Thank You IBM!
Posted on 2004-08-03T23:35:28:00-07
I just wanted to say thanks to IBM for Open Sourcing Cloudscape .
You guys really have your act together. Keep up the good work!
Permalink
|
Comments
( 0 )
|
Printlink
LinuxWorld, IDs, and Privacy
Posted on 2004-08-03T17:05:54:00-07
Today Jonathan Moore and I headed over to LinuxWorld after lunch to see what
kind of cool hardware and Linux hacks they had on the expo floor.
Only $15 to get in the door so I figure why not.
I'm a bit of a privacy freak. When you're trading some security for liberty
there are situations where it might be worth it. In situations of extreme
violence having the police by your side might be a good idea.
I think we can all agree that trading liberty for nothing isn't worth it.
This country was *founded* on liberty after the British were abusing their
colonial powers. Every true American should cherish their liberty and think
long and hard about just turning them over for no reason.
That said, I decided I didn't want to give LinuxWorld my ID when I just wanted
to walk around the show room floor.
I just wanted to walk in, give them cash, get a badge, and explore the show
room.
Not so fast. They won't let me on the show room floor without ID.
When I asked why they mentioned it was for "security reasons." How in the world
could it be for security reasons? Its not like they're doing a background check
on all registrations. All of the 911 terrorists had valid IDs!
Their real agenda is to build a database so that they can spam members and sell
the database of LinuxWorld users to other companies.
This country is turning into a police state. More and more places are starting
to require that I hand over my bags or submit to a search upon leaving the
premise.
CompUSA on the corner of Market and 3rd on SF requires that everyone submit to a
bag search upon leaving the building. Of course I tell them I'm not going to
submit to an unconstitutional bag search and they point to the EULA I agreed to
when I walk in the building which essentially says:
"By entering CompUSA you agree to have your bad searched when leaving."
... or words to that effect.
I'm not a terrorist. I'm not a criminal! I refuse to be treated like one when
I'm trying to patronize your store!
LinuxWorld is a perfect example. I'm in a position to recommend hardware to a
number of companies. These contracts usually are greater than $20k. I was
specifically going to talk to IBM about some of their 1U rack mount servers
(thinking about migrating away from Dell).
Obviously thats not going to happen now.
Permalink
|
Comments
( 3 )
|
Printlink
My Blog as a Time Machine
Posted on 2004-08-01T19:05:47:00-07
I'm starting to realize that my blog is a bit of a time machine. For example I
can create a blog entry to warn myself about something that WILL happen in the
future.
My current NTP blog entry is a good example. I wrote this for myself as
much as for the people who read my blog (or find me via Google).
I know for sure that NTP on Debian is going to bite me sometime in the future
and I'm going to forget WHY. Then I'm going to (of course) go to Google or my
aggregator and search for NTP and then find my blog post.
I've done this about a dozen times now and its saved me a TON of time!
Permalink
|
Comments
( 1 )
|
Printlink
NTP in Debian
Posted on 2004-08-01T18:54:05:00-07
The Network Time Daemon (NTP Daemon) implementation within Debian leaves a
lot to be desired.
First off they don't include it with a working config. You have to create your
own /etc/ntpd.conf. To make matters worse the configuration doesn't accept DNS
names so you have to manually enter IPs. Fun. I can understand that they might
not want to provide ONE configuration and overwhelm one or two NTP servers but
they can provide a dynamic config that balances load among all available
servers. There is of course the public serves list but you have to Google
for it.
All you really need to do here is enter a list of servers:
server time.nist.gov
server 192.43.244.18
Note that it will complain that time.nist.gov is invalid. I added this in the
hope that they will start providing DNS name support.
As of Debian testing the command 'ntptimeset' has been removed and I believe
replaced with just a standard 'ntpd'. In order to have it reload your time once
you update the configuration file you just restart the daemon.
The package naming is also a bit confusing. Most systems should just install
'ntp-simple'.
Don't get me wrong. I love Debian. If anything this is constructive criticism.
I just expect more from my distribution.
Permalink
|
Comments
( 1 )
|
Printlink
Loosing the War on Terrorism
Posted on 2004-07-28T15:49:35:00-07
Sven Jaschan, self-confessed author of the Netsky and Sasser viruses, is
responsible for 70 percent of virus infections in 2004, according to a six-month
virus roundup published Wednesday by antivirus company Sophos.
The 18-year-old Jaschan was taken into custody in Germany in May by police who
said he had admitted programming both the Netsky and Sasser worms, something
experts at Microsoft confirmed. (A Microsoft antivirus reward program led to the
teenager's arrest.) During the five months preceding Jaschan's capture, there
were at least 25 variants of Netsky and one of the port-scanning network worm
Sasser.
Graham Cluley, senior technology consultant at Sophos, said it was staggering
that one person could be responsible for so many infections. Richard Starnes,
president of security industry group ISSA UK, was also impressed: "Is he going
to put this on his CV?" he asked.
... and this is why we can't win the war on terrorism.
This isn't as much a criticism of the Bush administration as it is pessimism for
the future of humanity.
When this much power is in the hands of one individual, and its distributed, we
have a problem.
The Unabomber Manifesto goes into this in depth (the man might be insane but
he has a point). Can we as a society move forward with our technological
progress without destroying the planet?
I don't know but I sure hope so.
Permalink
|
Comments
( 0 )
|
Printlink
Pretty Log4J
Posted on 2004-07-26T20:57:43:00-07
I've been a big fan of Log4J for a while now but haven't migrated any code
over for one central reason. The following line of code:
final static Logger logger = Logger.getLogger( "some.name" );
... is amazingly ugly and difficult to work with.
Most people use Log4J with a logger based on the classname:
So we would probably see:
static Logger logger = Logger.getLogger( "org.apache.commons.feedparser.locate.FeedLocator" );
Which is amazingly verbose. A lot of developers shorten this to:
static Logger logger = Logger.getLogger( FeedLocator.class );
But this still leaves us with cut and paste errors.
What if we could just reduce it to:
static Logger logger = Logger.getLogger();
Impossibe you say! We wouldn't have the classname so we can't use any filters!
Wrong... The java.lang.Exception stacktrace can provide us with the hint we
need. The method body would be simple:
Exception e = new Exception();
String category = e.getStackTrace()[1].getClassName();
return Logger.getLogger( category );
Now of course the Exception class could be a bottleneck but the key point here
is that this only gets called once per class in the system. Even if ALL your
code was using a Logger your system would still bootup in less than a second.
For the added flexibility and reduction in code verbosity and management I think
its worth it.
Permalink
|
Comments
( 3 )
|
Printlink
Saudis: Bin Laden associate surrenders
Posted on 2004-07-14T03:06:41:00-07
(CNN) -- A longtime associate of al Qaeda leader Osama bin Laden surrendered to
Saudi Arabian officials Tuesday, a Saudi Interior Ministry official said.
But it is unclear what role, if any, Khaled al-Harbi may have had in any terror
attacks because no public charges have been filed against him.
The Saudi government -- in a statement released by its embassy in Washington --
called al-Harbi's surrender "the latest direct result" of its limited, one-month
offer of leniency to terror suspects.
This is great! I hope this really starts to pay off. Creative solutions to
terrorism that don't involve violence.
How refreshing!
Are you paying attention Bush administration?
http://www.cnn.com/2004/WORLD/meast/07/13/binladen.aide/
Permalink
|
Comments
( 3 )
|
Printlink
FOAFKey: FOAF, PGP, Key Distribution, and Bloom Filters
Posted on 2004-07-03T22:24:56:00-07
FOAF/LOAF and bloom filters have a lot of interesting properties for social
network and whitelist distribution.
I think we can go one level higher though and include GPG/OpenPGP key
fingerpring distribution in the FOAF file for simple web-of-trust based key
distribution.
What if we used FOAF and included the PGP key fingerprint(s) for identities?
This could mean a lot. You include the PGP key fingerprints within the FOAF
file of your direct friends and then include a bloom filter of the PGP key
fingerprints of your entire whitelist (the source FOAF file would of course need
to be encrypted ).
Your whitelist would be populated from the social network as your client
discovered new identities and keys and would be distributed in your bloom filter
included in your FOAF. You could create direct friends and then a graph of
trust relationships directly outside to 2 degrees of transitivity stored in the
bloom.
This would essentially enable transparennt key distribution with a low
probability of a MITM attack and without any central PKI infrastructure (bye bye
Verisign!).
Now imagine your applications have transparent support for using your FOAFKey
store. You're at ETech and your ZeroConf install noticed an advertised FOAFKey
files on the network. You fetch the FOAFKey file because its advertised as
being on your whitelist. This allows you to automatically discover new keys and
extend your whitelist. Since FOAF files are available via URLs you can
periodically aggregate them and import them into your social network. You can
of course do the same within with BlueFOAF if it were extended to support this.
You now have a SPAM-free whitelist, social networking capabilities, full
encryption and key distribution capabilities without any MITM attacks (or at
least a low probability that even Ashcroft could break in if done correctly).
All of this could be bootstrapped off a few manual key verifications.
This could go a LONG way to yielding secure key distribution and totally
pervasive crypto and secure communications channels everywhere. The real reason
PGP didn't take off was because it wasn't easy. FOAF and social networking
could be both easy and FUN! Imagine IM and chat programs having support for
this. If this were an OS level feature or an OSS stdlib then applications like
Mozilla, Evolution, GAIM, etc could add support and incorporate security and
social networking capabilities.
SUPPLEMENTAL: // created on 2004-07-05T11:43:25:00-07
Just wanted to clarify a few things.
The PGP public key itself isn't included in the foaf just your fingerprint and
those of your friends. The real key is fetched from a public key server.
SUPPLEMENTAL: // created on 2004-07-06T18:19:24:00-07
NOTE: I wanted to fact check this post to see if there is prior art out there
but I don't think it is. Excuse my laziness but I have the flu right now :)
Permalink
|
Comments
( 2 )
|
Printlink
Mozilla Exceptions (mexception)
Posted on 2004-07-04T20:30:46:00-07
For some reason I never released this code.
I developed it while working on NewsMonster and just forgot I think
It's an extension for Mozilla that allows you to see all runtime exceptions
(with full stack traces) that are unhandled by Mozilla.
Just install it and if your code generates an unhandled exception it will show
up in the logs and on the console.
Very handy for doing any hardcore Mozilla development.
http://peerfear.org/download/mexception.tar.gz
http://peerfear.org/download/mexception.xpi
Permalink
|
Comments
( 0 )
|
Printlink
Ron Regan Jr is My Kinda Guy
Posted on 2004-06-28T23:13:08:00-07
Now that the country is awash in Reagan nostalgia, some observers are predicting
that you will enter politics. Would you like to be president of the United
States?
I would be unelectable. I'm an atheist. As we all know, that is something
people won't accept.
What would you do if Senator Kerry asked you to be his vice president?
I would question his sanity.
Do you ever go to church?
No. I visit my wife's sangha.
So you sometimes practice Buddhism?
I don't claim anything. But my sympathies would be in that direction. I admire
the fact that the central core of Buddhist teaching involves mindfulness and
loving kindness and compassion.
So lets get this straight. He's an athiest who's sympathetic to Buddhism, hates
Bush, is frustrated with politics, and thinks Dick Cheney's isn't a "mindful
human being" (which is a very Zen way of saying he's a jerk).
I like this guy! He's my kinda Regan!
Permalink
|
Comments
( 3 )
|
Printlink
Al Qaeda member surrenders
Posted on 2004-06-28T14:13:25:00-07
RIYADH, Saudi Arabia (CNN) -- One of Saudi Arabia's most wanted militants has
turned himself into the authorities, the first senior suspect to surrender under
a one-month government amnesty announced last week.
Othman Al-Omari, number 19 on Saudi Arabia's most wanted list of 26, accepted
King Fahd's offer of amnesty, which was made last week, according to Saudi
sources Monday.
Al-Omari, who turned himself in on Sunday night, was a business partner of
Shaban Al Shihri -- the first al Qaeda member to accept the offer when he turned
himself in Friday.
http://www.cnn.com/2004/WORLD/meast/06/28/saudi.omari/
When I first saw this I was really upset. I thought that it would certainly
lead to more violence if they just let terrorists off the hook.
Now thinking about it some more maybe this is a brilliant idea!
First off it's a creative solution to the problem of terrorism. I don't
subscribe to the theory that more violence is the solution to violence (IE the
Bush Doctrine).
All you have to do is get a few terrorists to surrender (and have them
cooperate) to take down the rest and learn a LOT about your enemy.
Torture obviously doesn't work and in this situation. You can torture a prisoner
all you want and he won't give you the information you want.
Time will tell if this strategy works. Once you know the identity of a
terrorist you could essentially have him under house arrest for the rest of his
life.
Permalink
|
Comments
( 1 )
|
Printlink
Mission Accomplished!
Posted on 2004-06-28T08:54:39:00-07
BAGHDAD, Iraq (CNN) -- Members of Iraq's interim government took an oath of
office Monday just hours after the United States returned the nation's
sovereignty, two days ahead of schedule.
Led by Iraq's interim Prime Minister Ayad Allawi, each member of the new
government placed a hand on the Koran and promised to serve with sincerity and
impartiality. Iraqi flags lined the wall behind them.
Iraq! Now with 100% less Coalition Provisional Authority! Act now and get a
free Weapon of Mass Destruction (offer only available in Syria, Jordan, Saudi
Arabia, Pakistan, Syria and Iran).
Also check out our new Puppet Government! Keeps the kids occupied for hours!
http://www.cnn.com/2004/WORLD/meast/06/28/iraq.handover/
Permalink
|
Comments
( 0 )
|
Printlink
Java3D - Half Right
Posted on 2004-06-27T16:09:33:00-07
SUN has announced that Java3D will be released in a different manner than any
other SUN project in existence.
We announce the availability of the source code for the Java 3D API on
java.net. We are involving developers in the evolution of the Java 3D API.
Come join the Java 3D projects on java.net, and download the source code for
the core Java 3D API, vecmath, the Java 3D core utilities, and the Java 3D
program examples.
The key thing here is that they have provided the core utils under a BSD license
and even have the CVS available .
Good job SUN! You're headed in the right direction!
Here's the only problem:
We are releasing the source code for the j3d-core and vecmath projects under
separate research and commercial license. The research license is the Java
Research License (JRL). The commercial license is the Java Distribution
License (JDL), a no-fee license that allows a vendor to ship a compatible
version of Java 3D with or without modification.
The majority of the code is still proprietary and under a non OSI-approved
license .
Specifically the following clauses:
A. License Grant. Subject to the conditions contained herein, Sun grants to
You a non-exclusive, non-transferable, worldwide, and royalty-free license to
do the following for Your Research Use only
and
B. Residual Rights. You may use any information in intangible form that you
remember after accessing the Technology, except when such use violates Sun's
copyrights or patent rights.
... which is a bit confusing. How am I supposed to know everything that SUN has
every copyrighted or patented.
I think I'll keep this as source under glass for right now and won't be
contributing to Java3D a all.
Permalink
|
Comments
( 0 )
|
Printlink
Reverse Psychology
Posted on 2004-06-26T14:44:54:00-07
I really hope SUN doesn't Open Source Java at JavaOne this year. It would be a
terrible decision and seriously hurt the tech industry. Also, it would hurt SUN
and I'm sure their responsible enough to realize this.
(Lets hope that works!)
Permalink
|
Comments
( 1 )
|
Printlink
Kerry's Disgusting Ad
Posted on 2004-06-26T12:21:43:00-07
A few days ago Kerry sent around this ad:
Yesterday, the Bush-Cheney campaign, losing any last sense of decency, placed
a disgusting ad called "The Faces of John Kerry's Democratic Party" as the
main feature on its website. Bizarrely, and without explanation, the ad places
Adolf Hitler among those faces.
The Bush-Cheney campaign must pull this ad off of its website. The use of
Adolf Hitler by any campaign, politician or party is simply wrong.
Which of course is a mistake. I went and downloaded the video (which is just
stupid btw. Not a masterpiece by any means.) and there are shots of Hitler in
there, but only from the MoveOn contest from a few months back.
Here's the problem. The Kerry campaign just screwed up with their criticism of
the Bush administration.
The real criticism is that the Bush administration is still using this
pathetic excuse for a controversy. This video was uploaded to MoveOn for a few
hours during an *open* contest with the public. They removed it soon after.
The real problem with the video is that they take sections of speeches made by
leading Democrats when they are clearly angry (they have the right to be) and
splice them together to make us sound like raging lunatics.
They even go so low as to include Dean. I'm sorry but aren't you running
against Kerry? This might be a better use of your time.
... and of course we have people that pick up on this mistake and run with
it:
I'm not sure whether this is malice or incompetence on the part of the Kerry
Campaign -- and I suspect the answer is incompetence -- but it doesn't bode well
for them either way.
I don't like it either. It would be nice if Kerry were to issue an correction
and change their criticisim to the use of this MoveOn video since its not an
official entry and MoveOn appologized for it.
Permalink
|
Comments
( 0 )
|
Printlink
What would Baby Jesus Think?
Posted on 2004-06-25T15:31:01:00-07
"On Tuesday, Cheney, serving in his role as president of the Senate, appeared in
the chamber for a photo session. A chance meeting with Sen. Patrick J. Leahy
(Vt.), the ranking Democrat on the Judiciary Committee, became an argument about
Cheney's ties to Halliburton Co., an international energy services corporation,
and President Bush's judicial nominees. The exchange ended when Cheney offered
some crass advice.
'Fuck yourself,' said the man who is a heartbeat from the presidency."
Wonder what the moral majority has to say about this?
It isn't profanity! Its a freedom praise!
http://www.washingtonpost.com/wp-dyn/articles/A3699-2004Jun24.html
Permalink
|
Comments
( 0 )
|
Printlink
Americans and Freedom
Posted on 2004-06-24T16:10:25:00-07
When we Americans first began, our biggest danger was clearly in view: we knew
from the bitter experience with King George III that the most serious threat to
democracy is usually the accumulation of too much power in the hands of an
Executive, whether he be a King or a president. Our ingrained American distrust
of concentrated power has very little to do with the character or persona of the
individual who wields that power. It is the power itself that must be
constrained, checked, dispersed and carefully balanced, in order to ensure the
survival of freedom. In addition, our founders taught us that public fear is the
most dangerous enemy of democracy because under the right circumstances it can
trigger the temptation of those who govern themselves to surrender that power to
someone who promises strength and offers safety, security and freedom from fear.
It is an extraordinary blessing to live in a nation so carefully designed to
protect individual liberty and safeguard self-governance and free
communication. But if George Washington could see the current state of his
generation's handiwork and assess the quality of our generation's stewardship at
the beginning of this twenty-first century, what do you suppose he would think
about the proposition that our current president claims the unilateral right to
arrest and imprison American citizens indefinitely without giving them the right
to see a lawyer or inform their families of their whereabouts, and without the
necessity of even charging them with any crime. All that is necessary, according
to our new president is that he - the president - label any citizen an "unlawful
enemy combatant," and that will be sufficient to justify taking away that
citizen's liberty - even for the rest of his life, if the president so
chooses. And there is no appeal.
What would Thomas Jefferson think of the curious and discredited argument from
our Justice Department that the president may authorize what plainly amounts to
the torture of prisoners - and that any law or treaty, which attempts to
constrain his treatment of prisoners in time of war is itself a violation of the
constitution our founders put together.
What would Benjamin Franklin think of President Bush's assertion that he has the
inherent power - even without a declaration of war by the Congress - to launch
an invasion of any nation on Earth, at any time he chooses, for any reason he
wishes, even if that nation poses no imminent threat to the United States.
I want my country back! I can't wait until November.
http://drudgereport.com/gore.htm
Permalink
|
Comments
( 1 )
|
Printlink
Why Windows isn't Unix
Posted on 2004-06-18T17:48:19:00-07
I first heard about this from one of the developers of the hit game SimCity, who
told me that there was a critical bug in his application: it used memory right
after freeing it, a major no-no that happened to work OK on DOS but would not
work under Windows where memory that is freed is likely to be snatched up by
another running application right away. The testers on the Windows team were
going through various popular applications, testing them to make sure they
worked OK, but SimCity kept crashing. They reported this to the Windows
developers, who disassembled SimCity, stepped through it in a debugger, found
the bug, and added special code that checked if SimCity was running, and if it
did, ran the memory allocator in a special mode in which you could still use
memory after freeing it.
... and by Unix I mean mission critical, rock solid, fast, clean, flexible, etc.
Granted this is a GREAT idea for the desktop but sooner or later it falls down.
Sooner or later the chasm between Linux and Windows in terms of quality is just
going to be so great that the market switches to Linux overnight.
All bets are off to what that date is though. I always seem to be right on
these issues just that I'm years too soon.
My bet is by 2006 Linux will have 10% of the desktop market. By 2008 it will
ahve 15% of the market. Apple will have about 15% of the market with OSX and
Windows with the remaining 70%.
There ... it's public. Let's see what happens in 2008.
http://www.joelonsoftware.com/articles/APIWar.html
Permalink
|
Comments
( 3 )
|
Printlink
Microsoft, IE and Bloat
Posted on 2004-06-17T16:11:40:00-07
Zawodny threads off of Scoble on the IE issue:
I have to say, when I first read that I nearly fell off my chair laughing. I was
thinking "how stupid ARE these IE guys?!?!?!" But we all know that Microsoft is
full of smart people who care about what they're doing. So something really
doesn't compute here.
Last time I checked, IE wasn't even close to feature parity with Mozilla's
browsers. No popup blocking, no tabbed browsing, etc.
Does the IE team really not know what their product is missing?
Perhaps. It's highly likely that they just don't know.
The bigger issue here is that Microsoft products can't fail and they can't
succeed. Microsoft has 40-50 billion in the bank. There's no incentive to
build a kickass product. The IE team can wait 2-3 years for IE 7.0, put it into
Longhorn, and still make their 6 figure salaries and watch their options vest.
This is a recipe for failure.
Microsoft continually fails to find the "next big thing" and when they do
finally come around they end up building an inferior product. The only way they
ever succeed in the market is by using their monopoly position to give them an
edge.
Right now IE has a lot of momentum just because it isn't BAD enough for people
to move away. The disparity between FireFox/Mozilla is starting to grow and
sooner or later one vendor (Dell, HP, Compaq?) is going to distribute FireFox
instead of IE with new machines.
The sky will fall and maybe the IE team will be fired. One can only hope. They
certainly deserve it for letting IE 6.0 decompose for so long without an update.
How long before Mozilla is bundled to run directly emulate the MSHTML control?
Sounds like we're making progress here:
http://www.iol.ie/~locka/mozilla/mozilla.htm
Here is a screenshot of IE hosting the Mozilla gecko control.
Internet Explorer viewing a page with the Mozilla Gecko control
If you can't view the above image it's because you're on a version of Internet
Explorer that doesn't support PNGs. How ironic! Time to upgrade to FireFox
!
SUPPLEMENTAL: // created on 2004-06-17T16:29:43:00-07
Credit goes to Brad Neuberg for pointing out the IE COM gecko control and
taking the screenshot.
SUPPLEMENTAL: // created on 2004-06-17T16:41:53:00-07
Another note. I didn't mention that the above Mozilla hosted within IE is
running a XUL application called Mozilla Amazon Browser (MAB) which is a
Mozilla-specific application.
... running in IE. Awesome!
Permalink
|
Comments
( 7 )
|
Printlink
Atom Link Model
Posted on 2004-06-17T12:12:18:00-07
Article from Mark Pilgrim about the Atom link mechanism:
Atom is an emerging XML vocabulary and protocol for syndication and
editing. Atom has a coherent linking model to express a number of different
types of links. Atom borrows heavily from the <link> element in HTML, although
they are not identical.
Which I might add seems very similar to my RSS 1.0 mod_link proposal:
http://xml.com/pub/a/2004/06/16/dive.html
The mod_link module supports the syndication of site link information along
with RSS 1.0 XML feeds. The W3C HTML link mechanism provides the original
inspiration for this module. (July 22, 2002)
http://purl.org/rss/1.0/modules/link/
Abstract linking is a very important property for RSS
The mod_link spec wasn't adopted within RSS 1.0 due to a number of reason the
most important being that we were right in the middle of the RSS 1.0/2.0 wars
and attention was focused elsewhere. For a time it was adopted by Blogger's RSS
1.0 feeds thanks to Steve Jenson .
Just wanted to point that out. When I released the RSS 1.0 link module it was
somewhat controversal. I guess I was right considering it was eventually
adopted by Atom.
Good times! Good times!
Permalink
|
Comments
( 6 )
|
Printlink
|