About Duffbert...

Duffbert's Random Musings is a blog where I talk about whatever happens to be running through my head at any given moment... I'm Thomas Duff, and you can find out more about me here...

Email Me!

Search This Site!

Custom Search

I'm published!

Co-author of the book IBM Lotus Sametime 8 Essentials: A User's Guide
SametimeBookCoverImage.jpg

Purchase on Amazon

Co-author of the book IBM Sametime 8.5.2 Administration Guide
SametimeAdminBookCoverImage.jpg

Purchase on Amazon

MiscLinks

Visitor Count...



View My Stats

09/30/2004

Book Review - Succeeding With Open Source by Bernard Golden

Category Book Reviews

I finished reading an interesting book today called Succeeding With Open Source by Bernard Golden.  If your company is trying to figure out how to evaluate the potential use of open source software, this would be an excellent guide to removing the emotional aspect of the debate.

Chapter list:  The Source of Open Source; Open Source Business Models; Open Source Risks; The Open Source Maturity Model; The Open Source Product; Open Source Technical Support; Open Source Documentation; Open Source Training; Open Source Integration with Other Products; Open Source Professional Services; JBoss Open Source Maturity Model Assessment; Conclusion; Bibliography; Index

With the subject of open source software becoming more prevalent in corporations, it's often hard to separate logic from emotion.  All the techies have strong religious beliefs on the subject.  Executives are risk-adverse and want to have a "single neck to strangle" if something goes wrong.  But yet, the ability to use free software that you can own and modify as needed can save huge amounts of money.  How do you make a rational decision on an open source product?  Bernard Golden offers a process called the Open Source Maturity Model that allows you to assess important key components of software (such as training, support, and integration) on a weighted scale based on what's important to your business.  Based on how you see your company's relationship with technology (early adopter or pragmatic), you can then decide whether the software falls in a scoring range that is suitable for your needs.

In each of the chapters on the different assessment areas, the author does a good job in examining the different pros and cons of open source.  For instance, documentation can be found in many different areas.  There may be commercial books, forums, discussion groups, or official documentation from the vendor.  These avenues can be examined to see how mature the product is in these areas, and then a score assigned.  Taking this evaluation approach with all your software can eliminate much of the emotional debate and lead to well-reasoned decisions.  The book uses the JBoss open source J2EE server software as an example throughout the book, so you get a feel for how this process really works.  And best of all, all levels of staff will understand the material.  

If you're having problems getting traction in your organization for open source usage, get a copy of this book and start a rational evaluation.  It may be the missing piece you've been looking for.

09/30/2004

September's Google review...

Category Blogging

Now it's time for that favorite monthly feature, "How'd They Find Duffbert's Blog?"

Before we begin, a few words...  The vast number of hits I get are due to things I posted in the technical vein...  Technotes, book reviews, articles, etc.  But there are a number of hits this month that...  "deviate" from that area of interest.  In fact, this month's edition of How'd They Find could even carry an "R" rating at times.

And with that, let's start...
  • plywood "always carry one" - anyone have any clues on this one?
  • desperate housewives - I post one thing about the show months ago, and now I get these hits all the time.  
  • lusty girls - none here...  move along
  • @ss spreaders for men - I kid you not, I got this hit (for the slow to catch on, substitute "A" for "@").  And for the life of me, I can't figure out what combination of posts would have created a hit for that.  Plus, it just sounds painful...
  • wifeswap - once again, I mention it once, and now I get hits on a daily basis...  and yes, there are variations for wifeswap pictures, too...  :-)
  • distracted by bright shiny objects - guilty as charged...
  • korean tattoo - I know the tattoo stuff is from the post I did about Ian getting one, but I'm not sure where the Korean bit comes in.
  • psychic predictions about the 2004 election - I see a vision...  someone will win...  it will either be a Republican or a Democrat.  
  • Jennifer Hawkins - the first time I saw this hit, I had to google her to figure out who she was.  Apparently she's a beauty pageant winner who had a "wardrobe malfunction" on tape.  Apparently a lot of people wanted to see this.  It *was* a nice thong underneath.
  • dysthymia - glad to see people are reaching out for help and finding my site.
  • lebanese lusty girls - none of those either...  keep moving.
  • pig detector - and I wear that title with pride!
  • ww2 german genital torture - Um...  sure.
  • grapes laxitives - I hope they looked that up *before* consuming the grapes.
  • beth desnuda - rotten referrer spam...
  • lotus scream cam - It's *SCREEN*, people!  SCREEN, SCREEN, SCREEN!!!!  Learn to spell!
  • colin vs semi colon - I think this person has a few more things to work on before they get to this subject...  like spelling.
  • french kissing for dummies - let's see...  open mouth, make contact, extend tongue into other person's mouth, repeat as needed.  

As you can see...  there's never a dull moment around here.  :-)

09/29/2004

"We can beat Linux without Longhorn..."

Category Microsoft

From vuenet:  Microsoft: We can beat Linux without Longhorn

Microsoft does not need Longhorn to compete with the growing threat from Linux, according to one of the software giant's senior executives.

In an exclusive interview with vnunet.com Martin Taylor, Microsoft's general manager of platform strategy, said that, even without its next-generation Windows operating system, Microsoft can still fight off the penguin.

<snip>

"People say: 'Don't you need Longhorn to compete with Linux?' I say nothing could be further from the truth. From an innovation perspective [and] technical perspective, I've got everything I need today for a value platform."

According to Taylor, Microsoft is radically re-engineering Windows with Longhorn. "We are re-architecting the messaging bus, the interface, storage system and also providing avenues and paths for other products to take advantage of the operating system, such as WinFS, Indigo and Avalon," he said.

<snip>

Microsoft hired open source software engineers to run a research centre of 120 servers running "every Linux distribution". The purpose of this centre, said Taylor, is to "help our product groups have line of sight when they need to know things about Linux, to help our product road maps".

"to help our product road maps"...  God knows they need it.

09/29/2004

Linux, Windows XP, and piracy...

Category Linux

From NetworkWorldFusion:  Gartner: Piracy driving Linux PC shipments

The basic premise is that since hardware prices keep dropping and Windows costs stay steady, PC makers in emerging markets are loading Linux in order to maintain their profit margins.  Gartner estimates that around 80% of those PCs will eventually run a pirated version of Windows since it's so available in those areas.  Microsoft is fighting back in those markets with something called Windows XP Starter Edition, which is supposed to be a scaled back version of the OS designed for entry level people (and at a lower price).  But as quoted in the article:

Microsoft has promoted the software as a low-cost option for first-time PC users, but analysts have criticized the software for not meeting the most basic needs of users. XP Starter Edition does not include support for home networking, sharing printers, or multiuser accounts.

OK...  Let me see...  Let's say that I can run a pirated cracked version of Windows XP Professional for next to nothing, or I can pay more to get a licensed version of Windows XP Starter that is crippled software.  And let's say that piracy is an accepted way of obtaining software in my country.  I'm not seeing Microsoft making a lot of headway here...

09/29/2004

A step in the right direction...

Category Microsoft

From eWeek:  FlexWiki: Microsoft's Third Open Software Project

Guess they were getting tired of IBM releasing stuff to SourceForge and hogging the headlines and the developer good will.  :-)

09/27/2004

Book Review - Open Source Security Tools by Tony Howlett

Category Book Reviews

Are you a system administrator who needs to know more about security tools but you can't devote all your time to it?  A good book to look at is Open Source Security Tools - A Practical Guide To Security Applications by Tony Howlett.

Chapter list:  Information Security and Open Source Software; Operating System Tools; Firewalls; Port Scanners; Vulnerability Scanners; Network Sniffers; Intrusion Detection Systems; Analysis and Management Tools; Encryption Tools; Wireless Tools; Forensic Tools; More on Open Source Software; Open Source Licenses; Basic Linux/UNIX Commands; Well-Known TCP/IP Port Numbers; General Permission and Waiver Form; References; Index

This book is designed to be a practical, hands-on guide to using various open source tools to make your systems more secure.  It's also targeted for system administrators who don't have security administration as their primary responsibility.  Therefore, hard-core security techies might not get much new information in this book.  But for those of us who are less versed in full-time security will gain quite a bit.  I also appreciate how the author didn't just stick with Linux/UNIX tools.  Granted, that's where most of the open source software is developed, but Windows networks are some of the most insecure systems running.  Using some of these free tools will help you to cut down on the number of potential holes in the network.

I like how the author has covered the full gamut of security situations.  You get information that helps you to lock down the entry points (firewalls) and packages that can help you test that configuration (port and vulnerability scanners).  Combining a number of these tools should allow you to make a high-quality assessment of your network security and improve your chances of surviving a network attack.

09/27/2004

Nice examination of the Radicati Ventures situation by Christopher Byrne...

Category Everything Else

Yesterday I talked about the Radicati Ventures webpage and how something like this could be rife with conflict of interests.  But Christopher Byrne, our resident business controls expert, took an even deeper look at the situation of research analysts writing "sponsored" reports while also offering venture capital expertise.  Turns out it's more complex than I thought, and even more fraught with peril for everyone involved.  

This is the type of stuff that can make you roommates with Martha Stewart...  :-)

09/27/2004

Book Review - The Mezonic Agenda - Hacking The Presidency

Category Book Reviews

The latest in the Syngress line of techno/hacking novels is The Mezonic Agenda - Hacking The Presidency by Dr. Herbert H. Thompson and Spyros Nomikos. While not on par with the writings of a Tom Clancy, it's worth reading for its relevancy to current events...

Chad Davis is a computer researcher who is due to testify before Congress on an electronic voting system that he has been studying for security issues.  He can't seem to find any issues until a cracker gives him an encrypted diskette of information damaging to the new system.  But before Davis can get the story from the guy, he's murdered.  Davis has to figure out how to crack the CD in order to learn what the hacker had discovered.  Meanwhile, a powerful group of people are pushing for the usage of this system so that they can control the outcome of the election and dish out their own form of retribution for September 11th.  This group will stop at nothing to accomplish their goals, and Davis' life is worth nothing if he doesn't play along.

This novel actually explains how software can be cracked, with decent explanations on buffer overflows and encryption.  In fact, the book comes with a CD that you can use to practice your skills after reading the book.  The person who can crack the CD can win a trip to a security conference in 2005.  Pretty good practical application there!  After the core story, there are appendices that explain the history of voting, encryption, buffer overflows, and stenography.  I actually learned quite a bit about the history of voting from this information.  And given the Florida fiasco of the 2000 election and the controversy over the use of Diebold voting machines with no audit trail, the general concepts in this book are extremely relevant to current events.

Is it an excellent novel?  It's so-so...  And the ending is rather abrupt for my liking.  But if you haven't given much thought to the whole e-voting controversy, this book will give you a good foundation to be concerned.

09/26/2004

Book Review - The Secret On Ararat by Tim Lahaye and Bob Phillips

Category Book Reviews

The creator of the Left Behind series has a new series underway called Babylon Rising.  The second in the series is The Secret On Ararat by Tim Lahaye and Bob Phillips.  Not too bad of a story...

Michael Murphy is a biblical archaeologist who is also a university teacher.  He's attracted the attention of a dark secret organization who wants some of the biblical artifacts he's been able to discover.  In this episode, he's putting together an expedition to find Noah's ark.  He's also trying to figure out who is against him finding it, as he's finding people dropping dead all around him.  Once the ark is found, it's then a matter of trying to stay alive to get word back out to the world that it's real.

I'm liking this series quite a bit.  The emotions of the characters feel real, and the writing is good.  Unlike the Left Behind series, I don't know quite where this series is going.  This seems like it could be just a series of adventures that don't particularly lead up to a final event.  Still, an entertaining read with spiritual overtones.

09/26/2004

Book Review - The Tao Of Network Security Monitoring by Richard Bejtlich

Category Book Reviews

If you want to take your network security monitoring to the next level, check out The Tao Of Network Security Monitoring by Richard Bejtlich.  It does a good job covering new ground.

Chapter list:  The Security Process; What Is Network Security Monitoring?; Deployment Considerations; The Reference Intrusion Model; Full Content Data; Additional Data Analysis; Session Data; Statistical Data; Alert Data: Bro and Prelude; Alert Data: NSM Using Sguil; Best Practices; Case Studies For Managers; Analyst Training Program; Discovering DSN; Harnessing The Power Of Session Data; Packet Monkey Heaven; Tools For Attacking Network Security Monitoring; Tactics For Attacking Network Security Monitoring; The Future Of Network Security Monitoring; Protocol Header Reference; Intellectual History Of Network Security Monitoring; Protocol Anomaly Detection; Index

A sign of a good book is when the author sets out their scope and target audience, and then doesn't stray from it.  Bejtlich doesn't try to teach the reader every last thing about every package he can include.  Rather, he defines the scope as open source monitoring tools that haven't been written about ad nauseam.  Furthermore, there's no wasted space covering installation instructions.  He figures you can read the documentation for that.  So what you get is meaty information on how to conduct network security monitoring (NSM) using the different packages that are available.  

Another nice portion of the book includes the case studies and the analyst training.  This not only entertaining reading, but it also bridges the gap between just knowing about the subject to being able to practice those skills as part of your occupation.  Very nice feature...

An excellent addition to your network security bookshelf...

09/26/2004

A great use of Lotus technology in Buffalo Grove, Illinois...

Category IBM/Lotus

From Line56.com:  IT Performs Civic Service

Historically, police officers here have had to come in to the station to write reports. Having to do so was a drawback, notes Robert Giddens, director of IT for Buffalo Grove. "There's not a lot of crime that happens in the police department parking lot."

Each police officer now has a rugged notebook computer, designed to withstand the extremes of temperature in Illinois, which can be used to enter reports. "It keeps them in the street," says Giddens. The report gets entered offline, using Lotus Notes, and when police officers near a wireless "hot spot" (including municipal buildings, fire stations, and the police station), all they have to do is hit a button to upload the report directly into the server without having to enter the building.

From there, the information gets routed to a watch commander. The commander can reject the report (e.g., for incomplete information), in which case it goes back to the police officer's computer and the cycle begins again. If the report is accepted, Lotus archives it in a searchable system.

09/25/2004

Book Review - Designing Web Services with the J2EE 1.4 Platform

Category Book Reviews

If you're looking for a good architectural treatment of web services in Java, you'll want to look at Designing Web Services with the J2EE 1.4 Platform - JAX-RPC, SOAP, and XML Technologies by Inderjeet Singh, Sean Brydon, Greg Murray, Vijay Ramachandran, Thierry Violleau, and Beth Stearns (Addison Wesley).

Chapter list:  Introduction; Standards and Technologies; Service Endpoint Design, XML Processing; Client Design; Enterprise Application Integration; Security; Application Architecture and Design; Glossary; Index

As with most books put out by Sun, this is an authoritative guide.  The quality of the material is high, and you are getting it "straight from the source", as they tout their books.  While they cover the subject well, it's not the type of book that the hard-code developer geek would want.  It seems to target more of the system architect position... the person who would be responsible for designing the overall approach to a system and specifying the technologies to be used.  There is some code, but not much.  It's also not a tutorial approach, either.  But when you get done, you should have an excellent understanding of how web service architectures are designed using Java and technologies supported by Sun.

09/25/2004

GNOME, KDE Aim at Windows

Category Linux

From eWeek:  GNOME, KDE Aim At Windows

It's amazing how close these two Linux windowing environments are coming to functional parity with Windows...

09/25/2004

What Does the Notes Error Message, "0c:03" Mean?

Category Software Development

If you've been doing Notes development for any length of time, you've run across this message.  The problem is that it pops up in a dialog box, and that's the *ONLY* thing in the dialog box.  No text, no explanation, no indication of what you've done to deserve such treatment.  This is also one of my pet peeves about Notes/Domino.  There are far too many errors like this that have no background information associated with them.  It may help the person who developed the Notes designer software, but it doesn't do squat for the poor application developer who gets the error and is at a loss as to what caused it and how to fix it.

Anyway...  I ran across the following entry in the KnowledgeBase today while researching an issue for someone.  While it doesn't tell you what to do about it, at least I now know what it means...

What Does the Notes Error Message, "0c:03" Mean?

Doc Number:  1090262

Problem
What does the error message "0c:03" mean?

Content
This error message means "No place to put mark".   The Notes Editor functionality uses items called "marks" to show where various things, such as blocks of text with various fonts and attributes, start and end.  If the editor is modifying/reading field contents, it needs to identify where this particular 'thing' (block of text, or paragraph, etc.) starts.  If it can't locate these marks it will display the "0C:03" error.

09/24/2004

This is one bizarre press release... Quality On-Line

Category IBM/Lotus

As part of my Google news monitoring, I look for anything related to Notes or Domino.  This "gem" came in yesterday...

Quality On-Line Removes the Largest Hurdle to Lotus Notes Replacement

Gee...  sounds like a new Microsoft tool!  :-)

Quality On-Line is the first company to create and deliver a true alternative development & deployment environment for applications that are currently based on Lotus Notes & Domino.

OK...  Everyone's trying to find their niche.  To each their own.

Many corporate IT departments are grappling with the dilemma of what to do with their applications that have evolved around proprietary Lotus Notes mechanisms. Quality On-Line offers a straightforward replacement option and "one-step" migration path. This makes it a much more viable option than overlay approaches or multi-step, multi-year initiatives such as IBM Workplace.

Huh?  This sounds like the old "Domino is dead...  what are you going to do?" argument.  So what am I migrating to?

According to Peer Reinhard, president and CEO of Quality On-Line, "As a provider of enterprise applications for over ten years, starting with an integrated suite of Lotus-based workflow and document management solutions, Quality On-Line has already confronted and solved the core issues facing 100 million Notes users worldwide today. We started with a clean sheet of paper, taking the best features from the Lotus Notes environment and building in features Lotus should have created many years before such as support for relational databases, roles and responsibilities, and support for reusable components.

Whoa!  Someone's bearing a grudge and is drinking their own kool-aid.  What this set of "core issues" I'm supposedly facing?  I didn't know I had any.  And, um...  last time I checked, Notes/Domino supports interaction with relational databases, the ACL handles the roles in a workflow scenario, and design templates allow you to reuse design elements in multiple applications.  And you've just mastered these?

"It meets real-world needs of Notes dependent IT departments and their users by providing a supportable and highly scalable platform that addresses both development and deployment of enterprise applications. We evolved our architecture and applications to embrace the flexibility of open standards, with a J2EE-based implementation and support for cost-efficient application servers such as WebSphere, and Tomcat."

Finally!  You want to convert Notes applications to J2EE applications.  That's fine if you need that.  But in my book, ND is already supportable and highly scalable, and I do just fine with development and deployment of enterprise apps.  Much easier in ND than it is with WAR and EAR files, let me tell you.  And I'm really surprised you'd mention WebSphere next to Tomcat to make a case for "cost-efficient".  

A number of large organizations are already seeing the benefits of migrating beyond the constraints of Lotus-based applications. For example, <insert case studies here...  read the release for the details>.

OK...  You've got some big customers.  That's nice.  But since I've never heard of you before, I automatically wonder about your long term viability, especially when you start talking about building applications on Quality On-Line's "Application Platform".  Is it all open standards, or am I tied into your software somehow?

From a development and support standpoint, Quality On-Line overcomes the well- documented shortcomings in Lotus and provides a modern architecture. Major improvements include:

 -- Based on open standards and built natively in Java (J2EE) to provide a future proof solution
 -- A structured programming environment to improve consistency between different applications
 -- Reusable code to assemble high value customer solutions
 -- Integrated workflow and process control engine
 -- Vendor independent Relational Database support
 -- In and outgoing email integration
 -- An updated file system to make it easier to retrieve information
 -- LDAP and Active Directory support  to provide secured user access and single sign on mechanism
 -- Out of the Box vendor independent email integration
 -- Integration with Windows applications
 -- Improved, Windows like user interface
 -- Three-tier architecture to optimize both scalability and deployment flexibility

Quality On-Line's inherent flexibility gives IT managers the capability to incrementally migrate their existing Lotus-based applications according to specific business needs. This enables efficient re-purposing of IT staff and resources to be more effective and to address higher priority issues. Decoupling of the applications development and deployment from the messaging platform also gives IT departments significantly more deployment flexibility than can be achieved with today's Lotus-based implementations.

"Well-documented shortcomings"?  I must have missed that article or study.  "Decoupling" the application from the messaging platform leads to more flexibility for deployment?  Perhaps if you want to run multiple mail systems or mix and match vendor software, hoping that everything integrates.  For me, I'd prefer the tight integration due to the power it gives me with application development.  The deployment of those applications is mindless.  "Future proof solutions".  Right...  Nothing is "future proof".  And the rest of that list is either stuff that Lotus already does (like email integration) or supports (vendor independent Relational Database support).

This whole "press release" reads like an analyst report sponsored by "SOV" (some other vendor).  Either this guy/company truly doesn't understand Notes (which they apparently do) or they are trying to master the FUD approach to marketing.  

And as a side note...  I attempted to go to their site this evening at http://www.qualityonline.com/.  Guess what returned a "cannot find server" error?  Yeah, *that* gives you a nice, warm fuzzy feeling...

09/24/2004

Microsoft Changes Its Tune On Porting SP2 Fixes

Category Microsoft

From eWeek:  Microsoft Changes Its Tune On Porting SP2 Fixes

Microsoft has been reticent to commit publicly on how, when and whether it would make the browser-specific security fixes that it delivered as part of Windows XP Service Pack 2 available to users of older versions of Windows.


But this week, the Redmond software vendor issued a definitive statement regarding its back-porting intentions. The decision: No SP2 fixes—not even ones such as the SP2 pop-up blocker or the ActiveX control blocker—will be offered for users of older versions of Windows and IE (Internet Explorer).


Microsoft's message is that if you want any of these features, you must upgrade to Windows XP and/or Windows XP Tablet Edition running SP2. Next year, Microsoft will make the appropriate SP2 security fixes, including some of the IE ones, available to Windows Server 2003 users via Service Pack 1.


Now, my knee-jerk reaction is to assail the irresponsibility of this decision.  You created the buggy and insecure software, now you fix it.  But all software companies have to draw a line somewhere.  At what point do you say "enough is enough" and stop supporting versions that are two, three, or more revisions behind?  On the other hand, when your software has a near monopoly on the world's PC desktops and is responsible for security, your accountability should be much higher.


Tough questions...  In this case, I think it's irresponsible to not support a platform like W2K, knowing that it is still a mainstay of corporate America.  To force upgrades and not fix security issues you've created is, in my opinion, an undefensible position.  Win95 and WinME I'd have a hard time defending.  Win98 seems to fall somewhere between those two extremes, along with WinNT.

09/22/2004

Book Review - Pragmatic Project Automation by Mike Clark

Category Book Reviews

I just finished reading a very useful book...  Pragmatic Project Automation by Mike Clark (Pragmatic Bookshelf).  If you've ever wondered how to make your life easier as a Java developer, this will answer some of your questions.

Chapter list:  Introduction; One-Step Builds; Scheduled Builds; Push-Button Releases; Installation and Deployment; Monitoring; Resources; Pragmatic Project Automation: Summary

The basic premise here is that most development teams spend far too much time managing the compile/build/deployment process because it's a manual one.  And with manual processes comes the real possibility of errors and neglect.  You should be spending more time coding business solutions and less time baby-sitting the infrastructure.  Clark takes you through some of the freely available open source tools that can help you make the build process repeatable and automated.  By doing this on a regular, consistent basis, you'll have higher quality software and faster response times to errors because you can narrow down to a matter of hours (or even minutes) when an error was introduced into a code stream.

Along with the "why" of doing this, you'll learn enough about the components to get you started.  Ant will help you automate the compile and build process.  cron scheduling can set up your builds to happen on a regular basis without your intervention.  CruiseControl can take cron and Ant to a higher level and also send out notifications on the results of the builds.  CVS is covered as a repository that should be where your code is stored and versioned. And NSIS is covered as a way to create an automated installation package for your most current release.  While none of these technologies are covered in an all-inclusive way, there's enough here to get you started and to whet your appetite to pursue the matter further.

This isn't a big book...  161 pages.  But there's a lot of practical advice and wisdom packed in there.  Definitely a "must have" book if you're spending too much time as the "buildmaster guru" on your projects...

09/21/2004

Book Review - Mastering JavaServer Faces

Category Book Reviews

I recently got a chance to review Wiley's book Mastering JavaServer Faces by Bill Dudney, Jonathan Lehr, Bill Willis, and LeRoy Mattingly.  Overall, this is a nice book if you're looking to get involved in JSF technology.

Chapter list:  JSF Patterns and Architecture; Elements of JSF; JSF Request-Processing Life Cycle; JSF Configuration; JSP Integration in JSF; UI Components; Navigation, Actions, and Listeners; Validation and Conversion; Building JSF Applications; Custom JSF Components; Converting a Struts Application to JSF; What's on the Web Site; References; Index

This is primarily a learning tool for JSF with a fair amount of reference material thrown in.  In chapters 4 through 8, you'll touch on each main area of JSF coding, and the authors provide a solid mix of learning and reference lists for your on-going use as you continue down the JSF path.  They don't skimp on code listings, so you'll have some decent examples to draw upon as you start to build your own applications.  They also use a variety of UML diagrams to show the flow of a JSF program and how the class structure is laid out.  This is good in that you'll run into this type of notation in quite a few places, so you'll get a good understanding of it here.

The other thing I liked about this book was the "why" portion in the patterns and architecture section.  Too often, a book that is teaching you a new technology will not cover a lot of best practices and patterns on how programs should be built using the new tool.  By providing this type of information up front, the reader should be able to get into the right mindset and develop solid coding practices and concepts from the start.

Bottom line...  a solid book with good information, and you should be happy with the result.

09/21/2004

Another trashing of the analyst report process...

Category Microsoft

I ran across an article at the Register site today titled "Spooky Reg Powers Zap MS Linux Hit Man's Gig".  Something about carefully controlled meetings arranged and managed by Microsoft to control the spin the Linux "Get The Facts" program.  Yawn...

But the article ends with some really cool stuff on analyst reports, how they get created, and how they "mysteriously" can't be found for examination (but can certainly be touted by the winning side)...


As far as The Register's regular readers are concerned, what he has to
tell Computerworld about Microsoft commissioning analyst firms to produce Get the Facts reports on Linux is of interest. Says Taylor: "If someone says, "Hey, Customer X says, 'If I had this data, it will help me make a decision, comparing Microsoft to Linux.'" So Taylor then gets straight on the phone to the analysts saying this is something customers care about, so will they produce something. And sometimes they say yes, and do it themselves, while other times they say: "Actually, it's not that interesting to us, but if you care about it, we'll use our methodology and stand behind it, but you have to fund it, because it costs money to get the samples, get the customers, get everything."

So that's how all those Microsoft paid-for studies rubbishing Linux get paid for. It's customer demand. This does not quite in our estimation explain how Microsoft customers threatening to flee to open source get studies paid for by Microsoft. Nor does it explain how such studies get selectively recycled by Microsoft, nor indeed how the spun Microsoft version of the grisly truth gets to show up in business magazines that should surely know better. Funnily enough, that last one is currently listed in Microsoft's Of Note Hall of Shame. Strong journalists quake at the thought that they might one day find one of their pieces linked to from here, Microsoft's page of stuff written about them that they actually like. Brrr... ®

The "selectively recycled" link is most interesting, as the Register got ahold of the report used to keep the English city of Newham from converting to open source.  A clear case of "opinions for purchase".  And the "show up" link points to that absolutely absurd puff piece in Forbes about Linux being good for Microsoft.

Very good reading...

09/21/2004

Which templates work with which versions?

Category Software Development

I posted a question from an e-ProWire reader over on the Lotus Informer blog site:  http://www.e-promag.com/lotusinformer/

If any one has any insight to this, a response over there would be highly appreciated by the reader (and by me!)

09/20/2004

Book Review - R is for Ricochet by Sue Grafton

Category Book Reviews

I finally made it through the hold list at the library for Sue Grafton's latest - R is for Ricochet.  This is a nice rebound from the disappointment of her last novel.

Kinsey Millhone is hired for what appears to be a babysitting job:  pick up a woman being released from a California prison and make sure she gets settled in and adjusted.  But of course, nothing is ever quite that simple.  The lady, Reba Lafferty, did 22 months for embezzlement from the company she worked for.  She was in love with the owner, and still holds a flame for him.  But she quickly finds out that her best friend who took over her job while she was in prison is also sleeping with the boss, and it also appears that the entire company is set up to launder drug money.  The feds want her to spill her guts, and they want Kinsey to talk her into it.  But things go wrong, Reba disappears in violation of her parole terms, and Kinsey has to find her before she gets killed.  In terms of subplots, Kinsey is getting romantically involved with the lead cop on the case.  Also, her landlord's brothers (in their 80's) are messing up Henry's chance to get some female companionship...

In her last book, Grafton tried to weave a story around a true-life cold case.  It just didn't work.  It was the only one of Grafton's novels I really didn't like.  This latest installment in the alphabet returns to her former roots of good plot, funny writing, and varying levels of success at romance.  I had a fun time reading through this one, and I'm looking forward to "S".

09/20/2004

Security Fears Spark Move To Linux In Iran

Category Linux

From Business Reports:  Security Fears Spark Move To Linux In Iran

Oh, just freaking great...  I suppose all Linux users are about to be declared potential "terrorists"...  :-)

Wait...  Microsoft already thinks they are!  :-)

09/20/2004

Lotus Support Technotes are now available via RSS!

Category IBM/Lotus

I just found out today that the Lotus Support Technotes are available via RSS!  Way cool!

The URL is http://www-10.lotus.com/ldd/rssfeed.nsf.  At that page, you can subscribe to a number of feeds (all, Lotus, Domino, Sametime, and QuickPlace) with more to come in the future.

This is a fantastic way to keep up on what's coming out from Lotus Support.  

So what are you still doing here?  Go on over and get subscribed!

09/19/2004

Book Review - A Practical Guide To Red Hat Linux by Mark Sobell

Category Book Reviews

If you're looking for a very comprehensive guide to running the Fedora Core and Red Hat Enterprise distribution of Linux, you'll want to check out A Practical Guide To Red Hat Linux by Mark Sobell (Prentice Hall).  This book is packed with information...

Chapter list:  Welcome to Linux; Installation Overview; Step-by-Step Installation; Introduction to Red Hat Linux; The Linux Utilities; The Linux Filesystem; The Shell 1; Linux GUIs: X, GNOME, and KDE; The Shell 2: The Bourne Again Shell; Networking and the Internet; System Administration: Core Concepts; Files, Directories, and Filesystems; Downloading and Installing Software; Printing with CUPS; Rebuilding the Linux Kernal; Administration Tasks; Configuring a LAN; OpenSSH: Secure Network Communication; FTP: Transferring Files Across a Network; sendmail: Setting Up Mail Clients, Servers, and More; NIS: Network Information Service; NFS: Sharing Filesystems; Samba: Integrating Linux and Windows; DNS/BIND: Tracking Domain Names and Addresses; iptables: Setting Up a Firewall; Apache (httpd): Setting Up a Web Server; Programming Tools; Programming the Bourne Again Shell; Regular Expressions; Help; Security; The Free Software Definition; The Linux 2.6 Kernel; Glossary; Index

At nearly 1100 pages, this isn't a small book.  But as you can see from the chapter list, it packs a lot of information inside.  The content is predominantly targeted at the Linux server and network environment, so getting the book to learn how to run the Linux desktop may not be the best idea.  If you're looking to set up a Linux network and learn how to effectively work with the command line interface, this book works.

Interspersed throughout the chapters that contain numerous figures and code snippets, you will find a number of sidebars.  There are cautions, tips, and security sidebars that add flavor to the core information.  On top of that, you'll feel like you're back at school with the exercises at the end of each chapter to test your comprehension. If you go to the website www.sobell.com, you'll even find the answers to the even numbered questions.  I haven't been through that process (looking in the back of the book for answers) in years!

I was really impressed by the book.  As a Linux newbie, there's a lot here for me to learn from.  But it isn't so simplistic that I'll outgrow the book in six months.  This volume will reside on my bookshelf for a long time.

09/19/2004

Book Review - C++ Without Fear by Brian Overland

Category Book Reviews

Prentice Hall sent me a review copy of C++ Without Fear by Brian Overland.  Even though I'm not quite the target audience for the book, I must say I really like it.

Chapter list:  Your First C++ Programs; Decisions, Decisions; The Handy, All-Purpose "for" Statement; Functions: Many Are Called; Arrays: We've Got Their Number; Pointers: Getting a Handle on Data; Strings: Analyzing the Text; Files: Electronic Storage; Some Advanced Programming Techniques; Getting Yourself Object Oriented; The Fraction Class; Constructors: If You Built It...; Operator Functions: Doing It with Class; What's "new": The StringParser Class; What's "this": The String Class; Inheritance: What a Legacy; Polymorphism: Object Independence; C++ Operators; Intrinsic Data Types; C++ Syntax Summary; ASCII Codes; Common Library Functions; Glossary of Terms; Index

The basic premise of this book is that if you're comfortable with a computer and can run programs like a word processor, you can learn C++ using this book.  I'm not sure I'd recommend C++ to anyone as their first programming language.  Still, you can figure that this book isn't going to try and cover every little esoteric point of the language.  It covers the basic techniques and structure of C++, with copious examples and explanations.  Each chapter has a number of example programs you can type in and run.  After each example is a section called "How It Works" that takes an in-depth look at what is happening in the program.  There are then exercises that allow you to take the basic program and concepts and expand your expertise.  A few of the examples even have an optimization section where you learn how to modify the program to make it more efficient.  And if you're thinking you have to buy a C++ compiler in order to run your programs, think again.  The book comes with the GNU C++ freeware compiler, so you don't need anything beyond this book to get started.

Even though I have more experience in programming than the author assumes, I'm still not at all familiar with C++.  Looking through this book, it has the type of style that I look for when I'm trying to learn a new skill.  Approachable writing and explanations that don't assume I have a computer science degree and dream in code...

I like what the author and Prentice Hall have done with this title.  If I ever free up the time to learn C++, this will be the book I'll pull off the shelf to get started.

09/19/2004

Some Microsoft tidbits in the news...

Category Microsoft

From Internet Week:  Microsoft's IE Losing Users

Granted, losing 1.8% in three months isn't much.  But it's the first time that's ever happened.  Good signs for those who are champions of choice.

From the Indianapolis Star:  Microsoft Warns Big Clients Early On Security Patches

Apparently Microsoft has a quiet program designed to give large clients an early heads-up on security issues related to Microsoft products.  I find this practice right up there with corporations who used to give certain analysts and brokers advance peeks at their quarterly earnings so that they could act in advance of the general market.  This is just flat wrong.

From Netcraft:  Exploit For Microsoft JPEG Flaw Is Published

The genie is out of the bottle on this one...  Script kiddies can now pile on and start attacking boxes.  Turning off HTML images in your email is sounding like a better idea all the time...

From eWeek:  JPEG Bug Raises Many Questions

Larry Seltzer writes:

After reading the descriptions I've read, I have to say I'm surprised at the sloppiness of the code in the error. It sounds like a very elementary error and one that should have been caught.

And speaking of when it should have been caught, TruSecure's Russ Cooper raises an excellent point when he points out that this bug was probably found some time ago. It had been found for Service Pack 2 and must have been so a while ago, so why wasn't it fixed in SP1 earlier?

One can only imagine that they thought SP2 was a higher priority, and perhaps they were also comforted by the fact that the vulnerability wasn't generally announced yet. Now, I have to wonder how many other problems were found in the SP2 project that are still lurking in SP1 until Microsoft gets around to patching them there.

From eWeek:  Is Microsoft Poised To Sue OpenOffice Licensees?

Mary Jo Foley writes:
 
Fear has been mounting in the open-source community that Microsoft could start suing users at any time for alleged patent violations.

That possibility became even more worrisome to some with a new disclosure by Sun Microsystems this week regarding terms of its sweeping legal settlement with Microsoft, hammered out earlier this year.

According to the settlement between the two, Microsoft and Sun agreed not to sue each other or their respective customers for patent infringements that were alleged to have occurred before April 2004, as well as 10 years into the future.

But a new SEC (Securities and Exchange Commission) filing by Sun notes in the fine print that while Sun's StarOffice product is covered under this patent-infringement clause, OpenOffice is not.

Not only is Microsoft allowed to sue any company–including Sun–for alleged patent violations connected with OpenOffice, but Sun is required to provide Microsoft with legal help in bringing such lawsuits against OpenOffice users.

and...

"The language in the settlement contract in which Microsoft reserves the right to file a lawsuit against OpenOffice users is not all that unusual," concurred Yankee Group senior analyst Laura DiDio. "I believe Microsoft is hedging its bets and leaving all potential areas of redress open to the company."

"That said," DiDio continued, "I do not believe Microsoft is currently constructing a strategy or scenario in the near or intermediate terms to quash OpenSource via litigation. So, while it's undeniably possible that Microsoft could sue OpenOffice users, the probability is low—at least for the next two years."

OpenOffice has barely made a dent in Microsoft's massive market share for desktop office suites. But "if OpenOffice mounts a serious challenge to Office three, four or five years down the road and we see Office experiencing market erosion similar to that of NetWare against Windows NT, then Microsoft would fiercely defend its turf," she predicted.

If Microsoft were to ever take that path, it would endear them to the user community at just about the same level of SCO.  Still, when your cash cow is being sliced up for hamburger patties, you may just end up doing whatever you can to keep the cow alive.

And finally...

From eWeek:  Study Shows Visual Studio .NET Tops WebSphere

Microsoft Corp. has commissioned a study showing that its .Net development environment is more productive than comparable Java environments, a top company executive said at the VSLive! Orlando conference here.

Microsoft Developer Division Corporate Vice President Soma Somasegar said Microsoft commissioned The Middleware Co. Inc. to study productivity and performance comparisons between Microsoft's Visual Studio .Net 2003 and IBM's WebSphere and other tools, and Microsoft fared significantly better.

I haven't read the study, nor do I have any plans to.  But I would like to commend eWeek for prominently stating that the study had a sponsor, and not surprisingly the sponsor ended up having the better software.

09/19/2004

IBM loses major outsourcing contract...

Category IBM/Lotus

Fortune:  Is IBM's Services Strategy In Jeopardy?
New York Times:  
IBM Shrugs Off Loss Of A Service Contract It Once Flaunted

So...  J. P. Morgan Chase has decided to cancel its outsourcing contract less than two years into a seven year engagement.  While all the articles I've seen so far on this don't show any rancor or accusations on either side, you have to wonder about why a $5 billion agreement fell apart.  It sounds like the merger of J. P. Morgan and Chase caused them to re-evaluate the need to have an external entity manage their resources.  Plausible...


I don't see where this spells the end of IBM's services strategy, but I hope it's the beginning of a trend to really examine outsourcing and what it costs to give up that control...

09/17/2004

Book Review - Chasin' It by Tony Lindsay

Category Book Reviews

Every so often, either by accident or on purpose, I read something that is way outside of my normal patterns.  It could be that I want to try something different, or it may be that I misjudged a book.  Chasin' It by Tony Lindsay is one of those "far left field" books for me...

In this case, it was a misjudgement that caused me to read it.  I received an email from the author pointing out the book (I'm assuming he got my name as an active Amazon reviewer).  It looked mildly interesting, so I checked it out from the library.  Looking at the back cover, it sounded OK...  Terri Parish is an ex-Vegas headliner who has ended up on the streets.  She still craves the attention, and is looking for a big score.  She ends up ripping off a lover and head of a Chicago street gang.  She then has to figure out how to stay alive before he finds and kills her.  Sex, drugs, crime...  typical stuff.  :-)  It's also described as an "urban story".  Hmm...

The parental advisory on the cover for explicit content should have been a clue.  Terri Parish isn't a "she".  Parish is a he, a gay black man who crossdresses and works as a performer.  His life on the street is filled with smoking crack cocaine and turning tricks (which are often described in graphic detail).  He does a stint in prison where he's the head queen, and it's where he first meets the head of the street gang.  He's beaten badly, and the abuse continues when he's tracked down outside of prison.  The gist of the story is Parish learning how to come to terms with his gay lifestyle, the lifestyles of the men he dates, and how his grandmother and mother raised him into a life of prostitution.

So how do you rank a book like this?  There are many conflicts here, but I want to be fair to the author.  I give it low marks for deception on the back cover.  Nowhere is there any mention that the whole basis of the story involves transgender issues.  The writing isn't bad, so that brings it up a bit.  I wasn't overly impressed with the plot line, but I'm not sure why.  Is it because the plot was pretty basic?  Was it because this is a culture and lifestyle I can't even begin to relate to?  Is it because most of the characters are African-American and either gay or bisexual (of which I'm neither)?  Dunno...

I'll give this a three star ranking, as it's a book that will only appeal to a certain readership niche.  And depending on your cultural background or lifestyle choices, you may either really hate or really love this book.  

09/16/2004

I understand a certain analyst research firm has hired a new spokesperson to repair their image...

Category Humor

A picture named M2

09/16/2004

The National Hockey League season in jeopardy...

Category Everything Else

My son forwarded me this Nike commercial...  It says it all...

A Dark Day - Bring It Back

09/15/2004

Book Review - Shadow Divers by Robert Kurson

Category Book Reviews

I have just finished one of the most riveting nonfiction books I've read in a long time...  Shadow Divers by Robert Kurson.  This is a true life diving adventure that is totally engrossing.

Back in 1991, the owner of a dive boat charter was given the coordinates to a fishing spot 60 miles off the coast of New Jersey.  It was thought that there was some shipwreck down there, and he was going to try and figure out what vessel had gone down.  Over the next six years, John Chatterton and Richie Kohler became obsessed with discovering the identity of this wreck, which was a World War II U-boat.  The mystery was that no recorded history showed that a U-boat was sunk in that area.  It took six years of diving, worldwide research, rewriting recorded naval history, and the death of three divers to finally identify the vessel and figure out why it wasn't off the coast of Gibraltar where it was listed as sunk.

If you've ever read Jon Krakauer's Into Thin Air, the book about the climbers who died on Mt. Everett, you'll see a strong resemblance to that style.  You learn about the personalities of the men who are driven to risk their life every time they dive on a wreck.  And this isn't recreational diving, either.  They go down 200+ feet, where you have approximately 25 minutes of time on the bottom before ascending and decompressing over the next 90 - 120 minutes.  One wrong move and you are literally a dead man.  As the story progresses, you start to understand the need to identify the ship so as to give the crew who died a final voice, a need to find the answers yet not to disturb the final resting place of the many who died when the ship sank.  

An absolutely incredible story that is well-written.  A must read.

09/14/2004

A major shout-out and kudos to all who helped me with the CSS problem...

Category Software Development

A couple days ago, I posted a question about a CSS problem I was unable to solve.  While I'm much better at CSS than I was six months ago, I still have a lot to learn.  Johan, Vince, Richard, Sean, and Chris (via IM and email) all rushed to my aid and offered input that ultimately helped me across that hurdle today.  

Basically, all your answers were correct as to what my code should look like.  And much to my dismay, I still couldn't get that code to work right.  I finally took Richard's suggestion, deleted all the CSS out of the subform, and saved it.  That stripped out much of my glitz and glamor, but it showed me that the LI tags were lining up correctly.  I then started to add back in the different CSS elements until it broke again.  It was when I added the CSS for the anchor links that things went haywire.

I had a "margin-left: 10px;" setting in the CSS statements for links.  That pushed over the start of the link on the LI line, but allowed any wrapped text to line up where it would have if I didn't have the margin set.  Once I removed the margin (and I really didn't need it anyway), everything lined up perfectly.  Whoo-hoo!

Anyway, I just wanted to say thanks to everyone who took the time to read my entry and offer their assistance.  I really appreciate it.

09/14/2004

Remember that Migration Of Notes/Domino to .NET paper that Microsoft published?

Category IBM/Lotus

I received permission from the Exchange Documentation team to send copies of the paper out if anyone is interested.  Please send an email to duffbert at my gmail.com account if you're interested, and I'll send you a link to the location where you can download it.

09/13/2004

Book Review - The Web Programmer's Desk Reference by Lazaro and Joseph Issi Cohen

Category Book Reviews

As a web developer, you'll most likely own a few reference books for JavaScript, HTML, CSS, and other related technologies.  Surprisingly, you can get most of what you need in a single volume - The Web Programmer's Desk Reference by Lazaro Issi Cohen and Joseph Issi Cohen (No Starch Press).

Chapter list - Cascading Style Sheets; Object-Oriented Programming: The DOM and the Node Tree; Events and Event Handlers; JavaScript Core Language and Fundamentals; HTML Elements; HTML Attributes; Event Handlers; CSS Attributes and JavaScript Style Properties; Microsoft Internet Explorer Behaviors; Microsoft Filters and Transitions; JavaScript Properties; JavaScript Methods; JavaScript Collections; JavaScript Objects; HTML+TIME Microsoft Technologies; Index of HTML, CSS, and JavaScript Listings

I'll admit to not being a fan of single volume reference guides to multiple technologies.  In nearly all cases, the authors try to do too many things and be everything for everyone.  As a result, the book ends up being useless.  This one feels different, however.  The first 60-some-odd pages do a quick coverage of the overall technology, like CSS, JavaScript, and the DOM model.  In all likelihood, you probably won't use this part of the book.  It's not enough for a beginner, and it's too basic for an experienced developer.  But the book shines when it comes to the reference section.

Each entry in the reference portion lists the tag or keyword, which browser versions support the option, the syntax of the option, code examples, and what other options or tags the original tag refers to.  Because there is so much information included (1000+ pages), it will take you a little while to get comfortable with the page layout.  But once you get that under your belt, this book could become very valuable to you.

While I'm not ready to ditch my stand-alone reference books on CSS, HTML, and JavaScript, this book might have caused me to think twice before buying them.  A good job...

09/13/2004

Book Review - Skinny Dip by Carl Hiaasen

Category Book Reviews

It's always a treat when a new Hiaasen novel comes out.  I enjoy the opportunity to bury myself in a Florida genre novel with a wacky plot.  Hiaasen's latest, Skinny Dip, doesn't disappoint...

Chaz Perrone is a biologist who hates the outdoors and is more interested in money and sex.  He's married to a rich wife, but he's not in line to inherit any of her money.  So why does he toss her overboard a cruise ship on their 2nd anniversary and act if he was sleeping when it happened?  It takes a little while to have that reason work its way out.  Meanwhile, his wife (who he assumes is now fish food somewhere) ends up latching on to a bale of Jamaican pot (this *is* Florida!) and is rescued by a guy who lives a pretty solitary existence as a house caretaker on a deserted island.  Rather than just call the cops and have him arrested, she decides to start messing with his mind in order to drive him off the deep end.  They sneak into his house, rearrange items, and start a blackmail scheme.  At the same time, Perrone's employer, a farmer who is polluting the Everglades, sends over a bizarre bodyguard to make sure that Perrone doesn't do anything stupid.  As the pressures mount from all sides, Perrone is cracking up and going paranoid.  The question is who will be the first to either kill him, arrest him, or feed him to the gators.

With Hiaasen, you know you are always going to get a dose of his views on the environment and attitudes of Florida.  I think he'd be happy if 75% of the people in Florida just up and left...  especially the developers.  His characters are quirky and off-beat, and the plot is funny yet plausible if you don't get too hung up on it.  In this book, you'll understand his feelings about the destruction of the Everglades by unscrupulous farmers and such.  But I appreciate that his underlying message doesn't overload the story.

Anyway...  I like his writing and style, and this is another great installment in his writing career.

09/11/2004

From the Butler Group - Linux In The Enterprise

Category Linux

The Butler Group has issued a report titled Linux In The Enterprise - A Viable Alternative For Server And Desktop Operating Systems?  Interesting material that comes to the following conclusions:

The key findings from the Report can be summarised as follows:
  • Linux is a credible alternative now for the core of the data centre, and for the client within two years.
  • The most important attribute of Linux is the independence afforded from the hardware platform.
  • Linux is a cost-effective UNIX replacement, and a worthy competitor to Microsoft Windows Server in many areas.
  • Linux on the client is gaining credence, with offerings available from Red Hat, IBM, Novell, and Sun.
  • Ignore generalised Total Cost of Ownership (TCO) evaluations, the TCO of Linux varies dependent on an individual organisation’s circumstances.
  • The Linux ecosystem is developing quickly and is a major driver of the adoption of Linux, especially for the main enterprise distributions from Red Hat and Novell.
  • The public sector is showing leadership in this area, and beginning to embrace Linux and Open Source in a major way.
  • Open Source software tends not to be innovative, but does produce efficient, secure, and robust code.
  • For many that already using Windows, it remains the best strategic choice, as does proprietary UNIX at the very high end.

09/11/2004

Microsoft Wins "Tabbed Browsing" patent...

Category Microsoft

From InternetNews.com - Microsoft Wins 'Tabbed Browsing' Patent

Microsoft now has a patent on the technique of using the tab key to skip from hyperlink to hyperlink on a web page...  

PULLEEEEZZZE!

Is there any doubt that our system of patent granting is seriously broke and/or flawed in this country???

09/11/2004

Book Review - High-Tech Crimes Revealed by Steven Branigan

Category Book Reviews

I recently finished the book High-Tech Crimes Revealed - Cyberwar Stories From The Digital Front by Steve Branigan (Addison-Wesley).  It's a pretty good book, but with a few shortcomings...

Chapter list:  An Attack on the Telephone Network; An Attack on an ISP; If He Had Just Paid the Rent; Inside a Hacker Sting Operation...; Identity Theft; Let's Ask the Hackers; Why Do Hackers Hack?; Setting the Stage; High-Tech Crime; What Not to Do; How to Run a High-Tech Case; What Have We Learned; Appendix; Bibliography; Index

There are two types of writing in this book.  Up through Inside A Hacker Sting Operation, the focus is on real-life cases that the author was part of.  You learn details about how cyber-crime is conducted, uncovered, and prosecuted.  The benefit here is that you see the warts and failings of the process instead of the glorified versions as told by security experts.  After that chapter, there is less emphasis on stories and more focus on subjects, such as why these things occur and how to conduct an investigation.  There are still references to real-life events, but that's less of an emphasis.  Branigan's writing is humorous and lightly satirical, and makes for an enjoyable read.

The shortcoming was something I couldn't quite put my finger on until I read the preface.  Steve started this book in 1999 and thought he'd be done in early 2002.  September 11th threw him off, and he didn't get started again until nearly a year later.  So in effect, you have a book on cyber-crime published in 2004 that was largely written between 1999 and 2001.  While there are references to events in the recent past, many of the significant stories and examples are vintage 2002 or earlier.  In my opinion, it's the only significant flaw in what is otherwise an interesting read.

09/10/2004

Book Review - Bandit Queen Boogie by Sparkle Hayter

Category Book Reviews

With my reading of Sparkle Hayter's latest book, Bandit Queen Boogie, I'm now up to date on her writings.  And I must say, this one is unusual...  It's difficult to describe the plot, as there are several wacky subplots that seem unrelated but converge at the end...

Blackie and Chloe, two friends who appeared mismatched but understood each other, decide to head off to Europe to help Chloe forget a relationship.  While over there, they find out that they have a knack for running cons that separate men on the prowl from their money.  That's the main thread.  In initially unrelated subplots, you have an Indian crime boss who's Ganesh god statue is stolen with something of value stashed inside.  There's a rebellious heiress that skips out on court-ordered rehab and is trying to meet up with her boyfriend so they can run off together.  A reporter who's apparently on the edge is over in Europe on a company-ordered "vacation" and is stripped of a story he's been working on.  And believe it or not, all these things end up meshing at the end.  The girls are thought to have killed the son-in-law of the crime boss after he stole the statue.  They are being pursued unknowingly by his hired goons.  The reporter is trying to come up with a blockbuster story, and he's going to try and uncover the story of the heiress.  The heiress is on the run but her boyfriend has apparently dumped her and taken off with her money.  Chloe is mistaken as the heiress traveling with a Canadian friend, so everyone wants to find her.  Neither of the girls know much of what is transpiring.  There's a few more subplots there, too...  But any more would give things away, and it's just too confusing to try and explain anyway...

This is a strange novel.  If you like crazy stories going off in different directions, and situations where peoples' lives intersect with each other in unusual ways, then you'll most likely enjoy this read.  If you want a logical plot with believable story lines and rational scenarios, then this one will drive you up the wall.  I think I enjoyed the writing more than the story, but your mileage may vary...

09/10/2004

Remembering the day before 9/11...

Category Everything Else

Tomorrow is the 3rd anniversary of the 9/11 attack on America.  And while I'll look back and remember that fateful day, my thoughts are drawn to September 10, 2001.  People woke up and went to work just like any other day.  They did the things they do during the course of a normal workday.  They went home, had meals, and interacted with friends and loved ones, just like any other day.  Some probably had fights with husbands or wives or kids, and went to work the next day feeling bad and thinking they should apologize and make amends...

The next day, over 3000 people never got that chance.

09/10/2004

An important milestone in my Amazon.com reviewing career...

Category Book Reviews

I've shared before that I post my reviews on Amazon where they can be voted on.  Amazon then ranks the reviews based on number of reviews, positive votes, and other mysterious criteria.  When I first started doing this, I was ranked around 25000.  I figured it might be fun to see if I could hit the top 1000 before year's end.  At that point you get a special "badge" next to your name in the reviews.

About six weeks ago, I was at 1099 and thought my goal was imminent.  Then there was a revamping of the web site, and I dropped down to 1450.  Bummer...  I slowly worked my way back up to 1109, and then we found out there had been a bug which caused the dramatic drops.  They fixed the error, reranked, and now I'm proud to announce...

A picture named M2

Whoo-hoo!

The full list of my reviews along with the votes are here:  http://www.amazon.com/gp/cdp/member-reviews/A3R19YKNL641X3/104-3004705-9199157

09/09/2004

Book Review - Sleepyhead by Mark Billingham

Category Book Reviews

Based on the recommendation of a friend, I picked up Sleepyhead by Mark Billingham from the library.  It's a real dark crime "who dun it" with twists that keep you reading to the end.

Detective Inspector Tom Thorne gets involved with a number of murders that are seemingly random until they find a "failed" attempt.  The victim who survived is completely paralyzed due to a stroke, and Thorne figures out that she was actually the "success" of the killer.  It turns out that the killer is really trying to "liberate" women from their bodies, leaving the only thing he values...  their minds.  He deliberately induces a stroke by physical manipulation of certain blood vessels, nerves and muscles.  Thorne thinks he knows who is doing the killing, but his evidence against him keeps coming up short.  The mental games between Thorne and his suspect grow more intense until Thorne is ready to admit defeat.  But the story comes to a dramatic end with a final confrontation with a number of lives on the line.

As I mentioned above, the story is very dark.  Not only is the subject matter intense (a killer wanting to turn his victims into vegetables, not corpses), but Thorne is a damaged individual with a lot of personal and emotional baggage.  The author is English, so there are a number of slang phrases that American readers will have to think about in order to follow the conversation.  And even though you think you know who the killer is, you just know there's going to be a twist somewhere.  

Well written, and very different....  I look forward to his future work.

09/08/2004

Book Review - XSLT 2.0 Web Development by Dmitry Kirsanov

Category Book Reviews

If you are looking for an XSLT book that is more than just a reference or tutorial manual, you might like XSLT 2.0 Web Development by Dmitry Kirsanov (Prentice Hall).

Chapter list:  XML and the Web; The source definition; Elements of a web site; An overview of XSLT; The XSLT stylesheet; XML software; XML on the server; Bibliography; Index

Don't let the short list of chapters scare you off.  Each chapter is broken up into multiple "mini-chapters" that cover the subject matter quite well.  Having said that, I think that it's important to know exactly what you're getting here.  This is not a 1000 page tutorial and reference guide to all that is XML and XSLT.  In fact, if this is your first exposure to XSLT technology, you might actually find yourself a bit frustrated.  This is not so much of a "how to" as it is a "why to"...

The author spends a lot of time explaining XML design and schemas, and how an accurate schema can make the difference between a good and bad application.  Once the proper schema is established, then he covers how XSLT can make the XML transform into a clear and well-structured site.  Really good stuff, but you probably won't learn all there is to know about XSLT by reading this book.  I actually see this as a good "second" XSLT title for a developer once they have mastered the language and syntax fundamentals.

If you're looking to learn XSLT, you may want to choose a different title.  If you're looking to learn how to effectively utilize XSLT and XML on your web site, this is a very good option.

09/07/2004

Book Review - Linux Pocket Guide by Daniel J. Barrett

Category Book Reviews

I've always been more of a GUI-type user, and even the old DOS commands never did much for me.  But now that I'm moving into the world of Linux, I need to understand the power of the command line.  To that end, I got a review copy of the Linux Pocket Guide by Daniel J. Barrett (O'Reilly).  I have a feeling this will become a dog-eared favorite on my bookshelf.

Normally I'd list a chapter breakout, but there's just too many "chapters" here to do so.  Suffice it to say that if it's a shell command in Linux, it's in here somewhere.  The great thing is that you get the command and a list of the useful options, along with the syntax in less than half a page (and the book is small!).  So instead of hauling down the large volume and scrolling through multiple pages, you can get right to the command you need with the options you're probably looking for.  

For a beginner like me, it will help to make me more comfortable with many of the basics of command line work.  For experts, it will be the quick reference for that particular option that you can't remember the capitalization rules for...

Short, concise, easy to understand, and packed with meat...  What more could you want in a reference manual?  This is a keeper.

09/07/2004

IT Labor Boomerangs Back Home

Category Software Development

From eWeek:  IT Labor Boomerangs Back Home

So all isn't rosy in the world of IT outsourcing/offshoring...

For all its promise of cost savings, enterprises disillusioned and dissatisfied with offshoring IT labor are starting to bring that work home.

Language barriers, time zone differences and even unscheduled overtime are just some of the issues causing some U.S.-based enterprises increased frustration and pushing them to not just reconsider their offshoring policies but scrap them outright.

And...

Enterprise applications management software developer Enetfinity Technologies LLC is considering moving its financial application programming back to the United States for just such reasons. Kelvin Johnson, vice president of sales and marketing and a technical consultant at Enetfinity, is experiencing difficulties with an India-based development center.

"Our experience [has been] that a lot of people there are good at programming, but they aren't good at the business-logic part of application development," Johnson said. "You can give them a project to work on, and they'll do maybe a good 75 percent of what you want. But there's that 20 percent you'll end up pulling your hair out about that you'll have to redo or bring other people in from over here to finish or redo."

I guess that's always been my issue...  You can have pure programming done in many different places.  But what happens when cultural issues cause conflict in understanding the business logic?

09/07/2004

Microsoft Sees Open-Source Threat Looming Ever Larger...

Category Microsoft

From eWeek:  Microsoft Sees Open-Source Threat Looming Ever Larger

Microsoft Corp. is facing growing pressure from open-source software across every segment of its business—a competitive threat that could have significant consequences for its financial future going forward, the software maker said in its latest 10-K filing to the Securities and Exchange Commission this week.

"We continue to watch the evolution of open-source software development and distribution and continue to differentiate our products from competitive products, including those based on open-source software. We believe that Microsoft's share of server units grew modestly in fiscal 2004, while Linux distributions rose slightly faster on an absolute basis," the filing reads.

I'm going to guess that this type of disclosure is almost required now in a post-Enron, Sarbanes-Oxley world.  But I find it interesting that Microsoft continues to voice that they have nothing to fear from Linux, yet hedge their financial positions and reporting because of it.  While their margins are still currently hefty, this has an Enron-esque feel to it.  Margins get thinner, cost-cutting starts to become important, statements come from management saying "we couldn't be stronger"...  :-)

09/06/2004

Book Review - PDF Hacks by Sid Steward

Category Book Reviews

Normally when I read a Hacks book, I'm already familiar with the core technology and I'm looking for little tricks.  In this case, PDF Hacks by Sid Steward showed me far more about PDF technology than I knew existed.

Chapter List:  Consuming PDF, Managing a Collection; Authoring and Self-Publishing: Hacking Outside the PDF; Creating PDF and Other Editions; Manipulating PDF Files; Dynamic PDF; Scripting and Programming Acrobat; Index

I'm probably like many others when it comes to PDF files.  I read them with Adobe Reader, and that's about it.  I don't use Adobe Acrobat, so my main experience in creating PDF files is to print to PDF using the software from www.pdf995.com.  I didn't have a clue there was a much to PDF files as there is.  I learned how to speed up the processing of starting Adobe Reader by removing unnecessary plugins (Hack #4).  I learned how to use some open source software to manipulate PDF files nearly on par with running the full Acrobat program.  I found you can even program games using the PDF scripting language!  Very cool stuff...

As usual, O'Reilly has come up with another outstanding Hacks title.  This one is worth reading in order to enhance your PDF skills.

09/06/2004

Book Review - Open Source Licensing by Lawrence Rosen

Category Book Reviews

If you're looking to get an in-depth understanding of open source licensing and all the issues surrounding it, you should read Open Source Licensing by Lawrence Rosen (Prentice Hall).

Chapter list:  Freedom and Open Source; Intellectual Property; Distribution of Software; Taxonomy of Licenses; Academic Licenses; Reciprocity and the GPL; The Mozilla Public License (MPL); The Common Public License (CPL); The OSL and the AFL; Choosing an Open Source License; Shared Source, Eventual Source, and Other Licensing Models; Open Source Litigation; Open Standards; The Open Source Paradigm; Appendices; Index

On the positive side, this book will teach you more about licensing than you thought existed.  This book deals with all the legal issues that either have arisen or could become a problem as open source continues to make inroads against commercial software.  The analysis is detailed as only a lawyer can do it.  Another positive aspect of the book is that the author covers how different open source licenses mesh with each other.  You may be forced into choosing a certain type of license if you've incorporated software that already uses a license that you're expected to apply to your software.  All good stuff.

On the negative side, I don't think the book delivers on its promise to present "a plain-English guide to open source law for developers, managers, users, and lawyers".  I see this as a book by a lawyer for lawyers needing to understand software licensing and how open source licensing fits into that.  Companies that are building a business model around open source will need this material, but the typical developer and nearly all users will be bored to death as individual words are pulled out and dissected as for potential legal interpretations that could be applied.

I'm inclined to rank this a little higher than I'd like just because there's not a lot of material about this subject, and the author *does* cover it in great detail.  But if you think you're going to get an easy-to-digest explanation of open source licensing, you will probably be disappointed.

09/06/2004

Finding the Notes to .NET migration paper from Microsoft, and copyright issues...

Category e-Pro

As expected, I've received a few requests for the original Notes to .NET paper that Microsoft posted and then pulled.  And until this weekend, I was fully prepared to send out copies to whomever requested it.  But I was reviewing a book on open source licensing and contracts, and they dealt with the issue of "copyright".  The way I understand it, if a document is copyrighted, technically I am not allowed to distribute copies of that document.  And since I don't treat that article too kindly in my e-Pro article, I'm thinking that sending it out to others via email would not go over too well with a certain large software company that could legally squash me if so desired.

So...

If I've read this wrong or misunderstood it, please let me know.  If I think I'm legally OK to send you a copy, I'd love to do so.  Or, if you can find the article somewhere else on the 'net, go for it.  The actual document title in Word format is "Migration Of Lotus Notes/Domino Applications to the Microsoft .NET Environment", and the file name is "Migration of Lotus Notes-Domino Applications.doc".  I think Microsoft originally distributed it as a ZIP file, but I don't have that file any more, so I can't tell you what that file name is.

Or...  You might want to contact either the Microsoft Exchange Team or CASAHL and see if they will email you a copy.  Those two email addresses are exchdocs@microsoft.com and info@casahl.com.

Finally...  if someone knows where you can download the document from or if you have success in obtaining a copy, let me know and I'll inform everyone.

09/06/2004

I'm back!

Category Everything Else

I made it home last night (actually early this morning) around 1 am from Everett, where Ian and I were watching a pre-season WHL hockey exhibition wiht six different teams.  9 games in 3 days...  :-)  But a good time was had by all, and I'm glad to be back.  I was unable to find any convenient wi-fi hotspots in the areas we were in, so I actually went *THREE WHOLE DAYS* without email...  Sad, but that may be a personal record.

09/02/2004

Converting From Notes to .NET, According To Microsoft

Category e-Pro

I'm probably jumping the gun here (sorry, Libby!), but e-Pro has the September issue of the e-ProWire: Lotus Developer Tips newsletter posted online already.  Fellow blogger Christopher Byrne makes his debut appearance by asking if you're ready for the ACID test.  I do a follow-up on the migration observations from R5 to ND6.5.

And then there's this one:  Converting From Notes to .NET, According To Microsoft.  This article was prompted by Microsoft's "vanishing" paper (all 169 pages of it) on how "easy" it is to convert Notes applications to a .NET platform.  After a number of bloggers covered it and the outrageously introduction claiming Lotus had no plans after R6 (this was written in AUGUST 2004!), the paper disappeared from their website.  Too bad...  we already had copies.  :-)

Although you can't download it any more from their site, I have no doubt that it's still being used by Microsoft sales people.  And if your exec or senior staff read the intro and the first couple of chapters, they'll be left with the impression that getting rid of Lotus Notes is a great strategic and technical decision.  Rather than analyze the software, I did an analysis of the paper from a sales and marketing position, noting where assumptions were made and manipulated to obscure the facts.  I think this is an important article if your organization is being sold on migrating from Notes to .NET.  These are the arguments that are being made to your bosses, and this should give you some insight on how to level the playing field.  

I'd like to thank Libby and Penton for allowing me the freedom to publish this material and share it with a wide audience, and I definitely encourage your feedback.

09/02/2004

Be back on Monday...

Category Blogging

Ian and I are leaving at dark:30 tomorrow morning to drive up to Everett Washington to watch a Western Hockey League (WHL) pre-season tourney.  9 games in 3 days.  Other than the fact it will be fun to hang out for a weekend like that, it should also be interesting seeing this with Ian.  Because of his involvement with Mountain View Ice Arena, he knows a number of the Portland Winterhawk players as well as some of the kids that are playing for the other five teams that will be represented.  There will also be scouts, agents, and other people of that ilk there who he's aware of, so it will be a situation of the father learning from the son over the next few days.

I'll be back late Sunday night (early Monday morning?), but we have Labor Day off.  So you'll see me return sometime around them...

09/02/2004

Book Review - Joel On Software by Joel Spolsky

Category Book Reviews

Apress was kind enough to send me a review copy of Joel On Software by Joel Spolsky.  Spolsky is the creator of the website http://www.joelonsoftware.com, where he waxes eloquent on issues related to software and software development.  As the head of his own company, Fog Creek Software, he brings both a technical and a business perspective to many of his essays.

This is the latest in a trend of books based on a compilation of a person's blog writing.  In Joel On Software, a selection of important and insightful entries over the last four years are gathered and presented in a single volume.  In some ways, it's a selective "best of..." book that distills down the writings that the author feels are still worth examining.  This could be due to truths that haven't changed or to show how much things *have* changed since the original entry.  You could say why read the book, as you can get it all on the web site.  True, but you don't get the opportunity to have the writer add any clarification based on hindsight.

Joel will make you think about issues you've likely ignored, and he'll also teach you a few things in the process.  For instance, you may think you know everything about Unicode, but count on some new stuff in the essay "The Absolute Minimum Every Software Developer Absolutely, Positively Must Know About Unicode and Character Sets (No Excuses!)".  And if you want to understand the two methods of growing your business, read "Ben & Jerry's vs. Amazon".  Really good stuff to ponder...

This book will challenge, encourage, upset, and entertain you.  Spolsky knows his stuff, and he's got the war wounds to prove it.  This book is worth the price of admission...

09/02/2004

Book Review - Pyro by Earl Emerson

Category Book Reviews

I recently finished the book Pyro by Earl Emerson.  If I had written this review right after I finished the book, it would have been average at best.  But it's grown on me a bit over the last two days...

Lt. Paul Wollf is a firefighter in Seattle, and he can best be described as an excellent firefighter with anger and impulse management control issues.  His father was also a firefighter and died in a fire that was set by a serial arsonist.  The arsonist appears to be back after a 25 year absence, and Wollf is trying to figure out whether its the same guy who killed his father and now seems to want him dead.  After his father died when he was young, his mom went to pieces, living with a number of lowlifes.  One killed his mom, and his brother and him killed the killer.  Due to bad representation, his brother ended up serving time for that murder, and that led to his anger issues.  The two story lines blend together at the end when the arsonist and Wollf come face to face and he learns some truths he didn't realize.

The novel seems rather dark, and Wolff's fellow firefighters (especially his bosses) are all pretty dysfunctional.  Some of the leadership behavior is so bad, I kept thinking 1) why?, and 2) this wouldn't be allowed to continue.  As the book progresses, you start to understand some of the tension and interplay between Wollf and the bosses that causes all the conflict.  I guess I didn't think much of it to start as I was expecting more action.  But when I thought back on the characters and the interplay between them, I realized the book was a bit deeper than I originally gave it credit for.  

09/02/2004

More Longhorn Fallout, More Technologies Delayed...

Category Microsoft



From Microsoft Watch:  
More Longhorn Fallout, More Technologies Delayed

This is the biggest thing I fear about being tied to Microsoft for all your technology development.  One key piece of Microsoft vaporware gets delayed, and all of a sudden the entire vendor infrastructure being built up around that feature is on hold.  In this case, vendors who were playing along with Microsoft and building on the new Microsoft Business Framework are now out in the cold because MBF was tied to the WinFS file system that was dropped from Longhorn.  If you're a small vendor with few products, this can sink your company.

09/01/2004

Don't Expect Privacy On The Web...

Category Everything Else

From eWeek:  Don't Expect Privacy On The Web

This is an interesting (and scary) article on how lax controls over content on your web server can expose critical information to the world via Google.  By using some of the Google search syntax, it's extremely easy to search for credit card numbers within a given range, and pick up files that are truly keys to the kingdom.

Definitely worth a read to make sure you aren't putting yourself at risk.

09/01/2004

OK... I know this is spam, but I just found it too funny!

Category Humor

Dear  Sirs,

It's my great pleasure to contact you !

We learned  from Internet you are interested in  tents. We have been in this line of business for many years. We wish to establish friendly business relations with you and share the mutual benefits.

We are specialize in tents. We are offering them to our customers with the benefits of consistently high quality and performance and competitive prices.....

We are able to supply a wide variety of tents �C manufactured to the specifications and requirements of the customer. We would be interested in receiving more information about your enquiry so that we will be able to submit an offer that is suitable.

For example ,what is the height of the tent?

Are you interested in windows?

What type of frame?

Who will supply the metal parts �C

will you obtain them locally which will enable a much lower quotation from our side?

Do you have a drawing of your requirement?

What quantities do you wish to buy?

We would appreciate receiving your answers to these questions which will enable us to submit our offer.

Feel free to view our website:

www.qycamping.com

If you don't want to receive the mail again, pls let us know we will take you off from our maillist!

Thanks

We hope information will help you .

Awaiting your favorable responds

Richard Zheng
Qyield (Xiamen) Camping Products Co., Ltd

09/01/2004

OK... time to review the August google hit logs...

Category Blogging

... and delete them before Chris gets back and can retaliate for what I did on his blog!

Let's see what we got here...

model Tom Nichols - I'm *still* having nightmares about Biscuit Man walking down the runway...
connectria layoff - Perhaps Chris just *told* us he was taking a week off...
brill toilet seat - Yes, I had to google this one myself to find out about it.
easily distracted by bright shiny objects - OK...  I set myself for that one.
warez <fill in the blank> - I finally put "warez" on my referrer blocking list as I was starting to see too much along those lines.
wifeswap pictures - Dang!  Someone discovered that secret URL...  :-)
Lotus scream cam - I'm *still* no closer to figuring this one out yet.
italian mafia email contacts 2004 - Fuggettaboutit!
prozac for dysthymia - worked for me!
tom duff duffbert insidedomino - yeah, I show up a few times over there.  :-)

And that pretty much wraps up any of the interesting or unusual stuff...  and now I'll delete them all!  

Want to support this blog or just say thanks?

When you shop Amazon, start your shopping experience here.

When you do that, all your purchases during that session earn me an affiliate commission via the Amazon Affiliate program. You don't have to buy the book I linked you to (although I wouldn't complain!). Simply use that as your starting point.

Thanks!

Thomas "Duffbert" Duff

Ads of Relevance...

Monthly Archives