Monday Dec 20, 2004

Things I liked in 2004

I considered making a "top 10" list, but then I was worried I wouldn't come up with 10 good thoughts :) So, in the spirit of blogging, here are some of my favorite things about 2004 (in no particular order).

  • Solaris 10 - It's redundant in this forum to keep gushing about our latest release, but I can't help but sing the praises of our new baby. 4 years ago when I started at Sun, I was given an old laptop to use when travelling. My first thought was to try and put Solaris 8 (x86) on it. Big mistake. Video drivers didn't work right, PCMCIA support was non-existent (or very difficult to get working correctly), which meant that I couldn't use my NIC card (and definitely couldn't use my wireless card). I gave up after a few days of teeth gnashing and went with some Linux distro. Fast forward to 2004 and its a completely different story - Solaris 10 installs smoothly, it has all of the key features I need (video support, PCMCIA support for many NIC cards, CD/DVD RW support) and its F-A-S-T. I love opening it up at a conference or in front of customers and seeing the look of disbelief when I say "No, it's not Linux, this is Solaris 10.". 2005 should be a great year as the rest of the world will see what we've been up to for the past 3 years.
  • My iPOD - I got a 10GB iPOD last year for Christmas and its been my #1 gadget ever since. My preferred use is to plug it into my car (cassette adapter) and use it on road trips - nothing like having 1000 or more of your favorite songs right there in a tight little package. Why would anyone get one of those bulky car CD changers these days??
  • Netflix - Fantastic idea, wish I'd thought of it first (and had the money to make it happen). I can't see any reason why I would ever visit a traditional video store again.
  • The Pittsburgh Steelers 13-1 BABY! What a great season. I was at 2 games this year, the opener against the Raiders and the Halloween game against the Patriots. Whipping the Patriots and Eagles back-to-back made my year. Now they gotta take care of business and keep it going to the very end.
  • Music - Lots of great music came out this year, but I seem to be stuck in the early 1990's in my own tastes. My favorites this year were:
    • U2 - How to Dismantle an Atomic Bomb - Vertigo is sort of everywhere right now, but I still dig the opening riffs.
    • Pearl Jam - Live at Benaroya Hall - Pearl Jam is often overlooked in the ugly homogenized world of commercial radio, but they still have a really solid fan base and are still cranking out great music. This album really showcases what great musicians they are and what a great voice Eddie Vedder still has.
  • blogging - blogging was influential throughout the presidential election cycle, and its now growing into all kinds of new areas. I am not a particularly prolific blogger (its been months since my last post), but I enjoy reading others. I especially enjoy photoblogging which is a cool way to exhibit your own personal favorite photos for others to comment on. My Photo Blog .

Tuesday Nov 16, 2004

Firefox and Open Source success

There is a nice article about the success of the Firefox browser. Firefox is a great open source success story. So many Open Source projects get started with good intentions and then die due to lack of interest or follow-through. Just browse through the thousands of entries at sourceforge and see how many are actually active and useable. They claim (as of today - 11/16/2004) to have 90,830 active projects. Thats ALOT. The number of projects that are begin actively worked on and developed is probably quite a bit smaller than that number.

Everyone has read by now that Solaris 10 is going open source, so I won't blow that horn again here. Sun has always embraced the open source movement, we have incorporated many open source projects into our distributions and have also contributed many many thousands of lines of code back to the open source community (GNOME, OpenOffice, and Mozilla just to name a few more high profile projects), so this is not a new concept to us. Despite that fact, Linux zealots will likely take issue with our motivations or our licenses (still TBD), as it may seem like a threat to the continued growth of Linux (the typical Slashdot reaction is to respond first, then read the details later). Regardless, Solaris 10 will stand up to any scrutiny with its rich feature set, strong security, and reliability.

Saturday Nov 13, 2004

Photo blogs

I haven't blogged in a while about Solaris or anything else, but I plan to be more proactive about that in the future, especially as Solaris 10 starts rolling out. There is alot to talk about, especially in the security area.

One thing I have been working on, as a personal project and on my own time, is my own photo blog. Check it out if you enjoy random photos.

Forcing oneself to take some photos every day (or at least every couple of days) can be challenging, especially if you are not visiting new places or doing "new and interesting" things. The most challenging thing for a photographer is to take a mundane subject and find a new way to see it and give a boring subject new life. If you take the time to look at my photos, you will see that I still have a long way to go to acquire this skill, but there is some enjoyment to be had in the learning process.

My Photo Blog

Wednesday Sep 29, 2004

Sun is #5 Best Commuter company

The EPA has published a list of the Best Commuter Companies and Sun is #5.

Sun has been very supportive of giving their employees the ability to work from home whenever possible and assuming it fits your job responsibilities. For an engineer such as myself, it works out very well. Especially since my home is 1800 miles from the office where my manager and most of my coworkers reside.

As I and others have documented here in the blogs, working from home has many advantages beyond just having a short commute and the ability to work in your pajamas (or less) all day long.

Tuesday Sep 28, 2004

Gmail invites - gone

OK, I've sent all my invitatations for now. Thanks to those who responded. If I get more I'll offer them here.

Thursday Sep 16, 2004

Single Sign On confusion

So, as others have noted, This story says that Microsoft and Sun will provide single-sign-on capability for Microsoft's Active Directory and the Java Enterprise LDAP Directory.

Single-Sign On is fast becoming one of the most overloaded phrases in software security. For some it means accessing lots of web pages without entering a name/password every time (regardless of how secure or insecure the mechanism that enables this feature is). For others it means accessing all of your network resources (web sites, internal utilities, logging into other hosts with ssh/rlogin/telnet, reading mail, etc) without reentering passwords.

When you read high level information like the above article, it rarely specifies what technology is being used to provide the SSO features and it leaves the curious engineer hungry for real details. Coming from the network security area, I am wondering if this SSO involves Kerberos, GSSAPI, and SASL to enable secure access to the LDAP directories or if it means using something else entirely. I know that for Solaris 10 we have improved the Kerberos and GSSAPI technology that is bundled in the OS to make it more up-to-date with respect to both MIT Kerberos and Active Directory.

We have always interoperated with Microsoft's Active Directory as a Kerberos client, and Solaris 10 now has support for the RC4-HMAC encryption keys that AD prefers to use. So, doing Kerberos (GSSAPI) based SSO with Microsoft has never been a problem in the past, but it all depends on the definition of "SSO" and the apps that you wanted to access.

Most large enterprise networks today are a mix of operating systems and platforms, getting Single-Sign On to work seamlessly across all of the platforms available is a very challenging task. I'm not sure what this new arrangement involves or how it builds upon or compliments what we've done in the past, but I'm hoping it is an improvement that takes us closer to the goal of having secure SSO become the norm for all platforms.

Wednesday Sep 15, 2004

Positive Press!?!?!

CNN has a nice writeup about Sun's improving financial fortunes. Also mentioned are the "widely praised" Java software and Solaris OS.

My favorite quote: "Sun is a classic case of a misunderstood company that's primed for a breakout. He thinks it could double in the next year or so".

Its nice to read something positive for a change. Everyone who posts here has been working like crazy to get this ship moving in the right direction. Once Solaris 10 starts getting more exposure, I think we will start getting alot more attention from everyone who once counted us out.

Tuesday Sep 14, 2004

Double Sided DVDs

I'm a big fan of netflix, since I started using it a couple of months ago. When I first signed up, I filled up my queue with tons of movies I'd been meaning to watch, but never got around to (or couldn't find at the local rental store). This past weekend, "Das Boot" moved to the top of the list and arrived in my mailbox just in time for weekend viewing. Good thing, too, cuz its a 209 minute movie. Wolfgang Peterson is a very good director, I did not see Troy yet, but I liked the Perfect Storm and some of his other work (The Enemy Mine, In the Line of Fire).

Because its so long, its one of those movies that either has to be split onto 2 discs or put on both sides of the same disc. This one is a double-sided disc. Someone else popped the movie into the machine for me and started it up. I thought the beginning was a bit odd because it just sort of jumped into the action without any opening credits or character introductions or anything, but dismissed it because it was a foreign film and figured maybe it would work out ok later. So, the movie ends about 135 minutes later and I knew something was terribly wrong since it was supposed to be 209 minutes long. Yup, we had watched side 2 and not side 1.

So, I flipped it over and watched the 1st half. Watching the movie in reverse is more than a little annoying. Either way, the movie was great and I highly recommend it, but I wish we had caught the problem in the first place.

So what was my point... oh yeah ... I don't like double-sided DVDs. However, Netflix counts it as 2 movies if you get 2 discs, so I guess a double-sided one is better for rentals like this.

Monday Sep 13, 2004

Election fears

My greatest fear for the upcoming election (besides the fear that "W" will be re-elected), is the inevitable flood of lawsuits that will be filed regardless of who wins. Having the supreme court step in again and "choose" our new president sets and awful and dangerous precedent for future elections (perhaps its already too late since it happened once already). Unfortunately, depending on either of the 2 parties to accept the results with class and dignity in the face of defeat is unrealistic in todays highly charged climate.

It was amusing (for a while, anyway) back in 1992 when Clinton defeated Bush #1 to see all those stupid "Don't blame me - I voted for Bush" bumper stickers. Does anyone remember those? People simply couldn't accept the fact that their man had been soundly beaten and that (wonder of wonders), the presidency is not the birthright of the Republican party - 12 years of Reagan/Bush was plenty and the country wanted/needed a new direction. Of course, there was the follow-up bumper stickers that said "Bush lost - Get over it!" - also amusing. The difference between then and now is that today, people will claim some sort of criminal act has occurred if their man doesn't win.

My hope is that every state has a clear-cut winner and that we don't have any states that are "too-close-to-call", leaving them open for endless legal challenges and yet another supreme court battle.

Thursday Aug 26, 2004

Follow up - XP and SP2 comments

Just to be clear, I never said they would not find bugs or holes in SP2, I know they have found a few issues already and I'm sure there will be more. My point was that it was an aggressive attempt on their part. Considering the sheer size of the change and the number of programs modified and the volume of code involved , its inevitable that there will be more bugs and holes. I'm not defending the quality of the patch, either. I was just questioning the negative hype that has erupted about the patch and trying to judge its value based on the bugs it fixed versus the bugs it caused.

Are the new problems worse than the ones they were trying to fix? I don't know the answer, but the impact will vary depending on the environment in which it is deployed.

Bottom line - Nobody writes bug free software. Nobody.

Open source code isn't necessarily the answer, either. Open Source code has the advantage of having \*potentially\* many more eyeballs examining it and also has the advantage of getting fixed quickly when their is a problem. However, potential eyeballs to review code doesn't always translate into large numbers of actual people reviewing the stuff. Quite often, on large projects like Mozilla (for example), there number of people actually reviewing code changes is quite small, certainly no larger than the number of people that would look at the same code if it were produced by a big company (Sun, Apple, Microsoft, etc).

XP SP2 anyone?

I almost feel bad for the folks in Redmond. They are excoriated regularly in the press and in technical circles for the weak security in their products. The slashdot crowd is particularly vicious, but that is to be expected. Its not as if slashdot is a place where intelligent and reasoned discussions ever occur anyway (but I digress...).

So, Microsoft is attempting to make good now with the release of "Service Pack 2" for Windows XP which is supposed to fix tons of problems and close up security holes, etc etc. I think this should be considered a Good Thing. It is a huge patch that is taking some unusually bold steps (for MS, anyway) such as shutting down ports that were previously left open, installing a firewall that is enabled by default, and patching many other problems and weaknesses that they've identified. Again, this is all good, IMO, because it is moving towards the model of a mostly secured system instead of a mostly "open" system.

However, being such a big target as they are, they (MS) is taking lots of flack because in the process of locking things down, they have broken lots of 3rd party apps (50 or more according to their own website). As a software engineer that works on security stuff all the time, I can sympathise with the MS people because they had to make a tough decision and it involved a huge amount of changes. It was inevitable that some stuff would break.

There is almost always a tradeoff between really strong security and useability. Good security is hard to implement after a system is already built. Its also hard to change the mindset of the average computer user so they understand the dangers of the being attached to the internet without any protection. This is not just a Microsoft problem, as Solaris and Linux struggle to break into the desktop marketplace, developers and marketers should recognize the GOOD things that Microsoft has done (easy-to-use interface, point-and-click UI for almost everything) and combine it with the great security features that \*nix systems offer.

Finally, I think the hoopla surrounding the release of SP2 is a bit overblown and sensational. For the majority of users, this fix will do alot more good than bad and will likely not cause ANY headaches for personal users. I installed it on my families personal computer today and it caused no problems. I already have a firewall appliance and virus protection, so I can easily disable the new Windows firewall if necessary.

Monday Aug 23, 2004

Patents gone wild

There has been much discussion (and the usual gnashing-of-teeth) recently over the recent patent by Microsoft for a "process configured to run under an administrative privilege level". While I have not actually read the patent (reasons explained below), it seems like an obvious case where there was plenty of prior-art and that this patent is completely bogus.

The popular sudo utility has been around since 1980 (according to their brief history ). Solaris has had the "RBAC" system for several years and I'm sure there are other examples of eerily similar projects in existence long before MS thought to patent the idea. Why does the USPTO grant patents like this? It boggles the mind.

The MS patent may have originally been intended to cover their LSA system, extensively used by the Windows 2000 (XP, 2003, etc etc) system to manage privileges and delegation among users and processes in the Win2K environment. However, as it seems to be worded (or so I've read from other sources) it is very broad and could be considered to cover sudo and RBAC as well.

Why haven't I actually read the patent, you ask? Because US Patent law actually discourages one from investigating such things. If one actually reads a patent, then that person becomes liable for triple damages if they are found to be infringing. Conventional wisdom is that its better to be ignorant and thus not entirely culpable than to be well informed and thus be held to a higher standard in court. So, if you are a software engineer with a cool idea, its best to not even try to see if there is a patent on it. Its better to claim ignorance than to be found guilty of willfully violating someone elses patent.

So, the USPTO, being a typically understaffed and under-budgeted department, happily grants patents for just about anything and leaves it to the courts to decide if they are really worthy or not. This gives big corporations like Microsoft, IBM, and even Sun good reason to try and patent everything possible, even if they don't ever try to enforce those patents. There is little downside or penalty even if they are found to have patented something that is prior art. They can fight it out in court if there is a major discrepancy, which usually means the side that can afford the biggest and best team of lawyers will eventually win, mostly because the little guy with the so-called prior art doesn't have the resources to fight it.

The patent system is clearly broken, at least from the perspective of a software engineer and the sad thing is that its unlikely to improve in the current fiscal environment. A government that has turned a 100 billion dollar budgeet surplus in a half-TRILLIAN dollar deficit can hardly be expected to properly fund something like this.

\*sigh\*, maybe I should just take off my tinfoil hat and join the collective...

Friday Aug 20, 2004


I love Football. American Football. The N-F-L. Sorry to my non-American readers, I'm not talking about "football" (a.k.a SOCCER).

The 2004/2005 NFL season is kicking off in just a couple of weeks, and I'm hoping my team (Pitt Steelers) does a bit better this year than last (an ugly, uninspired 6 wins and 10 losses). At least in the beginning of the season everyone is on equal footing, 0-0, a clean slate.

For other football fanatics like myself, I highly recommend Gregg Easterbrook's weekly "TMQB" (Tuesday Morning Quarterback) column. It's a very unique look at football and offers lots of interesting stats and amusing side-stories.

Wednesday Aug 18, 2004

Solaris 10 x86 shines at IETF

As an employee, its nice to be able to run our stuff before its released and try it out "in the wild".

I attended the IETF conference recently in San Diego and was very happy to be able to use my laptop with Solaris 10 x86 installed on it for all of my computing. My laptop has one of those built-in wireless network cards (Atheros brand, mini-PCI) that are sometimes hard to get working with Solaris. Luckily, someone in the x86 wireless development group was able to hook me up with a prototype driver for this card and it worked great for me all week.

I was able to go the entire week without booting Windows or Linux to do my work. My biggest needs at this wireless-enabled conference were:

  • Wireless support - Atheros driver
  • VPN support - Solaris IPsec support worked very well, allowing me to easily and securely connect to the office and keep up with mail
  • Email - Evolution and Thunderbird both work very well
  • Web Browser - mozilla 1.7 or Firefox
  • IM client - MUST have Jabber support and AIM. Luckily, JDS-3 comes with a very nice GAIM client that works great.

The really great thing was how nice the recent JDS builds are coming along. My desktop no longer looks like something from 1993 (CDE) and finally looks and feels like a modern desktop. So, I was proud to be able to run everything Sun-on-Sun in front of my technical peers and show that Sun is by no means standing still and that Solaris 10 is going to rock.

Shanghai Photos

Someone else posted photo's from Shanghai Sunnetwork, so I decided to share mine as well. Check it out: Sunnetwork Shanghai .




« July 2016