About Duffbert...

Duffbert's Random Musings is a blog where I talk about whatever happens to be running through my head at any given moment... I'm Thomas Duff, and you can find out more about me here...

Email Me!

Search This Site!

Custom Search

I'm published!

Co-author of the book IBM Lotus Sametime 8 Essentials: A User's Guide
SametimeBookCoverImage.jpg

Purchase on Amazon

Co-author of the book IBM Sametime 8.5.2 Administration Guide
SametimeAdminBookCoverImage.jpg

Purchase on Amazon

MiscLinks

Visitor Count...



View My Stats

02/27/2005

Book Review - He's Just Not That Into You by Greg Behrendt and Liz Tuccillo

Category Book Reviews

OK...  Before anyone asks, I'm not taking lessons on anything nor was there a reason I needed to read this book.  I just heard it was quite funny and well-written, so I decided to check it out...  He's Just Not That Into You by Greg Behrendt and Liz Tuccillo.  It didn't disappoint...

Behrendt and Tuccillo were both involved in the writing duties for Sex In The City.  During one of the chat sessions in the writers room, the women were trying to figure out if a guy was sending signals to one of the girls as to whether he still liked her.  Greg just came out and told them...  "He's just not that into you!"  It was a real revelation to all of them, and it led to the writing of this book.  It's a series of letters and lessons that should help a woman understand when a guy isn't into them and the relationship any more, but can't bring himself to tell her that in so many words.  The book is probably more harsh than women want to hear (we're scum, OK?), but if they pay attention they can minimize their pain and move on to better opportunities.  The male/female perspective and interplay between the two authors is fantastic, and even if you aren't in this particular situation, the writing is funny.  I laughed a lot while reading it, but I also understood that Greg pretty well has the male species nailed down.  If we're into you, you'll know if.  If you have to guess and wonder, we're probably not (or we don't deserve you in the first place).  Of course, there are nice guys who get stuck with nasty women also, and that's not explored here.  But I'm guessing that the scenarios in the book happen more frequently than the opposite ones.

If you're in a "is he interested in me" quandary, read the book.  If you're not but you want an entertaining read, still read the book.  Either way it will be beneficial.

02/27/2005

So far so good on the new box...

Category Everything Else

I got both ND 6.5.3 and ND 7.0 Beta 3 loaded this morning, and they both seem to interact OK.  I took this opportunity to move over all my blog stuff to the ND 7 client, so we'll see how that goes.  I just have to load DB2 on the ND7 server, and I'll be set.  I don't think I did it right before, but it wouldn't have mattered as it was slow as molasses with just the server.  

I'm really liking this new box...  It's really fast, and it's sorta cool to have Winamp playing some internet radio station that's shaking your desk because you have the volume turned up high.  I may actually get into music again at this rate!

02/26/2005

Advice? Dual-booting XP and Linux Fedora Core 3...

Category Linux

One of my "tasks" on the new box was to set it up to dual boot between XP and Linux.  I was figuring on partitioning off around 75 GB for the Linux install, and was just about ready to start the four CD install when I did a little reading in one of my Linux books.  Apparently there were a TON of issues with Fedora Core 2 and XP dual boot.  I'm not seeing the same type of stuff for FC3, but I'm starting to get a little gun-shy.

Does anyone have any experience in getting FC3 up in a dual boot scenario with XP?  I've got the CDs for repair and rescue that came with the new machine, but I'd prefer not have to use them, as I'm almost to the point where the machine is set up the way I like it...

02/26/2005

What a day... jackhammers and new computers...

Category Everything Else

Well, it was a pretty productive day.  I was finally able to remove an old basketball post from the front of our house that had been a fixture from the prior residents.  I started out last weekend with a 12 pound sledgehammer, which started to look adequate for the job.  But all that did was crack the first layer that was about three inches thick.  The rest went down about two feet (on a 3' x 3' pad), and it wasn't breaking for nothing.  I finally rented a jackhammer today, and after about an hour I was able to break it out.  I'm convinced I'm not cut out for construction, that's for sure...

Then the fun stuff began.  I bought a new computer from Fry's today.  3.2 Ghz Pentium whatever, 250 GB drive, 2 GB of RAM, and a bunch of cool speaker and multimedia stuff that Cam ended up assisting me with.  I now have surround sound 5.1 speakers and all sorts of stuff that rocks the basement.  I was more concerned about the drive space along with the memory, as my laptop is over three years old and just wasn't pulling the load any more...

02/25/2005

Book Review - Linux Timesaving Techniques For Dummies by Susan and Korry Douglas

Category Book Reviews

Even though it's a bit beyond where I am right now with Linux, I was impressed with Susan Douglas and Korry Douglas's book Linux Timesaving Techniques For Dummies (Wiley).  There are a lot of gems found in these pages...

Chapter List: Making The Desktop Work for You; Getting the Most from Your File System; Good Housekeeping with Linux; Tweaking the Kernal on Your Linux System; Securing Your Workspace; Networking Like a Professional; Monitoring Your System; Serving Up the Internet and More; Backing Up Means Never Having to Say You're Sorry; Programming Tricks; The Scary (Or Fun!) Stuff; Index

In many ways, this reminds me of a Hacks-style book.  There are 62 techniques outlined here that you can use to make sure your system is running at peak efficiency or to save you time during normal administration chores.  It's targeted for Fedora Core 2, SuSe, and Mandrake, so if you're running one of those distributions, you should be able to benefit from the information.  So what are some of the techniques?  #44 helps you get a MySQL server up and running quickly.  #24 helps you learn how to customize your Linux kernel if you're really into that sort of thing.  #22, Spring Cleaning Essentials, is also very beneficial both from an efficiency standpoint (fewer active processes) and a security standpoint (fewer potential paths into your system).  All the tips are like this...  very practical, and well documented.

And if you've had the impression that Dummies titles are majorly dumbed down, this volume will squelch that opinion.  There's nothing in this book that pertains to "dummies".  I consider this a good read for someone who has a few months of active Linux experience under their belt, and they want to start exploring a few topics that start to wander from just the basic commands.  I'll be keeping this one with the rest of my Linux titles, and hopefully about six months from now I'll realize the full benefit from it.

02/25/2005

Microsoft admits targeting Wine users...

Category Microsoft

From ZDNet:  Microsoft admits targeting Wine users

The software giant has admitted specifically excluding users of the popular Windows compatibility toolkit with its update tool.

Microsoft prioritised making its anti-piracy tool prevent users of Wine, an open source toolkit that allows users to run Windows applications under Linux, from downloading Windows updates, the software giant said on Friday.

A Microsoft spokesperson told ZDNet UK it made sure the validation tool used by its Windows Genuine Advantage (WGA) programme identified Wine users, so that only users are running a genuine version of Windows could download updates and add-on tools.

"As the most popular third-party translation technology in use, Wine was the first emulator to be specifically tested for via WGA," said the spokesperson. "Microsoft does not knowingly provide copyrighted Microsoft Windows OS files to users of third-party emulators or cross-platform API translation technologies such as Wine."

It's like they're trying as hard as possible to alienate anyone using any other platform.  And this from the company who wants to play well with others.

And I love this second piece at the bottom...

Microsoft's public acknowledgement of Wine suggests a shift in corporate policy. Earlier this week Jeremy White, chief executive at CodeWeavers, which sells products based on Wine, said that Microsoft has until now had "a clear corporate policy to not talk about Wine".

For this reason, White said he was excited rather than worried to hear that the WGA validation tool was blocking Wine. "The reason we love this is because this shows that Microsoft is aware of Wine at very high levels," said White. "For us it's exciting -- it is an acknowledgement of us as a threat."

While I understand his statement on an emotional level, I don't think it's too wise on a rational one.  I'm sorta kinda thinking that having a software giant worth more than $55 billion perceive you as a threat is not the best way to ensure your longevity if you probably don't have revenues that top the double-digit million dollar range.  :-)

02/25/2005

Addictive little game...

Category Humor


http://www.wagenschenke.ch/

I want to know how far
Wild Bill gets on it.  :-) The best I could do is 62 meters (or should that be metres?)

02/25/2005

All is right in the world... Mayflower Software/InsideDomino/DominoFiles is back and better than ever! :-)

Category Everything Else

You know, I was a bit disappointed after Lotusphere this year.  The prior two years, InsideDomino awarded SpamSentinel from Mayflower Software the "Best In Lotusphere" award.  Nice, except that the editor-in-chief of InsideDomino was/is also the president of...  yes, you guessed it, Mayflower Software.  After being raked over the coals on my blog over that, they took things to new heights by stealing content for the InsideDomino ezine and starting a spamming service with Domino Files.  This year, no awards for SpamSentinel.  Perhaps they've learned their lesson and are turning over a new leaf as a responsible software vendor and member of the Domino community?

I'm happy to report, that's not the case! :-)

If you'd like to keep up with the latest from the company that gives marketing a bad name, let me point you to...

Bruce Elgort - on how to tweak Google AdSense to keep their ads off your site.  You'll also find links to a number of the other misdeeds over time.

Chris Toohey - on trying to get off the spammer's (aka DominoFiles) list...  here, here, and here...

and finally, we have today's installment from Brian Benz...  behavior that all good spammers use to avoid filters.

The spam blasting just blows me away.  They are running a spamming service, no question.  And don't tell me it's opt-in, as Chris has tried to get removed multiple times with no success.  And whether you buy the tie between the companies, it's still disturbing that the head of Mayflower Software is using a spamming service (which I contend they own and run) to advertise their spam prevention software.

Here's a free business idea for them...  Buy or license some highly-respected anti-virus technology or engine.  Wrap it up in a thin veneer of your own branding.  List complementary reviews of that engine as endorsements for your specific package.  Make sure every other content piece in InsideDomino and DominoFiles is about virus prevention that points back to your own product.  Award yourself a few Editor Choice awards for best Domino virus prevention solution on the market.  Then open up some offshore subsidiary (hide it well, we're good at tracking ties) to create viruses targeted for Domino that your solution can detect...

No need to thank me...  you inspired it.

02/24/2005

Book Review - Holub On Patterns by Allen Holub

Category Book Reviews

Trying to get past the abstract into practicality when it comes to design pattern books is hard.  Allen Holub's Holub On Patterns (Apress) takes a slightly different approach that seems to work well.

Chapter list:  Preliminaries: OO and Design Patterns 101; Programming with Interfaces, and a Few Creational Patterns; The Game of Life; Implementing Embedded SQL; A Design-Pattern Quick Reference; Index

Don't let the short chapter list fool you.  The book runs 414 pages, and it's packed with material.  

Rather than take the traditional approach of listing patterns and then making up a variety of examples to illustrate each one, Holub reverses the process.  He takes two project implementations (Life and an embedded SQL interpreter), builds them out, and shows how patterns permeate each project.  Using that approach, you are able to see a real-world implementation, complete with warts and trade-offs.  You are also able to see how the lines between patterns can be somewhat blurry at times.  At the end, you have a nice recap of each pattern related back to the part of the project that implemented it.  From a readability standpoint, the book also shines.  The conversational nature of his writing means that you aren't feeling as if you're poking yourself in the eye repeatedly.  It's actually enjoyable...

Couple this book with the traditional Gang Of Four book, and you cover the range from traditional theory to hands-on implementation.  Good stuff here...

02/24/2005

Whither The Wall Street Journal?

Category Everything Else

A *very* interesting journalism article from Wired:  Whither The Wall Street Journal?

Basically, a print journal with no easily accessed online service becomes irrelevant in today's world.

(I)t might be hard to believe that The Wall Street Journal is in danger of becoming irrelevant, but it is.

(T)he Journal faces an intractable problem. Because you have to subscribe to access both current news articles and the archive, the Journal is leaving only a faint footprint in cyberspace. As with The New York Times, which insists that readers register to view news and pay $3 per article in the archive, the Journal barely shows up on Google or any other search engine. I googled "Enron" -- an issue the Journal covered exhaustively, and which two of its reporters even wrote a book about -- and not one article appeared within the first 25 pages (250 results.)

Then I rigged the test by plugging in "Wall Street Journal" and "Enron" and still struck out (although I did pull up a couple of Journal stories specially edited for high school classes.) If you can input the name of your publication into a search engine and not come up with any stories, you must be digitally tone-deaf.

And in the rare event a Wall Street Journal article does pop up and you click on the link, you will likely encounter a message that informs you, "The page you requested is available only to subscribers." To access the article would cost you $79 a year, or $7 a month ($39 a year if you also subscribe to the print edition).

Since most people refuse to pay for WSJ stories, most bloggers are reluctant to link to them. It also has an impact on anyone who uses the web for research -- and there are a lot of us. As importantly, the next generation of readers is growing up by accessing news over the internet, and one place they are not surfing to is WSJ.com. With their habits being formed now, there is little chance the Journal will become part of their lives, either now or in the future.

Wow...  blogging and online media has really changed the way journalism is practiced, and this is just another example...

02/24/2005

Has Microsoft killed off its secure computing architecture?

Category Book Reviews

From TechWorld.com:  Has Microsoft killed off its secure computing architecture?

Microsoft's silence on its Next-Generation Secure Computing Base (NGSCB) architecture has some industry insiders wondering if the technology has been substantially delayed, or even axed.

Microsoft unveiled NGSCB, formerly known as Palladium, in 2002. The technology, Microsoft has said, uses a combination of software and hardware that boosts PC security by providing the ability to isolate software so it can be protected against malicious code. NGSCB requires changes to a PC's processor, chipset and graphics card, for which Microsoft has said that it enlisted the help of hardware makers including Intel and AMD.

Critics have argued that NGSCB will curtail users' ability to control their own PCs and could erode fair-use rights for digital music and movie files.

Last May, at its Windows Hardware Engineering Conference (WinHEC) in Seattle, Microsoft said it was retooling NGSCB so some of the benefits would be available without the need to recode applications. The vendor promised an update on NGSCB by the end of 2004. It did not release one and has remained silent since that time.

Meanwhile, Microsoft has shut down an NGSCB discussion group on its website. The NGSCB product page is now empty and previously posted details have been mothballed into an archive page. Several notes on the NGSCB site say: "NGSCB architecture is evolving."

Bill Gates, speaking at the RSA Conference last week, highlighted many of Microsoft's security efforts but did not mention NGSCB. Asked about the technology, a Microsoft spokesman at the event said that although the company had promised an update, it does not have one. "We do not have an update on NGSCB to share at this time. Microsoft continues to actively work through many of the technical details and we expect to be able to provide more details in the near future," the spokesman said.

The silence on NGSCB raises significant questions about the future of the technology, which Microsoft once loudly promoted, said Michael Cherry, a lead analyst at Directions on Microsoft. "Unless they do something soon, I think NGSCB is dead," Cherry said.

This is one of the habits that drives me up the wall when it comes to Microsoft (and why I don't trust them).  A hot subject comes up, and Microsoft makes a big splash announcement about how they are moving into that area.  Everyone dithers over how that changes the computing environment.  CEO/CIO types are given briefings about how this will affect their business.  And then when things die down and attention is diverted elsewhere, the big fanfare is forgotten, the hype is diverted, the technology isn't moving as quickly as originally promised, and things get quietly swept under the rug.  The front-line IT folks are left wondering what they are supposed to do and how they are supposed to implement a technology mandated by their management that isn't materializing, and management is content to think that the vendor is a forward-thinking visionary because they spent a weekend being wined, dined, and shown smoke and mirrors...

IBM's not innocent here either, but they also aren't in the market to try and take over every aspect of computing from home to office.  And they definitely aren't in the habit of making huge software initiative announcements based on vaporware that never materializes...

02/23/2005

Book Review - Mastering Regular Expressions by Jeffrey E. F. Friedl

Category Book Reviews

Plain and simple, this is the definitive work on regular expressions...  Mastering Regular Expressions (2nd Edition) by Jeffrey E. F. Friedl (O'Reilly).

Chapter List:  Introduction to Regular Expressions; Extended Introductory Examples; Overview of Regular Expression Features and Flavors; The Mechanics of Expression Processing; Practical Regex Techniques; Crafting an Efficient Expression; Perl; Java; .NET; Index

I've always been a bit reluctant, hesitant, perhaps even fearful to work with regular expressions.  I mean, when you're presented with the following:

s!<emphasis>([0-9+(\.[0-9]+){3})</emphasis>!<inet>$1</inet>!

who wouldn't start to fear for their sanity?

I recently started to explore the subject a bit in the Notes/Domino arena, and I quickly realized I needed more information than I had.  This book fills in all the gaps and then some.  It's one of those rare books that starts at an introductory level, simple enough (given the subject matter) that beginners can start to grasp the concepts.  If you're past the beginning stages, you can head into the chapters on how to write efficient expressions, as well as how arcane commands interact with each other.  If you're not there yet, just keep the book around for reference when you do arrive.  To finish the book off, there are chapters on specific implementations of regular expressions in certain languages.  This ties the whole package together...  introduction through advanced techniques, finished by focused information specific to a particular area of use.  You can't ask for much more.  It's also nice that the 2nd edition came out after Java had implemented the regex package in 1.4, so you get the latest information.  

If you have a copy of this book, make sure your name is in it.  This is not one of those titles you want to have turn up missing at the exact moment you need to figure out a nice single line statement to correct a 100 MB text file...  Highly recommended.

02/23/2005

Book Review - On Demand Computing - Technologies and Strategies by Craig Fellenstein

Category Book Reviews

Being that I specialize in IBM software as part of my IT job, I figured that reviewing On Demand Computing - Technologies and Strategies by Craig Fellenstein (IBM Press) was a good choice.  After finishing my read, I'm somewhat torn on how to rate it...

Chapter List:  
Part 1 - On Demand Business: Introduction to IBM On Demand Business; The On Demand Operating Environment
Part 2 - Autonomic and Grid Computing: Autonomic Computing Strategy Perspectives; Grid Computing; The Future of Grid Computing; Grid Computing Strategy Perspectives
Part 3 - Service Providers and Customer Profiles: The On Demand Business Service Provider Ecosystem; Industry Matters and Customer Profiles; Conclusions
Appendix A - IBM On Demand Developers Conference; Glossary; Reference Materials; Acknowledgments; Index

First, the positives...  IBM has committed to building autonomic systems; systems that monitor, adapt, and heal themselves.  Outside of this book, I don't think there are any other sources that cover the subject as much as this one does.  The material on grid computing is very well done.  Not only is there the technical foundation for how it works, but there's a fair amount of detail as to how it is implemented.  People charged with investigating and building these types of systems would be able to gain a great deal of understanding.  The material on case studies is rather interesting too.  There are a number of short pieces on companies who have changed their business processes by building/buying IBM systems that are classified as "on demand".

Now the flip side...  I had a real tough time wading through parts of this book.  It could be that I tend to be more practical and hands-on.  The material on autonomic computing seemed to be a lot of very high-level concepts repeated over and over.  I kept thinking "didn't I just read that a couple of pages ago?"  Either the details weren't there, or I was glazed over and missed them.  I felt as if I was hearing concepts with no solid factual examples of how "on demand" is implemented.  Even the case studies at the end could, in some cases, be seen as business process reengineering and not necessarily anything radically different than other businesses that have undergone major IT initiatives.  It just so happens that they used IBM systems, hardware, and resources, and I felt as if some of the cases were labelled "on demand" on that basis alone.

I'll give this the benefit of the doubt and assume that some of the problems might have been me.  If you want to know more about On Demand or grid computing, this is definitely the book to read.  I'll just warn you that some parts seem to be more idea-based than reality-based...

02/23/2005

Book Review - Slamming Spam - A Guide For System Administrators by Robert Haskins and Dale Nielsen

Category Book Reviews

Another book to add to your spam prevention arsenal...  Slamming Spam - A Guide For System Administrators by Robert Haskins and Dale Nielsen (Addison-Wesley).

Chapter List:  Introduction; Procmail; SpamAssassin; Native MTA Anti-Spam Features; SMTP AUTH and STARTTLS; Distributed Checksum Filtering; Introduction to Bayesian Filtering; Bayesian Filtering; Email Client Filtering; Microsoft Exchange; Lotus Domino and Lotus Notes; Sender Verification; Sender Policy Framework; Reporting Spam; Default SpamAssassin Ruleset; SpamAssassin Command Line Interface Reference; SpamAssassin Configuration File; DSPAM; References; Index

I'll say right up front that this book gets bonus points for covering Notes/Domino, as most books ignore the fact that it is the leading corporate messaging system.  :-)  The book doesn't focus much on theoretical discussions of spam, what it is, and why it's bad.  It just digs into hands-on scenarios using various spam-prevention options on different system platforms.  They cover platforms such as Sendmail, Postfix, qmail, Microsoft Exchange, and Notes/Domino, so somewhere in that list you should find your mail system.  Being the book is more practical in nature, it should probably be coupled with another title that's more general in nature so that you gain a complete understanding of the subject coupled with how spammers work.  But for someone who's already covered those basics and is now ready for implementation, this is a good addition to the bookshelf.

02/22/2005

Book Review - IBM WebSphere Application Server for Distributed Platforms and z/OS

Category Book Reviews

If you're an administrator for an IBM WebSphere Application Server (WAS), you're always looking for sources of information.  If you're running WAS 5.0 or 5.1, get a copy of IBM WebSphere Application Server for Distributed Platforms and z/OS (IBM Press).  It's definitely full of information you'll need for installation, configuration, and administration...

Chapter List:
Part 1 - WebSphere Environment Overview: Introduction; Compare and Contrast: WebSphere on z/OS and the Distributed Platforms; WebSphere Architecture and Design; WebSphere Topology: Distributed and z/OS; WebSphere Installation - Distributed; WebSphere Installation - z/OS; Getting Started with WebSphere - An Overview
Part 2 - WebSphere Configuration: Configuring WebSphere Application Server; The WebSphere Naming Service; The Web Server Plug-in; The Java Message Service; Web Services - An Overview; WebSphere Security on the Distributed Platform; WebSphere Security on the z/OS Platform
Part 3 - Assembling and Deploying Applications in WebSphere: Assembling Applications in WebSphere; Securing Applications in WebSphere; Deploying Applications in WebSphere
Part 4 - WebSphere Management: Workload Management Overview: Distributed; Workload Management Overview: z/OS; Automated WebSphere Administration
Part 5 - WebSphere Performance: Monitoring WebSphere Performance; WebSphere Performance Tuning; WebSphere Performance Tuning - z/OS
Part 6 - Troubleshooting WebSphere: WebSphere Problem Determination Tools - Logging and Tracing; Problem Prevention and Determination Methodology; WebSphere Problem Determination and Troubleshooting for z/OS
Part 7 - Appendices: Trade3 Application; WebSphere Tooling Reference; WebSphere Plug-in Definition; WebSphere Message Component IDs; Custom Strategy Bindings File DTD; Common z/OS Terms; Comparison of Common Tasks on z/OS versus Distributed; z/Linux Considerations; Automated WebSphere Administration Examples
Bibliography; Index

Coming in at nearly 1000 pages, you can see it is a pretty comprehensive guide on getting WAS up and running on both distributed network platforms as well as mainframe z/OS systems.  While I don't think that you'd find one shop running WAS on both platforms (although I could be wrong), I still found the comparison between both systems interesting.  There is definitely a different mindset between the two, and the comparisons will help you understand the side you don't work with.  I was impressed with the level of detail included also.  If you were sitting down with the WAS CDs and this book, you'd stand a very good chance of getting the system up and running, as well as having some troubleshooting material to help you out over the hard parts.  The only down side of this book is that WAS 6 has already been released, so it could be that the book is living on borrowed time.  New shops will probably go straight to 6, while shops already running WAS on 5 may be stable, in which case this book becomes more of a reference manual than an aid to installation.

People running WAS on distributed platforms have a number of books and IBM redbooks to choose from.  The options for z/OS platforms seem to be much more limited in terms of documentation and material, so I think this book would be far more valuable to those people than to the distributed networking side.  Not to say it's not good for distributed information, but I acknowledge they have more options to choose from.  

If WAS is part of your professional existence, this would be a good book to have on your shelf.

02/22/2005

You know that *really* big pile of books to review I used to have?

Category Book Reviews

Here's the current stack...

A picture named M2

There are three other books floating around the house, in backpacks, etc.  But I'm almost caught up...  Just in time for another series of books to show up.  :-)  With the exception of Small Websites and The Art Of Computer Virus Research and Defense, I don't think I've had a book shipment show up for nearly two weeks.  The UPS and DHL guys probably think I died...

02/22/2005

Another milestone in my Amazon review "career"...

Category Book Reviews

The ranking barrier of 300 has now fallen...

A picture named M2

02/21/2005

Book Review - Linux Bible (2005 Edition) by Christopher Negus

Category Book Reviews

It seems like a lot of the Linux books out there right now pick a single distribution and teach you that one.  Wiley's Linux Bible (2005 Edition) by Christopher Negus takes a different approach that may be valuable to you.

Chapter List:
Part 1 - Linux First Steps: Starting With Linux; Running Commands from the Shell; Getting into the Desktop
Part 2 - Running The Show: Learning Basic Administration; Getting on the Internet; Securing Linux
Part 3 - Choosing and Installing a Linux Distribution: Installing Linux; Running Fedora Core and Red Hat Enterprise Linux; Running Debian GNU/Linux; Running SUSE Linux; Running KNOPPIX; Running Yellow Dog Linux; Running Gentoo Linux; Running Slackware Linux; Running Linspire; Running Mandrakelinux; Running a Linux Firewall/Router; Running Bootable Linux Distribution
Part 4 - Running Applications: Paying Music and Video; Working with Words and Images; E-Mailing and Web Browsing; Gaming Alone and Online
Part 5 - Running Servers: Running a Linux, Apache, MySQL, and PHP (LAMP) Server; Running a Mail Server; Running a Print Server; Running a File Server
Part 6 - Programming in Linux: Programming Environments and Interfaces; Programming Tools and Utilities
Appendix A: Media; Appendix B: Entering the Linux Community; Index

The main difference I see in this book is the lack of focus on a particular distribution.  The different chapters (with the exception of Part 3) are all designed to teach you the basics of Linux apart from any flavor.  This allows you to learn core skills that can transfer between whatever distribution you might be using at any given time.  Part 3 gives a short coverage of each major distribution available on the market.  If you're wondering about the pros and cons of each, this section of the book will help you decide where you want to start your specific distribution-specific learning.

Like all Bible titles, this is pretty big (800+ pages).  While there's a lot of useful information, I don't know that I'd recommend this to be your *only* Linux book.  200+ pages deal with the distribution information, which leaves considerably less room for core Linux information.  The other chapters cover the gamut of Linux software (server, desktop, productivity, internet, games, etc.), so there's not a lot in in-depth coverage on any one particular area.  I'd probably position this as a very good entry level book to teach the reader about Linux and help them decide what distribution to pick.  From there, I'd pick a book specific to my distribution of choice and continue my learning.  

If your the right audience and in the right situation, this book will work well for you...

02/20/2005

Book Review - Windows XP Bible (2nd Edition) by Alan Simpson

Category Book Reviews

I've been an XP holdout for awhile now.  My personal machines are all using W2K, and I'm perfectly happy with it.  But I'll be buying a new desktop unit pretty soon, and at least part of the box will be running XP.  I'll need a good reference book, and so I decided to review Windows XP Bible (2nd Edition) by Alan Simpson.  While I know a lot of what's in there, there is some value for me.

Section List:  Getting Started; Customizing Windows XP; Managing Files and Folders; Printing and Faxing; Securing Your System; Power Using the Internet; Using and Creating Digital Media; Installing and Removing Programs; Installing, Using, and Troubleshooting Hardware; Performance and Maintenance Issues; Home and Small-Business Networking; Appendixes; Index

Normally I'd list each of the chapters, but there's 64 of them.  It'd take too long, and Amazon probably would reject the review for being over the word limit...  :-)

The author calls this an intermediate/advanced book, as he assumes some basic computing skills before you get into the book.  I'm thinking that a fair amount of the material is still beginner level stuff if you've worked with Windows at all in your life.  That's not to say you can't learn some new tricks along the way, but explanations of files and folders is pretty basic.  Having said that, the book doesn't stay at that level.  The chapters on networking, digital media, and firewalls will get some attention from me when I get my new machine.  Likewise, I'll also be closely reading the parts on system restore, performance tuning, and driver/device management.  There are features in XP in those areas that I'm not up to speed on...

Simpson covers a lot of ground in this book.  There's something in here for nearly everyone but the long-time XP user or the hard-core Microsoft techie.  This is one of those books that will used for a lot of first-line research.  The answer will probably often be found in these pages.  If not, you can always resort to Google.  :-)  Good stuff, and worth owning.

02/20/2005

Book Review - The Curious Incident Of The Dog In The Night-Time by Mark Haddon

Category Book Reviews

I had heard a lot of good things about the book The Curious Incident Of The Dog In The Night-Time by Mark Haddon.  After waiting for some time for it to come in at the library, I finally got the chance to read it.  It's definitely different and will make you adjust your reality...

Christopher Boone is an autistic child who lives with his father in a small town in England.  When the neighbor's dog is found killed, Boone decides that he should do some investigating to figure out who might have done the killing.  But during his investigation, he finds out some facts about his mother and her relationship with his father that force him to re-evaluate what he feels and how he relates to the most familiar people in his life.

This book is unique in many ways.  The story is written in first person form by the main character, Christopher Boone.  Since he's autistic and unable to understand human emotions, you are forced to see normal human transactions from a point of view that is outside of your normal experience.  Add in obsessive/compulsive behavior, and you start to understand how hard it would be to live with someone in this situation.  Reviews from people who have close experiences with that condition say that the writing is very realistic for what they experience on a daily basis.  It's also easy to see how raising an autistic child could put a major strain on a marriage.  I wouldn't want to have to manage that...

Very good book...  Funny, sad, thought-provoking...  Highly recommended...

02/20/2005

Book Review - Red Hat Fedora Linux 3 For Dummies

Category Book Reviews

If you're looking for a good entry level text to get started with the Fedora distribution of Linux (and one in which you can have fun reading it), try out Red Hat Fedora Linux 3 For Dummies by Jon 'maddog' Hall and Paul G. Sery (Wiley).

Chapter List:  
Part 1 - Installing Fedora Core: And In The Opposite Corner... A Penguin?; Paving The Way For Fedora Core; Ready, Set, Install!; Getting To Know Fedora Core
Part 2 - Got Net?: Dull Dial-Up Modems Still Get The Job Done; Broadband Rocks!; Connect Locally, Communicate Globally: Connecting To A LAN; Only You Can Prevent Bad Firewalls
Part 3 - Linux, Huh! What Is It Good For? Absolutely Everything!: Gnowing GNOME; Gnowing More Applications; Surfin' The Net And Using E-Mail; Using Audio And Video Applications; Going To The OpenOffice; The Days Of Wine And Windows Applications
Part 4 - Revenge Of The Nerds: Building Your Own Private Network; Creating Basic Linux Network Services; Securing Your Future; Bringing In The Fedora Core Repairman; Building A Streaming Audio Server
Part 5 - The Part Of Tens: Ten Problem Areas And Solutions; Ten Security Vulnerabilities And Their Fixes
Part 6 - Appendixes: Fedora Core Administration Utilities; Discovering Your Hardware's True Identity; Filing Your Life Away; Becoming A Suit: Managing The Linux File System; Revving Up With RPM And YUM; About The DVD
Index

It used to be a book on Linux covered how to set up a Linux server and how to run a command line interface to do all sorts of strange things.  Now the Linux desktop is becoming a viable option both personally and commercially, so books like this need to cover both.  While you can find separate titles that cover just the desktop or just the server more completely, this For Dummies title will do a good job in giving you an overview of both.  Since the book includes a DVD with the entire Core 3 distribution, you can immediately get started on your Linux adventure.  And like all Dummies titles, there's a lot of humor and informal writing going on, so it's not like you're wading through a technical manual or something...

Probably not a book you'd give to Gramma to get her off of Windows, but a decent choice for an IT person looking to expand their horizons...

02/19/2005

Microsoft vs. Wine: Deja Vu on the FUD Front

Category Linux

From eWeek:  Microsoft vs. Wine: Deja Vu on the FUD Front

Opinion: For years, Wine's programmers have been working on making Windows applications run on Linux and other Unix platforms. Now, Microsoft set to use its Genuine Advantage program to make it look like Wine is busted. Will Redmond get away with this familiar FUD attack?

Who does Microsoft think it's kidding?

Microsoft's forthcoming Windows Genuine Advantage (WGA) program breaks Wine, an open-source implementation of the Windows API (applications program interface) that runs on x86 Linux and Unix OSes like Solaris and FreeBSD. In layman's terms, it means you can use Wine to run some Windows applications on Unix, rather than on a Windows machine.

Well, you can run and update them for now, anyway.

Microsoft has set WGA so that if it detects that a user is running a Microsoft application on Wine, they'll be blocked from updating their applications from Microsoft's download site. And as recently announced, WGA, toward the end of the year, will become mandatory for anyone wanting to upgrade copies of Windows or Microsoft applications.

Let me spell that out for you: You can have a legal copy of Microsoft Office, and because you choose to run it on a Linux box using Wine, you won't be able to update it.

You can load critical security patches, but that's it. Improvements? Additions? Forget about it. If you're not running Windows XP or 2000, you're out of luck.

<snip>

Some folks in the industry still remember that way back in the late 1980s and early 1990s, Microsoft tried to make it look like the DR-DOS operating system couldn't work.

To quote Brad Silverberg, a former Microsoft senior vice president, from a 1992 e-mail memo released to the public during the Caldera vs. Microsoft antitrust fight: "What the [user] is supposed to do is feel uncomfortable, and when he has bugs, suspect that the problem is DR-DOS and then go out to buy MS-DOS."

Yes, some of us from way back then are still around and writing about this business. And, we were also around when Microsoft finally paid Caldera a fistful of millions of dollars to settle the suit that developed from Microsoft's attempts to crush DR-DOS.

Do you see any resemblance between what Microsoft did then and what it's doing now? I do.

Boy, doesn't this do wonders for Bill's recent assertion that Microsoft is committed to integration, and that Linux is the problem in making this happen?

02/17/2005

Book Review - Google Hacks 2nd Edition by Tara Calishain and Rael Dornfest

Category Book Reviews

It seems like nary a month goes by that I don't learn something new about Google that hooks me ever more deeply into the site.  After reading Google Hacks (2nd Edition) by Tara Calishain and Rael Dornfest (O'Reilly), I have enough "hooks" for the next year...

Chapter list:  Web; Advanced Web; Images; News and Groups; Add-Ons; Gmail; Ads; Webmastering; Programming Google; Index

You probably know it by now, but the Hacks concept is built around 100 cool tips, tricks, and "hacks" related to the particular subject of the book.  In this case, the subject is Google.  I must have missed the first edition, because I don't remember ever reading any of this material in this form before.  The first chapter deals with basic search tricks like mapping (#7 - Think Global, Google Local) and stock tracking (#8 - Track Stocks).  Nothing incredibly new there that I haven't seen elsewhere, even though I may not always remember it when I need to.  :-)  The advanced section starts to pick up with things like #46 - Spot Trends with Geotargeting and #47 - Bring the Google Calculator to the Command Line.  Learning how to "browse" the World Wide photo album in #51 was cool.  For me, the book completely earned its keep with the gmail chapter.  I didn't know about "plus addressing", which really rocks.  And based on #79 - Use Gmail as a Windows Drive, I now have a 1 GB spare hard drive that I can use to transfer 10 MB files (or less) from home to work and back...  Tres cool!

If you have a background in programming, you'll get even more out of the book.  There are plenty of scripting examples using Perl, Python, and other languages that allow you to manipulate the Google API to integrate Google features into your applications.  But even if that's not your forte, you'll still benefit a lot from the non-programming tips.  Especially if you've never taken a lesson in the search syntax that Google provides.

If Google is your search engine of choice but you've never gotten beyond the basic search interface, you need this book.  There's a whole world out there you know nothing about...  Highly recommended.

02/17/2005

More thoughts on mixing IT analysis and taking stock options as payment for services...

Category Everything Else

As I was trying to get to sleep last night after being up too late, I ended up spending more time thinking about the whole issue of being an IT analyst firm while also running a venture advisement arm of your business that takes stock options as payment.  Specifically, the whole Radicati Ventures thing...

The more I contemplate this, the more I believe that there is no way the analysis part of the firm can remain untainted by this...

It's become very common for financial media sites and columnists to disclose when they may have a vested financial interest in a story or an entity in the story.  For instance, if CBS Marketwatch reports on something related to another network's financial situation, they usually reveal that CBS is the owner of the Marketwatch site (or something like that).  A financial columnist writing about an industry will often reveal that they do or do not hold stock in companies affected by the story.  Granted, we have no way of telling if it always occurs (and I doubt it does), but groups committed to high ethical standards take that approach.

Companies that have different divisions that could potentially have conflicting interests will often establish what are called Chinese Walls.  These processes are put in place so that there are no shared responsibilities that would allow one side to control or manipulate a market so that the other side can benefit.  Again, in the post-Enron corporate world, we all know it didn't happen as often as it should.  But again, it's proper business compliance and control.

Now to the IT analyst situation...  The head of the company is often quoted and is the authority behind the studies and reports that are issued by the company.  And based on their own website, the same head of the company also is personally involved in each of the venture deals.  The deals can be conducted on a cash basis, or part of the payment can be in stock options.  It's the stock option situation that creates a conflict that I can't reconcile in my own mind.

I wouldn't expect a venture firm to list all their customers.  Legitimately that is competitive information.  But we also don't know if those same companies and customers are involved in areas (like messaging) where analysis reports are issued that try and influence the market.  Unless those stock option holdings are disclosed, it's impossible to know if a message could be influenced by potential financial gain.  It'd be like me writing an article for Forbes trashing a company without revealing I had shorted the company's stock.  The information I write may be valid, but the readers have the right to know whether bias might exist.  Conversely, if I write a glowing story about an industry niche and/or a company in that area, it's important to know if I might financially benefit from that company's success.

The corporate scandals of the post-dot.com era have made me cynical.  I worked for Enron.  Although I'd like to believe a company is totally open, I also am not surprised when it's found not to be.  Having potential financial stakes in companies or IT areas where you do analysis calls into question your bias in opinions backed by your company.  Unless those potential biases are revealed as a regular course of action, the IT public has a right to call into question the outcomes of said analysis.

02/17/2005

Hi, I'm Tom, and I'm an ADD blogger...

Category Blogging

Hi, Tom!

From Dave Taylor's The Intuitive Life:  Are Blogs The Digital Equivalent Of ADD?

I'd offer some pithy insight, but that would ruin my point...  :-)

02/16/2005

Analyst Ethics - "I have nothing against those people"...

Category Everything Else

The latest Radicati "analysis" shows up in Messaging Pipeline: Radicati's State Of Messaging Software Market Is Optimistic

I'm not going to talk to the rather obvious attempt to hype MS and downplay IBM's impact in the market in this report.  We've all gone over that before.  You can read the actual report here at
InternetNews.com.  The quoted parts of that study in the article make me wonder what fantasy and convolutions the analyst at Radicati had to go through to make the facts fit his message.

No, what I want to deal with is this quote in the MP artice...


When asked to elaborate, Sara Radicati said that she sees IBM/Lotus Workplace as an end-of-life strategy for Notes/Domino. Confronted by strong evidence, including a survey by Messaging Pipeline, and even stronger feelings from the Lotus Notes/Domino community that the product has a long life ahead of it, she said, "I have nothing against those people, I wish them well. But they are wrong."


This, coming from the analyst firm that tried to astroturf negative comments about their analysis in the Domino blogging community.  This, coming from the firm that tried to anonymously get one blogger fired and who demanded that IBM fire someone else who disagreed with them.  This, coming from the head of the company who stonewalled any admission of guilt in their unethical behavior until the furor got too loud to ignore, and then brushed it over with one of those "it's an internal matter that we've resolved" statements.  Check out
Volker's wiki outlining the whole sordid affair.  

We also have
Radicati Ventures, with Sara's own personal involvement in each deal, offering due diligence, aid in raising venture capital, etc. for tech companies.  Given today's corporate scrutiny and oversight, does anyone else see a problem with this?   This quote at the end raises my eyebrows:  "At completion of a successful transaction we will charge a 5% commission fee of the value of the deal minus the amount already paid in retainer fees. Half of the commission fee may be paid in stock options."  Attempting to influence a market while having a vested stock/securities interest in the outcome of the market is...  problematic.  In some cases, I think the SEC has even called it illegal.

Sara does have something against "those people".  She's proved it with the actions of her firm.  She's accepted money from Microsoft to commission reports painting Microsoft as the winner in comparisons with dubious analysis techniques.  She attempts to influence decision makers with her analysis based on these paid, commissioned reports.  And then she attempts to offer finacial guidance to companies based on her expertise in the industry, based on these reports.  Impartial financial guidance?  That's a hard mental stretch for me to make...  Sorry.


Oh, and John Dickinson?  The guy who wrote the lead article in Messaging Pipeline?  He's the one who wrote this Radicati puff piece
Notes Users: Watch What IBM Does, Not What It Says back on February 3rd.  While he at least semi-challenges her view ("confronted with strong evidence, including a survey by Messaging Pipeline"), he still apparently is content to have his IBM world view shaped by an analyst whose prescription lenses are due for a revision...

02/14/2005

Book Review - Introduction to Computer Security by Matt Bishop

Category Book Reviews

I recently finished the book Introduction to Computer Security by Matt Bishop (Addison-Wesley).  I hope to be fair on this review, but I'm probably going to be a little harsh...

Chapter list:  Preface; An Overview of Computer Security; Access Control Matrix; Foundational Results; Security Policies; Confidentiality Policies; Integrity Policies; Hybrid Policies; Basic Cryptography; Key Management; Cipher Techniques; Authentication; Design Principles; Representing Identity; Access Control Mechanisms; Information Flow; Confinement Problem; Introduction to Assurance; Evaluating Systems; Malicious Logic; Vulnerability Analysis; Auditing; Intrusion Detection; Network Security; System Security; User Security; Program Security; Lattices; The Extended Euclidean Algorithm; Virtual Machines; Bibliography; Index

OK, for the good stuff.  This is probably one of the most complete academic treatments of computer security that I've ever seen.  According to the preface, this is a "condensed" and updated version of the author's earlier work, Computer Security: Art and Science.  His three goals, which are probably met, are to show the importance of theory to practice/practice to theory, to emphasize that computer security and cryptography are different, and to demonstrate that computer security is a science *and* an art.  He also considers this book to omit much of the mathematical formalism.  And that's where I start to have problems.  In my opinion, he missed his target entirely.

Following the statement about omitting the mathematical formalism, we have this statement:  "It is suited for computer security professionals, students, and prospective readers who have a less formal mathematical background, or who are not interested in the mathematical formalisms and would only be distracted by them, or for courses with a more practical than theoretical focus."  Honestly, I don't know of many computer professionals holding down full-time jobs who would see this as a practical book.  There is still a lot of mathematical "formalism" for a practical book, and I didn't finish reading this book thinking that there were a number of things I'll do different now in my job.  If I were taking a college level course on computer security theory and structure, it'd probably work.  But to give this to your coworker who is studying for a security certification as well as monitoring logs on a system would make him wonder if he did something to offend him...

If you need theory and coursework-style material, this book will give it to you.  If you're looking for something that deals with hands-on security stuff you can use in your job tomorrow, I really think you'll be disappointed.

02/14/2005

Book Review - Word Hacks by Andrew Savikas

Category Book Reviews

It seems like the Hacks series just keeps getting better and better.  This time I had a chance to review the book Word Hacks by Andrew Savikas (O'Reilly).  As usual, there are a number of items here that I'll be able to use right away...

Chapter list:  Word Under the Hood; The Word Workspace; Formatting, Printing, and Table Hacks; Editing Power Tools; Templates and Outlines; Housekeeping; Macro Hacks; Forms and Fields; Advanced Word Hacks; Word 2003 XML Hacks; Index

For those unfamiliar with the Hacks format...  It consists of 100 tips, tricks, or unique ways of doing things with the subject at hand (like Word, Excel, etc.).  The hacks are normally not things that you would find intuitively obvious, or even things that you thought were just flat-out impossible to do.  In Word Hacks, the author (along with a number of contributors) takes you on a trip into the inner world of Word and uncovers a multitude of tricks you've probably never seen...

Wonder how to get IE to launch Word documents in Word?  That's hack # 8.  Need dummy text to fill out content in a document but you don't want to just type random characters?  Check out #14.  How about using Word as a Windows backup utility?  Yes, you can do that, and hack #81 shows you how.

The thing I like most about this book is the profusion of VBA code to be found.  For non-programmers, this might be a hindrance in that a lot of the hacks involve using the VBA code they supply.  I can think of a number of potential readers who would be totally lost there.  But for developers who use COM to manipulate Word from other software packages, this is a treasure trove of ideas.  An excellent "R&D" resource...  "Rob & Duplicate"!  :-)

If you're an average user of Word or a power user who doesn't want to play with code, you'll get some value here.  If you're a techno-geek who wants to program everything, this is your book.  Highly recommended...

02/13/2005

Book Review - Real World Web Services by Will Iverson

Category Book Reviews

Since Domino 7 will start to incorporate web services more readily into application development, I figured it was time to start getting a little more versed on the subject.  To that end, I got a copy of Real World Web Services by Will Iverson (O'Reilly).  Coupled with a detailed tutorial/reference manual, this is a really good selection.

Chapter List:  Web Service Evolution; Foundations of Web Services; Development Platform; Project 1: Competitive Analysis; Project 2: Auctions and Shipping; Project 3: Billing and Faxing; Project 4: Syndicated Search; Project 5: News Aggregator; Project 6: Audio CD Catalog; Project 7: Hot News Sheet; Project 8: Automatic Daily Discussions; Future Web Service Directions; Index

While the book is smallish (206 pages), there's a lot of value packed in it.  Iverson takes you from the beginning of simple HTTP request and responses, through data scrapping, into RPC technology, and then finally into web services.  The overview really helps you to understand how we got to where we are.  He explains how to set up a simple test development environment as well as what you'll need, and then it's directly into the example projects.  Here's where the book shines.  These projects connect to live data sources such as Amazon, Google, FedEx, and eBay, so you're not dealing with simple examples that don't translate to the real world.  Each of the projects are applications that you could easily see yourself using on a daily basis, either exactly as written or with some moderate tweaking.  And since you're learning the mechanics of connecting with that service, it's easy to extrapolate the information into the areas that might interest you more.

If you have no background in SOAP or WSDL, I'd recommend you get a foundational book that has a good tutorial and reference material.  You won't get it from this book, nor should you expect to.  It's not his intended purpose for the book.  But this is the book that will help you go from theoretical to practical, and that's worth its weight in gold.

Very good book if you're looking to take the next step in your web services development...

02/13/2005

Finally getting around to testing web-based entry...

Category Blogging

So...  if this works, I know that I can now enter my blog entries via the web as well as via the Notes client.  I tried it once before, and for some reason I could never get past the signon.  Then a friend did some hacking in the template and suggested a change to the WebStory form.  It works, and now I should be able to blog when/whereever I want...

Heh, heh, heh...  :-)

02/12/2005

Book Review - Chop Shop by Tim Downs

Category Book Reviews

After reading his debut Bug Man novel Shoofly Pie, I knew I had to get ahold of Tim Downs' second (and latest) installment of the Bug Man series - Chop Shop.  Once again, Downs pulls off a definite winner, with even more texture than the first.

Dr. Nick Polchak is once again censured from the university for "dissecting" a sleeping student in his class.  No matter to him, as it just gives him time to work on his forensic entomology studies... in other words, the effect of bugs on dead bodies.  He gets sidetracked when he's approached by Dr. Riley McKay, a budding pathologist in the fellowship study program of a local coroner office.  She wants Polchak to offer some opinions on some anomalies she's seeing in the cases of the head pathologist, and she's willing to pay him out of her own pocket to answer the questions.  This all leads to the door of a cutting-edge pharmaceutical company looking to manufacture custom genetically tailored medicines.  The concept is great, but there appears to be a side business going on involving the black market sale of organ transplants.  Polchak and McKay have uncovered a lot of the truth, but they really don't know who to trust to stop it all, or even if they'll survive long enough to get to that point.

Downs' first Polchak novel was very good, but it was really just a vanilla murder mystery.  You knew there were some incidents in Polchak's life that had caused him to treat other humans with a fair amount of disdain, but none of that was really revealed.  Chop Shop starts to cover some of that ground, as well as introducing some real medical ethics that have varying degrees of right and wrong.  You meet Polchak's mother and learn a bit about his childhood that caused his withdrawal.  You also see him struggle to come to terms with the affection he feels for McKay and how that can (or should) play out in his life.  Polchak now is more than just a quirky intelligent scientist.  He's a person with feelings and a history.  This bodes well for future installments of the series.

The only bad thing I have to say is this...  How much longer do I have to wait for #3???

02/12/2005

Book Review - Wireless Hacking Projects for Wi-Fi Enthusiasts

Category Book Reviews

If you're highly interested in hacking together wi-fi networks and such, you'll probably enjoy Wireless Hacking Projects for Wi-Fi Enthusiasts by Lee Barken and the SoCalFreeNet.org Wireless Users Group.  I personally had hoped for something a little different, however...

Chapter list:  A Brief Overview of the Wireless World; SoCalFreeNet.org: Building Large Scale Community Wireless Networks; Securing Our Wireless Community; Wireless Access Points; Wireless Client Access Devices; Wireless Operating Systems; Monitoring Your Network; Low-Cost Commercial Options; Mesh Networking; Antennas; Building Outdoor Enclosures and Antenna Masts; Solar-Powered Access Points and Repeaters; Wireless 802.11 Hacks; Index

OK, to be fair, there's a lot of technical information in this book.  SoCalFreeNet.org is a group committed to building community access wireless networks in order to offer free wireless coverage for everyone in the range of the network.  They go into great detail on the hardware to use, how to configure it, the reason for setting up an access portal, building a firewall for the network, and so on.  If this is your interest or if you're interested in starting this type of a network in your area, I don't think there's another book out there that would help as much.

Having said that, I'd probably be a little less harsh if the book had been titled How To Build A Community Wireless Network Based On The SoCalFreeNet.org Model.  Someone who is looking to play around with wi-fi in their own house, build cantennas, or possibly control devices over the wireless network will have to dig hard in the book to find what they are looking for.  The information is there, but it seems to be secondary to the primary purpose (or what I perceive it to be), which is to spread wireless access to the masses.

So, depending on what you're looking for, this may or may not be a good match for you.  I was expecting something different from the title and cover, and was somewhat disappointed...

02/12/2005

Are Google click-thru's for asbestos really that high?

Category Blogging


Over on
Damien's blog, he talks about the click-through rates that some lawyers are paying to get top ranking on Google ads for asbestos claims and lawsuits.  He quotes a piece from a different blog:

Right now asbestos reform and asbestos related litigation is on fire. Lawyers are paying anywhere from $15-100 per click through on Google ads. The second part of this big experiment is to see if I can capture some of that click through revenue while still providing a somewhat valid service to people who might arrive by search results.


Wow...  No wonder lawyers charge so much per hour.  You'd have to in order to recover that type of potential expenditure to find those asbestos litigants...

02/11/2005

A new ND6 NotesRichTextItem method... GetNotesFont

Category Software Development
OK... I'm a little slow...

(You in the back row! That's enough of the "a little slow what?" comments!)

One thing I like to do in agents that send out emails is to use the NotesRichTextStyle class to do formatting like bolding, font sizing, etc. But what I've always disliked is that for font faces, you are pretty much restricted to Helv, Roman, and Courier. I was looking through the Designer Help for formatting on something, and I ran across a new method in NotesRichTextItem called GetNotesFont. What it allows you to do is get a reference to another font type and use that instead...

Returns an identifier for a font face in a document.
Note: This method is new with Release 6.

Syntax
notesFont% = notesRichTextItem.GetNotesFont( faceName$, addOnFail )

Parameters
faceName$
String. The name of the font face, which must be valid for the platform on which the agent is running.
addOnFail
Boolean.
True assigns an identifier for the font face if one is not already assigned in the current document.
False (default) returns 0 if an identifier is not assigned for the font face in the current document.

Return value
notesFont%
Integer. The identifier associated with the specified font face, or 0.

Usage
The identifier can be used to set NotesFont in NotesRichTextStyle.
Identifiers assigned by GetNotesFont are in the range 5 through 254.

So, since I like Georgia fonts, I decided to send out this particular email set in Georgia, like so...

'Set a style for the text in the email. Set rtsText = session.CreateRichTextStyle() rtsText.FontSize = 11 rtsText.Italic = False rtsText.Bold = False rtsText.NotesFont = rtiBody.GetNotesFont("Georgia", True) Call rtiBody.AppendStyle(rtsText)
This LotusScript was converted to HTML using the ls2html routine,
provided by Julian Robichaux at nsftools.com.
Just too cool!

02/09/2005

Book Review - Internet Annoyances by Preston Gralla

Category Book Reviews

I recently had the chance to read and review the book Internet Annoyances by Preston Gralla (O'Reilly).  All I can say is that I'm really getting hooked on this Annoyances series.  Internet Annoyances is no exception...

Chapter List:  
Chapter 1 - Email and Spam Annoyances:  General Email Annoyances; Spam; Outlook 2003 and Outlook Express; Gmail; Eudora 6
Chapter 2 - Making The Connection Annoyances: General Connection Annoyances; Broadband: Cable and DSL Connections; Routers and Home Networks
Chapter 3 - Wireless Annoyances: Home Wireless Networks and Routers; Cell Phones and the Net; WiFi Security; HotSpots
Chapter 4 - Web Hosting, Design, and Blog Annoyances: Domain and Hosting Hassles; Design and Maintenance Help; Blogging
Chapter 5 - Browser Annoyances:  Pop-Ups, Ads, and Flash; Favorites and Bookmarks; Working the Interface; Speedups and Shortcuts; Cookies
Chapter 6 - AOL Annoyances: General AOL Annoyances; Email
Chapter 7 - IM Annoyances: General Instant Messaging Annoyances; AOL Instant Messenger (AIM), Windows Messenger; Yahoo! Messenger; ICQ
Chapter 8 - Searching Annoyances:  General Search Annoyances; Government and the Law; Google; Amazon; eBay; Yahoo!
Chapter 9 - Security Annoyances:  General Security Annoyances; Spyware; Trojans, Worms, and Viruses; Firewalls
Chapter 10 - Shopping and Auction Annoyances:  General Shopping Annoyances; eBay Annoyances; Amazon Annoyances
Index

As you can see, this book covers quite a bit of ground.  Each chapter/subsection consists of a number of annoyances in the form of "questions" from readers or contributors.  Imagine a weekly newspaper Q&A column and you get the idea.  Gralla then answers the question in a straight-forward, understandable way that often includes a liberal dose of humor.  What's even better is that he often includes links to websites that offer some unique service or twist on the subject (like using Teoma as a search engine for tech subjects) or a lead to a piece of software that will dramatically change the way you do something (like the Asterisk Key utility to show you the passwords behind the asterisks in a password field).   And sometimes its just letting you know that Amazon.com *does* have a 1-800 number for customer service where you can speak to a real person (1-800-201-7575).  

You won't necessarily learn something from every tip included in the book.  You may even skip entire chapters (don't ask me questions about the AOL chapter, OK?).  But that's OK and to be expected.  Odds are that you'll pick up at least 10 - 20 tips or tricks that will make the whole book worth every penny you spend on it.  Just the fact I don't have to continue to see IE launched as a quarter-size window any more was worth the price of admission for me!

Great stuff here, and a recommended read...

02/09/2005

Book Review - Shoofly Pie by Tim Downs

Category Book Reviews

Based on the recommendation of another Amazon reviewer, I picked up a copy of Shoofly Pie - A Bug Man Novel by Tim Downs at the library.  And I think I've found another "must read" author...

Dr. Nick Polchak is a forensic entomologist... basically a guy who studies the effects of insects on dead bodies.  Real appealing stuff.  And due to some prior hardships in his life (that aren't covered in this, the first installment of what should be a series), he's pretty much done with dealing with people and prefers to stick with his bugs.  After getting caught "helping" the police one too many times, his college exiles him to a remote area of North Carolina to do some research.  While there, a person turns up dead in a field and is ruled to be a suicide.  A long-time friend of the dead guy isn't convinced, and she hires Polchak to uncover the truth at whatever the cost may be.  Using his skills, he determines that the body had to have been moved to where it was found, and the bugs present in the wounds indicate that the death occurred somewhere else.  Now all he has to do is narrow down who is the murder while not getting himself killed in the process...

There are quite a few things to like about this book.  Polchak is a hard-nosed "bug man" who has no problems saying or doing anything to find out what he needs to know.  He's also detached himself from a number of human emotions so that he can observe reality instead of what others think must be there.  The writing and dialogue is interesting, and the story moves at a comfortable pace.  The other unusual thing about this book is that it's put out by a Christian book publisher.  While most Christian fiction tends to weave in a strong moralistic message, there's really none of that here.  The language is clean, and its the type of book that would get a PG-13 rating in a theatre if this were made into a movie.  It's a refreshing change from novels that feel the need to use every four letter word in the book just to appear "real".  

Downs has done an outstanding job in this his first Bug Man novel.  I can't wait to get ahold of the next one in the series.

02/09/2005

If you haven't ever checked out Kathy Sierra's blog Creating Passionate Users...

Category Blogging

Stop right now, click on the link below, and add it to your RSS reader or your bookmarks...  Go ahead...  I'll wait...

Creating Passionate Users

She's doing some of the most interesting blogging out there right now.  Her insights on how we learn, as well as how we help others learn, will do wonders for the way you interact with those you support at work.

02/09/2005

Would/Could I have blogged at my prior job?

Category Blogging

And by prior job, I don't mean my consulting gig with Marquam Group...  

I was reading some blogs today about corporate control of bloggers and such, and I started to wonder...  If blogging had been the hot new technology between 1998 and 2001 when I was at Enron Broadband, would I (or *could* I) have been a blogger?

Hmmm...

It was a heady time...  Dot.com boom (followed towards the end by the bust).  Watching your paper net worth go into the seven figure range.  Having a T1 line running directly into your house.  We were going to "change the world"...  We did, but not in the way we all expected.

On the other hand, it was not an easy time towards the end...  Trying everything we could in Portland to avoid having our jobs shipped off to Houston.  Undergoing weekly (and sometimes daily) priority changes in our projects.  Re-orgs every three months.  Working with people who would dream up some "cool" project on Wednesday night, promise to demo it to the CIO Monday morning, and then assume that we would work all weekend long to make his vision happen.  All proof-of-concept, mind you...  and smoke and mirrors would be required, but it was going to be *cool*...  a | Big Win |... Yeah, right...

And all before I discovered my serotonin deficiency which is so nicely handled with SSRI medication now.  :-)  

Tom was not a happy camper, and I was almost glad to see the doors close with our tidy severance package on September 1, 2001.  Until September 11 happened and I wondered if I would ever find another job...

But back to blogging...  would I have been a blogger back then?  Probably more relevant, *could* I have been a blogger back then?  Enron was fanatical about their security department.  It was rumored that ex-CIA/FBI personnel made up the group, and that they kept a close watch on anything and everything.  I'm not sure that a blogger would have been tolerated in that environment, regardless of how generic the content was or whether the content even had anything to do with Enron.  It's not a stretch to imagine that you could come in one day, get called into your boss's office, be told you were fired for inappropriate conduct (blogging), and be gone before you know what hit you.  And I'm sure if you were talking up the latest and greatest ways that Enron Broadband would revolutionize the internet, your departure would be even more swift...

I think I like my current life much more, thank you...  Enron was a good experience with some excellent benefits, and it taught me a lot about myself.  But looking back, it was a very dysfunctional atmosphere.  While no company is perfect, my current environment borders on nirvana compared to what I went through in 2001.  I don't think that blogging would have been in my best interests while at Enron.

02/05/2005

One of my happiest moments at Lotusphere this year...

Category Lotusphere 2005

Sitting in Ed Brill's The Boss Loves Microsoft session, cruising along, drinking the kool-aid, and having this slide appear on screen...

A picture named M2

When you're a writer and you see your work quoted by someone you respect and admire, it makes all the time and work worth it.

http://www.e-promag.com/eparchive/index.cfm?fuseaction=viewarticle&ContentID=5108

02/05/2005

Book Review - Head First Design Patterns by Eric Freeman and Elisabeth Freeman

Category Book Reviews

I've read a few books on design patterns, and it's always been a lesson in patience and endurance.  They generally aren't fun to read and are a struggle to learn from.  Knowing the power of the Head First approach to technology books, I looked forward to reading Head First Design Patterns by Eric Freeman and Elisabeth Freeman (with Kathy Sierra and Bert Bates).  As usual, an outstanding job on a usually hard subject.

Chapter list: Welcome to Design Patterns; Keeping your Objects in the Know; Decorating Objects; Baking with OO Goodness; One of a Kind Objects; Encapsulating Invocation; Being Adaptive; Encapsulating Algorithms; Well-Managed Collections; The State of Things; Controlling Object Access; Patterns of Patterns; Patterns in the Real World; Leftover Patterns; Index

If you've never seen a Head First book (where have you been???), you're in for a treat.  Sierra and Bates have created a concept styled around active learning.  With a combination of pictures, crazy dialog and examples, text all over the place, and ducks (yes, the kind that go quack), Eric and Elisabeth Freeman approach design patterns in a way you've never seen (but that remain true to the Gang Of Four classic).  Each of the main chapters take a specific pattern, set up a fictional scenario, and explore how that pattern can be applied to the problem at hand.  Along the way, you learn the standard pattern usage, when and when not to use it, along with coding examples that show it being done.  The graphics and sketches cement the concepts in a way that straight code or endless paragraphs of text just can't accomplish.  When you get done, you understand the pattern almost without having made an effort to do so.  That's the unique value of the Head First concept...  All the senses are engaged (most with humor), and as a result the mind doesn't have a chance to wander off and think about what's for dinner...

As I continue to work on learning this stuff, HFDP will be close at hand.  And I'll be able to refute the common adage "old dogs can't learn new tricks".  With Head First Design Patterns, not only can they learn new tricks, they can actually apply them!  Great book...

02/05/2005

Book Review - A Salty Piece of Land by Jimmy Buffett

Category Book Reviews

I just finished Jimmy Buffett's meandering latest work, A Salty Piece of Land.  I liked it, but I can see how others might be somewhat bored by it all.

The main character, Tully Mars, is on an adventure trying to escape from an unfortunate incident in his past (along with bounty hunters and trumped up charges).  For a cowboy, he has a strange affinity for the sea, and soon he and his horse end up on a slow boat to a Caribbean island.  He starts off working as a fishing guide for a new retreat there, but soon ends up on board a masted sailing ship commanded by a 100+ year old lady.  Her life goal is to restore a certain lighthouse to its former glory, and to do so she needs to track down a rare type of lens for the lighting mechanism.  This becomes Tully's goal too, and the two set out to meet people, share experiences, and track down the elusive lens.  Along the way, Tully has to watch out for the bounty hunters as well as figure out where his life is really going.

The book is 462 pages, and I was being descriptive when I called it meandering.  The plot line is extremely loose, and there's not any sense of build-up or pacing.  It's one of those stories that could have been told in 200 pages (or less), but then it wouldn't have the flavor that it has.  I think you have to be in a laid-back mood to read it, and just enjoy the characters and the twists of life for what they are.  If you're looking for a tight, well-crafted story, this isn't it.  Conversely, if you're looking to escape into the oceans, islands, and the off-beat characters found there, this could be what you're looking for.  There's definitely plenty of Buffett to be found in the book, and I have no doubt that many of the scenes and incidents could be based on things that really happened to him.

So, go in with an open mind and the right attitude, and just let things flow.  It's probably the best way to enjoy this one...

02/05/2005

Book Review - Internet Denial Of Service - Attack and Defense Mechanisms

Category Book Reviews

There are obviously a multitude of ways an attacker can take your site down.  One way is via a denial of service attack.  There's a new book out that covers just that attack in great detail:  Internet Denial Of Service - Attack and Defense Mechanisms by Jelena Mirkovic, Sven Dietrich, David Dittrich, and Peter Reiher (Prentice Hall).

Chapter list:  Introduction; Understanding Denial of Service; History of DoS and DDos; How Attacks Are Waged; An Overview of DDoS Defenses; Detailed Defense Approaches; Survey of Research Defense Approaches; Legal Issues; Conclusions; Glossary; Survey of Commercial Defense Approaches; DDoS data; References; Index

Going into this book, I can say I knew about the basics of a Denial of Service (DoS) and Distributed Denial of Service (DDoS) attack.  What I didn't understand is how sophisticated they've become.  The book covers (in deep detail) how bot or zombie networks are developed and utilized to launch these types of attacks.  I didn't realize that it's relatively easy to acquire a bot network of over 100000 clients who can flood a site with packets.  And it's not even necessary to use them all at once.  Attacks can start with a fraction of the clients, and then escalate as the victim attempts to filter packets or add bandwidth.  It's a scary thing.  The authors also cover the various issues involved in the defense of these types of attacks.  Filtering might work, but it can be difficult to find the correct filtering parameters that don't also drop legitimate traffic.  And due to the distributed nature of the attack, it can be nearly impossible to find the culprit, and worse, to prevent it from happening again.

Walking away from this book, you don't get a warm, fuzzy feeling about the current situation.  Regardless of what steps you take, there is no current sure-fire method for defending these attacks.  But by reading Internet Denial of Service, you'll be far more prepared to understand what's going on and what realistic options do exist.  Better yet, it also gives you the steps you need to take to prepare your site for this type of incursion beforehand.  If you've mapped out your plan ahead of time, you can definitely minimize (to some extent) the damage that can occur.

This is a good read for any security professional tasked with security and availability of an organizational website.  Reading this now could save your job later...

02/04/2005

Book Review - Moving To The Linux Business Desktop by Marcel Gagne

Category Book Reviews

Since Linux in the business world is becoming a growing trend, I decided to review Moving To The Linux Business Desktop by Marcel Gagne (Addison-Wesley).  It's an interesting book that was a little different than what I expected...

Chapter List:  
Part 1 - Getting To Know Linux:  Introduction; Overview of Deployment Options; Installation; Getting Your Hands Dirty; Customizing the Desktop; Using Konqueror for File Management
Part 2 - Administration and Deployment:  Installing New Applications; Devices and Services; Network and Internet Connections; Becoming One with the Shell; Web-based Administration; Users and Groups; Backup and Restore; Printers and Printing; Electronic Mail; LDAP; Web Services; Samba; Linux File Sharing (NFS); Thin Clients: The Server; Thin Clients: The Clients; Remote Control; Security
Part 3 - The Linux Business Desktop:  Email Clients; Getting Organized; Surfing the Net; Word Processing (It Was a Dark and Stormy Night...); Spreadsheets: Tables You Can Count On; Presentation Graphics: For Those Who Need No Introduction!; Office Graphics and Art (Just Call Me Leonardo); Instant Messaging; Video Conferencing
Appendixes: The GNU General Public License; Automation and Scripting; Index; About the CD-ROM

When I first saw the book, I was thinking more along the lines of a typical user in a business environment.  What do you use for a desktop environment?  What do you use to replace Office?  How do I surf the web?  You know, all those important questions.  And Gagne does cover those areas in various chapters.  What I wasn't ready for was the coverage of the more administrative functions...  How do you manage the network?  How can you read Windows file systems?  How do you, in effect, run the entire network infrastructure with Linux as opposed to Windows or Novell?  And for me, that's where this book's value lies.  The author defines "Linux Business Desktop" in very broad terms (more so than I did), and takes it beyond the typical discussion of how to replace Windows on a PC.  As a result, a systems admin (or very savvy power user) can take this book and start to understand how a Linux infrastructure operates and is maintained.  And given Gagne's conversational style of writing, it's not a chore to wade through the book.  It's actually an enjoyable read, and it makes the learning aspect of Linux quite easy to accomplish.  If someone were to decide to set up a network and desktop environment entirely based on Linux, you'd probably want some additional titles that go into more depth on specific things like Samba or network/internet security.  But for a starter title to give you a good foundation, this book will do it.

Very good choice for understanding the possibilities of running the whole show on Linux.  Definitely a recommended read if you're going there...

02/04/2005

Book Review - Railroaded! by Whitfield Grant

Category Book Reviews

Today I finished a novel by a author who I think has a very good chance of becoming well-known in the crime thriller genre.  His name is Whitfield Grant and his book is Railroaded!  It's a commendable effort for a writer early in his career.

The story revolves around a black football player, Tony Williams, who is a world-class athlete, extremely well-educated, and is devoted to his wife and family.  During a party at the Pro-Bowl, he spurns the advances of a woman who is coming on very strong.  Unfortunately, he is drunk at the time, stumbles off to his room, has to be helped there (by guess who), and wakes up with the woman naked next to him.  He bails, calls his wife, explains what happened (nothing in reality), and all seems to be forgiven and OK.  But then mystery letters start showing up talking about the night in Hawaii, and Tony is at a loss to stop the stalking.  He finally finds out the woman is the daughter of the owner of the team he plays for.  After a vicious crack-back block in a preseason game that severely injures him, he tries to head home courtesy of the owner and his limo.  But the daughter decides to make an appearance, jumps Tony in the car, and there's a struggle as Tony tries to get out of the vehicle. It all ends up with the woman beating Tony on the sidewalk, leaving, staging a rape with a former lover (complete with a beating for effect), and accuses Tony.  Although it looks like a easy case to try, there's a mysterious and unknown group that wants Tony completely out of the picture for reasons not revealed.  The end of the book then covers the courtroom drama, and the race to uncover the truth about what really happened and who is really pulling the strings.

You could almost consider this Grant's first novel (he has one other one that's not yet available on Amazon).  So for purposes of discussion, let's call just it his first.  And for a first novel, it's quite well done.  He explores a lot of difficult subjects in today's society...  race, interracial relationships, prejudice, and the role of the black man in society.  He also paces the book in an interesting fashion.  The book is 322 pages, and he gets to the staged rape by page 40.  I was really curious as to what he was going to do for the remaining 280 pages, and whether the book was going to drag at that point.  In reality, the courtroom drama is where I got sucked in and started stealing minutes here and there to see what happened next.  The interplay between Williams and his two best friends is fun to see, and it's nice to see positive role models displayed without all the dirt and sleaze that seems to be so common in writing these days.

Is the book perfect?  There are a few things that didn't sit quite right with me.  Tony and his two friends seem to be too perfect.  Having Tony and Adrian run world-record times in the 100 and the 220 while still in high school (and Tony had never run track before) was a bit of a stretch.  His two friends also seemed to anticipate bad situations all too often during the trial.  They were often more on top of things than the lawyers defending him.  And finally, the book is written with a sequel in mind, so you *still* don't really know all the reasons why Tony was targeted.  Still, the story line and Grant's style make up for that, especially given this is his initial crime novel.  I would expect that with a bit more experience, most of what I see as "flaws" will start to flatten out.

Bottom line...  an excellent start for someone who could end up ranking up with the earlier Grisham works.  I look forward to his future books.

02/04/2005

We want to integrate well with everyone (on our terms, thank you!)...

Category Microsoft

The latest line out of Microsoft is that they really just want to play well with others.  They're launching a major effort to integrate with non-Microsoft solutions.  No more "embrace and extend"...  They're all really nice guys who are just misunderstood...

I'm sorry, but I'll remain a skeptic on this one...

On one hand, we have:  Microsoft's New Mantra - Compatibility

Microsoft Corp. adopted a new mantra on Thursday, promising to work harder to make its software work better with other software systems and hardware, Chairman Bill Gates said in an e-mail to customers.

Previously, such e-mails signaled the launch of massive new efforts by the world's largest software company. The last major initiative, to improve the security of the company's software, was launched by Gates three years ago, and most messages since then have focused on that issue.

But in Thursday's lengthy e-mail, sent to major corporate customers and made public by Microsoft, the company said it would boost efforts to make its software work more smoothly, or "interoperate" with other technologies.

"Over the years, our industry has tried many approaches to come to grips with the heterogeneity of software," Gates said. "But the solution that has proven consistently effective -- and the one that yields the greatest success for developers today -- is a strong commitment to interoperability."

[Side note...  *how many* security patches are coming out next Tuesday?  13?  Great focus, thank you...]

Then in the same e-mail, we have:  Linux Makes Interoperability Harder

"Open source is a methodology for licensing and/or developing software - that may or may not be interoperable. Additionally, the open source development approach encourages the creation of many permutations of the same type of software application, which could add implementation and testing overhead to interoperability efforts," Gates wrote.

So...  we're all for interoperability, so long as it's on proprietary software platforms (preferably Windows) that don't threaten our core business.

I'm sure Microsoft will come out with some efforts that will look really nice.  But to use this latest missive as proof that the company is becoming a kinder, gentler Microsoft doesn't fly with me...

Guess I'm just too much of a cynic...

02/03/2005

Book Review - The Best of Verity Stob by Verity Stob

Category Book Reviews

OK...  this was a fun read...  The Best of Verity Stob by Verity Stob (Apress).  

Fine, Tom...  so what's a Verity Stob?

Eh, it's a fair question...  One I asked myself when I received the book.  Verity Stob is a long-time columnist for tech publications such as EXE, Dr. Dobb's Journal, and The Register.  She's British, so her take on things is definitely outside the normal American experience.  This book is a collection of various columns from 1998 through 2004, with a bit of unpublished stuff thrown in for good measure.  In addition, she's commented on each item with the aid of 20/20 hindsight.  The book is divided into four parts:  Life Before GUIs (1988-1994), The Rasp Of The Modem (1995-19100), After The Apocalypse (2000-2004), and Previously Unpublished.

To be honest, I was only vaguely familiar with her name before getting the book.  I never read EXE, I've never been a DDJ fan, and The Register only pops up on my radar screen when Google News Alerts gives me something from there.  Reading the intro, I quickly became a Stob fan.  Her writing is witty and satirical, and it's almost as if she's having a conversation with the reader.  That combination usually hooks me immediately.  Now couple all that with a walk down memory lane, since I've been involved with computers since the very early '80s.  "STOB versus the Software Engineers" reminded me of far too many code reviews.  "Not Fairies' Footfalls" will be familiar to all programmers at some time in their career.  And "You May Start" will resonate with anyone who's taken a certification exam...

Not being a Brit, I'll admit to some of the humor being a bit beyond me.  But there's more than enough here to amuse and entertain any developer who's gone through the corporate wars.  Or, if you're not a techie but just like creative and unique writing styles, give The Best a try.  Definitely worth the time to sit back and laugh at where we've all been...

02/01/2005

Book Review - The Executive Guide To Information Security by Mark Egan with Tim Mather

Category Book Reviews

No company these days can afford to ignore the topic of information security, be it computers or just customer information.  The book The Executive Guide To Information Security: Threats, Challenges, and Solutions by Mark Egan with Tim Mather (Addison-Wesley) does a good job at getting CxO-level staff to consider the issues.

Chapter list:  The Information Security Challenge; Information Security Overview; Developing Your Information Security Program; People; Processes; Technology; Information Security Roadmap; View Into The Future; Summary; Security Framework Evaluation; Information Security Web Sites; Operational Security Standards; Sample Security Job Descriptions; Glossary; Index

Because the book is targeted at the executive level, you won't find a lot of technical nuts and bolts showing up.  People at that level don't deal with security at that level.  What *is* present are in-depth discussions of security topics such as email, spam, the internet, people, and internal processes.  All the information presented tends to tie back into lists or charts that allow the reader to formulate a program for addressing security in that particular area.  There are also a number of evaluations to establish baseline measurements of where you are in a specific area, such as the proficiency of your Information Security staff or security processes.  Using a book like this, a director level person could start to formulate a solid security infrastructure for the company that will produce targeted results.

One of the things I also like about this book is its practicality.  Because everything ties back into "what do you need to do", there isn't much filler material hanging around.  They are also pragmatic.  Rather than declare that the sky is falling unless you obtain a perfect score, they understand that every organization is in a different spot.  You just evaluate where you are right now, note the deficiencies, determine where you need to be, and then make plans to get there.

Definitely good reading for all managers and above at any organization.  By reading the book now and taking steps today, you can avoid major trouble down the road...

02/01/2005

Book Review - Forensic Discovery by Dan Farmer and Wietse Venema

Category Book Reviews

Security professionals who find themselves trying to piece together an attack will find a lot of value in the book Forensic Discovery by Dan Farmer and Wietse Venema (Addison-Wesley).

Chapter Breakout:
Part 1 - Basic Concepts: The Spirit of Forensic Discovery; Time Machines
Part 2 - Exploring System Abstractions: File System Basics; File System Analysis; Systems and Subversion; Malware Analysis Basics
Part 3 - Beyond the Abstractions: The Persistence of Deleted File Information; Beyond Processes
Appendix:  The Coroner's Toolkit and Related Software; Data Gathering and the Order of Volatility
References; Index

As attacks become more and more common in today's computing environment, it's important to know how to preserve evidence in such a way that 1) you can trace what happened and 2) the information is admissible as evidence in case of prosecution.  Farmer and Venema do a good job in showing a system administrator what steps need to be taken to safely analyze an attack.  The book is targeted towards readers with a solid understanding of Windows and Unix file systems, networking, and processes.  Readers without that background knowledge will get some of the conceptual information but will bog down on the details.  And there are plenty of details...  For instance, the authors show how information can persist in memory and on disk far longer than might be expected.  In some cases, we could be talking months or years.  Using tools that they recommend, you can analyze this "empty space" and find important clues as to what may or may not have happened.  It also underscores the importance of freezing a computer's state as soon as possible after an incident so that this empty space doesn't get overwritten and lost for analysis.

Definitely a worthwhile addition to the bookshelf of security analysts who live this stuff on a daily basis...

02/01/2005

The February issue of e-ProWire: Lotus Developer Tips newsletter is out now...

Category e-Pro

You can check it out on the e-Pro web site.

02/01/2005

From Dave Taylor: GM VP Tom Stephens on Business Blogging

Category Blogging

Dave Taylor has an interesting post over on his Intuitive Life site titled GM VP Tom Stephens on Business Blogging.  It does a good job explaining the benefits and perils facing a company venturing forth into the blogging arena.  Important lessons if you're looking to move into corporate blogging.

And if you don't already do so, you should subscribe to Dave's feeds on Intuitive Life and Ask Dave Taylor.  The guy is a prolific writer who does an excellent job at sharing his knowledge with others.  He's also written a number of books I've had the pleasure of reviewing...

02/01/2005

He said, she said...

Category Linux

And somewhere the truth struggles to escape...

From LinuxInsider:  Linux "Security" Is A Myth, Claims Microsoft Exec

From LXer.com: Windows "Security" Is A Myth, Claims Linux Community Member

02/01/2005

Only Microsoft would try something like this...

Category Microsoft

From Miami Herald:  Microsoft Drops Alternate Windows Name

BRUSSELS, Belgium - Microsoft Corp. has agreed to change the name of a stripped-down version of its Windows operating system after European regulators balked at the company's original choice.

The name "Windows XP Reduced Media Edition" will be dropped, said Microsoft spokeswoman Stacy Drake. She said the company is still working with the European Union on a suitable alternative.

EU officials had complained about the originally proposed name.

Complying with an EU antitrust order, Microsoft has said it will soon send computer manufacturers a version of Windows without the company's multimedia player.

What's not noted here is that they were going to sell both versions for the same price.  I wouldn't be surprised to see the next name come out as "Windows XP Edition (without some of the stuff we normally put in there because the EU made us take it out but we'll still charge you the same price and then complain when consumers don't buy it and try to make the point that buyers really don't care in the long run) Version 1...

02/01/2005

IBM Crosses Signals: Domino or Workplace?

Category IBM/Lotus

From ADT:  IBM Crosses Signals: Domino or Workplace?

I had to check the date on this article to make sure it wasn't from a year or so ago...  But no.  February 1st, 2005...


Rumors about the impending demise of IBM’s Lotus Notes/Domino platform are nothing new. However, when IBM announced its Lotus Workplace messaging and collaboration platform in late 2003, the fate of the venerable combination seemed lost in space.


At first, IBM was careful to position Workplace as an offering for shops without Notes and Domino—or any other messaging platform, for that matter. Over the last 12 months, however, IBM has disclosed more ambitious plans for Workplace. Officials are adamant that Notes and Domino aren’t going anywhere, of course. However, at the same time, the company is delivering, or plans to deliver, more tools to promote Domino and Workplace coexistence–or to facilitate full-fledged Domino-to-Workplace migrations. At some point, IBM officials say, Domino and Workplace will converge into one product.


It’s not surprising, then, that some longtime Notes/Domino developers take a decidedly pessimistic view of that platform’s future. 'As far as I can tell from the buzz, Domino is on the way to its grave within the next few years, and I will be forced to find an alternative,' says Robert LaRock, a programmer with Standard Abrasives. When that happens, he says, Workplace probably won’t be on his short list.


I've got to think this article was written about six months ago (at least) and just now made the light of day.  It's obvious the reporter either didn't attend Lotusphere 2005 or didn't update the article with any of the information released from the event.  The reporter's "facts" are so outdated and/or just plain wrong as to be laughable...

01/31/2005

Yep... time for January's Google Oddities!

Category Blogging

Let's see what warped reasons have caused people to hit this site over the last month...
  • "adult diapers" uncomfortable - I'll take their word for it...
  • where can I find weed in Ochos Rios Jamaica - the more difficult question is how can you *avoid* weed there?  The only answer I know is to just stay on the ship...
  • antidepressants give you false happiness - beats the total lack thereof without them.
  • martha stewart bad decision - ya think?
  • sarbanes oxley sucks - bet that brings a tear to Chris Byrne's eye every time I list that...
  • job description of condom tester - ah yes...  that was part of a book review I did...
  • ibm squeal 10 minutes - anyone want to help out on *that* one?
  • dUFFBERTS rANDOM mUSINGS - fIX tHE cAPS lOCK, eH?
  • ed brill bill buchan photo - someone's looking for dirt...  ;-)
  • how to educate a 14 year old - look elsewhere for that one...  we failed over here.
  • ROLING THE TONGUE - no big deal if they spell it correctly...  Otherwise, it's a new nickname for Greyhawk!
  • freeway female anatomy pocket pc - sometimes I wonder if there's a hidden part of this blog that I don't know about...

Now, for those of you who might be wondering...  I get over 2500 google hits a month, and the vast majority of them are boring, pedestrian, technical hits.  But those wouldn't be nearly as much fun to blog about, would they?

Oh, and sorry guys...  there were absolutely NO HITS on a certain target topic that made the rounds at Lotusphere.  :-)

Want to support this blog or just say thanks?

When you shop Amazon, start your shopping experience here.

When you do that, all your purchases during that session earn me an affiliate commission via the Amazon Affiliate program. You don't have to buy the book I linked you to (although I wouldn't complain!). Simply use that as your starting point.

Thanks!

Thomas "Duffbert" Duff

Ads of Relevance...

Monthly Archives