Distributed Authentication. Aaron forwarded me a note about using LDAP for distributed authentication instead of relying on Jabber Profiles and/or Microsoft's Passport. He notes that every popular web application language already supports LDAP and it's already built into the Apache web server as well as the Zope Content Management Framework. And you may recall a few days ago, Doc Searls pointed to this 1996 interview (part 1, part 2) with Craig Burton that talked about "Netscape's barely-noticed moves with LDAP effectively kept Microsoft from setting up a toll booth at the intersection where we enter the Web -- the one controlled by a directory."
The issue with using LDAP is one of trust, just as it is with Microsoft. Who would you trust to handle your profile information? Microsoft's initiative requires you to put all of your trust in their hands. The Jabber solution allows you to at least control that data locally on your own hard drive, but information like credit card numbers and identity verification still must go through one of the services that handle such things. It's likely that you already trust those services if you've ever bought anything off the Internet using a credit card. For profile authentication using LDAP, it makes sense for a coalition of companies (Amazon, eBay, Mastercard, Visa, PayPal, etc.) to form a non-profit group or government-regulated company to handle the requests that come in from LDAP-enabled web applications. How all of this may work is too complex to write about in a couple of short paragraphs, however I think the point I'm trying to make is that we don't want the control of authenticated profiles and associated data to be in the hands of just one company.
Let's take a look at the Network Solutions monopoly. Here was a case where one company controlled all of the data in a directory. For years, people complained about how impossible it was to deal with NetSol and to change information in that directory. It was in NetSol's best interests to retain as much control over this directory data as possible, but they screwed up by pissing off so many people, that when alternative registrars were finally allowed, millions upon millions of domain names are being moved from NetSol's control. For most people, it is worth the extra little bit of money/hassle to transfer a domain from NetSol to a different registrar than to have to try and deal with NetSol's inane services (or lack there of). Again, it's an example of a decentralized directory winning out over a centralized one.
First Monday: Internet, Innovation and Open Source: Actors in the Network
Philip Greenspun on Content Management. [via Aaronland]
Sun launched their JXTA project today.
Brock Meeks has a great article on those privacy statements that no one ever reads. Tip: start reading them. [via rc3.org]
Dr. Dobbs: Web Applications as Java Servlets [via Have Browser, Will Travel]
Sorry about the sporadic updates. I've been sick with some nasty flu/virus thing for about a week. I did think up a cool idea for a phlegm spittoon, though. (hack hack, cough cough, spit - kaching!)
Yahoo Internet Life: Who Let the Blogs Out?
There's an excellent thread on the Usage Centered Design (UCD) mailing list about UCD and XP (Extreme Programming).
A cool MPEG from NASA zooming into San Francisco from space.
From Interesting-People comes this article about courts allowing the police to arrest people for minor traffic offenses like not wearing your seatbelt. Here comes the police state! Great, now all we need is forced religion in our school systems and Bush can truly say that he changed America during his presidency.
Philip Greenspun: ArsDigita: From Start-Up to Bust-Up. This is an excellent read.
Jabber Profiles. Eric Murphy is proposing that using Jabber profiles can compete against Microsoft's Passport/Hailstorm stuff. The differences are that Jabber's profile data is decentralized (stored on your computer, you control it) and Microsoft's profile data is centralized (stored on Microsoft's computers, Microsoft controls it). Oh, and the Jabber solution is completely open-source and Microsoft's solution is proprietary, closed, and likely very expensive.
NY Times: How The Baby Bells May Conquer Their World [and screw over everyone in their path, including consumers]
Roger Clarke's Dataveillance and Information Privacy Pages
CPSR: Privacy and Civil Liberties
Knowledge Base: What is a distributed application?
IBM DeveloperWorks: Server-side scripting languages
Here's something to think about. Since I received my Titanium Powerbook in February, I think I've only had to restart it maybe half a dozen times. It's running Mac OS 9.1 with Mac OS ROM 6.6.1. Granted, the only apps I run on a daily basis are BBEdit, Netscape 4.x, IE 5.0, AOL IM, NiftyTelnet, and Anarchie Pro. It's still a remarkedly stable system, compared to some reports.
I watched 10 minutes of Return to Oz today. Dorothy is an insomniac, she has a pet chicken that talks, and it's sorely lacking the musical score that made the original Wizard of Oz such a success. I really hate it when Hollywood screws up a good thing.
If you want to see a disturbing movie, I recommend you rent Happiness. It's a surprisingly truthful movie that exposes the American lifestyle and culture for what it truly is, and not what Hollywood presents on-screen.
Roger Ebert completely tears apart Freddy Got Fingered. This movie is completely disgusting, even for a Tom Green vehicle. There is such a thing as going too far.
BBEdit for Mac OS X is here! I'm hyperventillating...
Scary Scary Microsoft: Doc Searls yesterday talked briefly about the scary reality of what Microsoft is trying to do with their .NET distributed application framework. The services themselves are called Hailstorm and the authentication system is going to be based on their already-existing Passport directory. The problem is that nobody wants or trusts Microsoft to control this 'gateway' to ecommerce and Internet-based services. It's common knowledge that Microsoft will attempt to leverage their monopolies in the desktop operating system and the web browser markets to also build a new monopoly in the Internet services arena, most notably in ecommerce and distributed software applications.
So, if Microsoft is allowed to do this, where is the competition? How come we haven't heard the privacy groups screaming about this Microsoft initiative? Why hasn't someone proposed a similar technology that takes advantage of the open Internet technologies to build a competing "public data project" or "universal profile database" that could be operated by a non-profit organization or by a group of Internet companies like Amazon, Paypal, Sun, etc.? It baffles me as to why nothing like this has been announced. I can't be the first person to think that this may be the only chance we have against Microsoft's efforts to control this area.
Seriously. Do you really trust Microsoft to run an electronic profile database that contains a lot of information about you, including your credit card numbers, email addresses, and home address? Because, that's exactly what Passport aims to be. Given their track record of horrendous security holes in their own online systems and server products, I think Microsoft should be the last company to attempt something like this.
John Dvorak: "...if Microsoft is going to back off from this program, it will probably be because nobody trusts the company."
ZDNet: "This particular kind of service would require the most trusted vendor...Microsoft is not well-trusted, and recent security exposures have many concluding that it is not well-protected either." This article is very long. Be sure to read it all if you care about this stuff.
Just found the Little Green Footballs weblog. Nice.
WebMonkey: Mac OS X for Web Developers
Note to my readers: If you send me email in HTML format, I will probably not read it. Please, plaintext or ASCII only. I use Pine as my main mail reader, and while it can read most HTML-based email, the excess formatting and assinine MSHTML code included in most HTML-email is an incredible waste of bandwidth.
Jim Roepcke: Cesspools and Eyeballs.
No. Maybe. So.
Intellectual Property in the Information Age: Technologies for Intellectual Property Protection (Chapter 5)
ACLU: Wisconsin Data Privacy Project
NYC Surveillance Camera Project. Maps out the various surveillance cameras in public spaces in NYC. Nearly 2400 cameras!
Remember way back in 1997 when the U.S. Post Office was thinking about creating an "electronic data project for Internet Commerce"? I keep thinking about this and am wondering how it might have competed against Microsoft's upcoming Hailstorm/Passport initiative.
Publish: Content Management Market Ready to Explode
I am not too worried about all the dot-com layoffs, even though I think it's sad for those who are left without a job and are forced to compete with all the other laid off people for the small number of open positions. Statistics show that 4 out of 5 new business will fail within the first two years of operation. I'm not sure why people thought that this well-known fact didn't apply to the online sector as well. I am also of the opinion that perhaps 8 out 10 dot-com employees were not necessarily well-suited for the online technology industry. My experience shows that a surprisingly high number of these people treated their job in the new media industry as cushy place where they can do just the minimal amount of work and spend the rest of the day emailing and instant messaging their friends and surfing the web. I could be wrong, but maybe it's time for those people to leave the new media field.
Post-Bubble Thinking: What's most interesting about a recession is the interesting and innovative ways companies will start using the Internet to save money. Note that this is a completely different way of thinking about the Internet when comparing it to many of the business plans and revenue models of failed dot-coms which tried to create a business on top of nothing more than hype, advertising revenues, and the salesmanship of their executive teams.
The companies to watch in the post-bubble market are those that promise to save other companies money by offering products and services that take advantage of the capabilities and connectivity of the Internet. This is especially true for everyone if the economy does head into a downward spiral or a recession.
Happy Birthday! Today, I turn 28 years old. For some reason, I actually do feel a year older this year. Please, no BlueMountain.com e-cards.
Whoever dreamed up this picture sure has a sick mind. It's funny, though!
Meow! Die robot, die! Meow!
With all the dot-com people out of work, perhaps a few of them will apply for this job.
The story and history about why CSS1 is so badly broken in Netscape 4.x
CamWorld Story: Saving Lives. "I just read Jason's Incredible Day story and was vividly reminded of something that happened to me when I was fifteen."
Peter Drucker: Beyond the Information Revolution. Note this written in October of 1999.
TechInfoBase: The Criteria For Success
ZDNet: Bad Economy is Good for Open Source
WebTechniques has a good article from the guy who created the AmIHotorNot web site, discussing the technical details and problems of a high-traffic site.
Weird story. I thought I knew who my readers were. I was pretty well-tuned into my audience, aware that most of them were web designers, new media people, open source people, and software developers. As a way to better communicate with my readers, I recently put up AOL IM screen name up on the front page. There it is, right over there under the calendar. I used the assumption that since most of my readers were "in the industry" or had at least a couple years of experience on the web, that they'd know how and when to contact me using AOL IM. What I didn't expect was what happened last night. I was catching up on email, something I do almost every night, when an IM request came through from a screen name I didn't recognize. OK, so a reader wants to chat. Fine. I accepted the request and proceeded to ask him who he was. Silence. A couple minutes pass by. He responds, "Hold on." I wait, and ask him again who he is. He responds, "I'm just learning this Net thing." Hmmm, that's odd. Definitely not a typical reader. I kill the IM window and forget about the whole incident until today when long-time reader Adam at thirdball.com emails me and says that CamWorld is in the most recent issue of Yahoo Internet Life. Aha! So, that explains it. I'm getting newbies from the magazine. I guess this just proves that you can never really completely know who your audience is. Now, if only I could figure out a way to stop people from filling up my referrer logs with search queries for 'sex cam' and 'naked cam.' Heh.
Here is the link to the article (I assume) that my site appears in. Something called "Who Let The Blogs Out." The link is broken.
The big news today is Borders and Amazon are expected to announce some kind of partnership. I'm not really surprised, though I expect this is purely a financial decision. Perhaps this will be good for both companies. It gives Amazon an excellent bricks and mortar store presence and it gives Borders a high quality and robust ecommerce system.
To give you some context, when I worked at Borders.com the entire online group hovered around 100 people. This included the IT people, data integrity, online editors, writers, programmers, UI, IA, customer service, and various levels of management. Last year, I interviewed a woman who was working at barnesandnoble.com and she told me their entire online group was over 1000 people. An amazing difference. Amazon's team is of similar size or larger. The fact that Borders.com is even operational at the same level as BN or Amazon with such a skeleton crew is an accomplishment they should be proud of.
Read this.
Yup, BigWebShop.com executives are morons. This proves it.
This book called "Trust in Cyberspace" from the Committee on Information Systems Trustworthiness looks pretty good.
Sorry, I don't feel like digging up or posting any links today. I will however, tell you a story:
Remembering Childhood. The other night, I was watching TV and I saw a commercial advertising the Toys 'R Us Spring Toy Catalog, and I suddenly remembered the excitement we all felt as kids when the Sears and JC Penney catalogs came in the mail. In my family, it was customary to take a pen and circle every toy you wanted with your initials next to it. Some toys ended up with five sets of initials next to it (five kids in my family). I started thinking about this and realized that those catalogs were really the only connection we had to American pop culture of the time. As you may recall, my family spent most of my formative years living overseas. The toy sections of these catalogs were the connection. We didn't have American TV, and therefore no inundation of toy commercials on Saturday morning. Our classmates, the lucky ones who had recently moved from the States, had some clue as to what was popular, what was hip, and what was cool. Now that I am grown adult I look back on this time with a different perspective and I see today's youth being influenced by media and culture in ways that I was never in tune to. Part of me is glad that my parents had the foresight to raise us kids in places that would give us a lifelong different perspective on the world around us, but part of me wishes that I was rasied just everyone else. But then, how boring and dull would that be?
When your video card doesn't work with your specific version of Windows, do you go screaming to Microsoft slinging blame around? This article is just lame. I hate the media sometimes.
A lot of people tend to believe a lot of what they read on the Web. This point is underscored every time I read popular discussion forums. Lots of opinion, little fact. What's worse is when the discussion forums are technical in nature and well-meaning people mistake well-written opinion for fact and then use it to help make their technology decision. This has happened to me in the past, but after being corrected by a smarter coworker I've learned to always validate my opinions and facts before making a technology recommendation. Another related problem is when the marketing people for a particular piece of technology or software learn the buzzwords and lingo for their market segment and then proceed to convince technology decision-makers (usually top-level executives, and not the people who truly grasp the underlying technology complexities of their industry) that their stuff is the best. Sorry, I'll stop rambling now...
Last week, I watched some coworkers play a game of Illuminati. It's addictive, even for those who are not playing. I might just have to go buy a set of Illuminati cards...
Xerox has banned Windows XP beta on their corporate network. Must still need some work.
Steven Champeon outlines the history of Javascript. Awesome article.
At lunch yesterday with Jim Roepcke, I joked around about forming a "Windows NT Boxes for the Homeless" program after Jim complained about his NT box continually hosing itself.
edoc: Evaluating Web Content Management
I don't know exactly know what this is, but's definitely weird/funny. [via Frantic]
Fun/disturbing posters and art about technology biases.
I'm getting together with a bunch of people tonight for dinner in San Francisco. If you live in the area and want to join us, contact me by 2:00 PM PST with an RSVP and I'll send you the information of when and where we'll be.
Hey Microsoft, it's all about trust. How can you expect anyone to trust you with their data when you pull stunts like this? Morons. It shouldn't require an industry uproar to get Microsoft to change their policies about something. If they want to 'embrace' the Internet and ecommerce using Hailstorm and Passport, they've got to earn their users' trust and respect first.
Seen in an email .sig: The UNIX Guru's View of Sex: unzip ; strip ; touch ; finger ; mount ; fsck ; more ; yes ; umount ; sleep [And you can get this on a t-shirt, of course]
Off to the Left Coast for a week. I'll try to keep this site updated, but no promises.
Uneventful flights. Had to resist the urge talk to Jakob Nielsen who was on the same shuttle flight from San Francisco to Seattle. He was in first class and I was in coach with all the other cattle.
April Fools! Notice something different about CamWorld today?
Again, again! (loads in another random template)
Permalink: http://www.camworld.com/fool.html
Contact Cam: Email
How Did I Do This? It was pretty simple actually. CamWorld's content is stored in daily flat files that contain very basic amounts of HTML. Things like H2, and P tags. Using the existing HTML templates of each site, I simply used Apache's XSSI include system to execute the content, and used a slightly-modified CSS file for each template that approximated the look-and-feel of the borrowed site's design. I then found a simple Perl CGI script on the web that would randomly load an HTML file from a specified directory, in this case, every subdirectory within /fool. This also allows me to archive the April Fools joke without modifying my own index.html file at all.
Notes: Digging through the various code of some [unnamed, and not represented here] sites yesterday, I had to simply give up on trying to drop my content into their templates. Some of this code was really bad and overly-complex.
Thanks: to Dori, Robert, Dack, Dan, David, Rafe, Jason, and Zeldman whose code I borrowed without permission to do this April Fools joke.
P.S. All graphic design, HTML and CSS code is copyright their respective authors. Please forgive any broken links...
Latest Microsoft Security Flaw: It's not HTML-email that's the problem here, it's how Microsoft has implemented it. Tying email, the OS, and the HTML rendering engine together at this level is ripe for security flaws. Come to think of it, most Microsoft security problems seem to stem from their attempts to integrate software into the operating system.
