. Their management interfaces could be JSP/JavaBean combinations that call the old EJB interfaces, JSP/JavaBean combinations that call the SOAP interfaces, or even thick clients.

    Obviously the question of transport is an important one. In this case, I don't see a lot of advantage in moving away from HTTP since its easy, but more importantly, the user will expect synchronous interactivity.

    Transactions (to ensure atomicity when a schedule is committed and payment made) will be a problem. A WSI broker can provide some help in watching for problems and raising alerts or even taking corrective action without having to build all of that into the services themselves.

    The new SOAP interface provides a new "stateless boundary" that must be managed. We're used to the one between the browser and the JSPs and, in fact, considerable infrastructure exists inside the servlet engine to manage this. The SOAP interface has created a second stateless boundary between the presentation and business logic layers and it must be managed in the same way that the browser-server boundary is: when state matters, it must be saved and a token passed back and forth so that the context can be recreated on each invocation.

    With only a little extra work, a RESTian alternative to the SOAP interface for each service could be created. We've discussed using XML documents to transfer data. We could also ensure that the objects in the databases that are being manipulated use URL-based keys. I think adding this to the design would be worth the cost in terms of extra complexity and time since it would create a low-overhead means of interfacing to these systems and foster other uses.

    Note that each service has an EJB backend only because we started off with an EJB-based, monolithic service. In real life, the student service may be a legacy system with a SOAP interface and other services may be built in alternate technologies, even, GASP!, .NET.

    This architecture hasn't been implemented or even fleshed out in a team meeting. I don't claim that this architecture is optimal. In fact, I'm pretty sure that there are some significant improvements that could be made and points I've forgotten. Comments?

    11:29 PM | Comments () | Recommend This | Print This

    The Case for UTOPIA

    An editorial in Sunday's Deseret News entitled Leave UTOPIA to the Dreamers took on Utah's UTOPIA project. The editorial basically says:

    • Technology changes too fast.
    • Private industry should build this.

    The first is a pretty easy argument to knock down in my opinion. Infrastructural technology doesn't actually change that quickly. Pointing to things like the VCR and its imminent obsolescence by the DVD is apples and oranges.

    The second argument bears careful consideration. The easy answer is that private industry isn't actually building it and they're not willing to either, although they talk a good game. Utah is a second or third tier market for capital investment by companies like Qwest and AT&T. Its going to stay that way too.

    A more thoughtful argument is that even if private companies were willing to build broadband networks in Utah, is the network they'd build the network that's in the public's best good? I suspect that private firms would be willing to build roads as well and at least in some markets its been proposed. The roads that would get built aren't the ones that we've deemed best suited to meeting societies demands. Imagine if every road were a toll road or if they were only allowed to carry so many goods in certain directions. You could get all the deliveries you want, for example, but couldn't send more than 10 packages a day. There's a good reason that such roads don't exist, but that's exactly the kind of broadband that private companies provide.

    The networks the major carriers are building are walled-gardens where they pick the kind of traffic they'll carry and limit deliveries in certain directions. This is significantly different from the networks being proposed by Provo and Utopia. I think that if Utopia can get its funding, we'll see a significant impact on economic development that goes beyond what we'd get even with universal coverage by the private carriers.

    Utopia doesn't propose to be a retail carrier, just to build the infrastructure and set some ground rules in favor of openness and competition. For the same reasons that we fund transportation systems with public money, I think its in the public's interest that UTOPIA be allowed to build its network.

    5:00 PM | Comments () | Recommend This | Print This

    December 6, 2003

    SCO vs. IBM: Notes from Yesterday's Hearing

    Cody Hilton from Guru Labs attended the SCO vs. IBM hearing in Salt Lake yesterday and sent along these notes. This is a summary of the dialog that occurred in the courtroom from a 3rd person perspective. There are some gaps and truncated dialog but the general idea is apparent.

    December 5, 2003
    Federal Court House
    Judge Wells
    15 in the gallery
    10:00 am - 11:30 am

    Plaintiffs

    • Attorneys:
      • Kevin Mcbride (Darl's Brother)
      • Mr Hatch
    • Also:
      • Ryan Tibitts
      • Darl McBride

    Defendants:

    • Attorneys:
      • David Marriott
      • Todd Shannessy

    Judge: Intention is to grant IBM's motion to compel delivery (interrogatives 12 and 13) . Plaintiff to file responses within 30 days. Postpone discovery until compliance achieved. There is a protective order in place.

    K. McBride: Would like to put motion on hold until specific discovery is covered

    Judge: There is a circular pattern going on in discovery.

    K. McBride: Wants to convince the Judge that specific discovery should be entered. This case is basically about infringement. There needs to be a clear definition of what source code infringes on Copyright law, trade secret law, and contract violations. Sites case of Sun vs. Mi