Technometria

Home
Why Technometria?
RSS
Atom
Podcast Feed
Add to Google

Recommend This Site

About Phil

Brief Bio
Contact Info
Phil on Twitter
Speaking
InfoWorld
Photo Albums
Video Favorites
CTO Breakfast

Essays

2006
2005
2004
2003
CIO White Papers

Software

Packages

Topic Guides

Digital ID Policies
Internet Application Performance
Setting Up a Linux Server
Public Service Tips

Categories

Blog TagCloud

Archives

March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
December 2002
November 2002
October 2002
September 2002
August 2002
July 2002
June 2002
May 2002

Utah Tech Organizations

BYU Unix User's Group
Provo Linux User's Group
Utah Valley Linux User's Group
Ubuntu Utah
Salt Lake LUG
USU Free Software and Linux Club
Greater Utah BSD User Group
Utah PHP Users Group
Utah Python User Group
Utah Ruby Users Group
Ogden Area LUG
Southern Utah Unix Users Group
UtahSAINT

Copyright

Copyright © 2002-2009 PJW LC. Some rights reserved. Technometria is a trademark of PJW LC in the United States and other countries.

« December 2005 | Main | February 2006 »

January 31, 2006

Internet Explorer 7 Beta

Microsoft has released a public beta of Internet Explorer 7. Supposedly more secure, less prone to phising attacks, blah, blah blah.

11:48 AM | Comments (2) | Recommend This | Print This

CTO Breakfast Report

Today's CTO Breakfast was a lot of fun. There were about 30 people there. I was afraid that with the day change we'd have fewer people, but not so. Any more and we'll have to get a bigger room. We talked about a lot of interesting things. Here are some pointers to some things people brought up or mentioned:

  • Ross Livingston couldn't come, but sent me a note about a company in North Dakota that's exploring the use of weather balloons to provide cell coverage. The idea is to launch the balloons on the west end of ND and then let them float to the other side where they release their payload (the cell radio) and drop it back to earth where people turn them in for a bounty. With a cell tower costing a quarter of a million dollars and the need for 1100 new cell towers in ND alone to cover the state, the logistics might be reasonable.
  • Scott Lemon brought up the PopTech! podcast by Dr. Todd Kuiken and Jesse Sullivan. I had listened to it a few weeks ago as well. Jesse Sullivan lost both arms to an electrical accident several years ago. Todd Kuiken build prosthetic arms that use non-invasive techniques to read the nerve signals from the nerve that used to be attached to the arm. You've got to listen to the podcast to appreciate how cool this is and how far there is yet to go.
  • Eric Smith said he'd recently bought a TeraServer from Buffalo Technologies to serve as a media server in his home. These devices have a TB of memory and a GigE connection all in one inexpensive box. Control4 (Eric's company) is creating a set-top box will play videos from a local server. Sounds like a great match.
  • This naturally led to a discussion of CRAP (formerly known as DRM) technology. A lot of people said they use DVDShrink for getting DVDs onto a server. On the Mac, I hear tell that Handbrake works well. Handbrake is multiplatform, so it apparently also works on Linux and Windows.
  • There was some discussion on thin and thick clients. Bruce Grant brought up the problem of clients on mobile phones. There are 80 different browsers on phones. AJAX simply doesn't work in that environment. This is a huge barrier to interesting mobile apps and companies.
  • We talked about NX, a protocol for remoting machines. The architecture is based on the X-Windows system. From the Nomachine Website: "It consists of a thin layer of server software that enables any Unix computer to work as a terminal server. Clients are also available for a wide range of platforms and operating systems. NoMachine has chosen to build the foundations of its NX Distributed Computing Architecture on the well known and widely used X-Window System - the windowing system that's behind the Graphical User Interfaces of Linux and the Unix Operating System." NoMachine apparently has version for sale and there's also FreeNX, a free version. This caught my attention because I found out about Clearcube, a company that sells blades that serve as remote workstations. Pretty cool idea for call-centers, student labs, etc. I wonder how cost-effective it is.
  • In a discussion of cell phones for kids, we talked about Boostphone and Firefly. As a parent, I'm a firm believer in cell phones for my kids. They think its a big deal that I'm giving in to them, but in fact, I'm enabling a kid tracking system that makes me more comfortable about having them out and about.
  • No one listens to voicemail anymore (especially anyone under 21). Send them a text message, however, and you're likely to get a response. Not many people have turned off their email yet, but it's bound to happen.
  • Speaking of voicemail, does anyone have a voice to text transcription service that operates in near real time? The idea would be to have voicemail come across as text. Scott Lemon proposed outsourcing it to India. I found SpinVox but apparently it's available in Britain.
  • VPNs are something that ought to be easier for regular folk to do without the support of an IT department or a deep dive into the SSH man page. Hamachi is a free VPN client for Windows and Linux (OS X client in the works) that sets up VPNs between a set of machines. The interface looks like an IM window.

Every month, I'm amazed at the topics that come up and the discussion that ensues. If you're interested in coming, you're welcome. Just sign up for the mailing list on the CTO Breakfast page and I'll send you a reminder before the meeting each month.

Update: Scott Lemon has notes from the meeting that capture some of the ideas and conversations I missed.

11:22 AM | Comments (1) | Recommend This | Print This

January 30, 2006

CTO Breakfast Tomorrow

Remember that we're holding January's CTO breakfast tomorrow morning at 8am in the food court (BLDG L) at Canyon Park Technology Center (former Word Perfect Campus). Come prepared to talk about things you've seen in the last month. I just got back from visiting Brian Chee's Network Testing Lab in Hawaii this morning and I'll tell you a little about what I learned.

Directions and dates of future meetings can be found here. I look forward to seeing you tomorrow.

11:16 AM | Comments () | Recommend This | Print This

January 28, 2006

IIW2006 Venue

We're looking for a venue for Internet Identity Workshop 2006. We're planning to hold it in the Bay Area in May. We need enough space for about 100 people and a way to hold 4-5 breakout sessions during part of the workshop. The workshop will last two days. If you have an suggestions, please let me know.

10:00 AM | Comments () | Recommend This | Print This

January 26, 2006

Wanted: Linux Developer

Ken Knapton at Content Watch is looking for a developer with Linux roots. Here's a list of the skills required:

  • In-depth understanding of Linux operating system and development practices
  • Demonstrable experience developing Java and/or C++ applications
  • 3-5 years of work experience in Software Development
  • Server-side development experience preferred
  • Bachelors Degree in Computer Science or related field
  • Knowledge of Java/C++ and object-oriented design and development

The job's located in Utah. If you're interested, contact Ken directly.

8:24 AM | Comments (2) | Recommend This | Print This

January 24, 2006

Governing Federation

I'm doing a feature story for InfoWorld (to appear in March) on governing federated identity relationships. The core of the story is that the technology to do federated identity is here, works, and is maturing; technology isn't the biggest problem. The real problem comes down to governance.

Once you start sharing identity information with partner companies and customers, the real gotchas lie in hammering out the relationships between all the parties involved and defining who has what kind of access to what data.

Of course, my book is chock full of my ideas on that. One thing I don't have in the book and would like to get into the article is stories about how companies are managing their federated ID relationships. If you know of a good story, please let me know.

2:32 PM | Comments (1) | Recommend This | Print This

Owning Identity, Not Reputation or Transactions

Bob Blakeley, who writes frequently about identity issues has an interesting post entitled On The Absurdity of "Owning One's Identity" in response to Kim Cameron's first law. The first law states: Technical identity systems must only reveal information identifying a user with the user's consent. Bob, rightly, recognizes that this really isn't a law and goes on to give various reasons why it's unenforceable. Drummond Reed points out, that Kim's talking about "technical" systems, not the processes that might be built on top of them.

Even so, there are some interesting issues here that point out why identity and user-control can be so sticky. Recognize that relationships matter. Individual attributes about me are only of concern when their linked to me. Data in aggregate (another form of relationship) has value (both to me and to others) that is more than linearly proportional to the size of the collection. In some cases, leaving out data can make the whole collection worthless (think of your credit score with all the "bad" data excluded.)

While first law is good, it doesn't solve every issue:

  • The first law doesn't have to let users excluded some data in an aggregation that has been requested by a relying party. User control doesn't have to mean that users have a line-item veto.
  • The first law can't protect users from a relying party slowly accumulating identity data. eBay can still nickel and dime you to death and if you agree each time, they will amass a large collection of data.
  • The first law doesn't keep a relying party or identity provider from releasing identity data regarding transactions to which they were a party. I've written before about symmetric treatment of transaction data.

A lot of people claim that anything related to them is "identity data" and that's part of the problem. Records of your transactions with a lender is not identity data; it's transaction data. Your credit score isn't identity data; it's reputation. This gets to one of Bob's key points: you don't own my story about you. But, then again, your story's not identity.

I think many, but not all, of Bob's issues with the first law, go away when we start to reclassify data as transactional and reputational, rather than lumping it all in as "identity."

1:13 PM | Comments () | Recommend This | Print This

Synapse Milestone 1

The Apache Synapse project released Milestone 1 yesterday. From the homepage: "Synapse is a mediation framework for Web Services. Synapse allows messages flowing through, into, or out of an organization to be mediated." Milestone 1 supports:

  • Simple mediation based on regex and xpath rules
  • Onbound routing of messages
  • Deploy simple Java mediators to perform logging, routing, message transform etc
  • XSLT transformation of messages
  • HTTP Proxy support
  • Stages and in/out handling of messages

There are a number of SOA intermediary vendors, like Infravio supporting Synapse in the hope that it will spawn a standard, open source reference architecture for Web Services control points. Everyone wants to be in the run-time management business without having to manage all the connectors, gateways, and proxies that get managed.

I haven't played with Synapse yet, but it might be a fun thing to throw into my class next fall. I've been thinking of cutting out J2EE and just concentrating on Web Services. That would leave time for students to get their hands dirty with intermediaries, orchestration, and some other more advanced SOA artifacts.

6:55 AM | Comments (2) | Recommend This | Print This

January 23, 2006

SOA Governance Feature

The SOA Governance feature I did for InfoWorld is up today. There are four parts:

This was a fun series to do and I learned a lot writing it.

Steve Fox wrote an intro for the whole series. As Steve mentions, I'll be leading a panel on this topic at the InfoWorld Executive Forum in March. I'll be posting more about that as we approach the date and soliciting ideas for questions. I'm trying to put the panel together and mostly interested in people doing SOA rather than vendors selling governance products. I've got a couple of good people lined up so far. If you've got suggestions for others, let me know.

1:40 PM | Comments () | Recommend This | Print This

January 21, 2006

Ruby on Rails and OS X

Devlin Daley gave a presentation in our 601R class on Rails so that we could discuss frameworks and the choices Rails had made. While he was talking, I poked around a little since I wanted to get Rails going on my Powerbook and found this great little tutorial on getting Rails working on Mac OS X (Tiger).

The tutorial walks you through setting Rails up with SQLite and creating a simple application. I only ran into two problems with the tutorial as written. First, when you load the Ruby Gem for SQLite, it says to type: 

sudo gem install sqlite3

In fact, this returns an error. You need to type: 

sudo gem install sqlite3-ruby

Second, after you create the sqlite database, you need to set its permission so that the Web server can get to it: 

chmod 666 addressbook.db

I like that this uses SQLite since it's already installed on Tiger and easy to get going. SQLite is great for just exploring. I also like that it uses Apache since I'm very familiar with it.

12:25 PM | Comments (2) | Recommend This | Print This

January 20, 2006

CIO Magazine Goes Podcast

CIO Magazine has a podcast which is the content of the magazine, or at least some of it, read out loud. Interesting feature for people who commute and want to get to articles they just don't have time to read at the office.

6:52 PM | Comments (2) | Recommend This | Print This

Stable Architectures

There's a very informative article in InfoWorld about how Con-Way, the trucking company used SOA to migrate away from their legacy applications piecemeal. The effort required making the architecture explicit first, with the right level of granularity, and then building interfaces. Then various parts can be changed as needed and reintegrated to create new apps. The article says:

Although the Con-Way effort began eight years ago, the basic architecture has remained stable and has allowed the company to change its technologies while maintaining the underlying business logic and adding new business logic as the market demands.
From Lessons from an SOA pioneer | InfoWorld | Analysis | 2006-01-06 | By Galen Gruman
Referenced Fri Jan 20 2006 06:40:38 GMT-0700 (MST)

This reminds me of IBM's experience in creating the System 360 architecture. The architecture was stable over several decades. If designed right, architectures should be very stable over periods of many years.

6:35 AM | Comments () | Recommend This | Print This

January 19, 2006

Using Screencasts to Augment Instruction

Ever since I saw what Jon Udell was doing with screencasts, I've wanted to use them to augment some of my courses. If you're not familiar with the term, a screencast is a short video that, usually, shows th screen of a computer and has a narrative explaining what's going on.

I think screencasts have a lot to offer instruction. In my CS330 class, we use Scheme. Learning Scheme is something the students have to do to complete the course, but it's not really what the course is about. Screencasts provide an excellent medium for introducing students to things they need to know, but aren't covered extensively in a lecture.

This semester, I got a small grant from the department to hire a student to create some screencasts to augment CS330. CS330 has a long history of being a class that experiments with technology to augment the educational process. It was, for example, the first class at BYU with a Web page and online lecture notes.

Michael Reynolds, the TA for the class, is creating the screencasts. So far, there are two, one that shows students how to download and set up Dr. Scheme, the IDE we use in the class and another that introduces some basic Scheme concepts.

Michael's using Camtasia to capture and edit the screenshots and then narrating afterwards. The production quality is pretty good. I think the audio could be better. So far, we're just experimenting. We hope to have a guide online soon to help others trying to do the same thing.

11:06 AM | Comments (1) | Recommend This | Print This

January 17, 2006

CTO Breakfast Date Change

I've had to change the date of the CTO breakfast for January. The schedule originally had us meeting on Thursday the 26th or January, but I've got to leave for Hawaii that morning (I know, but someone has to do it). So, instead, I've moved the breakfast to Tuesday the 31st of January.

We'll be meeting at the Food Court in Building L of Canyon Park Technology Center (former WordPerfect campus) at 8am. The reason I'm going to Hawaii is to visit Brian Chee's network testing lab and I'll report on that. Please come with a few new things you've seen lately and would like to discuss. The past few meetings have been particularly interesting and I hope we can keep that going.

10:10 AM | Comments () | Recommend This | Print This

Intel iMac vs. G5 iMac Boot Times

You Tube has a short video showing an Intel iMac and a G5 iMac booting while they sit right next to each other. The Intel G5 boots almost twice as fast. I'm anxious to get my hands on a MacBook.

9:47 AM | Comments (3) | Recommend This | Print This

Geek Dinner Tonight

There's a geek dinner tonight in Sandy. The discussion topic will be geek law. Unfortunately, I'm not going to be able to make it.

7:05 AM | Comments () | Recommend This | Print This

Algorithmic Authorizations

Yesterday I was reading Seeing What's Next: Using Theories of Innovation to Predict Industry Change by Clayton M. Christensen, Erik A. Roth and Scott D. Anthony and came across a story about how credit scoring changed the loan industry:

In 1956, Fair, Issac created a standard predictive risk-assessment tool. It dramatically simplified the process of judging creditworthiness with a statistical methodology that plugged variables from an applicants credit history into an algorithmic formula that produced a score. Credit scoring's robust, scientifically based, quick assessment enabled a broader population of less-skilled people to make lending decisions.

It occurred to me that this was, essentially, an algorithmic authorization to access a certain amount of credit. In most authorization regimes, we conceive of a two-dimensional look-up tables that says whether a particular identity or role (one dimension) is allowed access to a particular resource (the second dimension). Building these two dimensional tables to completely specify authorizations for all the roles in a company, say, and all it's resources is difficult and once done quickly out of date.

Being able to compute authorizations from the attributes associated with an identity would make this problem more tractable. Can anyone think of other examples besides credit scoring where authorization to access a resource is computed instead of being lookup up in a table?

By the way, I'll have more to say about this book later. It's a very good read and contains some valuable theories and analysis methods.

6:40 AM | Comments (5) | Recommend This | Print This

January 11, 2006

Understanding UDDI

understanding uddi
UDDI interactions with various SOA players
(click to enlarge)

As part of the SOA governance feature and Infravio X-Registry review that are going to be in InfoWorld in a few weeks, I'm trying to come up with a short (less than 200 words) sidebar and graphic on understanding UDDI. My first draft of a graphic is shown on the right. Here's text I'm thinking of including with it. Naturally, it has been simplified to meet space requirements. The question is "does this capture the spirit of UDDI and communicate useful information or does it confuse because of details left out?" Help me out.

  1. Architects, in consultation with business users, populate the registry with abstract service specifications relevant to the business called technical models, or more commonly, tModels. tModels are registered and assign a unique identity, in the form of a long hexadecimal number, called a UUID.
  2. Business users, with the help of registry operators, populate the registry with information about the organization and it's units. Each entry also receives a UUID.
  3. Developers, in consultation with business users, populate the registry with services and classify them according to the tModels as well as industry and organizational taxonomies.
  4. Service consumers search the registry using various taxonomies for services that meet their needs.
  5. Discovered services are linked together to form Web Services applications.
  6. Applications can dynamically query the registry for service end points and other metadata.

1:18 PM | Comments (3) | Recommend This | Print This

Asterisk Users Group in Utah

There's a new Asterisk user's group forming Utah and their first meeting is tonight. If you're not familiar with Asterisk, it's an open source PBX that is extremely capable.

Update: The formatting bug in the hCalendar that Jon mentions has been fixed. The formatting kept the "download" link from appearing. I also changed the spelling. :-)

6:36 AM | Comments (2) | Recommend This | Print This

January 10, 2006

Most Popular Posts for Fourth Quarter

Here are the most popular articles from Technometria in the fourth quarter of 2005 and the percentage of all page views they accounted for:

Two of these, the one on starting a blog and the Ruby tutorial, were in August's most popular posts as well. As you'd expect all of these are fairly well placed on Google.

Browser statistics for Technometria for 4th quarter 2005
Browser statistics for Technometria for 4th quarter 2005
(click to enlarge)

Also, Internet Explorer continues to see a steady decline in market share, at least among readers of Technometria. As you can see in the graph to the right, IE garners 56% of the visits and Firefox has passed 30%. During the first few months of 2005, IE had 58% and Firefox was edging toward 28%. A 2% point gain may not be the end of the world, but the steady erosion is interesting.

8:32 PM | Comments (2) | Recommend This | Print This

IT Conversations Is Branching Out

My favorite podcast network, IT Conversations, is growing up and becoming The Conversations Network (TCN). IT Conversations will be one of, eventually, many channels in TCN. Doug Kaye discusses the logic behind this move and it's implications on his blog. Good luck to Doug on this new move--his efforts to build IT Conversations have changed how I get information and enriched my life. I'm grateful.

6:44 AM | Comments () | Recommend This | Print This

January 9, 2006

Felonious Acts on the Internet

I just posted a piece at Between the Lines that talks about a new federal law that make pseudonymous annoyances a felonious act. Good thing I don't blog under a pseudonym--I'm sure I annoy all of you from time to time.

4:13 PM | Comments () | Recommend This | Print This

January 6, 2006

SOA Governance and WS Lifecycles

SOA Governance Lifecycles
SOA Governance Links the Producer and Consumer Lifecycles
(click to enlarge)

I'm trying to put together some graphics for the SOA Governance article I'm working on. Once concept I like is the idea that governance links the producer and consumer lifecycles. I've tried to capture that idea (roughly) in the graphic at the right. I'd sorely appreciate comments on what's wrong with it and what I'm missing or might communicate more clearly another way.

One thing that confused me for a second was that I wanted to put "discover" as a "design time" activity, but that's really only "design time" from the producers standpoint. Consumers always discover in the producers "run time."

1:54 PM | Comments (6) | Recommend This | Print This

DarwinPorts is Hot

It seems like every semester something happens that causes me to do a systems scramble right before things get going. This year, we decided to move all our Web offerings in the ECLab onto our new XServe over Christmas break. It had to happen sometime and now's as good a time as any.

One of the things I needed to get on to the XServe (running OS X) was netpbm. I've never used DarwinPorts before, but a google of netpbm and OS led me to it. I have to say that it totally rocks. Usually installing netpbm on a new machine is a pain in the neck because of all the dependencies. The DarwinPorts executable just grabbed them all and made them before grabbing and making netpbm. Worked like a charm.

11:45 AM | Comments (2) | Recommend This | Print This

January 5, 2006

CIO Reporting Relationships

Found these interesting paragraphs in a story in CIO Magazine on their annual CIO survey:

There has been a corresponding change in your place on the org chart. Just over three-quarters of you now sit on the company's management committee. Your most prevalent reporting relationship is to the CEO. That's been true in all of our "State of the CIO" reports, but since 2002, in response to the cost-cutting fixation that gripped many companies and the fearful reaction to Sarbanes-Oxley, the percentage of CIOs reporting to the CEO had been going down while the percentage reporting to CFOs had been going up. This year, however, the percentage of CIOs reporting to the top boss rose from 40 percent to 42 percent, while those reporting to their CFOs dipped sharply from 30 percent to 23 percent.

The significance of this shift is both personal and professional and can be seen in the diverging circumstances of these two groups of CIOs. Of those CIOs who report to their CEOs, 91 percent sit on the company management committee, whereas only 61 percent of CIOs who report to their CFOs do so. The CFO reports say they struggle more with alignment and spend more time putting out fires than do the CEO reports. The CEO reports have much more money to spend (their average annual IT budget is $27.5 million versus $12.5 million for the CFO reports), and they take home more money as well ($196,800 in average annual compensation versus $180,700).
From Your Agenda 2006 Page 2 - Editorial - CIO
Referenced Thu Jan 05 2006 11:37:16 GMT-0700 (MST)

When budgets were tight, moving the CIO to a CFO reporting relationship must have seemed like a good idea because it made sure that reducing cost was the number one priority. It's no wonder, however, that this reduced business alignment. CFOs, as a rule, aren't particularly strategic--that's not their job.

I think the problem's even worse in those anachronistic situations where the CIO reports to some business line manager. How can you serve the business when only part of the business determines your budget and priorities? You can't.

11:37 AM | Comments () | Recommend This | Print This

Software for Starving Students

Jordy Gunderson alerted me to the 2006.01 release of Software for Starving Students or SSS. SSS is a collection of free and open source software all on one convenient CD ROM (actually, it's an ~500Mb image that you download using BitTorrent). The images come in versions for Windows and Mac.

I tried it out and it's well done and very convenient. Each package has a description of what it is, links to the Web site for the package, and an install button.

Getting it via BitTorrent is problematic at BYU because of port blocking. I had to grab it at home. It's freely copyable, though, so someone could make CDs from the image and hand them out or even mirror it on a BYU server for BYU students.

11:15 AM | Comments (2) | Recommend This | Print This

January 4, 2006

Vlogging in Utah

Phil Burns and his vlogging tool, Blastyx, are featured in a Salt Lake City Weekly editorial (of all places) on vlogs. Maybe CW is branching out into high tech. Applying their unique style of vicious mudslinging and blatant disregard for the truth to high tech reporting would certainly liven things up.

2:46 PM | Comments () | Recommend This | Print This

Modularity Rules

A number of my colleagues don't believe you can teach design, or at least that teaching design is hard to do. I not only disagree, but feel that if we're to help students prepare to be influential, we have to teach design. Good programmers are also good designers, many are good architects. But for the most part, they've picked that up as an implicit part of their education. Explicitly people taught them the nuts and bolts of programming.

Consequently, I'm always on the hunt for books that I think future CTOs and CIOs ought to read. I found a spectacular example over Christmas break: Design Rules, Vol. 1: The Power of Modularity by Carliss Y. Baldwin and Kim B. Clark. This book is a must read for anyone who is or aspires to be an architect, CTO, or CIO.

Baldwin and Clark were at Harvard Business School when this book was written (Clark is now President of BYU-Idaho). The book is a great mixture of design, business, and technology that, in my mind, strikes right at the center of what a CTO ought to be concerned with: how architecture, specifically modularity, affects the value of products. Some finance and business background is helpful, but not an absolute must--I'd use this book in an upper division CS class with no business prereqs, for example.

The book is about the power and value of modularity in general, but Baldwin and Clark use the computer industry as an example. Most of us are so used to modularity in the computer industry that we take it as a fore-ordained imperative, but Baldwin and Clark show how modularity was imperfectly understood and executed in early computer systems and how IBM, with the creation of the System/360 completely changed the computer industry forever.

In the early 60's IBM invested $20B in 1999 dollars to create System/360. That's right--they invested $20B before they ever sold anything in a scheme that was quite risky. They had to issue more stock to maintain a positive cash position during the development period. The investment paid off handsomely, earning IBM approximately $170B in 1999 dollars as a result.

My first reaction was "what company today would have the resources and guts to invest $20B in a new, speculative technology product line?" But as I read, I realized that's precisely the point: they don't have to. IBM's investment changed the nature of the industry so completely that modularization is the name of the game. Thousands of individual companies invest similar amounts in new ventures in aggregate, but no one company has to because of modularization. Not only is the investment spread out because of the architecture of computing systems, so is the risk.

Web 1.0 is a great example. Because of the architecture of the Internet and specifically HTTP, URLs, and HTML, thousands of companies tried their hands building modules to fit in that architecture. These experiments represented billions of dollars in investment. Some paid off and some didn't. Rather than one or two firms trying to guess what people want and then investing everything in an all or nothing project, the modular architecture more or less assured that a decentralized market could run thousands of experiments. The result is the Web we use today. It's modular architecture allows it to continue to evolve in a piecemeal fashion.

Design Rules does an excellent job of making this all explicit in ways and at levels that CS students seldom see. This book isn't a book on software architecture. This is a book that tells you the power of architecture when it's done right and quantitatively shows the value of modularity.

10:56 AM | Comments (1) | Recommend This | Print This

January 3, 2006

My First Web Server

Jeremy Zawodny's reminiscing about his first Web server and got me thinking about my first server.

In 1993, I left the University of Idaho's CS department to take a position at BYU. I was a formal methods researcher and at that time, the only way to run FM software was on big servers. So, I spent a summer at BYU waiting for my HP Workstations to show up. Kelly Hall had transfered to BYU from Idaho with me as a grad student. We were both bored.

Kelly came in one day talking to me about HTTP and something called Mosaic. Since we had nothing else to do, we grabbed a copy of the NCSA Web server and put it on some machine we had on loan--I don't even remember what it was, but probably something that ran HPUX. We wrote some shell script-based CGIs and quickly decided that Perl was the way to go.

A little while later, we started using Plexus a pure, Perl-based Web server. At the time, plugin architectures for Web servers were not really very mature, so if you wanted your Web server to do something else, you hacked it. Having a Web server based on Perl made that very easy (even though it was slow).

Since this was the first Web server at BYU, we decided to build pages for the CS department and even BYU itself (BYU, even mentions it in their history of computing at BYU). I got in trouble from Risk Management for posting maps of the building on the Web. Even in 1993, BYU's Risk Management group was worried about terrorists. :-) The most serious application we had for a long time was an online, searchable set of documentation for the HOL Theorem Prover. At the time, it was amazing to search 750 pages of reference material and get what you wanted.

The most famous thing on our server, however, was the LAL Cat Archive, a large number of cat pictures we'd been collecting for a few years--I named my machines after cats--still do. The archive was even listed in Newsweek Magazine after Room Twelve listed it on their top ten Web sites in 1996. At one point, I think the cat picture archive was eating up a substantial portion of BYU's bandwidth because they always complained about it.

I started using the Web to teach CS330, Concepts of Programming Languages in January 1994. Many of the notes we created then are still in use in the class today, although now they're on a Wiki. At that time, students didn't know what a Web browser was, so the first assignment was meant to introduce them to browsers and Web pages. It's hard to imagine how much things have changed.

7:28 PM | Comments (3) | Recommend This | Print This

Virtualization Testbed

Suppose you had a couple of quad processor boxes with 16Gb of RAM each attached to a 1Tb SAN and enough VMWare ESX licenses to do whatever you wanted on the platform. What would you do? We're wrapping up some initial VMWare performance studies on the boxes and I'm looking for ideas about what research projects to do with them next. I have a few ideas, but I'm curious if you have any.

3:14 PM | Comments (14) | Recommend This | Print This

SOA at Work

Ever wonder if anyone actually uses SOA of if maybe this is all a bunch of vendors looking for a problem to solve? Joe McKendrick has a list of ten companies using SOA right now to solve real problems. Good reading.

9:04 AM | Comments () | Recommend This | Print This

January 2, 2006

Weinberger on Wikipedia

Dave Weinberger expertly deals with the John Seigenthaler Sr./Wikipedia controversy and the media feeding frenzy around it. There's an interesting twist with anonimity, psuedonimity, and identity in the story. The mainstream press seems incapable of understanding the significant, yet subtle difference between anonimity and psuedonimity.

2:04 PM | Comments () | Recommend This | Print This

Blogging and Democracy

The Senate Site is a great example of how small inexpensive tools can provide huge wins for democracy. The Senate Site is a group blog sponsored by the majority leadership of the Utah Senate, but people who aren't senators or members of the majority party also write sometimes.

To see why I think this is a valuable tool, look at this post by Sen. Buttars on his proposed legislation to control how teachers talk about the origin of life. I think the bill is ridiculous, but I'll save that for later. What I'm more interested in here is that there is honest conversation happening about proposed legislation. Sen. Buttars may not like this particular feedback, but I hope that doesn't color the view of elected officials about how important this is. I think the Senate Site has become a very valuable asset in Utah's political discourse.

11:18 AM | Comments () | Recommend This | Print This

NSA Cookies Cause Holiday Stir

Seems that the NSA turned on persistent cookies in violation of a Federal rule that proscribes them unless there is a "compelling need." Of course there are a few people turning this into some kind of conspiracy or sign of gross incompetence. Of course, none of these people are concerned about the millions of other Web sites that use cookie. Bizzare.

Jeff Jarvis also comments on this story and how the media thinks they got some huge scoop here. Here's a white paper (PDF) that I wrote when I was Utah CIO about cookies and privacy. We were having our own little debates with people (on my staff) telling the media they were "programs" and other silly ideas. I wrote the white paper to try and explain what cookies are and how they relate to privacy.

11:08 AM | Comments (1) | Recommend This | Print This