Tuesday Nov 17, 2009

Moving On....

It's quite hard to write goodbye blog posts or emails, and here I find myself embarking on such a task. It's always hard to say goodbye, but sometimes it needs to be said just to bring some closure.

It's been a extremely interesting ride for me at Sun over the last 9 years as a contractor and an employee. They say, 'once a unix geek, always a unix geek'. Well, for me it's kinda slightly different, it's "once a sun geek, always a sun geek". The spirit lives on. It's easy to take a geek out of sun, but It would be very hard to take the "sun" outta a geek !

As I type this post with a rock on my chest, I also breathe a sigh of relief. A sigh of relief from the topsy-turvy ride we have all been on for a long long time. I've lived through several RIF's and survived them all... And now I find myself making this bold move of moving out and onwards on my own.

I think it's time for me to take my destiny into my own hands, and carve out my own future. It's high time I pursue my dreams, and am moving on from here to pursue that dream.

I've have had the opportunity to work alongside some of the industry's most brilliant, coolest and fun'est folks, the opportunity to live and learn new technologies, the opportunity to work for a company that had a vision, a true vision ! These moments will be cherished forever.

In the last several months i've been involved in some fascinating projects which span healthcare, banking and telecommunications verticals. The lessons learnt have been simply wonderful (both on a technical and personal note).

I am sure all our paths would cross again, and having said that I'd prefer to not say goodbye but rather use a line from an old Bollywood favorite of mine "DASVIDANIYA" (from the movie Mera Naam Joker), which means "Until We Meet Again".

Now, before any of you jump to any conclusions or concoct any conspiracy theories, the reasons for me moving on are quite simple. I am moving on to carve out my own future. I shall be a continuing my participation on the advisory board of BastionHost. Apart from this, my primary day-job would be quite different from what I've been used to all along. I'm finally switching gears from my telecommute role that Ive been so used to over the years, to work behind a desk and be involved in spearheading the development of SaaS enabled infrastructures for the wealth management sector.

Sometimes in life one comes by opportunities that are rare, and if one does not act upon them regret is all one be left with, and that is something I refuse to live with.

If you would like to continue being in touch, you can follow my ramblings on tumblr. I am always available through Facebook, LinkedIn and twitter. I could also be reached via email at rohan[@]rohanpinto[.]com.

Last but not the least, I'm not gone yet.. ! I would be continuing in my role at Sun until the end of the month. From now on until then I'll be tying up loose ends and enabling transition what I currently have on my plate on to other folks on my team. (and I hope to make the MOST of the time I spend with my colleagues during this time).

For all those folks in the Identity Practice... I will be hanging around this arena of technology for a quite while folks, So Stay Strong, Live Large, and do keep in touch. You will find my continued participation in the OpenSSO and OpenDS Alias's. I am not sure whats gonna happen to these product lines after the Oracle Acquisition, but regardless of the outcome, lets keep the community going and the continue contributing to the project. I know "I Will", I hope you will too...

This blog at Sun Microsystems will no longer be updated.

Tuesday Jun 10, 2008

The Most Important Part of our Body

Writer: Anonymous

My mother used to ask me what the most important part of the body is.
Through the years I would take a guess at what I thought was the correct Answer.

When I was younger, I thought sound was very important to us as humans, so I said, "My ears, Mommy."

She said, "No. Many people are deaf. But you keep thinking about it and I will ask you again soon."

Several years passed before she asked me again. Since making my first attempt, I had contemplated the correct answer.

So this time I told her, "Mommy, sight is very important to everybody, so it must be our eyes."

She looked at me and told me, "You are learning fast, but the answer is not correct because there are many people who are blind."

Stumped again, I continued my quest for knowledge and over the years, Mother asked me a couple more times and always her answer was, "No. But you are getting smarter every year, my child."

Then one year, my grandfather died. Everybody was hurt. Everybody was crying. Even my father cried. I remember that especially because it was only the second time I saw him cry.

My Mom looked at me when it was our turn to say our final good-bye to my Grandfather. She asked me, "Do you know the most important body part yet, my dear?" I was shocked when she asked me this now. I always thought this was a game between her and me.

She saw the confusion on my face and told me, "This question is very important. It shows that you have really lived in your life. For every body part you gave me in the past, I have told you were wrong and I have given you an example why.

But today is the day you need to learn this important lesson."

She looked down at me as only a mother can. I saw her eyes well up with tears. She said, "My dear, the most important body part is your shoulder."

I asked, "Is it because it holds up my head?"

She replied, "No, it is because it can hold the head of a friend or a loved one when they cry. Everybody needs a shoulder to cry on sometime in life, my dear. I only hope that you have enough love and friends that you will always have a shoulder to cry on when you need it."

Then and there I knew the most important body part is not a selfish one.

It is made for others and not for yourself. It is sympathetic to the pain of others.

People will forget what you said. People will forget what you did . But people will NEVER forget how you made them feel.

The origin of this letter is unknown, but it brings a blessing to everyone who passes it on. Good friends are like stars...You don't always see them, but you always know they are there.

I'll take this opportunity to thank you for being there for me whenever I needed you...THANKS A LOT...

Friday Jan 18, 2008

JavaCard Reader Drivers

In my effort to have a non vendor specific JavaCard reader application/applet. Here's something else I discovered. Well, this may sound silly The SmartCard/JavaCard reader neds to either be built into your desktops/laptops or you may need to use a external reader. You are free to buy a reader from any vendor and in the process of doing so, you would also receive the necessary PC/SC drivers from the vendor.

but to make life simpler, here's a small list of vendors that you may procure your smartcard reader from.

  1. Schlumberger
  2. Gemplus
  3. SCM Microsystems
  4. Towitoko
  5. Omnikey
  6. Advanced Card Systems
  7. Athena Smartcard Systems
  8. Intertex IX
  9. Ankari (American Biometrics)
  10. Orga

There may be some of you who may not want to go through he process of buying a reader and a smartcard but would still be interedted in testing the applet/application without shelling out any moolah. Well, I have something for those folks too. I suggest you use the Smart Card Simulator. TSCS is a program for Windows 32 simulating a terminal and a smart card. Neither a smart card nor a smart card terminal is necessary. Just install the software on your PC and start working with smart cards. With this software you can see ¨into¨ the smart card, create files, send commands and receive the response from the smart card.

The Smart Card Simulator offers you a wide variety of possibilities to learn and work with a smart card. It can be used to understand and to learn the principles of a smart card, design and test a smart card application, calculate typical execution times etc.


Thursday Jan 17, 2008

DE-Federated Identity Access (DEAF)

Identity Management, and Identity Federation has been the buzzword in this space for a while now. According to the definition of "Federated Identity" on wikipedia, it has two general meanings:
  • The virtual reunion, or assembled identity of a person's user information (or principal), stored across multiple distinct identity management systems. Data is joined together by use of the common token, usually the user name.
  • The process of a user's authentication across multiple IT systems or even organisations.
now, this is great when the Legal Entity has a unique "identity" on each of the disparate systems. But when the Legal Entity who has a identity on a system is provided access to a partner site or system, there is absolutely no "Federation" possible if the Legal Entity has no identity on the partner site or system. I was involved in a brainstorming session related to shibboleth with a few technical folks from a university. What came up was the need to allow students from one university to access resources from another university. The folks I was interacting with were "sold" on the idea of federation, but lacked complete understanding of how federation really worked. Here were my concerns:
  • The user needed to have a unique identity on either systems.
  • The user needs to explicitly "federate" his identity. (If he does have a unique identity on each system)
  • If the users identity gets stolen, well, we have a much bigger issue.
(I thought) What the university really needed was implicit Federation. Whereby when a user who has authenticated himself at one university, when provided access to resources in another, should be granted access even thought the user does not have a unique identity at the other. Here's an example:
  1. University1 and University2 belong to a "defined" Circle of Trust.
  2. Student at University1 authenticates at University1.
  3. Student tries to access resources at University2.
  4. University2 Requests University1 to assert the validity of the user session.
  5. University1 Asserts that the user is "A" authenticated user, but does not actually reveal the users "handle" or "identity" in any form
  6. University2 grants the user access by just knowing that the user is a "authenticated" user at University1, without even knowing who the user actually is. (University2 provides just generic content to the user)
  7. User tries to personalize his "content" or University2 needs to provide the User "specific" content based on role the student has at University1
    • University2 would need to prompt the user for "permissions" to derive his "role" from UnIversity1
    • User grants permissions by using a digital signature of some sort.
    • University2 uses that digital signature to request University1 for the Users roles
    • University1 verifies that the digital signature matches that of the Authenticated User and grants University2 the users roles and/or "identity/alias".
    • University2 provisions a local "identity/alias" and associates it with the "role" as asserted by University1
  8. University2 can now allow the user to "personalize "content" or provide the user "content" as necessary.
I believe that with this aproach, even though a student has no "identity" on one system or university (University2 in the example I used) he/She still gets to experience the "magic" of "federation". On second thoughts, If I apply this to the examples widely used in "federation", where a airliner and a car rental company are in a circle of trust, well, I am sure that the car rental company would love to receive a new unidentified user from a "partner airline" and dynamically provision the user and sell him a product !!! it's all about making money in the bargain right ? or is it just making the user experience more enjoyable and easy ? I believe that we'd be kidding ourselves if we say that it's ONLY about "user experience" Now: The user providing his/her "digital signature" to the car rental company is another story altogether.. ;-) Comment Away Please... (Comments are active for only 30 days from the date of this posting) UPDATE : Please Read Pat Patterson's response by Clicking Here or by following the link in the 1st Comment/Trackback below.

Tuesday Dec 05, 2006

Ja... Va...


Saturday Nov 18, 2006

On Control & Consent

I'm not gonna write much on this, But let existing articles that exist out there speak for itself.......

  1. Student shot with Taser by UCPD officers [ Link 1 ]
  2. Call for Probe of UCLA Muslim Student Taser Incident [ Link 2 ]
  3. A third incident, a new video [ Link 3 ]
  4. Please call UCLA about student being taser-ed  [ Link 4 ]
  5. UCLA Police repeatedly taser muslim student  [ Link 5 ]

 Here's the youtube video: (warning: this aint very graphic, but the students screams are horrifying)

Here's what the UCLA Police Department had to say about this incident. [ pdf Link ]

Wednesday Nov 15, 2006

bush bashing

Immigrants arrested in the United States may be held indefinitely on suspicion of terrorism and may not challenge their imprisonment in civilian courts, the Bush administration said Monday, opening a new legal front in the fight over the rights of detainees.
source : AP

are we kidding !!! 

patrix has a nice writeup on this issue. So head on over to iPatrix for a read. 

Tuesday Nov 14, 2006

I'm back

Hi folks, I'm back to blogdom...

yes after moving away from b.s.c to my own wordpress hosted service which I really got to enjoy for a while, a OS reinstall on my server caused me to loose all data on the server, all blog posts and more importanly "valuable data". But however, like someone had told me before... shit happens, we gotto move on....

I've tried revamping my lost data, but was not successfull in doing so.. and have lost hope in being able to revamp it...

I'm back blogging on b.s.c and hey !! there's not gonna be an OS reinstall here... so stay tuned.. and please update your bookmarks...

note: I would be refraining from blogging about "certain" subject matters from here on forward....

Monday Oct 02, 2006

the AMISH massacre

oh god.. as if things werent bad enough… yet another school shooting, this time at a one room amish school in rural Lancaster, Pennsylvania. WHo in the world would have thought that the amish scool would fall victim to this ongoing violence. USATODAY reported that 6 kids were dead. I just cannot understand whats going on with these school shootings increasing in number. The shooter was among the dead too according to an AP report.

The shooter was among the dead, and a number of people were injured, said state police Cpl. Ralph Striebig.

“There are a number of people dead,” Striebig said. “The exact number I do not know yet.”

The county coroner said at least six people were killed in the shooting.

Police surrounded the one-room school late Monday morning, and the Lancaster County 911 website reported that dozens of emergency units were dispatched to a “medical emergency” at 10:45 a.m.

Two hours later, about three dozen people in traditional Amish clothing, hats and bonnets stood near the small school building speaking to one another and to authorities. At least two ambulances had left the scene, and at least one person was taken on a stretcher to a medical helicopter.

The Amish school is in Bart, in southeastern Lancaster County, about 60 miles (97 kilometers) west of Philadelphia. Amish children attend schools until 8th grade (according to the Pennsylvania Dutch Convention & Visitors Bureau’s Web page) There are about 25,000 Amish in Lancaster County (Raber’s 2004 Almanac).

In a rural amish county with such a small population and children who go to school upto the 8th grade, I wonder who’d go so haywire to go on such a rampage.

Friday Sep 29, 2006

the 2.0 syndrome (PoC 2.0)

K. I admit, the 2.0 syndrome has hit me too. I have been watching all these 2.0 applications sprout up, and am taken up by it. I have seen numerous applications branded 2.0, and have seen social bookmarking sites like digg, netscape (my very own hac.kers.us), del.icio.us, wikipedia, community driven sites, blogs across multitudes of platforms, blog aggregators like planet identity, etc.

I wondered if all these social 2.0 sites really made any money. I then thought of starting an experiment…. just to see what community involvement really meant. Is is just a bunch of folks who want to be heard, or folks who really involve themselves in the technology that they preach. But being in the identity space, I wanted to come up with a cocktail recipe that had a flavor of wiki’s, aggregation, tags, community commenting, the ability to modify anything, the ability to post anything. So I though of putting up a RSS feed aggregator which enabled folks to not only submit their feeds, but also vote on them, archive them, publish them, comment on individual posts, tag the articles etc… I used pat’s planetidentity’s opml feed for a starting point, and here’s what I came up with. The IDENTITY BlogReGator

Here’s the thought behind it. planetidentity started off as an aggregator for IDENTITY related blogs. But not every blog owner/blogger blogs about identity all the time, there’s numerous posts about cats, dogs, bicycles, airplanes, war, terrorism, saussage and eggs, and even sex. So basically what we end up with is just another aggregator. I wondered on how an aggregator could be setup to filter out the non subject matter related posts. Filtering on tags was one way, filtering on categories was another, but not everybody uses tags and categorizes their posts. I wanted to setup a community driven aggregator, where the community itself would decide on which posts from the aggregated feeds are relevant to the subject matter, the community would tag the posts, publish them, archive them and also edit them and comment on them. Basically this aggregator follows the OPEN DOORS policy where the community would drive the content and it’s visibility without the hassle submitting forms… no login, no authentication… (no infocard, well, if I am to accept any infocard presented, why should I accept any crediential at all, I’m gonna let everybody in) the community itself administers the site.

here’s what you can do… check out the site, play around with the several features that I have embedded into it (I’m in the process of embedding more as time goes by), submit your own feeds if you’d like, publish other posts if you find them relevant, delete posts if you think they are stupid, comment on others posts, edit other comments, and posts… basically let yourself loose and do anything you’d like…

All I want out of this is to see how much this community that cares so much about identity, web2.0 and community driven sites really involve themselves. This is PoC 2.0.

I’m gonna let the results themselves speak for itself. No involvement means nobody really gives a damn. It’s all hogwash… small talk… If the involvement increases, well, I wonder what the point really is ? thats something I would invesi=tigate and learn from later. and if folks simply launch a war by modifying the content of each others feeds/posts, then we are at war a 2.0 war, and if someone deletes everthing from my site, that someone really hates me… show me some love folks, check out the site and let me know what you think of it?

here’s the URL to my PoC 2.0 again : IDENTITYGANG.COM -> make this your planetidentity. Pat can have his planet (just a joke pat, no offense. i’ve been told that you have a great sense of humor.)

Tuesday Apr 11, 2006

Blog Migration In Progress

With Debashish's Help I am moving all posts from this blog on rollerweblogger to wordpress. I hopefuly should complete this migration by this weekend. Once all the posts including comments are migrated over I hope you would continute reading my new wordpress hosted blog.

UPDATE : The reason for migrating the blog over is because I wish to enable yadis/lid/openid/sxore and infocard (PHP & JAVA) authentication on the blog. And it's not possible with a hosted service. So That was my only reason.

Monday Apr 10, 2006

Yet Another Infocard Java Based Infocard RP

AH!!! Hellooo world. Java based infocards are taking over... Here's Yet another Java Based Infocard Relying Party Demo. This time It's Ashish Jain's implementation of it. Ashish works for PingIdentity and is also the co-author of J2EE 1.4 Bible & Enterprise SOA (I bet you didnt need that introduction, as you would have known that already.).

His demo is available at pingidentity's Jetty Based demo server. His implementaion however does not use bouncycastle or XOM but is again a Java based RP developed from scratch using XMLBeans and XMLSEC.

It sure is a chweeth Object Oriented world aint it ??

UPDATE : There's one thing for sure that infocard and WS-\* is helping me with. IE: Making new connections and a LOT of new friends.

Redhat to Acquire JBOSS

According to this news report, Red Hat announced that it has entered into a definitive agreement to acquire JBoss Inc. The aquistion was being speculated for a while, But now, I believe that it's time to stop speculating as it's official. Reuters reported the deal to be worth an initial $350 Million.
WOW !!
Red Hat also said that they would pay another $70 Million if performance metrics were met.

Sweeet deal aye ?

Looks like the times of aquisions and mergers are back.. the dot com boom was really a "proof of concept".... And everybody seems to be capitalizing on it now.

I wonder whats gonna happen to JBOSS's user base who are using it especially because it's "Open Source". or maybe another Fedora App Server would be out soon... just so that it stays Open Source.

UPDATE : Links to Market Rumble on this topic available here...

Wednesday Apr 05, 2006


Here's a free expo pass a $50 value to INTEROP 2006 Las Vegas, the premier IT event where business and technology converge. After downloading the pass you can register today at: www.interop.com/smart or bring the pass and register onsite at the event.
Priority Code: MLGHNLAW
IMPORTANT: When registering online, enter the Priority Code (MLGHNLAW) in step one of the registration process to receive a FREE Expo Pass

Learn more about this event at www.interop.com.

Attend the Security Conference to gain insight into the key technology and business topics associated with securing an information infrastructure. Learn to identify, understand and measure threats and risks in order to properly design and deploy people, process, tools and technologies. Gain tips for presenting security in a business context where the business implications they represent are clearly understood.

Tuesday Apr 04, 2006

smoni - ReceiveDatagram error 10054

My laptop started behaving weird today. everytime I restart it I get a error window popup with the word "smoni" in the title and the message "ReceiveDatagram error # 10054". A screenshot of the error message is as below:

Does anybody have any idea what this could possible be from ? I'm clueless... I'd appreciate any help I can get to eliminate this error window from popping up on every reboot...


Rohan Pinto


« February 2017
My Bookmarks
Currently Surfing