Details
Kingsley Uyi Idehen
Lexington, United States
Subscribe
Post Categories
Subscribe
Recent Articles
Display Settings
|
Driving Lanes on the Web based Information Super Highway
Post absorption of Web 3G commentary emanating from the Talis
blog space. Ian Davis appears to be expending energy on
the definition of, and timeframes for, the next Web Frontier (which
is actually here btw) :-)
Daniel Lewis also penned an interesting post in response to Ian's, that
actually triggered this post.
I think definition time has long expired re. the Web's many
interaction dimensions, evolutionary stages,
and versions.
On my watch it's simply demo / dog-food time. Or as Dan Brickley states:
Just Show It.
Below, I've created a tabulated view of the various lanes on the
Web's Information Super Highway. Of course, this is
a Linked Data demo should you be interested in the universe of data
exposed via the links embedded in this post :-)
The Web's Information Super Highway
Lanes
|
|
|
|
|
1.0
|
2.0
|
3.0
|
Desire
|
Information Creation & Retrieval
|
Information Creation, Retrieval, and Extraction
|
Distillation of Data from Information
|
Meme
|
Information Linkage (Hypertext)
|
Information Mashing (Mash-ups)
|
Linked Data Meshing (Hyperdata)
|
Enabling Protocol
|
HTTP
|
HTTP
|
HTTP
|
Markup
|
HTML
|
(X)HTML& various XML
based formats (RSS, ATOM, others)
|
Turtle, N3, RDF/XML, others
|
Basic Data Unit |
Resource (Data Object) of type "Document"
|
Resource (Data Object) of type "Document"
|
Resource (Data Object) that may be one of a
variety of Types: Person, Place, Event, Music etc.
|
Basic Data Unit Identity
|
Resource URL (Web Data Object Address)
|
Resource URL (Web Data Object Address)
|
Unique Identifier (URI) that is indepenent of actual Resource
(Web Data Object) Address.
Note: An Identifier by itself has no utility beyond
Identifying a place around which actual data may be clustered.
|
Query or Search
|
Full Text Search patterns
|
Full Text Search patterns
|
Structured Querying via SPARQL
|
Deployment
|
Web Server (Document Server)
|
Web Server + Web Services Deployment modules
|
Web Server + Linked Data Deployment modules (Data
Server)
|
Auto-discovery
|
<link rel="alternate"..>
|
<link rel="alternate"..>
|
<link rel="alternate" | "meta"..>, basic
and/or transparent content negotiation
|
Target User |
Humans
|
Humans & Text extraction and manipulation
oriented agents (Scrappers)
|
Agents with varying degrees of data processing
intelligence and capacity
|
Serendipitous Discovery Quotient (SDQ) |
Low |
Low |
High |
Pain
|
Information Opacity
|
Information Silos
|
Data Graph Navigability (Quality)
|
03/04/2008 23:16 GMT-0500 |
Modified: 03/04/2008 18:17
GMT-0500 |
More Ajax Security
The Recent security Ajax security alert have attracted comments
from:
Shelley Powers via her
post titled: More Ajax
Security and many others.
In anticipation of the obvious concerns of many Javascript based
developers, Ondrej
Zara (lead developer of the OpenLink Ajax Toolkit) has written
a post titled:
OAT and JS Hijacking, that explains the security aspects our
Javascript Toolkit in relation to this alert
04/04/2007 12:16 GMT-0500 |
Modified: 04/04/2007 19:49
GMT-0500 |
The Future Of The Internet
The
Future Of The Internet: "
While the framework of governance continues to evolve
there is a widespread belief that along with the growth of the
internet, more and more problems such as spam, viruses and 'denial
of service' attacks that can cripple large websites shall begin to
be felt. It seems reasonable to assume that the number of devices
on the network will continue to multiply in new and unforeseen
ways. So researchers are starting from the assumption that
communications chips and sensors will eventually be embedded in
almost everything, from furniture to cereal boxes - 'hundreds of
billions of such devices'. While today's internet traffic is
generally initiated by humans- as they send e-mails, click on web
links, or download music tracks- in future, the vast majority of
traffic may be 'machine to machine' communications: things flirting
with other things – all ready to be connected wirelessly, and will
move around.
The Economist has a related article titled Reinventing the Internet. Asking the question
if a can a ‘clean slate’ redesign of the internet can ever be
implemented.
Few solutions float around:
- One is ‘trust-modulated transparency’. The network's
traffic-routing infrastructure shall judge the trustworthiness of
packets of data as they pass by and deliver only those deemed
trustworthy & dubious packets might be shunted aside for
screening. The whole system would be based on a ‘web of
trust’, in which traffic flows freely between devices that trust
each other, but is closely scrutinized between those that do
not.
- Another idea is a new approach to addressing, called
‘internet indirection infrastructure’ - It would overlay an
additional addressing system on top of the internet-protocol
numbers now used to identify devices on the internet. This
would make it easier to support mobile devices, and would also
allow for ‘multicasting’ of data to many devices at once, enabling
the efficient distribution of audio, video and software.
With Activenets or metanets, devices at the edge of the
network could then dynamically reprogram all the routers along the
network path between them to use whatever new protocol they
wanted.
While the research is still on there some hopes of making some
progress on the technical front – but It may well transpire that
the greatest impediment to upgrading the internet will turn out to
be political disagreements like this , this, over how it should work, rather than the
technical difficulty of bringing it about.The OECD hosted
a workshop titled The Future of the Internet in Paris on 8 March
2006. Some of the presentations look good and a few of them make
a compelling reading.
Category : Internet, Emerging Technologies, Emerging Trends"
(Via Sadagopan's weblog on
Emerging Technologies,Thoughts, Ideas,Trends and
Cyberworld.)
InternetEmerging TechnologiesEmerging Trends
03/29/2006 18:26 GMT-0500 |
Modified: 06/22/2006 08:56
GMT-0500 |
Solutions to allow XMLHttpRequest to talk to external services
Solutions
to allow XMLHttpRequest to talk to external services: "
Over on XML.com they published
Fixing AJAX: XmlHttpRequest Considered Harmful.
This article discusses a few ways to get around the security
constraints that we have to live with in the browsers theses days,
in particular, only being able to talk to your domain via XHR.
The article walks you through three potential solutions:
-
Application proxies. Write an application in
your favorite programming language that sits on your server,
responds to
XMLHttpRequest s from users, makes the web
service call, and sends the data back to users.
-
Apache proxy. Adjust your Apache web server
configuration so that
XMLHttpRequest s can be invisibly
re-routed from your server to the target web service domain.
-
Script tag hack with application proxy
(doesn't use
XMLHttpRequest at all). Use the HTML
script tag to make a request to an application proxy
(see #1 above) that returns your data wrapped in JavaScript. This
approach is also known as On-Demand
JavaScript.
I can't wait for Trusted Relationships within the
browser - server infrastructure.
With respect to Apache proxies, these things are priceless. I
recently talked about them in relation to Migrating data
centers with zero downtime.
What do you guys think about this general issue? Have you come
up with any interesting solutions? Any ideas on how we can keep
security, yet give us the freedom that we want?
(Via Ajaxian Blog.)
Well here is what I think (actually know):
Our Virtuoso Universal
Server has been sitting waiting to deliver this for years (for
the record see the Virtuoso 2000 Press
Release). Virtuoso can proxy for disparate data sources and
expose disparate data as Well-Formed XML using an array of
vocabularies (you experience this SQL-XML integration on the fly
every time you interact with various elements of my public blog).
Virtuoso has always been able to expose Application Logic as
SOAP and/or RESTful/RESTian style XML Web Services. This
blog's search page is a simple demo of this capability.
Virtuoso is basically a Junction Box / Aggregator / Proxy for
disparate Data, Applications, Services, and BPEL compliant business
processes. AJAX clients talk to this single multi-purpose server
which basically acts as a conduit to content/data, services, and
processes (which are composite services).
BTW - there is a lot more, but for now, thou shall have to seek
in order to find :-)
11/11/2005 21:01 GMT-0500 |
Modified: 07/21/2006 07:23
GMT-0500 |
Gates, Jobs, & the Zen aesthetic
Another great post that I have deliberately captured in full due
to the semantic value of its links as part of my ongoing
contribution to the broader self-annotating effort taking place
across the web. See theLinkblog,
Summary,
and Archive
(new addition) aspects of this "point of presence" :-)
Gates, Jobs, & the Zen aesthetic: "
As a follow up to
yesterday's post on Bill Gates' presentation style, I thought it
would be useful to examine briefly the two contrasting visual
approaches employed by Gates and Jobs in their presentations while
keeping key aesthetic concepts found in Zen in mind. I believe we
can use many of the concepts in Zen and Zen aesthetics to help us
compare their presentation visuals as well as help us improve our
own visuals. My point in comparing Jobs and Gates is not to poke
fun but to learn.
Simplicity
A key tenet of the Zen aesthetic is kanso or simplicity.
In the kanso concept beauty, grace, and visual elegance
are achieved by elimination and omission. Says artist, designer and
architect, Dr.
Koichi Kawana, 'Simplicity means the achievement of maximum
effect with minimum means.' When you examine your visuals, then,
can you say that you are getting the maximum impact with a minimum
of graphic elements, for example? When you take a look at Jobs'
slides and Gates' slides, how do they compare for
kanso?
'Simplicity means the
achievement of maximum effect with minimum
means.'
— Dr. Koichi Kawana
Naturalness
The aesthetic concept of naturalness or shizen 'prohibits
the use of elaborate designs and over refinement' according to
Kawana. Restraint, then, is a beautiful thing. Talented jazz
musicians, for example, know never to overplay but instead to be
forever mindful of the other musicians and find their own space
within the music and within the moment they are sharing. Graphic
designers show restraint by including only what is necessary to
communicate the particular message for the particular audience.
Restraint is hard. Complication and elaboration are easy...and are
common.
The suggestive mode of expression is a key Zen aesthetic. Dr.
Kawana, commenting on the design of traditional Japanese gardens
says:
'The designer must adhere
to the concept of miegakure since Japanese believe that in
expressing the whole the interest of the viewer is
lost.'
— Dr. Koichi Kawana
In the world of PowerPoint presentations, then, you do not
always need to visually spell everything out. You do not need to
(nor can you) pound every detail into the head of each member of
your audience either visually or verbally. Instead, the combination
of your words, along with the visual images you project, should
motivate the viewer and arouse his imagination helping him to
empathize with your idea and visualize your idea far beyond what is
visible in the ephemeral PowerPoint slide before him. The Zen
aesthetic values include (but are not limited to):
- Simplicity
- Subtlety
- Elegance
- Suggestive rather than the descriptive or obvious
- Naturalness (i.e., nothing artificial or forced),
- Empty space (or negative space)
- Stillness, Tranquility
- Eliminating the non-essential
Gates and Jobs: lessons in contrasts
Take a look at some of the typical visuals used by Steve Jobs and
those used by Bill Gates. As you look at them and compare them, try
doing so while being mindful of the key concepts behind the
traditional Zen aesthetic.
Above. Does it get more 'Zen' than this?
'Visual-Zen Master,' Steve Jobs, allows the screen to fade
completely empty at appropriate, short moments while he tells his
story. In a great jazz performance much of the real power of the
music comes from the spaces in between the notes. The silence gives
more substance and meaning to the notes. A blank screen from time
to time also makes images stronger when they do appear.
Also, it takes a confident person to design for the placement of
empty slides. This is truly
'going naked' visually. For most presenters a crowded slide is
a crutch, or at least a security blanket. The thought of allowing
the screen to become completely empty is scaring. Now all eyes are
on you.
Above. Gates here explaining the Live strategy.
A lot of images and a lot of text. Usually Mr. Gates' slides have
titles rather than more effective short declarative statements
(this slide has neither). Good graphic design guides the viewer and
has a clear hierarchy or order so that she knows where to look
first, second, and so on. What is the communication priority of
this visual? It must be the circle of clip art, but that does not
help me much.
Dr. Kawana says that 'to reach the essence of things, all
non-essential elements must be eliminated.' So what is the essence
of the point being made with the help of this visual? Are any
elements in this slide non-essential? At its core, what is the real
point? These are always good questions to ask ourselves, too, when
critiquing our own slides.
Above. Here Jobs is talking to developers at the
WWDC'05 about the transition from the Power PC RISC chips to Intel.
Sounds daunting, but as he said (and shows above) Apple has made
daunting major shifts successfully before. (He also said sheepishly
earlier in the the presentation, that every version of OSX secretly
had an Intel version too...so this is not a new thing. The crowd
laughed.).
A note on having an 'open style'
One thing that would help Mr. Gates is an executive presentations
coach and a video camera. One unfortunate habit he has is
constantly bringing his finger tips together high across his chest
while speaking. Often this leads to his hands being locked together
somewhere across his chest. This gesture makes him seem
uncomfortable and is a gesture reminiscent of The Simpsons' Mr.
Burns. By contrast, Steve Jobs has a more open style and at least
seems comfortable and natural with his gestures.
Above. Mr. Gates needs to read Cliff Atkinson's
Beyond Bullet Points, ironically published by Microsoft Press.
Atkinson says that '...bullet points create obstacles between
presenters and audiences.' He correctly claims that bullets tend to
make our presentations formal and stiff, serve to 'dumb down' our
points, and lead to audiences being confused...and bored. Rather
than running through points on a slide, Atkinson recommends
presenters embrace the art of storytelling, and that visuals
(slides) be used smoothly and simply to enhance the speaker's
points as he tells his story. This can be done even in technical
presentations, and it can certainly be done in high-tech business
presentations.
The 'Microsoft Method' of presentation?
The approach we've seen in Microsoft's last public presentation we
can label the 'Microsoft Method.' This method is not different than
the norm, in fact it is a perfect example of what Seth Godin and others call
'Really
Bad PowerPoint.' Here's the rub: A great many professionals see
the absurdity of this approach, even a great many professionals on
the campus of Microsoft in Redmond. But change will continue to be
slow, especially when the executives of the company which produces
the most popular slideware program in the world use the program in
the most uninspiring, albeit typical way.
Above. Chief technology Officer, Ray Ozzie follows
the 'Microsoft Method' too. (Left) Bullet No.3: '...interfaces
through...interfaces'? (Right) Fundamental presentation rule: Do
not stick your hands in your pockets. Informality is fine, but this
is inappropriate even in the USA (and especially in cultures
outside the U.S.).
Refrain: It all matters!
We've talked about many presentation methods here at Presentation
Zen, methods that are different than the 'normal' or the 'expected'
but also simple, clear, and effective. Who wants to be 'average,'
'typical,' or 'normal'?
Ridderstrale & Nordstorm say it best in
Funky Business: 'Normality is the route to nowhere.' I'm not
suggesting you 'present different' for the sake of being different.
I am saying that if you move far beyond what is typical and normal
in the context of presentation design, you will be more effective
and different and memorable. Maybe Microsoft can afford
lousy PowerPoint presentations, but you and I can't. For 'the rest
of us,' it all matters.
Can we learn from a Japanese garden?
Looking for
inspiration in different places? Find a book on Japanese gardens
( like
this one from my friend, designer Markuz Wernli Saito) or visit
one in your area (if you are lucky enough to have one). You can
learn a bit here about the Zen aesthetic and Japanese gardens in
this
article by Dr. Kawana. Living here in Japan I have many chances
to experience the Zen aesthetic, either while visiting a garden,
practicing zazen in a Kyoto temple, or even while having a
traditional Japanese meal out with friends. I am convinced that a
visual approach which embraces the aesthetic concepts of simplicity
and the removal of the nonessential can have practical applications
in our professional lives and can lead ultimately to more
enlightened design.
"
(Via Presentation
Zen.)
11/08/2005 23:48 GMT-0500 |
Modified: 06/22/2006 08:56
GMT-0500 |
Microsoft Gadgets, Start.com and Innovation
Microsoft Gadgets, Start.com and Innovation: "
A lot of
the comments in the initial post on the Microsoft Gadgets blog
are complaints that the Microsoft is copying ideas from Apple's
dashboard. First of all, people should give credit where it is
due and acknowledge that Konfabulator is the real pioneer
when it comes to desktop widgets. More importantly, the core ideas
in Microsoft Gadgets were pioneered by Microsoft not Apple or
Konfabulator.
From the post
A Brief History of Windows Sidebar by Sean Alexander
Microsoft 'Sideshow*' Research Project (2000-2001)
While work started prior, in September
2001, a team of Microsoft researchers published
a paper entitled, 'Sideshow: Providing peripheral awareness of
important information' including findings of their
project.
...
The research paper provides screenshots that bear a striking
resemblance to the Windows Sidebar. The paper is a good read for
anyone thinking about Gadget development. For folks who have
visited Microsoft campuses, you may recall the posters in elevator
hallways and Sidebar running on many employees desktops.
Technically one of the first teams to implement this
concept
*Internal code-name, not
directly related to the official, âWindows SideShowâ¢â
auxiliary display feature in Windows
Vista.
>
Microsoft âLonghornâ Alpha
Release (2003)
In 2003, Microsoft unveiled a new
feature called, 'Sidebar' at the Microsoft Professional
Developerâs Conference. This feature took the best concepts from
Microsoft Research and applied them to a new platform code-named,
'Avalon', now formally known as Windows Presentation
Foundation...
Microsoft Windows Vista PDC Release (2005)
While removed from public eye during the
Longhorn plan change in 2004, a small team was formed to continue
to incubate Windows Sidebar as a concept, dating back to its roots
in 2000/2001 as a research exercise. Now Windows Sidebar will be a
feature of Windows Vista. Feedback from customers and hardware
industry dynamics are being taken into account, particularly adding
support for DHTML-based Gadgets to support a broader range of
developer and designer, enhanced security infrastructure, and
better support for Widescreen (16:10, 16:9) displays. Additionally
a new feature in Windows Sidebar is support for hosting of Web
Gadgets which can be hosted on sites such as Start.com or run
locally. Gadgets that run on the Windows desktop will also be
available for Windows XP customers â more details to be shared
here in the future.
So the desktop version of
'Microsoft Gadgets' is the shipping version of Microsoft Research's
'Sideshow' project. Since the research paper was published a number
of parties have shipped products inspired by that research
including
MSN Dashboard, Google
Desktop and Desktop
Sidebar but this doesn't change the fact that the Microsoft is
the pioneer in this space.
From the post
Gadgets and Start.com by Sanaz Ahari
Start.com was initially
released on February 2005, on start.com/1 â since then weâve been
innovating regularly (start.com/2,
start.com/3, start.com and start.com/pdc) working towards
accomplishing our goals:
-
To bring the webâs content to users through:
-
Rich DHTML components (Gadgets)
-
RSS and behaviors associated with RSS
-
High customizability and personalization
-
To enable developers to extend their start experience by
building their own Gadgets
Yesterday marked a humble yet significant milestone for us
â we opened our 'Atlas' framework enabling developers to extend
their start.com experience. You can read more it here: http://start.com/developer. The
key differentiators about our Gadgets are:
-
Most web applications were designed as closed systems
rather than as a web platform. For example, most customizable
'aggregator' web-sites consume feeds and provide a fair amount of
layout customization. However, the systems were not extensible by
developers. With start.com, the experience is now an integrated and
extensible application platform.
-
We will be enriching the gadgets experience even further,
enabling these gadgets to seamlessly work on Windows
Sidebar
The Start.com stuff is really
cool. Currently with traditional portal sites like MyMSN or MyYahoo, I can customize my data sources
by subscribing to RSS feeds but not how they look. Instead all my
RSS feeds always look like a list of headlines. These portal sites
usually use different widgets for display richer data like stock
quotes or weather reports but there is no way for me to subscribe
to a stock quote or weather report feed and have it look the same
as the one provided by the site. Start.com fundamentally
changes this model by turning it on its head. I can create a custom
RSS feed and specify how it should render in Start.com using JavaScript which
basically makes it a Start.com
gadget, no different from the default ones provided by the
site.
From my perspective, we're
shipping really innovative stuff but because of branding that has
attempted to cash in on the 'widgets' hype, we end up looking like
followers and copycats.
Marketing sucks.
"
(Via Dare Obasanjo
aka Carnage4Life.)
Posted for historic annotation purposes (re. Widgets as Microsoft
didn't copy Apple here at all; Apple just packaged this better at
the expense of Konfabulator as already noted above). And yes,
Marketing sucks big time!!
09/16/2005 17:54 GMT-0500 |
Modified: 06/22/2006 08:56
GMT-0500 |
Standards Contempt Revisited
My entire time in the IT industry has been spent primarily
trying to develop, architect, test, mentor, evangelize, and educate
about one simple subject: Standards Appreciation!
The trouble with "Standards Appreciation" is that vendors see
standards from the following perspectives primarily:
- Yet another opportunity to lock-in the customer
- If point 1. fails then undermine the standard vociferously (an
activity that takes many covert forms; attack performance,
security, and maturity)
- Developers don't like standards (the real reason for this is
to-do lists and timeframes in most cases)
Korateng Ofusu-Amaah
providesinsightful perspective on the issues above, in a
recent "must read"
blog post about how this dysfunctionalityplays out today
in the realm of HTML Buttons and Forms. Here are some notebable
excerpts:
"Instead my discourse devolved into a case of I told you so,
a kind of Old Testament view of things instead of the softer New
Age stylings that are in vogue these days. Sure there was a little
concern for the users that had been hurt by lost data, but there
was almost no empathy for the developers who had to lose their
weekends furiously reworking their applications to
do the right thing especially because it appeared that they
would rather persist in trying to do the wrong thing.
The sentiment behind that mini tempest-in-a-teapot however was a
recognition of the fact that those
who have been quietly evangelizing the web style were talking about
the wrong thing and to the wrong people."
...
"..As application developers we should ask for better forms,
we should be demanding of browser makers things like XForms or Web
Forms 2.0 to make sure that we can go beyond the kind of stilted
usability that we currently have. Our users would appreciate our
efforts in that vein but for now, they know what to expect. Until
then application developers should push back when we are told to
"do the wrong thing".
There is an unfortunate mindset trend at the current time that
espouses: "Sloppiness" is good, and "Simple" justifies inadequacy
at all times. Today, the real focus of most development endeavours
is popularity first and coherance (backward compatibility,
standards compliance, security, scalability etc.) a distant second,
if you can simply make things popular then that justifies the
sloppiness (acquisition, VC money, Blogosphere Juice etc.).
Especially as someone else will ultimately have to deal with
thepredictable ramifications of the sloppiness.
Standards are critical to the success of IT investment within
any enterprise, but standards are difficult to design, write,
implement, and then comprehend; due to the inherent requirement for
abstraction -it's atop down, as opposed to bottom up,
process.
Vendors will never genuinely embrace standards, until IT
decision makers demand standards compliance of them, by
demonstrating a penchant for smelling out "leaky
abstractions" embedded within product implementations.
Naturally, this requires a fundamental change of mindset for most
decision makers.It means moving away from the"this
analyst said...", "I heard that company X is going to deliver....",
"I read that .....", "I saw that demo..."approach to product
evaluation, to a more knowledgeable evaluation processthat
seeks out the What, Why, and How of any prospective IT
solution.
Knowledge empowers all of the time. It's a gift that stands the
test of time once you invest some time in its acquisition
(unfortunately this gift isn't free!). Ignorance with all its
superficial seduction (free and widely available!), is temporary
bliss at best, and nothing butheartache over time.
05/12/2005 15:11 GMT-0500 |
Modified: 06/22/2006 08:56
GMT-0500 |
Mac OS X and its potential impact on Windows
We are at an interesting crossroads in the computer
industry (IMHO) . Apple is about to unleash Tiger (ETA: one week from now),
and this operating system release could end up being the crucial
round of the titanic battle between Apple and Microsoft. The battle
which startsat the Operating System level reminds me of
the"Rumble In The
Jungle" (circa. 1974,
Kinshasa, Zaire);
Apple in the role of Ali
(aka "The Greatest" who was the overwhelming underdog at time) and
Microsoft in the role of George
Foreman (who at the time was logically invincible).
The shakesperian tale of Macbeth also comes to mind as
depicted in the excerpt below:
".... Macbeth goes to visit the witches in their
cavern. There, they show him a sequence of demons and spirits who
present him with further prophecies: he must beware of Macduff, a
Scottish nobleman who opposed Macbeth's accession to the throne; he
is incapable of being harmed by any man born of woman; and he will
be safe until Birnam Wood comes to Dunsinane Castle. "
Having used all the major operating systems on a
serious basis for a number of years in a variety
ofmodes;user, developer, and administrator. I have
always felt that a RISC based UNIX operating system (of BSD
genealogical branch extraction), if somehow combined with a user
interface that is superior to Windows,would
ultimatelyunravel the Windows Desktop Monopoly.
Thatoperating system exists today in the form of Mac OS X
(its lastest Tiger release simply kicks the differential
up a notch).
Back to the Macbeth correlation:
"Birnam Woods coming to Dunsinane" is the
metaphoric equivalent of desktop users and first time computer
users being forced (by the scourge of virus and spyware) to
revaluate Windows as the only choice for productive desktop
computing. What would you recommend to "Aunt Milly" when she tells
you she wants to get on the Internet? Especially if "Aunt Milly"
isn't living with you?
"Man not born of a woman" is no different to
saying: UNIX with a superior user interface to Windows!
I don't think you need me to tell who play the
characters of Macbeth and Macduff in this drama :-)
The Windows security vulnerabilities quagmire
(google
juice on this phrase is currently 6,620 pages)has
basically created an inflection of monumental proportions adversely
affecting Windows and creating great visibility and evaluation
building opportunities for Mac OS X ("once usersexperience
aMac they don't come back to Windows!").
Paul Murphy of cio-today.comhas also written
a great articlesheds light on theoften overlooked
hardware aspect to the security problem for WindowsHere is a
poignant excerpt:
Software and Hardware
Vulnerabilities
At present, attacks on Microsoft's
Windows products are generally drawn from a different population of
possible attacks than those on
Unix variants such as BSD, Linux and Solaris. From a
practical perspective, the key difference is that attacks on Wintel
tend to have two parts: A software vulnerability is exploited to
give a remote attacker access to the x86 hardware and that access
is then used to gain control of the machine.
In contrast, attacks on Unix
generally require some form of initial legal access to the machine
and focus on finding software ways to upgrade priveleges
illegally.
Consider, for example,
CAN-2004-1134 in the NIST vulnerabilities database:
Summary: Buffer overflow in the
Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause
a denial of service and possibly execute arbitrary code via a long
query string.
Published Before:
1/10/2005
Severity: High
The vulnerability exists in
Microsoft's code, but the exploit depends on the rigid stack-order
execution and limited page protection inherent in the x86
architecture. If Windows ran on Risc, that vulnerability would
still exist, but it would be a non-issue because the exploit
opportunity would be more theoretical than practical.
Linux and open-source applications
are thought to have far fewer software vulnerabilities than
Microsoft's products, but Linux on Intel (Nasdaq:
INTC -
news) is susceptible to the same kind of attacks as those now
predominantly affecting Wintel users. For real long-term security
improvements, therefore, the right answer is to look at Linux, or
any other Unix, on non x86 hardware.
One such option is provided by
Apple's (Nasdaq:
AAPL -
news) BSD-based products on the PowerPC-derived G4 and G5 CPUs.
Linus Torvalds, for example, apparently now runs Linux
on a Mac G5 and there are several Linux distributions for this
hardware -- all of which are immune to the typical x86-oriented
exploit.
This may even been the nullifier of that age old
argument about porting Mac OS X to the x86 in order to broaden its
adoption potential?
Mac OS X is certainly a breath of fresh air for anyone
who needs to simply get stuffdone with theirdesktops
and notebooks.
04/21/2005 20:25 GMT-0500 |
Modified: 07/21/2006 07:24
GMT-0500 |
Why Is Every Information Leak Worse Than Originally Thought?
Why Is
Every Information Leak Worse Than Originally Thought? While
there have been an incredible number of stories about data leaks
over the past couple of months, one interesting thing is that in so
many cases, the companies involved later come out and admit that
the problem was much worse than they first admitted. That happened
with ChoicePoint
and LexisNexis,
who both had to come out a second time and admit that the original
data breach they discussed wasn't as limited as they had believed.
The latest is that the DSW Shoe Warehouse database that was stolen
included
information (including credit cards) on many, many more people than
originally stated. So rather than 100,000 credit cards out
there, we're talking 1.4 million. What's unclear, however, is why
this is happening. Is it that these companies are so clueless and
unable to manage their own data that they don't realize how badly
they've leaked data until they do further investigations? Or is
that the companies are still trying to hide the nature of the
losses until later (maybe spreading them out a bit)? Either way,
you'll notice that no one ever seems to correct the damages in the
other direction...
It would be interesting to see the make up of the
IS infrastructure behind these companies. If such information was
possible I would have much better context for a broader
understanding of my suspicions (outlined in
previous comments).
Data is everything! I just wish there was a
better appreciation and comprehension of the subject of
Data Access.
04/19/2005 22:54 GMT-0500 |
Modified: 06/22/2006 08:56
GMT-0500 |
Payroll hole exposes dozens of companies
Payroll hole exposes dozens of companies Flaw in PayMaxx Web
site exposed the financial information of customers' workers, the
payroll-services firm acknowledges.
Unfortunately we have more of this come! The
combinaton ofbackend Database Engineand Application
Layer Data Access technologychoices play a major role in
these kinds of security vulnerabilities . Databases used to
confined to access from dumb terminals and PCs within the
enterprise. Today, these same databases are exposed to the Internet
in a myriad of ways, and a physical firewall and password
protection alone one cut it, not in an increasingly social oriented
cyberspace. Social Engineering is a major aspect of hacking!
Hosted applications are currently the rage; there
are many benefits, but there are also some serious security
vulnerabilties that will "dope slap" those organizationsthat
carelessly head down this route. You have to take a look at the
underlying architecture driving the systems in question.
Anyway, you can track past and future commentary
relating to databases, data access, and securityusing
thisdynamic blogquery. Naturally, I expect content
exposed from the query URI to grow, and to ultimately integrate
content from other sources around the blogosphere.
03/01/2005 23:24 GMT-0500 |
Modified: 06/22/2006 08:56
GMT-0500 |
|
|