Technometria

Home
Why Technometria?
RSS
Atom
Podcast Feed
Add to Google

Recommend This Site

About Phil

Brief Bio
Contact Info
Phil on Twitter
Speaking
InfoWorld
Photo Albums
Video Favorites
CTO Breakfast

Essays

2006
2005
2004
2003
CIO White Papers

Software

Packages

Topic Guides

Understanding RSS
Digital ID Policies
Understanding VoIP
Internet Application Performance
Setting Up a Linux Server
Public Service Tips

Categories

Blog TagCloud

Archives

July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
December 2002
November 2002
October 2002
September 2002
August 2002
July 2002
June 2002
May 2002

Utah Tech Organizations

BYU Unix User's Group
Provo Linux User's Group
Utah Valley Linux User's Group
Ubuntu Utah
Salt Lake LUG
USU Free Software and Linux Club
Greater Utah BSD User Group
Utah PHP Users Group
Utah Python User Group
Utah Ruby Users Group
Ogden Area LUG
Southern Utah Unix Users Group
UtahSAINT

Copyright

Copyright © 2002-2006 PJW LC. Some rights reserved. Technometria is a trademark of PJW LC in the United States and other countries.

« August 2005 | Main | October 2005 »

September 30, 2005

CTO Breakfast Report

We had an excellent CTO breakfast this morning. There were about 30 people there. We're going to need a bigger room soon. Scott Lemon talked about the Accelerating Change conference. We also had Utopia network operator Dynamic City in for a discussion of their network build-out and, more interestingly, what it takes to become a retail service provider on the network.

10:34 AM | Comments (1) | Recommend This | Print This

September 29, 2005

First Impressions on EJB3.0

I've been getting some EJB3.0 stuff together for my class and posted some of my thoughts over at BTL:

First and foremost, the beans in EJB3.0 are significantly less complex. Entity beans are just plain old Java objects (POJOs) and the container manages the mapping of these objects to a relational database and the persistence of POJOs to the database. For example, the interfaces for EJBs do not have to implement EJBObject or EJBLocalObject. In addition, lifecycle methods like ejbPassivate, ejbActivate, ejbLoad, ejbStore, etc. are no longer required.

The metadata annotation feature of Java 1.5 is put to use in annotating entity and session beans to give hints as to the behaviors that you want from the bean. In the past I've used XDoclet to simplify bean building, but EJB3.0 doesn't require it because of the annotations.

While I've not done any performance tests, they seem faster. Now in addition to moving to EJB3.0, I also moved from JBoss 3 to JBoss 4 and that could be the difference.

The change to POJOs for entity beans has been advertised as Hibernate in EJB, but you don't feel like you're using Hibernate; the connection is more conceptual than anything else. I've only used the mapping from entity objects to the relational table, not the other way around.

Documentation is sparse. There's been lots of questions that I've had trouble finding answers to. I'm sure that will change. As long as your application follows the few examples fairly closely, you'll be able to gather what to do from them, but that only goes so far.
From » First reactions to EJB 3.0 | Between the Lines | ZDNet.com
Referenced Thu Sep 29 2005 13:35:47 GMT-0600 (MDT)

I'm still exploring, so more to come...

1:34 PM | Comments () | Recommend This | Print This

September 28, 2005

Randy Gordon on Economics and IT

Randy Gordon is intelligent and sees the big picture intersections between IT and public policy and economics. I can't say that I always agree with him, but he's well researched and makes me think. He's got a blog now. I'm looking forward to following it.

3:07 PM | Comments (1) | Recommend This | Print This

Neumont a CIO Bold 100 Winner

CIO Magazine recently honored Utah's Neumont University as a "Bold 100" winner. Neumont used to be called Northface until Northface clothing decided that people couldn't keep clothing and education straight and asked them to rename themselves. They're a for-profit college that focuses graduating software developers. In a recent email, CEO Scott McKinley wrote the following:

With our first graduates hitting the market next spring, we are seeing a lot of momentum building among potential employers, including IBM and others. That first group of graduates will shock a number of people in the IT industry – our freshmen are working on technologies that the seniors at many traditional high end universities do not have exposure to. The senior class members are walking/talking more like professionals who have been in the industry for 3 – 5 years…a direct result of the immersive, year-round, project based learning approach that we have engineered.

I think Neumont is an interesting experiment. Scott says "our freshmen are working on technologies that the seniors at many traditional high end universities do not have exposure to" with an assumption that that is a good thing. I think most of my colleagues would respond that they don't think students need exposure to those technologies at any level--that that's not what universities are for. There are clear philosophical differences between what Neumont is doing and what traditional universities do. At the same time, there are clearly market forces at work here and I think they will be the final arbiters.

One big concern I have is that I think the jobs that Neumont is preparing their graduates for, software developer working for a big company in a big software development shop, are the most at risk for outsourcing to India. Over the past several years, I've determined that I'm no longer convinced that software engineering, at least as it's commonly discussed and taught, is what I want to prepare students to do. I try to focus them on being innovative, entrepreneurial, and working with dynamic languages on networked applications.

I think Neumont would protest that they're students are being prepared to be all of that, and while I can't argue that question, I can look at who Neumont's customers are--where they get their money--and it's from companies that want to hire software developers by the bushel basketful.

Even, so I wish Neumont success. I'm hoping to learn from their efforts. I've followed these guys from the time this was just an idea and one thing I can say: they push through obstacles and get things done. I'd never be one to count them out.

1:13 PM | Comments (4) | Recommend This | Print This

Web-Based Desktop Apps

I know people who have switched to Gmail, Bloglines, and Del.icio.us for mail, feedreading, and bookmarks in a calculated attempt to free themselves as much as possible from the desktop and any specific OS. There's some appeal in that idea to me. One fly in the ointment, however, are office applications like Word and Excel. Today Richard MacManus profiles a host of Web-based applications aimed at changing that. These Web-based replacements for Word and Excel aren't ready for prime-time yet, but they are a taste of things to come, in my opinion.

9:30 AM | Comments (2) | Recommend This | Print This

September 27, 2005

Utah.gov is No. 1

Brown University, in its annual ranking of eGovernment Web sites ranked Utah.gov the number one State government site this year, up from third place last year. Congratulations to all involved.

8:34 PM | Comments (3) | Recommend This | Print This

David McCullough Lecture at BYU

One of the unique features of BYU is that every week on Tuesday, there's a one-hour time slot where no classes are scheduled. Three weeks of the month, there's a devotional. The fourth week is called forum and it's usually some national figure who's been invited to address the BYU faculty and student body. You'd be surprised how well attended devotionals and forums are. We hold them in the Marriott Center and sometimes there's as many as 25,000 people there.

Today's forum address was by David McCullough, the author of 1776 and the biographies of John Adams and harry Truman (among others). The title of his address was "The Spirit of 1776." I estimate the attendance at today's forum to be about 10,000.

In the introduction., John Tanner, the Academic VP said that "we read history not just to tell us what happened, but to tell us who we are." That's a good description of why I think historians like McCullough are important. Academic historians frequently lament "popular history," but if it weren't for narrative historians like McCullough, lots of people would not know who they are in this sense. The remainder of this post is my transcription and paraphrase of what McCullough said.

Nothing ever had to happen the way it happened. History isn't pre-ordained even though it's often taught that way. There didn't have to be a revolutionary war, or a Declaration of independence, or a Constitution. Nobody ever lives in the past. Washington, Jefferson, and Adams didn't walk around saying "isn't this fascinating, living in the past?" They were living in their present and they didn't know any more how things would turn out than we do. History teaches us that there's no such thing as the foreseeable future.

If we enjoy the blessings of freedom of speech, freedom of religion, and so on, then we ought to know how it came to be, who was responsible, and how much they suffered. Abigail Adams wrote that posterity who reaps the blessings of the Revolution will scarcely be able to understand the hardships that we went through. And, of course, we do not. We tend to see these people as figures in some costume pageant. They are depicted as old, but at the time of the revolution, they were all young. George Washington was the oldest of the founding fathers at 43 in 1775. Benjamin Rush was 30 years old when he signed the Declaration of Independence.

These weren't experienced revolutionaries. They were winging it. George Washington had never commanded an army in battle before. He wasn't chosen because he was a great military person. He was chosen because Congress knew his character and integrity. He was the first of our political generals. Political in the sense that they understand how the system works; They recognize that they're not the Commander-in-Chief.

Washington was not a learned man or a gifted speaker, but he was a leader; he was a man whom people would follow. He was a man whom a few would follow through hell. Those that stayed with him, stayed with him because they "could not abandon this good man." Washington had high intelligence and great moral courage. He was a quick learner, especially from his mistakes. He made inexplicable, almost inexcusable mistakes in 1776, but he always learned from them and remembered what he was about. He would not quit.

When he took command of the army in 1775, he had 14,000 troops. From the officers whom he had under his command, he selected two to serve as Major Generals. Washington was a great judge of people's ability. He picked out Nathaniel Greene and Henry Knox. Greene knew nothing of the military but what he'd learned in books. Knox had the equivalent of a 5th grade education, but he was a bookseller and a self-taught man. Keep in mind that these people were living in their present: an age where people believed that if you wanted to learn something that you read a book. Greene and Knox were to be the only General officers in the Revolutionary War besides Washington who stuck out the entire war. Greene turned out to be the best general we had.

The revolutionary war was eight years long--the longest except for Vietnam. 25,000 Americans lost their lives (1% of the population). If we fought a war today with an equivalent loss of life, 3,000,000 people would die.

America lost the Battle of Brooklyn in a staggering way. What saved the day was a miraculous escape--the Dunkirk of the Revolutionary War. If the wind had been blowing the other way, and the British had been able to bring their warships into the East River, Washington and 14,000 troops would have been captured and the war would very likely have been over. An orderly retreat is the hardest maneuver for an experienced army. That this ragtag band was able to pull it off seems impossible, but they did it. The wind was too strong to allow the make-sift armada to make its way across the river from Brooklyn to Manhattan. Almost as if the waters had parted, the wind stopped suddenly and the crossing was successfully made.

That escape was not just due to providence or the hand of God. There also had to be men of skill and daring to carry it off. John Glover from Marblehead MA and his band of fishermen made it happen. A combination of circumstance and courage.

By the time Washington started his long retreat across New Jersey in the fall and early winter of 1776, the army was down to a few thousand men. Sickness and desertion had taken a huge toll. We honor the people who signed the Declaration of Independence, but none of their noble words would have been worth anything without the nameless people who were fighting to make it happen. Not just Nathaniel Greene, Henry Knox, and George Washington, but 16-year old boys, farmers, and fishermen.

Washington's plan was to get his army across the Delaware so that he would have time to recoup. Again John Glover and his men made the crossing happen. The morning after the crossing, Charles Wilson Peale visited the camp and said he'd never seen such miserable human beings in his life. He came across one man who was most wretched and studied him for some time before he realized that it was his own brother. The sacrifice was indeed great.

At this point, everyone concluded that the war was over and we had lost. Washington did what you do when all is lost: he attacked. Going back across the Delaware, he carried the war to the enemy and struck at Trenton Christmas morning. There was a storm that muffled the sound of the crossing and march, but increased greatly the suffering of American troops. Two men died on the march from exposure. In 45 minutes of house-to-house combat, the American's prevailed. It was a small engagement, nothing like later battles, but it's impact was pivotal, changing the attitudes of the army and civilians about the war.

Washington thought a leader ought to look like a leader. His uniforms were always splendid and immaculate. He never showed self-pity of discouragement in public.

As of January 1, 1777, all of the enlistments were up. He called his troops together and urged them all to re-enlist. He promised them that if they re-enlisted, he'd pay a bonus of $10. He called for people to step forward if they'd re-enlist. No one moved. Washington turned and rode away. He turned and rode back and said, affectionately: "My brave fellows you've done all I've asked you to do and more than could be reasonable expected. But your country is at stake. Your wives your home and all you hold dear. You've worn yourselves out, but we know not how to spare you. If you consent to stay one month longer, you'll render that service to the cause of liberty and to your country that you could not in any other circumstances." The drums rolled again and the men began to step forward. A great scene, but also one that told these men that they were fortunate to be there. It echos similar scenes from literature.

When the war was over, in the spirit of Cincinnatus, Washington turned his command back to Congress. When he heard that, King George III said, "If he does that, he will be the greatest man in the world." Congress knew the man and knew his integrity.

History is a source of strength and a source of example in difficult times, but also read history for pleasure. The reality of the revolution is that these people were not Gods. They were not perfect. They were people who rose to great heights in spite of their shortcomings and the odds.

2:14 PM | Comments (1) | Recommend This | Print This

September 26, 2005

Scale-up and Scale-out

As I listen to server manufacturers these days the choice seems to come down to "scale-up" or "scale-out." The former meaning that you can get more processing power by adding more processors in the same server (symmetric multi-processing, or SMP). The latter technique increases processing power by coding the application to run across lots of 1U dual-processor "pizza-box" servers. Blades are a variation on that same theme.

Each of these has it's place. SMP is particularly effective when the application has a monolithic architecture and requests for service aren't always independent. Databases are a good example of the kind of application that people run on big SMP boxes because of cache coherency and other issues. Multiple, independent servers makes sense when the application can be split multiple independent tasks. Web servers are a good example of applications that people run "scaled-out."

Some recent developments in the world of processors could portend changes to the conventional wisdom surrounding these two ways of scaling.

Intel and AMD support up to 4-way SMP and no more. You can buy 8-way, 16-way, and 32-way SMP machines, but this is accomplished at considerable expense and engineering expertise. I think we're close to seeing the last of the 8-socket servers. Only IBM and Unisys sill make Intel-based 8-way systems. Currently, 8-way and higher SMP servers represent less than 1% of the Intel-based server market and that's likely to go down. Here's why:
From » Scale-up and scale-out | Between the Lines | ZDNet.com
Referenced Mon Sep 26 2005 08:19:27 GMT-0600 (MDT)

I was in Austin visiting Dell last week. This article is a reflection of thoughts I had while I was there and at IBM a few weeks before that. There used to be a time when I cared deeply about processors because I was always searching for a little more power. Now, I'm basically to the point where I don't care. The switch by Apple from PowerPC to Intel didn't even register. Still, as this article shows, there are some long term trends that are going to create some significant changes in how we use servers and how we program them.

8:15 AM | Comments () | Recommend This | Print This

September 24, 2005

CTO Breakfast on Friday

We'll be meeting this Friday (Sep 30) at 8am for September's CTO Breakfast. Scott Lemon just got back from Accelerating Change 2005 and will give us a report. Also, as promised. DynamicCity will be there to talk about the UTOPIA network build-out and architecture.

The breakfast will be held in the usual place (Gandolfo's Food Court at Canyon Park Technology Center) and anyone interested in using technology to build products is welcome to attend. I hope to see you there.

3:45 PM | Comments () | Recommend This | Print This

September 23, 2005

Jeff Kearl on Utah Ventures

Jeff Kearl, who's contacts in the Utah tech community are legion, is writing a blog. If his posts continue like the first handful, it's going to be one to follow. Lots of inside dirt on venture happenings in Utah and elsewhere including a story on the possibility that Canopy is up for sale and MyFamily.com's search for a new CEO.

6:25 AM | Comments () | Recommend This | Print This

September 22, 2005

Rhymes with Ditty

Daring Fireball has a review of the new Dell DJ Ditty, Dell's entry into the flash-based music player market. The review is titled Rhymes with Ditty which says it all. I love Dell, but something like this makes me wonder if they even tried. Just a little too utilitarian for a market that thrives on the cool-factor.

9:20 PM | Comments () | Recommend This | Print This

XRIs Describe Abstract Resources

Dave Mcalpin has an article at Network World on XRIs. XRIs are useful for creating identities for abstract resources. That is, the XRI not only abstracts the location (URI) allowing multiple physical resources to represent a single abstract resource, but also gives other metadata that identifies and describes the abstract resource.

XRIs build on the ubiquitous Uniform Resource Identifier (URI) and Internationalized Resource Identifier (IRI) standards - widely used by identity management solutions - by defining standard ways to express characteristics such as type, language and date. The lightweight HTTP- and XML-based XRI resolution framework lets a consuming application quickly and easily discover metadata about those resources, such as an alternative synonym identifier that works better in the application's local identity management system.

Metadata isn't limited to alternative identifiers. Imagine that an XRI-identified resource is a technical manual, available as a PDF or Word document and retrievable from a variety of mirrored network locations via various protocols. In a broad sense, the manual is the same document irrespective of where it is located, how it is retrieved or in what format it is represented. XRIs are ideally suited for identifying resources at this level of abstraction because the resolution process lets the consuming application choose the best network location, retrieval method and file format for its needs from the available options.

Like URIs, XRIs are composed of an authority portion and a path portion. XRI resolution converts the authority portion and the path portion of an XRI to an XML document called an XRIDescriptor. The XRIDescriptor describes the identified resource and the means by which the digital representation of the resource can be retrieved. By providing an additional level of in direction away from concrete instances of a resource, XRIs provide a permanent, unbreakable reference on which stable business relationships can be based.
From XRIs resolve identity management dilemma
Referenced Thu Sep 22 2005 08:23:45 GMT-0600 (MDT)

We'll hear more about XRIs (and other solutions to problems in the Internet identity space) at next month's Internet Identity Workshop. I hope to see you there.

8:21 AM | Comments () | Recommend This | Print This

September 21, 2005

Accelerating Change 2005

Accelerating Change is an awesome conference. I've never been in person, but I love listening to in at IT Conversations. Maybe next year...

In the meantime, Scott Lemon went and blogged about it (day 1 and day 2). I hope we'll get a brain dump from Scott at next week's CTO Breakfast.

1:46 PM | Comments () | Recommend This | Print This

KVM Over IP

I'm in the process of buying a KVM over IP solution for my rack at BYU and it occurred to me, that I'd like this technology to be standard on every computer. I'd love for my keyboard, mouse, and monitor to just plug into the network instead of routing bulky cables. More than that, however, I'd love to get rid of a few of the connector types that plug into my laptop. The network is my docking station!

7:31 AM | Comments (11) | Recommend This | Print This

September 20, 2005

Captchas: Word Verification for Self-Provisioned Systems

One of the common features of any site offering a self-provisioned service these days is a captcha (an acronym for "completely automated public Turing test to tell computers and humans apart"). Google's account sign-up page, for example, has one. The idea is to stop automated sign-up from people who would abuse the system for spam or some other nefarious purpose.

A friend of mine, Nathan Sandland, just launched a company offering a word verification product written in Java. Nathan is a great programmer and someone I'd love to work with again someday. I wish him luck in his new venture.

I think this would make a good Web service. The chaptcha image could be generated and named with a hash. The site requests the URL of an image, takes the user's input and sends it back, along with the image URL for verification. This could happen using SOAP or REST using a secure connection.

12:40 PM | Comments (1) | Recommend This | Print This

IT's Role in Improving Elections

I posted an article at ZDNet's Government and Technology blog about the Carter-Baker report on voting:

Former President Jimmy Carter and former Secretary of State James Baker released the final version of a bipartisan election reform report today. The two led a 21-member, privately funded Commission that offered 87 recommendations to strengthen the country’s electoral system and build confidence in the political process. Of the five primary recommendations, three have implications for government IT.
From IT’s role in improving elections | ZDNet Government Blog | ZDNet.com
Referenced Tue Sep 20 2005 12:16:46 GMT-0600 (MDT)

There's been much said of late on eVoting. I find the conclusions in this report to be well-thought out, but I'm troubled by the march to federalizing the election process. Perhaps it's inevitable given its importance, but I'm of a mind that states could do a better job of this and figure this out on their own through some coordinating group like the National Association of Secretaries of State.

As I mention in the article, the most controversial of the proposals is probably the use of Real ID as the sole means of authenticating voters:

While Real ID generally has implications for IT, this proposal just adds to that requirement list. There are, as usual, privacy concerns. Most people don’t realize that information about whether they voted or not and in which elections, along with their party affiliation, is a public record in most jurisdictions. This proposal would make that data much more accurate, linkable and transferable between states than it has been in the past.
From IT’s role in improving elections | ZDNet Government Blog | ZDNet.com
Referenced Tue Sep 20 2005 12:21:37 GMT-0600 (MDT)

This is the very real danger that any national ID card system, even one cobbled together like Real ID posses. Once you've got a universal identifier, you can link all kinds of information. Even if you restrict the government, someone else will. Soon we'll be correlating whether people vote with the kind of breakfast cereal they eat.

12:17 PM | Comments (2) | Recommend This | Print This

September 16, 2005

Asterisk to the Rescue

Randy Gordon pointed out some volunteer efforts to set up wireless and VoIP networks in shelters for people displaced by Katrina. The Atlanta Asterisk User's Group is setting up Asterisk PBXs. Part15 is setting up wireless networks. Another example of private, volunteer rescue efforts.

2:48 PM | Comments () | Recommend This | Print This

Lessig in Salt Lake

Larry Lessig will be speaking at the Broadband Cities conference in Salt Lake next Tuesday. If you haven't heard Larry speak, you'll want to go; he's that good.

2:29 PM | Comments () | Recommend This | Print This

Layering on Rich Clients

Tony Byrne sent me a note about a recent entry on his site noting that resellers are layering rich clients on top of existing document management systems. Seems that a UK-based reseller of FileNet built a great interface to the product using AJAX.

[P]erhaps it's time to ask your content management vendor when they will provide a rich web interface. Don't hold your breath. FileNet and other ECM vendors can boast solid engineering teams, but little core competency in UI design. Maybe resellers will pick up the slack.
From Trends: AJAX for Document Management
Referenced Fri Sep 16 2005 11:39:53 GMT-0600 (MDT)

If you want to see it in action, watch the screencast.

11:37 AM | Comments () | Recommend This | Print This

Orem Utah's Geocoder

Orem City's GIS group has published a Geocoder Web service. It has one method: give it an address in Orem and you get back a geocode. Not something the average citizen will want to access, but I think it's cool that not only have they got it, but it's online, accessible, and published at XMethods. From the description:

This web service is mostly useful in a GIS application. Here at Orem, we have about five on-line interactive maps and three desktop applications that consume this web service. Since we update our own centerlines, the geocoder is updated whenever we make any edits to the data source. We never have to awkwardly recreate ESRI locators.

It would be interesting for someone to create a UDDI registry of eGovernment Web services.

9:45 AM | Comments () | Recommend This | Print This

Default to Open: Cyberspace is a Bad Metaphor

A lot of what happens on the Internet happens because of a simple principle: if it's online, we assume that it's permissible to access it. We take for granted the ability to link to and access page and other data on the web. Mash-ups are an example of applications that rely on this principle.

Wired magazine has an article explaining why this principle may be in danger.

In a few years, legal doctrines being aggressively pushed by corporations and law enforcement officials might prevent something cool and useful like this from ever happening again.

In a variety of cases, courts are holding that people can't access Internet computers without first getting authorization from the computer's owner. Judges are assuming that the public has no right to use unsecured computers connected to the Internet, and are requiring the public to get permission first.

For example, many ISPs and some prosecutors are arguing that it's a crime to use unsecured wireless access points without the explicit permission of the owner. Antispam crusaders advocate blocking any e-mails that haven't been whitelisted first. Airlines like American and auction sites like eBay -- which want customers to visit their websites, view their ads and "join the community" -- have won court injunctions against companies that collect price information on plane fares or auctions to help consumers comparison shop.

Under ancient legal theories like "trespass to chattels" and ill-advised modern laws like the federal Computer Fraud and Abuse Act and state computer crime statutes, courts are holding that if you don't have authorization, you can't access computers.

And if you can't access computers, you can't collect data about airfares, auctions or evacuees.
From Wired News: Open Internet, We Hardly Knew Ye
Referenced Fri Sep 16 2005 09:28:56 GMT-0600 (MDT)

I believe that much of the trouble comes from the metaphor we've used to describe the 'Net for so long: cyberspace. As Michael Swaine described in a recent column in Dr. Dobbs, cyberspace is a metaphor of place whereas the 'Net has increasingly come to be able information flows.

Technometria isn't about a "homepage" (another place metaphor)--it's an ever changing stream of information. Likewise, RSS, mash-ups, and Web services are about information flow.

Allowing people to block access to their public sites without prior explicit permission isn't analogous to allowing people to have privacy in their homes--even if the door's not locked. It's more like letting anyone with water rights permanently divert the water from the canal, or block their downstream neighbor from getting to the water. (I recognize this analogy may not translate if you've never lived in the rural west and had to take your turn at irrigating your yard or crops--still, I think it's apropos.)

9:14 AM | Comments (1) | Recommend This | Print This

September 15, 2005

Jon Udell's Interview with Bill Gates

After engaging in a hand-slapping contest with Napoleon Dynamite for control of Microsoft, Bill Gates sat down with Jon Udell for an interview. Jon has the podcast and transcript versions available on his blog. It's well worth reading--Jon geeks out with Bill and asks some great questions. Bill gives some good answers. Dan Farber, at ZDNet calls it "one of the better interviews I have read/heard in covering Gates for more than two decades." Go Jon!

3:38 PM | Comments () | Recommend This | Print This

First Responder Interoperability

I wrote an article about some lessons from Utah's experience building an interoperable 800MHz voice network for public safety before the Olympics at ZDNet's Government IT blog:

One of the problems that Katrina has put into bold relief is the cascading effect of communication snafus on quickly responding to disasters. First responder communications were hampered by systems that were down and systems that couldn’t talk to each other. I heard one story of a radio repairman sent into fix some of the police radios who wasn’t let through the roadblock because the State troopers couldn’t get on the radio to verify his identity.

Congress is now calling for upgrading first responder communications. This isn’t a new problem. When I was Utah CIO we dealt with these issues all the time. Because of the Salt Lake Olympics, Utah was blessed with Federal money to upgrade some of its public safety radio systems. The new system ran on the 800MHz, one of the bands the FCC has set aside for new public safety networks. Still there were problems beyond the financial ones...
From First reponder interoperability | ZDNet Government Blog | ZDNet.com
Referenced Thu Sep 15 2005 15:00:46 GMT-0600 (MDT)

In the end, this problem comes down to governance and governance requires the willpower to force people to cooperate. The Olympics was the event that pushed Utah over the hump. I imagine Lousiana and Mississippi will find it easier to do now. Who knows what it will take in other places.

3:00 PM | Comments (1) | Recommend This | Print This

September 14, 2005

On the Importance of Identity

Jon Udell makes a short observation on the important of identity in the current business climate:

As I was preparing this morning for a couple of conferences, I took a moment to reflect on how my departure checklist has changed. Things that used to matter a lot -- plane tickets, cash -- seem unimportant. But the things that grant access to those things -- ID cards -- matter more than ever. The dependency on my driver's license, in particular, has become a growing concern. I have no backup for this document and, given the quaintly intermittent schedule of DMV offices, no quick way to replace it. You might think that when credentials do finally go digital, they'll be easier to replace. But in fact, identify providers will (or should) still require a face-to-face ceremony. This doesn't get any easier until, perhaps, we start asserting our identities using nature's digital signature -- our DNA.
From Jon Udell: Departure checklist
Referenced Wed Sep 14 2005 14:32:57 GMT-0600 (MDT)

Jon's comment underscores something we all understand but rarely express. Identity isn't just more important online than it used to be; it's more important in general. I increasingly access the services that I need to work and live using an identity credential of some sort.

The result is that, online or offline, having a way of presenting those credentials in the right context, with a sufficient level of trust, is vital. As Jon notes, having alternate credentials is equally important. A corollary is that identity theft becomes more and more of a problem under these circumstances.

Our online and offline identities are, for the most part, separate. I can't use my driver's license online. Online identities are even worse. Not only can't I use them offline, but I can't usually use them online except in a narrowly defined context. My eBay ID means nothing at Amazon.

The Internet Identity Workshop we're putting together in October will discuss various schemes for solving the second problem, but not the first.

There are someplaces where the online and offline identity spaces intersect. Everytime we use a credit card we are using a nominally offline identity online. The fact that I use my credit card to pay for something gives the online merchant reasonable assurance that I'm who I say I am since most people aren't willing to incur a financial obligation on behalf of someone else. It's not perfect--the online t-shirt shop still thinks I'm a "small" and buy t-shirts with names of bands I've never heard of because I bought a few for my son. Still, it's a reasonable expectation.

Still, that's a farily narrow case. For many use cases outside e-commerce, I can't expect someone to incur a financial obligation just to prove they're really who they say they are.

Using online identities offline isn't unimaginable either. When I was at iMALL, we stored customer credit card data, not unlike how the Amazon system works. We were working closely with First Data Corp. and so thought a lot about payment systems. We envisioned being able to use the iMALL identity in Wal-Mart. When you swiped your iMALL card at Wal-Mart, you'd be presented with the choice of paying using any of the stored payment options in your iMALL account.

2:31 PM | Comments (1) | Recommend This | Print This

September 12, 2005

Skyping a Good Deal on eBay

This morning Steve Fulling, CIO of Sento (where I'm on the board), asked me via IM: "why would eBay pay $2.6B for Skype when Oracle "only" paid $5.8B for Siebel?" Since he and I have had lots of conversations about customer interaction hubs and CRM, the context of the conversation naturally flowed in that direction. I realized that in some ways, what Oracle and eBay are doing is similar, although they're operating at opposite ends of the longtail: they're both selling tools for people who sell things to interact with the people who want to buy. Oracle is trying to sell expensive, feature-rich CRM software packages to big companies so that they can manage their customers. eBay enables small merchants to interact with with small numbers of customers for a small monthly fee.

But, why would eBay buy Skype? Unlike Yahoo! or Google, eBay has always had a fairly narrow strategy. Their Web site isn't anything fancy and looks about the same as it did in 1998. So, why buy a VoIP company? I can think of several reasons which are squarely within eBay's area of interest: exploiting longtail opportunities in eCommerce.
From » Skyping a good deal on eBay | Between the Lines | ZDNet.com
Referenced Mon Sep 12 2005 14:09:41 GMT-0600 (MDT)

This whole thing will be interesting to watch from an identity standpoint as well. eBay and Skype were both huge repositories of identity data. Now, the combined entity is gigantic. There will be plenty of opportunity for misstep. TO really exploit the combined entity, eBay will have to normalize the identities in some way. If they do it right, they could be a key player in Identity 2.0.

2:17 PM | Comments () | Recommend This | Print This

Technology, Public Policy, and Governance

The Register had an article on Friday about Urquhart's challenge to Hatch that categorized Urquhart as a "file-sharing, Republican blogger." That's a typical headline stretch since the file-sharing bit comes from a quote inside the article about file sharing being a technology, not a behavior:

“File-sharing technology is value-neutral and it’s amazing. The technology should be lauded. Like most good things, though, it can be used in inappropriate ways. In those cases, the actions, not the technology should be discouraged,” he said.
From File-sharing Republican blogger tackles Hollywood Hatch | The Register
Referenced Mon Sep 12 2005 08:51:21 GMT-0600 (MDT)

The more general message is this: don't regulate technologies, regulate behavior. The problem with creating public policy based on technology is that it changes. Just witness the pains state governments are going through right now to understand VoIP. All their regulatory infrastructure is based on the old technology of the PSTN and the new technology just can't be shoe-horned in.

Technologists, who understand this better than most, need to do more to support candidates who "get it." Tomorrow New Yorkers go to the polls in a primary election that has a similar choice. Andrew Rasiej is running for NYC Advocate, a position that most outside NY will have a hard time getting very excited about. In this position, Rasiej has the bully pulpit to make a case for community broadband, better disaster preparedness, and more generally, more transparent and responsive government.

These are all nice slogans, but I think Rasiej has a record to back them up. I was impressed enough to donate to his campaign. Hardcore Republicans will read his message and wonder how I could support someone as liberal as Rasiej. Quite simple: his understanding of technology and how it plays into public policy is much more important to me than his views on welfare.

Let's face it: it's NYC. That's a liberal place. There's not even a Republican in the race. And even if there were, I'm not going to change the politics of NY by supporting a Republican who can't get elected. I can change it, however, by throwing my support behind the candidate who can get elected and who understands the role of technology in public policy and governance.

People face the same decision in deciding whether to support Steve Urquhart or not. Call it the politics of expediency.

8:41 AM | Comments () | Recommend This | Print This

September 9, 2005

Identity 2.0: The Movie

If you missed Dick Hardt's presentation on Identity 2.0 at OSCON this year, he's turned it into a movie. This is well worth viewing if you've got any interest in identity.

2:42 PM | Comments () | Recommend This | Print This

XQuery Apache Module

From Freshmeat:

Native XmlDB Query Daemon is a client-server version of the Sleepycat native XML database deployed as an Apache module. The client is a pure Java API, supporting XQuery, XPath, and an Xml:DB API layer. It comes with a graphical admin console. Server binaries are provided for Linux x86 and x86-AMD64; for other platforms, compile from source.
From freshmeat.net: Project details for Native XmlDB Query Daemon
Referenced Fri Sep 09 2005 09:54:31 GMT-0600 (MDT)

9:53 AM | Comments () | Recommend This | Print This

September 8, 2005

IIW2005: Hotels and Wiki

Ross Mayfield donated a wiki for Internet Identity Workship 2005 and we've started to put it to use.

Kaliya has put together some hotel information for Berkeley.

We also have a page for Day One, which we'll fill out from the proposals we've received and invitations we've extended and Day Two, which is going to be run as a "structured open space." This page is a place for you to record things you'd like to see discussed or like to discuss yourself.

If you haven't registered, it's not too late. We're expecting a good crowd based on the registrations that have come in so far. We're going to cut off registration at 75 to ensure the group doesn't get too big for effective discussion.

2:45 PM | Comments () | Recommend This | Print This

Virtualize Everything

I had a good visit to IBM's Executive Briefing Center in Raleigh yesterday. I was there to learn about data centers, power, blades and virtualization. I've put some of my notes on data center power requirements at Between the Lines.

When I first thought about virtualization as a tactic in the data center, I assumed that the point was saving hardware costs. That's not true for a couple of reasons.

First, the most sophisticated virtualization solutions, capable of running Windows as well as Linux, like VMWare's ESX aren't cheap. In fact, by my calculations, VMWare has figured out how to take just about all the hardware savings for themselves in their software licensing. Competition is eating into that, but you're still not going to save much money on the initial purchase.

The real saving come in the form of decreased sever management. About 2000, labor costs associated with managing servers surpassed server capitalization costs for the first time and they've been climbing steadily ever since.

Virtualization hides physical constraints, makes it easier to deploy, grow, and migrate applications, minimizes the impact of changes to physical resource, and enables hardware change-outs to be accomplished transparently without "maintenance windows." These are the real advantages of moving to virtualization in the data center.

Organizations usually approach virtualization in two phases. The first phase of virtualization is for physical consolidation of multiple servers. Over the years, the trend has been to isolate applications on their own server in order to survive DLL Hell. Often this has resulted in servers with very low utilization numbers. Consolidating those applications on virtual servers retains the advantages of separate servers but with fewer servers to manage. Another advantage is improved resource flexibility. In this phase, the organization probably uses disparate management tools for individual servers.

The goal of the second phase is logical simplification. In this phase, the number of resources, including network and disk resources, being virtualized approaches 100% giving maximum resource flexibility. This phase is usually marked by a move to unified management and automation tools.

Server virtualization performs better on big SMP boxes than on the equivalent number of processors in pizza boxes--at least for applications with unpredictable loads. The reason is pretty simple: the more applications that can be brought onto the same hardware the more headroom you have to handle bursty loads. It's kind of an N+1 solution to the bursty load problem instead of a 2N solution.

Intel and AMD plan to make changes to their architectures to specifically support virtualization. This will have several positive effects:

  1. First, VMWare's proprietary advantage will be much smaller and other virtualization technologies, including open source projects like Xen will be able to more easily provide virtualization features including support for Windows.
  2. Second, with the architecture changes, the hypervisor layer could be as small as 35000 lines of code. This is small enough to be embedded in the firmware of systems so that all servers just "know" how to virtualize the OS layer.

In short, virtualization will become a commodity. VMWare and others will have to figure out how to make money in the management and automating tools built to manage the virtualization layer.

Update: Intel's virtualization technology is code named Vanderpool. AMD's is code named Pacifica. Tom Yager had a recent column on virtualization at InfoWorld.

11:28 AM | Comments () | Recommend This | Print This

September 7, 2005

The Katrina Response

I wrote a little on the government response to Katrina over at ZDNet's Government Technology blog.

Local governments usually get gold stars here. The feds have a harder time with it. Their strong suit is dropping in with boatloads of resources a few days after things hit. That’s why diasaster recovery has usually come down to local management with Federal resources. Katrina seems to have set different expectations because its scope was so large and wiped out many of the resources that local responders rely on. 9/11 was an aberation because it took place in city with lots of local resources and strong governance (personified in Giuliani). Disasters of a similar scope that take place outside a few select cities will quickly overwhelm local resources and goverance capabilities.
From System administration at scale | ZDNet Government Blog | ZDNet.com
Referenced Wed Sep 07 2005 05:31:44 GMT-0600 (MDT)

5:29 AM | Comments (2) | Recommend This | Print This

Naming and Certificates: An Identity Policy

As I mentioned, over the coming weeks I'll be discussing some identity policies from my book on Digital Identity.

Common identity policies include authentication and authorization, naming, directories, encryption, software development, software licensing, networking, privacy and federation. The number and type of policies depends on an organization's size and purpose. Today, I'm going to discuss naming.

A policy on naming forms the basis for other identity policies and for security policies. Naming can refer to many different things including domain names, usernames, uniform resource locators, documents, phone numbers, employee identity numbers, and physical assets such as conference rooms, printers, and computers. Tailored for a specific company, a policy may not concern all of these, only the ones that are important now. Other facets of naming can be added as necessary or delegated to the appropriate parties.

The naming policy should be concerned with the form of names and who is responsible for naming. Most companies, for example, own one or more domain names. Other people in the organization will want subdomains from those domain names. Someone in the organization should be responsible for maintaining the domain name asset and assigning subdomain names. This role is typically called the "registrar."

Most organizations also own a number of digital certificates. Digital certificates associate identity information with a public key in a signed data structure. I/ve chosen to include the policy information for certificates with naming because I prefer using the registrar for managing an organization's certificates as well as domains. In common practices most of the certificates will be associated with domain names and the asset tracking system being used to manage domain names and subdomains can frequently be used to manage certificates as well. Another place to talk about certificates would be in the policy on encryption and digital signatures.

A policy on naming can also help enforce data standardization efforts. Such a policy might include requirements to use information from the metadata repository or to use identities in established data stores in preference to creating new identities.

One of the most important naming roles a policy can perform is to grant authority for creating enterprise-wide identifiers. For example, how are email identifiers created? Who has authority to determine the format of employee numbers?

I've created a sample identity policy on naming (PDF or WORD) that you can use as a template. You'll see that it addresses many of the issues I bring up above.

5:24 AM | Comments () | Recommend This | Print This

September 6, 2005

Off to North Carolina

I'm leaving in a bit to go to North Carolina to learn what IBM is doing in the area of blade servers and virtualization. I've got trips lined up later for Dell and HP as well. Hopefully, I'll have something interesting to report from all of it.

1:04 PM | Comments (2) | Recommend This | Print This

September 2, 2005

What to Say About Blogs?

Poster advertising talk (click to enlarge)

I've been asked to speak to the Marriott School of Business' Faculty Brown Bag Lunch on blogging (they came up with an awesome poster) the end of the month. The also said they'd like to hear something about Wikis. So far so good. The problem is how do I tell them about all the things they don't know they need to know. Like:

  • RSS and feed readers
  • Del.icio.us
  • Feedster, Technorati, etc.
  • Tagging

And a million other things. There's this whole culture around blogging that includes lots of different ideas. The asked about how to start a blog, but they really want to know "why?" and "what's it good for?" and "how do you make it successful?" and "will it help or hurt with my research?" in 30-45 minutes, I can't cover it all, so I'll have to find a way to answer the important questions and give them a push in the right direction. Leave a comment if you've got ideas about what has to be in this talk.

5:25 PM | Comments (8) | Recommend This | Print This

September 1, 2005

August's Most Popular

For the month of August, the following were the top three blog posts on Technometria (along with page views):

BlackDog Linux Server1,485
Ruby on Rails (OSCON 2005 Tutorial) 1,431
How to Start a Blog 1,410

The Blackdog Linux post was a throw-away that I did so I wouldn't lose the URL. If I'd known to was going to be so popular, I'd have written something useful there. The second was my notes from an OSCON tutorial. One of the reasons I enjoy going to OSCON and similar conferences is that they provide me with really good material to think and write about. The last one is some tips I wrote a while back on starting a blog. It's a consistent favorite on my blog.

6:44 PM | Comments () | Recommend This | Print This

Flick-off Yahoo!

I've been so heads-down this week getting things started up in my classes, that I totally missed the story about Yahoo! making Flickr users angry by forcing them to switch. Well, as the old TV commerical goes: some users would "rather fight than switch." I've written some thoughts about Yahoo!, identity, and inames at Between the Lines.

3:44 PM | Comments () | Recommend This | Print This

Official Disaster Websites Lacking

David Stephenson reviews the official Web sites of government agencies and NGOs helping with the disaster relief and finds them sadly lacking. My bet is that none of them have included their Web site or even their IT staff in their disaster planning and never thought about how they might be used.

After 9/11, when Utah's Public Safety department was beefed up to have a 'homeland security' component, we had to fight for a seat at the table and found out that seats you have to fight for aren't worth having. This is a crowd for whom radios are about as high-tech as they want to get.

2:19 PM | Comments () | Recommend This | Print This

ProvoPodcast

I was in Borders at lunch at saw a poster for something called ProvoPodcast. Turns out its a weekly radio show produced by three guys about the local music scene and artists. The production quality is pretty good. Not really my kind of music, but I bet my son will enjoy it and it will give me the opportunity to show him something cool he can do with his iPod.

2:02 PM | Comments () | Recommend This | Print This

Doug Kaye's on the Other Side of the Mic

Doug Kaye, creator and producer of IT Conversations has finally been trapped behind the other side of the mic. Moira Gunn interviewed him for one of the segments in her TechNation show, conveniently available on IT Conversations. I really admire Moira's interviewing technique and Doug's an interesting guy, so it should be good.

11:22 AM | Comments () | Recommend This | Print This

Disk Recovery Specialist Needed

A friend has had a 250Gb Firewire hard drive fail. The drive contains video data that he's anxious to get back. We've established that it's not the cable, hub, or machine it's connected to. He's looking for someone in Utah who can help recover the data. If you know someone good, send me a note.

7:34 AM | Comments (2) | Recommend This | Print This