Archive for Aug 2005


IT and Katrina

Yesterday I posted a piece at ZDNet's Government IT blog on turning hopeless victims into smart mobs. This was a reflection of some interesting ideas that David Stephenson has been posting about how IT can help in homeland security and disaster preparedness. He's not the only one obviously. Doc Searls, at the IT Garage, is asking "how does IT help with Katrina recovery?" and offering a place where IT folks can post stories about their experiences with Katrina. He's also pointing to the Slidell Hurricane Damage Blog. The Slidell blog is maintained by Brian Oberkirch who lists his contact
Continue reading...


First Day of School

Classes start today at BYU. I actually teach on Tuesday and Thursday, so I've got another day yet. I'm teaching a class on programming language design (using Scheme) and large scale distributed system design. I've changed the text for the distributed system design class to Web Services by Gustavo Alonso, et. al. It's the first real text I've found that covers the material I want in the class. One of the first things I have my students do is set up a Linux server. We use UML to put multiple sets of students on a single box. This year,
Continue reading...


GTalk and the Google Identity Strategy

I just put up a piece at Between the Lines on Google's identity strategy and how GTalk plays into that. If you're an OS X user, GTalk works with iChat. If you've already got a GMail ID, you just use that. No need to even sign up for anything. You're already a member.
Continue reading...


Mark Dixon on Identity

Mark Dixon, who works for Sun and grew up in Idaho (like me), is blogging about identity. Some interesting stuff there.
Continue reading...


Orrin's a Blogger Now

A week or so ago, Steve Urquhart asked "what things could Orrin do that would show my campaign has him worried?" The obvious answer was "start to blog." Well, Orrin's started his blog. There's one post so far, and it's pretty much just cut and pasted from a letter he sent convention delegates last week. There's no permalinks, no RSS feed, and no comments (only a box to send feedback to Orrin). I'll be interested to watch it over the coming weeks and months to see if there's anything like a real voice in the posts that shows Orrin's
Continue reading...


CTO Breakfast Report

We had the CTO Breakfast this morning and there was lots of interesting discussion and more people than we've ever had before. Much bigger and we'll need a different room. Here are some things we talked about: China. This seems to be a topic that comes up a lot at these breakfasts. Interestingly, not much of the discussion is about "outsourcing" but rather about opportunity. Two books that came up: Friedman's and Fishman's China, Inc. This morphed into a discussion of online games when we discussed an edict by the Chinese government to limit game playing to 3 hours
Continue reading...


Splogs and Paid Content

Doc Searls has a long and thoughtful piece about the relationship between splogs, intermediaries like Google and Yahoo!, and paid content providers (most notably newspapers). Splogs are blogs that are just link farms and have no human author adding value. They are mostly autogenerated by programs for the exclusive purpose of getting a high ranking for a particular keyword and then reselling AdSense ads. For another look at the same problem, see this post by Tim O'Reilly. As Doc points out, splogs are a cancer that is threatening the whole idea of an Internet with free content. Just as
Continue reading...


Utah Legislature Wins Online Democracy Award

The Utah Legislature won the Online Democracy award for it's Web site. That's cool. It really is a very good site and they've done a lot to add RSS, audio files of committee meetings, and other features that make it more usable. Congratulations!
Continue reading...


Aradyme Is Hiring!

Aradyme, who has a nifty dynamic database, is looking for software engineers, both contract and full time. Right now, they're looking for C# expertise. I've been working with them in a CTO coach capacity. There's some fun stuff happening there and I think they're well-positioned. Give them a look if you're looking.
Continue reading...


Internet Identity Workshop Registration

If you've tried to access the announcement or registration page for the Internet Identity Workshop in the last several days, then you'll know that they've been down. I apologize. BYU is handing out new public IP addresses and for some reason that led them to drop some zones in the DNS file as well; it's been a mess. In any event, it's back now. So far there have been 16 registrations. If you work for an entity that won't let you use Paypal to pay, I've added instructions for paying by check.
Continue reading...


Corporate Policies for Handling ID Data

Dave Kearns wrote a column at Network World about my book, Digital Identity. The focus of the column is the identity policy templates I wrote for the book. They've been getting a lot of attention, if downloads are any indication. I actually wrote them because I found as I wrote the chapter on policy that it was almost impossible to do without some examples. I had a few that we'd done at Utah and some samples off the 'Net here and there, but nothing complete and coherent. Digital identity policy stack (click to enlarge) The idea behind the policies
Continue reading...


CTO Breakfast this Friday

We'll be having the CTO Breakfast this Friday at 8am. You don't have to be a CTO to come, just interested in information technology and product development. The breakfast will be held in the executive conference room of Building L (the food court) at Canyon Park Technology Center in Orem). See /cto_forum for more information on the location. I hope you can make it. Future breakfasts will be held on the following days: September 30 (Friday) October 28 (Friday) December 2 (Friday) Mark your calendars.
Continue reading...


Open Source Identity Tools in Java

From Managability.org, here's a nice list, with brief commentary, of open source tools for identity management written in Java.
Continue reading...


Building an Identity Management Architecture

I've got a new article up at the O'Reilly Network called Identity Management Architectures and Digital Identity. There's also a sample chapter of Digital Identity up now. It's the chapter that introduces the concept of Identity Management Architectures.
Continue reading...


The Four Five 'Net Freedoms

I've just written my first article over at the ZDNet Government blog on the Four Five 'Net Freedoms. Fun stuff...
Continue reading...


Vacations and Hot Potatoes

Steve writes: In order to take a vacation, you have to have a job from which to vacate. I've had a number of vacations over the past 5 years, but the name for them has been "fired" or "laid off" or other euphemisms for "It's time for you to start thinking about Steve Gillmor." Like I was worrying about Michael Gartenberg's career the whole time. From » Vacation | Steve Gillmor's Inforouter | ZDNet.comReferenced Fri Aug 19 2005 08:32:31 GMT-0600 (MDT) Steve notes that August used to be the traditional time for vacations, but there doesn't seem to be
Continue reading...


CheapGas: Another Google Maps Mash-up

Cheap Gas in Utah County (click to enlarge) In a story about the recombinant Web, Dan Farber points out CheapGas, a mash-up between Google Maps and GasBuddy. The picture at the right shows the cheapest gas (that Gas Buddy knows about) in Utah County. Nothing too cheap, mind you.
Continue reading...


Community Broadband or Roach Motels

Britt Blaser has an excellent essay up now on the real reasons for building community broadband networks. Qwest, Comcast, and other private providers of service want you to think it's about keeping government out of competition with private providers. But as Britt rightly points out, it's really about public discourse and building the infrastructure to support it: If you believe in public discourse, you are. Let's not fall into the trap of defending technical and turf issues when the real issue is whether a people united deserves an Agora. We can join together to push harder on the politicians
Continue reading...


Chad Dickerson's New Home

Chad Dickerson, who was the CTO at InfoWorld, has a new home on the web, as well as a job. He's now working for Yahoo! Search. Chad's one of the good guys and someone I've come to admire and enjoy while working with him at InfoWorld. I hope he enjoys the new gig.
Continue reading...


Identity and Spam

Scott Mace has an interesting interview with Scott Chasin, CTO fo MX Logic about Spam and the underlying problems with the SMTP protocol. Not surprisingly, much of the solutions that Scott discusses with Scott have to do with identity.
Continue reading...


The Best Software Writing by Joel Spolsky

I had the opportunity to read a copy of Joel Spolsky's new book The Best Software Writing I and interview Joel about it for the Technometria podcast on IT Conversations. The interview was a pleasure to do and the book is great. I really enjoyed it. Joel didn't write the book per se but rather selected 30 examples of good writing from nominations given him by the readers of his blog. He also introduces each one. If you're interested in writing, especially technical writing, then this book is must read.
Continue reading...


Hey! That's My Domain Name!

The lawyers liquidating the assets of Excite@Home have finally gotten around to selling to its domain names. The article at MSN features stuff.com in the tagline and also mentions the sale of shoppingcart.com for $285,000. Those were both domain names that I purchased at iMall and went to Excite@Home when we sold iMall to them. I paid $5000 for stuff.com and, I think, $2000, for shoppingcart.com in 1998. The attorneys were not as careful as they should have been with these names. There's a lot more that expired and lost before they got around to selling them. For example,
Continue reading...


Decontructing the Enterprise Service Bus

Over at Between the Lines, Dan Farber has a pointer to a free report from Patricia Seybold Group on enterprise service busses. Its a great tutorial that clears up a lot of the terminology and technology behind ESBs.
Continue reading...


You Want Revolution?

One more data point on the AJAX hype cycle: The Netscape threat that led Microsoft to wage the browser war and cross swords with antitrust regulators around the world is -- at long last -- poised to become reality. Software experts say recent innovations in web design are ushering in a new era for internet-based software applications, some of the best of which already rival desktop applications in power and efficiency. That's giving software developers a wide open platform for creating new programs that have no relation to the underlying operating system that runs a PC. From Wired News:
Continue reading...


Overloading: Syntactic Heroin

ACM Queue has an article entitled Syntactic Heroin which says that user-defined overloading (ad hoc polymorphism) is a drug. User-defined overloading is a drug. At first, it gives you a quick, feel-good fix. No sense in cluttering up code with verbose and ugly function names such as IntAbs, FloatAbs, DoubleAbs, or ComplexAbs; just name them all Abs. Even better, use algebraic notation such as A+B, instead of ComplexSum(A,B). It certainly makes coding more compact. But a dangerous addiction soon sets in. Languages and programs that were already complex enough to stretch everyone's ability suddenly get much more complicated. From
Continue reading...


Bob Woolley on Enterprise Computing Practices

Bob Woolley is extremely knowledgeable on enterprise computer architecture and planning issues and...he's now got a blog. Recommended reading for people who care about enterprise computing.
Continue reading...


Howtoons

One of the fun things I discovered at OSCON was Howtoons, a collection of cartoons that teach kids how to do things. I'll definitely be showing it to my kids.
Continue reading...


Identity Policy Templates

One of the chapters in my book on Digital Identity is on identity policies. I've created a set of identity policy templates to augment the material in the book. Speaking of the book, I received a copy in the mail Friday, so it's definitely done. I have to admit it was a good feeling to thumb through it.
Continue reading...


Identity Rights Agreements

In my Digital Identity book, I mention that even though most people hate digital rights management (DRM) schemes on digital goods like software and music, that's exactly what we'd all like for our identity information. For example, I'd love to be able to control how my bank uses, stores, shares, etc. my SSN when I'm forced to give it to them. On the train from OSCON to the airport, I was talking with Doc, Dizzy, and St. Peter about identity and Dizzy brought up the idea of doing something like Creative Commons (CC) for identity--essentially a voluntary DRM not
Continue reading...


MVC in Perl (OSCON 2005)

Perrin Harkins, a Senior Engineer with Plus Three, is speaking on MVC Web development with Perl. He's going to talk about three. The trade-off and primary difference is how much help they give you and the resultant loss of programmer freedom. In order of least restraining to most restraining, he's discussing: CGI::Application, Catalyst, OpenInteract2 (OI2). These all do some code generation and can pretty much automatically generate standard, single-table CRUD (create, read, update, and delete) application with a Web front-end to a database. Perrin demonstrated each by building the same application. He choose an application that uses multiple tables
Continue reading...


PlaceSite: Making HotSpots Social

I stopped by a demo by Sean Savage this morning on PlaceSite, a system for letting people share information (like who they are, where they are, etc.) locally over Wi-Fi hotspots. Say you're in a coffee shop in downtown Salt Lake and it has a PlaceSite installed, when you open up your browser, you see not only who's there, but even who's close-by. It seems well designed and it's open source. Sean and two of his friends (Damon McCormick and Jon Snydal) built it as a part of a MS project at Berkeley this year. PlaceSite is built on
Continue reading...


Linux on the Desktop (OSCON 2005)

Asa Dotzler wrote an essay a while back called Linux Not Ready for the Desktop. It was controversial enough (surprise) that Nat asked him to come present at OSCON. Here are his main points: For regular people to see the value of Linux on the Desktop, it will have to install alongside Windows and bring over all their settings from bookmarks to wallpaper. API stability is an important story. You shouldn't have to jump through hoops to install packages that you don't get from your distro. On Windows, one Firefox installer installs on every Windows version. Complexity and choice
Continue reading...


National Sex Offender Registry

I just put an article at Between the Lines that critical of the DoJ's new sex offender registry. A check of the site yields some interesting data. First, the site is hosted by Millenium Interactive Technology in Tallahassee FL. The site is served from IIS on Windows 2003. Ugh.
Continue reading...


Don't Drop the SOAP (OSCON 2005)

Randy Ray of Tellme Networks, Inc. is giving a talk called "Don't Drop the SOAP." His basic thesis is that Web services require complexity. Ray says that there's nothing wrong with having simpler protocols, only in assuming that they replace more complex ones. In the intro to REST and SOAP, Ray discusses some of the big adopters. Interestingly, for REST he lists Amazon and Google, while for SOAP he lists .Net and Axis. Toolkits are not the same as users. He begins by trying to counter some of the arguments RESTians make against SOAP. I'm not sure he made
Continue reading...


Building Darwin Projects (OSCON 2005)

Kevin van Vechten's talk was billed as "Customizing Mac OS X Using Open Source." Instead it was more about making your software buildable on OS X. That's OK. One tool he talked about was darwinbuild, a tool for managing software builds on OS X. Typing "darwinbuild" bash, for example, downloads the bash sources from the OpenDarwin Web site and builds it. Darwinbuild grabs just what you need and sets it up for the OS X build you have on your machine--or any release you choose.
Continue reading...


Dick Hardt on Identity 2.0 (OSCON 2005)

Dick Hardt is giving a keynote on Identity 2.0. Dick is the founder of SXIP and a proponent of user-centric identity. He gives a great, no fantastic, presentation, but it's almost impossible to transcribe. Key point: Identity 1.0 is analogous to having to have the clerk at the convinience store call the driver's license bureau everytime you present your credential to get your birthday. Identity 2.0 is analogous to how credentials work in the real world: distributed and user controlled--the driver's license bureau doesn't know where you're presenting its credentials and who's accepting them.
Continue reading...


Flexibility is Overrated (OSCON 2005)

David Hannson, originator of Ruby on Rails, gave a talk on Rails as a keynote today. Much of it was things I've already covered on the tutorial, but he said something that I think developers too often overlook: Flexibility is overrated. When you insist on flexibility over everything else, you sacrifice velocity and agility. Constraints are liberating. When you don't have to worry about every small detail, you can follow a path and worry about infrastructure. I often tell engineers who scoff at software as somehow less rigorous because we can't use math to analyze what we do the
Continue reading...


No Password Fields

At last night's Identity BOF, Meng Weng Wong, the founder of pobox.com, said something that frams the whole Identity 2.0 discusion perfectly: "I don't want my next Web application to have a password field in the database."
Continue reading...


Rock On OSCON!

Gibson brought in a band for the Wednesday night reception. Somebody at O'Reilly talked Gibson Guitars into being one of the sponsors of the conference. They're giving away Gibson guitars at sessions and Gibson even has a booth (with guitars you can try out) in the exhibition hall. Tonight at the reception, Gibson brought in a band (70 Proof). They were playing my kind of music. It was great.
Continue reading...


Peter Yared on Building Web 2.0 Applications (OSCON 2005)

I went to Peter Yared's talk this afternoon on rapidly building Web 2.0 applications. Peter's the CTO of ActiveGrid, a company and an open source project. Sun, J2EE, and Oracle powered Web 1.0. Web 2.0 is powered by LAMP. In the past, we were solving impedance mismatch problems. noting talked to each other. App servers were meant to solve this (and other problems). Recently, the back-ends became standardized to jSomething. The front-end was the Web. Next (today?) is XML simplicity. Anything you want to talk to on the back end is exposed as XML over HTTP--even databases. Things have
Continue reading...


PUGS: A Perl Implementation in Haskell

I was in a talk by Brian Ingerson today on Perl 6 and learned about PUGS an implementation of Perl 6 written in Haskell. I was floored. I've been playing with Haskell for years and showing it to students; I love it for its ideas and elegance. Why did the PUGS team choose Haskell? "Many Perl 6 features have similar counterparts in Haskell: Perl 6 Rules corresponds closely to Parsec; lazy list evaluation is common in both languages; continuation support can be modeled with the ContT monad transformer, and so on. This greatly simplified the prototyping effort: the first
Continue reading...


Open Source Software at Yahoo!

Jeremy Zawodny works for Yahoo! and knows MySql inside-out. He's speaking about open source and Yahoo! There are several reasons Yahoo! uses open source: Flexibility - Yahoo! customizes lots of OSS for its needs Documentation is better in open source software. Availbility for the platforms that Yahoo! cares about Support is good and getting better. Cost is an issue, especially at Yahoo! scales. Jeremy lists out many of the open source products in use at Yahoo!: On the server side, Yahoo! uses FreeBSD/Linux, Apache, C++ (and GNU tool chain), PHP, APC (caching and acceleration), Perl, and mdbm/MySql. On the
Continue reading...


Testing as the Open Source Killer App

Kim Polece, from SpikeSource, is talking about software testing in open source software. She starts by talking about the architecture of participation. This architecture is characterized by: Commoditization of software Network-enabled collaboration Software customizability and the shift from an "egosystem" to and open, thriving ecosystem. Kim shows a power curve and talks about pahses in open source adoption. In the first phase, we buit and buit with, the tall end, left end of the power curve (Linux, php, Python, Mozilla, etc). In the second, phase, further to the roght on the tail of the curve, countless new building materials
Continue reading...


O'Reilly Radar (OSCON 2005)

Tim O'Reilly's giving the traditional O'Reilly Radar, a talk from Tim about what he sees coming down the pike and the "faint signals of the future" along with Nat Torkington, the conference chair. One of the things that was interesting to Nat was that there was a significant interest on Mozilla, AJAX, and Ruby on Rails at the conference. Tim mentions his "open source paradigm shift" theory (he doesn't go into detail, see the paper). The theory proposes an analogy between the rise of the PC and the path open source is on: subsystem-level lock-in (Intel on one side,
Continue reading...


Paul Graham on open source and blogging

I posted some of what Paul Graham said on open source and blogging tonight over at Between the Lines.
Continue reading...


Plone Sites

Kelly Flanagan went to the Plone tutorial and reports that the government's 5-a-day site is built on Plone with no code changes (just CSS). I love to see open source tools used on eGoverment sites.
Continue reading...


Hearing Damian Conway in Provo

Damian Conway (who's tutorial was just described) is an excellent speaker. I've never heard him give a presentation I didn't really enjoy. While he's in the US, one of his stops is Provo Utah and he'll be speaking to the Provo Linux User's Group on Wed Aug 10 at 6:30 pm in UVSC, Room CS 404. Not only that, but O'Reilly will be sending some books out to be given away. I wish I could be there, but I'll be on vacation.
Continue reading...


Best Practices fo OO Perl (OSCON2005 Tutorial)

Damian Conway is giving a tutorial on Best Practices in Object Oriented Perl based on his new book: Perl Best Practices. What is a "best practice?" Same as the rest of Perl Seek code that minimizes chances of "enbugging" makes it easy to detect failed edge cases scales to larger datasets Robust (create techniques that extend and incorporates new functionality) Efficient (play to Perl's strengths and avoids its weakness while minimizing resource usage) Maintainable (optimize for comprehension) Make OO a choice, not a default - Choose OO when When the system to be built will be large Data can
Continue reading...


Axis and Support for WS-* Standards (OSCON2005 Tutorial)

This morning I'm in a tutorial by Odysseas Pentakalos (Chief Technology Officer, SYSNET International) on Web Services development with the Apache Web services toolkit. Note that there isn't really anything on the Apache site called the Web services toolkit. Rather, there is a collection of projects for managing various parts of the Web services stack and some WS-* protocols. Ironically, given that this is OSCON, Odysseas is the author of the Windows 2000 Performance Guide. Axis is the Apache SOAP server. The current version is 1.2 and version 2.0 is in the works. One of the primary goals for
Continue reading...


Open Tagging

A month or so ago, I heard Drummond Reed talk about using XRI as an infrastructure for making open tags work. I was intrigued because it solved a real problem, and was a good way to understand the need for things like XRI. Now Drummond has written up exactly how he imagines open tagging working.
Continue reading...


Ruby on Rails (OSCON 2005 Tutorial)

I went to David Heinemeier Hansson's tutorial on Ruby on Rails this afternoon. David's first application in Ruby was Basecamp. He'd had 5 years of PHP experience and didn't even consider himself a programmer. He claims that even people who aren't language nuts can love Ruby and he created Rails to make it easy. (BTW, I brushed up my Ruby last week by reading "Why's (poignant) Guide to Ruby (with cartoon foxes)". Recommended. David's calls a "blogging package" the "hello world" program of the Internet age and he intends to create one today in the tutorial. The blog will
Continue reading...


In Portland, @ OSCON

I'm in Portland this entire week at OSCON. This year they've moved to the convention center to accommodate the growth. I'm going to a few tutorials and, of course, the convention itself. I'll be posting about the convention here and at Between the Lines. If you're at OSCON, look me up and say "hi."
Continue reading...


Blogging at Government Agencies

This FCW article talks about Doug Roberts, a software engineer at the Energy Department's Los Alamos National Laboratory who started a blog about his employer. I have a quote or two in the article based on our experience with blogs in Utah State government.
Continue reading...


GoingOn

Marc Cantor's "digital lifestyle aggregator," GoingOn is featured in this article at Wired: GoingOn, announced last week and slated for release in the fall, is the brainchild of Macromedia founder Marc Canter and Tony Perkins, the founder of business media site AlwaysOn. Calling it a "digital lifestyle aggregator," Canter promises that individuals will need just one login and password to check news feeds, publish blog posts, manage social networks and swap photos or music online -- all while being able to access the same services they currently use. GoingOn will also have its own social-networking component built in, but
Continue reading...


Announcing the Internet Identity Workshop (IIW2005)

There's been considerable conversation around identity on the Internet, or what some would call grassroots identity. Providing identity services between people, websites, and organizations that may or may not have any kind of formalized relationship is a different problem than providing authentication and authorization services within a single organization. Many have argued that the lack of a credible identity infrastructure will eventually result in the Internet being so overrun with fraud as to make it useless for many interesting uses. To solve this problem, or pieces of it, companies and individuals have made a variety of architectural and governance
Continue reading...