May 2004 Archives
We're watching the Mariners lose to the brilliant pitching of Curt Schilling for the Boston Red Sox, and I was struck by this totally ridiculous statement during the normal verbiage about the telecast belonging to the network:
"Any accounts or descriptions of this game may not be disseminated without the express permission of the Seattle Mariners."
I'd tell you about how the game would've been tied right now in the 8th inning if Juilo Mateo hadn't made a bad wild pitch and then missed the toss from Dan Wilson while covering home plate in the 6th - but that would be a violation of the licesnsing... who allows them to write these kinds of statements?
Update
As long as I'm not giving an account or description of the game, I won't tell you about how the Mariners brought it to within one run in the eighth before Raul Ibanez scored a 3 run home run to put the M's on top 7-5 at mid-inning - let's hope the bullpen can hold the lead.
Update 2
Well, the bullpen gave up two runs to tie the game at seven, and then the teams struggled for four more scoreless innings, until Boston finally won it with a two-run homer in the bottom of the twelfth.
But you didn't hear that account or description of the game from me - uh-uh.
Several of us in Computing & Communications are starting to experiment with the latest generation of wireless devices, in an effort to try to understand both the applicability of these devices for use with our current campus infrastructure and to get some notions about how that infrastructure might have to evolve as the state of the art of mobile devices grows into the future.
I received my gizmo of choice for this experiment a couple of days ago - a new Nokia 3620 phone with service from AT&T Wireless. This phone features Bluetooth, a camera, and a built-in IMAP email client (along with all the usual telephone features).
So far I think I like it.
The screen is large enough and bright enough to be easily readable for things like contact information and calendar items.
I was fairly easily able to configure bluetooth to talk to my iMac and to download and sync contacts from the Mac address book (it even downloads the pictures and puts them into the contact list on the phone) and calendar items with iCal. The calendar application on the phone is lots (LOTS!) better than on my Motorola.
So far I've been able to configure the IMAP client to fetch email off of our campus servers, using secure SSL authentication with no problem.
I've been able to send email using the phone talking to our campus SMTP server with secure authentication, but it seems like it takes an awful long time for the email to arrive from AT&T - like 12 hours! Will have to do some more testing on that to see what's up.
The first night I had the phone I received a spam SMS message - sheesh.
The camera is no great shakes, but it's sort of fun to be able to take pictures with the phone, and its slowness and low resolution might make it a good device for its own kind of art, like in this picture of my son moving at his usual speed:
.jpg)
Apparently Nicholas Carr has now made a book out of his HBR article "IT Doesn't Matter" that caused such a fuss last year.
InfoWorld's Chad Dickerson has a nice take on it here.
Beneath all the "IT doesn't matter" hype, there's the notion that IT is already a utility and you just plug things in and they work -- not true. In my mind, the ubiquity of IT shouldn't be confused with overall IT stability any more than the ubiquity of banking systems should be confused with making money. In both cases, good management matters more than anything.
Jack McCredie from UC Berkeley wrote a good response to the original article on why IT certainly does matter in higher education.
I argue that academic institutions that are smart and nimble enough to take advantage of advances in information technology will be better able than their peers to compete for great students, faculty, and staff. Successfully incorporating IT into their operational and educational fabric will probably not enable any institution to corner the market on National Merit Scholarship winners or National Science Foundation grants; however, the advantages will be real, and they will matter in the day-to day culture that sets one institution apart from another.
The usually well-spoken Cory Doctorow has posted an entry in Boing Boing relaying a report from Jason Schulz decrying Penn State's policy of not allowing students to run servers on the University network.
While it's very easy to cry foul on the big, bad, University for limiting student freedom, reality is, as usual, far more complex and nuanced.
I can't speak for Penn State, but I do know about the deliberations we've had over the years on the same topics here at the University of Washington.
Running a network at a large research institution is not an activity for the faint of heart - the demands are huge and growing exponentially, the policies governing the network are never clear, and the budget is always too small.
While we like to think of students using computing and networking at universities in terms of absolutes like academic freedom, freedom of speech, and free inquiry and learning, in reality providing network services for students comes down to a series of cost/benefit/risk tradeoffs.
The cost of providing high speed network services to a modern research university is not inconsiderable. For instance, Indiana University shows its total networking costs for the 2002-2003 year at the Bloomington campus to be right around $7.5 million (reports available here). So let's not labor under the illusion that providing bandwidth to students is free (or even cheap). In addition to the costs of providing network services, there is also the cost of providing support for those services - analyzing problems with networks is complex and getting more so in the age of firewalls, NAT, and other security-related appliances that interfere with the end-to-end nature of the network.
The set of risks to an institution posed by abuse and misuse of the network should not be underestimated. There are security risks to the institution brought about by poorly administered machines on the network (as I write this we are in the process of shutting off a couple thousand campus IDs that may have had passwords sniffed as a result of several compromised *nix boxes having trojan ssh servers installed), legal risks posed by people sharing data that they don't have rights to (not just music and movies, but photos, licensed research materials, and the like), and the risks to the institution's reputation with its funders, alumni, and state, federal, and private agencies, if the university is perceived as doing a poor job of running its network services. In another context my colleague Terry Gray has pointed out that we are rapidly evolving to a legal environment, in the age of regulations like HIPPA, FERPA, and the like, where much of our technology will end up being determined by managing the risk to the institution - sigh.
I certainly agree with Cory and Jason that the benefits from students having widespread access to high speed networking are huge - students can try things out, learn how to interact with networks that they will only be able to dream about in most workplace settings, and dream up new and innovative things that us workaday folks would never have the time nor imagination to come up with.
So from the point of view of those of us who provide networking and computing services to universities, the questions are always how to provide for the most benefit while minimizing the risk and doing it all at a reasonable cost.
Here at the UW we faced these issues in the student realm about five or six years back when the majority of our dorms got wired with ethernet. We spent a few quarters dealing with the increased issues of student-run ftp servers offering up all sorts of things all over the web (this was before the major advent of p2p file sharing), and we were trying to devise policies that minimized the risk to the institution and the cost of support, but did not involve us computing types in actually having to look at and make judgements about the validity of specific content.
We came up with a policy that allows students to have servers in the residence halls that are visible on the campus network, but not to have servers that are visible to the global Internet. That policy allows students to do plenty of learning and experimenting with new technologies, but limits the exposure and amount of support we have to give to the relatively small number of students that live on campus here (we have about 4,000 students living on campus, out of a total student body of around 39,000).
Students who are doing research projects in departments (like the Google and Yahoo examples quoted in Cory's post) typically have machines hosted in the departments and have free access to the whole variety of high-speed networks provided to the University - see http://www.cs.washington.edu/research/systems.intro.html for some examples.
Then a couple of years ago we had to contend with the rise of p2p file trading - at that point we realized that something aroud 40% of the total off-campus bandwidth available to the University was being eaten up by the dorms, and that percentage was growing precipitously. Obviously we couldn't let it get to a point where university researchers, faculty members, and clinicians in our medical centers couldn't get the bandwidth they need for their work because students were using Kazaa (not to mention students doing legitimate research and academic work).
So we sat down in discussions with the Housing administrators and asked them if they were interested in paying to increase the amount of overall bandwidth for the University to accomodate this traffic. Logically enough, they told us that their goals are to keep the overall price of University housing as low as possible and they didn't want to have to increase prices to pay for students to share music and movies.
At that point we brought in technology to limit the amount of bandwidth available overall to the dorms and to further limit the amount of bandwidth within that total cap that is available to the most popular p2p applications.
While those limits were not initially popular with students, I believe that most of them have resolved their issues with the caps - either by living within the caps or by finding workaround - at least the volume and frequency of complaints has certainly diminished.
So we continue to try to provide our students with the best networking we can, while living within the real-world constraints we all have to put up with. Make sense?
This posting of Cory's has been picked up widely, and I for one think it does a terrible disservice to all of us in the higher ed IT support community.
By now lots of people have written about the OS X Help Viewer vulnerability, which allows remote arbitrary code execution from visiting a bad link in a browser.
My colleague Josh Larios writes the following on how to protect yourself:
This one is serious. Arbitrary code execution with nothing required of the user but that they visit a malicious web page. It affects all browsers, not just Safari. It seems to only affect OS X 10.3. There's a fairly scary proof of concept floating around which opens a terminal window and executes a command. It should be obvious that that's a Bad Thing.
Here's how I'm protecting myself:
1. Launch Internet Explorer.
2. Go to Explorer -Preferences.
3. Go to Network -Protocol Helpers
4. Find the "help" protocol and click on it, then click "Change".
5. Un-check "Use current application if possible".
6. Click "Choose Helper".
7. Click on the "Chess" application in your Applications folder, then click "Open".
8. Click "OK" in the Protocol Helper Editor.
9. If you have a "disk" protocol, click on it and repeat steps 5
through 8. If not, click "Add" and create a "disk" protocol, then follow steps 5 through 8 for it.
Apple's known about this since _February_? Seriously, seriously lame.
Dave Clark is one of the grand old men of the Internet - he was the first chair of the Internet Activities Board (Vint Cerf was the second), he was the Chief Protocol Architect from '81-'89, and his accomplishments are wide ranging.
Terry Gray turned me on to this video of a terrific talk Dave gave at a recent Internet2 meeting (warning - it's a 488 MB QuickTime file) about the future of the Internet.
Dave's thesis is that the future of the Internet will be defined more by legal and social needs than by technical design, as inelegant as technologists and engineers may find that. He characterizes the discussions around social and legal drivers by the "tussle" that occurs between various points of view on any issue.
He's got a 2002 paper on the topic which, while nowhere near as entertaining or broad in scope as the talk, is a lot easier to download:
Engineers attempt to solve problems by designing mechanisms with predictable consequences. Successful engineering yields bridges that predictably don't fall down, planes that predictably don't fall out of the sky, and calculators that give the "right" answer. The essence of engineering is the development and codification of models, techniques and tools that deliver predictable, desirable behavior. The technical development of the Internet has followed this path.
As a community, we focus on design principles that deliver such virtues as robustness, scalability and manageability in the face of complexity, component failures, growth, and other challenges. However, as the Internet becomes mainstream it inevitably moves from being an engineering curiosity to being a mirror of the societies in which it operates. The Internet may have been designed by engineers, but its behavior (and its evolution) is by no means predictable today.
The operation of societies follows a different model. Historically, the essence of successful societies is the dynamic management of evolving and conflicting interests. Such societies are structured around "controlled tussle" - regulated by mechanisms such as laws, judges, societal opinion, shared values, and the like. Today, this is the way the Internet is defined - by a series of ongoing tussles. Different parties adapt its mix of mechanisms to try to achieve their conflicting goals, and others respond by adapting the mechanisms to push back. Thus, conservative governments and corporations put their users behind firewalls, and the users route and tunnel around them. ISPs give their users a single IP address, and users attach a network of computers using address translation. There is no "final outcome" of these interactions, no stable point, and no acquiescence to a static architectural model.
The challenge facing Internet research and engineering is
to recognize and leverage this reality - at minimum to ac-
commodate it; if possible, to use it to strengthen the techni-
cal architecture. In other words, the technical architecture
must accommodate the tussles of society, while continuing
to achieve its traditional goals of scalability, reliability, and
evolvability. This expansion of the Internet's architectural
goals is a difficult, but central technical problem.
My colleague James Morris points out an article in Microsoft's Technet site by Jesper M. Johansson, Security Program Manager at Microsoft, entitled Help: I Got Hacked. Now What Do I Do?.
• You can’t clean a compromised system by patching it. Patching only removes the vulnerability. Upon getting into your system, the attacker probably ensured that there were several other ways to get back in.
• You can’t clean a compromised system by removing the back doors. You can never guarantee that you found all the back doors the attacker put in. The fact that you can’t find any more may only mean you don’t know where to look, or that the system is so compromised that what you are seeing is not actually what is there.
it concludes:
The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications). Alternatively, you could of course work on your resume instead, but I don’t want to see you doing that.
This list makes patching look not so bad, yes? We may hate patches, but the alternative is decidedly worse.
Sobering reality.
There's been a lot of brouhaha over the new licensing terms on Movable Type 3.0. Movable Type is great blogging software, and it's what I use to host this blog. You can read all about the issues with the licensing at
Mena Trott, one of the cofounders has asked people how they're using MT, to see whether the new licensing terms would actually cause real hardship. That's a real gutsy thing for a software author to do, and I applaud Mena and Ben, and I fully support their quest to make a living from the software they've built with passion and care.
For me, one author writing one weblog on my installation of MT, the new terms make no difference.
If we were going to use it as a business tool for UW Computing & Communications, we'd have no problem paying for the software under the new license terms.
I hope Mena and Ben make a bundle and keep growing the software into a ripe old age.
A few years back I was serving on a committee with Deborah Jacobs, the Seattle City Librarian. During the time the committee met the initial drawings for the new downtown Seattle Library were published, and my initial reaction was that it looked radical and maybe outrageous.
Deborah assured me that she and the staff of the Library had been very involved in the design of the building and that it would be superbly functional for their needs in the new century.
Now the new central library is set to open next Sunday, May 23, and the positive reviews are pouring in. Herbert Muschamp in the New York Times writes:
At a dark hour, Seattle's new Central Library is a blazing chandelier to swing your dreams upon. If an American city can erect a civic project as brave as this one, the sun hasn't set on the West. In more than 30 years of writing about architecture, this is the most exciting new building it has been my honor to review...
What cities need most of all are strong clients, like Deborah L. Jacobs, Seattle's city librarian. This is a client who knows exactly what she wants. Terrifying. But there's never been a great building without a strong client in the history of the world, and Ms. Jacobs is now up there with popes and princes as an instigator of fabulous cities.
I also couldn't agree more when he goes on to say:
Her achievement is all the more remarkable in light of Seattle's nasty encounters with architecture in recent years. The Seattle Art Museum, designed by Robert Venturi and Denise Scott Brown, is a rancid piece of work. Frank Gehry's Experience Music Project looks like something that crawled out of the sea, rolled over and died.
The Seattle Times has more coverage of the new library here.
I know where I'll be next Sunday - hope to see you there!
Over the last week or so my six-month old 15-inch Powerbook (the 1.25 Ghz model) started acting strangely - it would sometimes go to sleep unexpectedly, and sometimes have a hard time waking from sleep, and it was also not recognizing what should have been known wireless networks.
On Saturday, right after I installed the latest SlimServer software, it went to sleep and wouldn't wake up. I removed the battery, unplugged the machine and waited till it ceased thinking it was asleep, but it wouldn't reboot. I tried resetting the power management unit, but no dice.
Luckily, I have Applecare on the Powerbook, so a call to Apple was in order. After telling them what I had tried so far, they decided that there was no alternative to shipping it back to Apple. So they're sending out a box and off it will go today - they said to expect a five-day turnaround. Sigh - living without my Powerbook for a week will not be easy. Luckily, I still have my trusty Toshiba Portege 2000 to see me through my mobile needs while I wait.
There have been widespread reports of quality problems with this particular model of Powerbook - but the reports I've seen have been either about warped lids (which my machine also exhibits), or display problems - I haven't seen any mention of the problem I experienced with this model.
It made me think of something Terry Gray said while we were chatting about Apple back in January - that despite Apple's reputation for hardware design and manufacturing, in his experience their hardware hasn't been all that robust, and what they really do best is software, and that he wished they'd license OS X for Intel commodity hardware. Now that's an opinion that goes against the common wisdom about Apple, but I'm beginning to wonder if he doesn't have a good point.
Have you noticed just how many people have gone totally gaga over taking pictures with their digital cameras? I mean, every meeting I go to lately people have their really high quality (both technically and aesthetically, if not artistically) photos scrolling by on their screensavers. It's a new hobby, sweeping the nation (and probably not just this nation, either).
I was thinking about this as I was riding my bike home yesterday, and when I pulled into the driveway I was struck by the riot of color in the front yard produced by all the flowers in bloom - it's been a beautiful spring here in Seattle. So I whipped out the digital camera and did my bit.
Sure beats looking at the pictures on the front page of the paper lately.
How's that for an alliterative headline?
I purchased the new Diana Krall album, The Girl In The Other Room, yesterday from the iTunes Music Store. It's a fine album - while I will admit to having thought that her marriage to Elvis Costello seemed really bizarre at the time (I even wrote about it then, and wished that she would record Costello's Almost Blue, which she does on this one - maybe she reads my blog), the songs they have written together on this album are some of the best things he's written in years, and she is a wonderful interpreter of his moody but literate style, imbuing it with needed subtlety and swing.
Krall has used a small collection of wonderful musicians on this recording, including John Clayton and Christian McBride on bass, and Peter Erskine, Teri Lyne Carrington, and Jeff Hamilton on drums. As I'm listening, I think - gee, I'd really like to know who's playing on which cuts. But that information is not to be found. Not in iTMS, not in the Credits section of the album's entry in the All Music Guide, not on her own web site.
I guess that's what you pay the extra $10 for when you get the CD. Sheesh.
Hey -
KEXP, the second best radio station in the world (after WWOZ in New Orleans, IMHO), has won a Webby award. Nice to know they recognize quality when they see it.
In addition to playing a really wide variety of independent music (the DJs really are in control of what they play), KEXP features many formats of streaming (including uncompressed full-bandwidth audio), real time playlists going out to the web (allowing me to answer those questions like "what was that song I heard while I was driving home last night?"), an archive of the last two weeks of all broadcasts, and a permanent archive of lots of live performances in the studio.
Kudos to KEXP for the great work they continue to do!
Julia Lerman points out this interesting post from the Microsoft Watch site speculating that the future of Microsoft's marketing of the tablet PC is not clear.
At WinHEC, Microsoft execs almost went so far as to admit that the company is now resigned to positioning Tablet functionality as just another notebook computer feature. (Or, if you prefer the Microsoft spin on this, for the Tablet PC to "assimilate" the mobile PC segment.)
Company officials claim this was Microsoft's vision all along. But tell that to the Tablet PC OEMs, channel partners and software developers who have been working to build businesses around the Tablet as a differentiator. Many were counting on Microsoft to push the Tablet as a whole new kind of computer, not just a collection of whizzy add-on functionality.
Says one: "The retreat is serious. We'll be (moving) into the 'Tablet as all' and 'All as Tablet' (phase) within five to ten years. It's like a plan to shoot itself in the head."
There's other evidence that the Tablet is on increasingly shaky ground, at least marketing-wise.
One of the highlights of every summer for my family is attending the Vancouver Folk Music Festival, which takes place in a stunning setting and features music from all over the world. This will be the 27th year of the VFF, and the lineup looks stunning - we'll see you there!
***
Ok here it is - the line up for the 27th Vancouver Folk Music Festival -
16-18 July 2004.
(D) indicates a VFMF debut
# indicates a participant in The Collaboratory
Marc Atkinson Trio (BC)
Brilliant acoustic improvisations from the Django-global-anything-goes
string masters from Vancouver Island.
Autorickshaw (Ontario)
Gorgeous grooves on the trans-cultural frontier, weaving ancient traditions
with a very modern attitude.
The Backstabbers (Ontario)
Old country is the new 'new country'! The 'Stabbers serve up a heapin'
helpin' of old-time country string music.
Geoff Berner (BC)
Not just another lucky buckaroo with an accordion, one of Vancouver's
finest songwriters finally flies solo on the beach.
Eric Bibb (Sweden)
The spirit, the blues and a whole lot more woven into songs that will
soothe your soul.
The Bills (BC) (formerly the Bill Hilly Band)
An encore chance to dance with BC's high-powered acoustic adventurers.
Jim Byrnes Acoustic Band (BC)
One of Canada's finest voices has a new acoustic groove, some good ol'
blues and some great new tunes.
Martin Carthy (England)
A master of English traditional song and one of the great innovators on
acoustic guitar.
Bruce Cockburn (Ontario)
One of Canada's most passionate and gifted artists returns to the Festival
after 26 years.
Creaking Tree String Quartet (Ontario)
New acoustics from Toronto, with picking and bowing as sweet as a sunny sea
breeze. (D)
Steve Dawson, Jesse Zubot and friends (BC)
Two of Vancouver's finest musical imaginations are back to spin a little
magic with some of their musical fellow travellers. #
Mercan Dede (Québec / Turkey)
A 21st century dervish, blending acoustic virtuosity on ancient Turkish
instruments and the rhythms of the rave in a transcendental groove (Friday
& Saturday only). (D)
The Duhks (Manitoba)
A roots riot with fresh prairie attitude, blending Celtic and mountain
roots into new Canadian music.
Dupain (France)
The working songs of Marseille, brought to life with a passion . and an
oud, a hurdy-gurdy, bass and drums. (D) #
Hamza El Din (USA)
A master of the oud, a great composer and a trans-cultural pioneer for more
than 40 years. (D)
Fiamma Fumana (Italy)
Deep beats with deep roots, in ancient songs and melodies from working
women's lives in northern Italy. (D)
Filippo Gambetta (Italy)
Beautiful melodic improv and interpretations of Italian melodies on
melodeon, guitar and bass. #
Dick Gaughan (Scotland)
One of the most passionate and committed interpreters of traditional and
contemporary songs.
James Graham (Scotland)
This year's Young Celtic Tradition Award winner brings the pipes and the
old Gaelic songs to Jericho. (D)
Janis Ian (USA)
One of America's most timeless and outspoken troubadours is finally at the
Festival. (D)
John and the Sisters (Ontario)
Brand new blues from the heart of Toronto, with a passion and power that
takes no prisoners (featuring Kevin Breit and the Sisters Euclid). (D) #
Jorane (Québec)
A beautiful voice, a 21st century cello and an amazing musical imagination
in an encore performance (Friday & Saturday only). #
Martyn Joseph (Wales)
A Festival favourite returns, with enough faith, anger and compassion to
fill every heart in the park.
Enoch Kent (Ontario)
A one-man folk revival, from early days in Glasgow with Ewan MacColl
through life in Canada as a workin' chap and artist. (D)
Marian Rose Community Dance Project (BC)
Your chance to learn just how much fun it is to dance, together.
Kim Sinh (Vietnam)
Stunning string music created on the Vietnamese guitar by one of Viet Nam's
venerated musical treasures. (D) #
Kaki King (USA)
An amazing young composer and guitarist who creates unforgettable music. (D)
Patty Larkin (USA)
Deep grooves and poetry from this stunning guitarist, singer and songwriter.
Leaky Heaven Circus (BC)
Expect to be surprised by the Festival debut of one of Vancouver's most
creative, best-loved ensembles. (D)
Raghu Lokanathan (BC)
A special debut performance by a true BC original, with songs to make you
smile and sing along. (D)
Los de Abajo (Mexico)
Stirring up reggae, ragga, dub, rock, salsa, cumbia, cha cha cha and
merengue, singing the lives of "those from below" in Mexico. (D)
Lynn McGown and Michael Pratt (BC)
Two of the leaders in Vancouver's folk music community creating real
festival workshops.
Ellen McIlwaine (Alberta)
One of this country's great singers and one of the acoustic guitarists who
pioneered trans-cultural music. #
Rory McLeod (Scotland)
The return of the one-man festival, a musical spirit as big as the park. #
New Word Order (BC / USA)
Ultra-fresh spoken word by a posse of friends from last summer and new
voices from away, brought to you by Ivan E. Coyote.
Odetta (USA)
The return of one of the most revered figures in folk music, who's amazing
voice has been ringing out for freedom and beauty for generations.
Kelly Joe Phelps (USA)
An artist whose music goes from Saturday night to Sunday morning. #
Utah Phillips (USA)
Guts and attitude . with a long-term window on our world and what we can do
about it.
Po'Girl (BC)
A chance to catch up with Vancouver's ever-evolving acoustic sisters of
soul.
Rizwan-Muazzam Qawalli (Pakistan)
The next generation in this beautiful ancient music, led by the nephews of
Nusrat Fateh Ali Khan. (D)
Oliver Schroer and Twisted String (BC)
One of Canada's great fiddlers and composers brings some of the next
generation of BC fiddlers to the stage. #
Shooglenifty (Scotland)
The return of the crazed Scottish folkadelic beat masters, ready to set you
reeling.
Tons of Fun University (T.O.F.U.) (BC / USA)
C.R. Avery, Shane L. Koyczan & Mike McGee hit the evening stage with a
special presentation created for this weekend! (D)
Under the Volcano (BC / Ontario)
Ninety more minutes of musical truth and light, brought to you by a fine
festival that knows where to find it.
The Wailin' Jennys (Manitoba)
Three great singers and songwriters creating some of the most timeless new
folk music in the Canada.
War Party with Kinnie Starr (Alberta / BC)
Hip hop messages of truth and reconciliation in a quest for change and one
of Vancouver's musical pioneers. (D)
Warsaw Village Band (Poland)
Fevered, hard-core acoustic music, a radical return to the deep traditions
of Poland. (D)
Nancy White (Ontario)
One of Canada's best known songwriters and host of Ain't No Cure For Love,
our tribute to Leonard Cohen.
Lev Gonick from Case Western sends the following call for proposals for the Global Summit on Digital Cities to be held in Cleveland this summer - looks interesting!
Global Summit on Digital Cities - Cleveland, Ohio - $10K Prize for Best of Show Call for Presentations
Cleveland, OH July 30 and 31, 2004
One hundred cities, 500 effective practices on the digital transformation of life in the city of the future.
Digital Cities Conference 2004 is releasing this Call for presentations, presenters and effective practices for applications and services that are changing the way people work, live, study, and play. Thanks to generous support from Intel, Cisco, Sprint, Allied Telesyn and a growing list of technology sponsors, we're convening a global symposium that celebrates the positive impact breakthrough technology has on the world's cities. And we're going to award the best of show with a check for $10,000. Other cash awards for best demonstration and digital story will also bring fame and fortune to innovators in each major category of application.
We’re building the archetypal Digital City in Cleveland, Ohio July 30 & 31. The conference will feature speakers, panelists, and roundtable sessions, uniquely integrated throughout an engaging exhibit area that is literally a “Digital City“, complete with neighborhoods defined by major market segments. Stroll off the Public Green into the Healthcare Neighborhood and see how a surgeon in Paris confers with a radiologist in Cleveland during a procedure, Explore the Government Neighborhood and learn how the a major Midwestern city enhances public safety and convenience through a computer tracking system that manages snow removal (it knows where every plow is and which streets still need attention). Experience an interactive theatrical event in the “Cultural “District” where dancers in New York perform live with artists in Cleveland though a multi-media experience.
Calling Pioneers, Innovators, and Trendsetters. We’ve organized the inaugural Digital City into 18 neighborhoods. If you have a story to tell, a demonstration, a lesson learned, partnership success, or a cool technology we’re inviting you to share it with the world when it comes to Cleveland.
• Healthcare in the Digital City
• Art in the Digital City
• Music in the Digital City
• New Media in the Digital City
• Higher Education and Leadership in the Digital City
• Government Services and Strategic City Planning
• City and Regional Transportation Services in the Digital City
• Public Safety and Homeland Security
• Media and Journalism in the Digital City
• Converged Public Broadcasting, News, and the Public Interest
• Bridging the Digital Divide in the City
• Organizing and Servicing Technology Companies in the Digital City
• The Creative WorkForce in the Digital City
• Schools in the Digital City
• Financing the Digital City
• Building Strategic Partnerships or the Politics of the Digital City
• Smart and Green in the City – Technology and the Environment
• Technology Innovation: Smart Tools and Systems for the Digital City
Submitting a proposal: Point your browser to www.digitalcities.org
Flying back from Charlottesville, I'm finally remembering to write a post about the iTunes 4.5 update last week.
There are some good new features - the limit on machines you can authorize to play your tunes purchased from the iTunes Music Store went up from three to five, which is great for me, as I have two machines at work, a machine at home, and a laptop that I regularly listen to music on.
And at first I was excited about the iMix feature, which allows you to annotate and upload a playlist to the iTunes Music Store site for sharing with others - a nice social feature. But when I tried it I realized that it only uploads listings for tunes that are available for purchase at iTMS - and it's rare that I have a playlist that contains only songs that I've purchased (or even that are available for purchase) this way. Oh, well - if you want to know what I'm listening to (at least at work), it's posted here.
Ken Klingenstein began by giving a brief overview of the different current activities around organizations federating to be able to accept each others' authentication and authorization information for access to content.
We need to begin to think about applications running over trust fabrics, much as we have thought for years about apps running over networks.
In federating enterprises, organizations and users must retain control over which attributes about a person are released to applications - it's the only way to preserve privacy
It looks like the best of Liberty and the best of Shibboleth will converge, perhaps in SAML 2
The Swiss have a Shibboleth-based federation where they have established common policies across eighteen campuses!
Carrie Regenstein talked in more detail abou theInCommon federation, which is starting as an Internet2 activity:
Built on Shibboleth authentication and authorization technology, InCommon enables cost-effective, privacy-preserving collaboration among InCommon participants. InCommon eliminates the need for researchers, students and educators to maintain multiple, password-protected accounts.
InCommon is a formal federation of organizations focused on creating a common framework for trust in support of research and education. The primary purpose of the federation is to facilitate collaboration through the sharing of protected resources, by means of an agreed common trust fabric.
In a conversation today about the evolving roles of IT architects on campuses, Dave Lambert from Georgetown observed that
"The problem we have as CIOs now that we have architectures is getting things built."
I'm not a CIO, but I feel the truth of that remark - we now understand way better than we used to how the various pieces of IT infrastructure can work together, thanks to the tremendous effort of really talented professionals in the architect role, but it's really bringing to the fore the amount of resources we need to have on hand to build the world that our users are clamoring for.
We had a meeting of the Advisory Council for the Westwood iteration of Chandler.
The agenda and materials for the meeting are available on the Chandler wiki here.
Chao Lam from OSAF showed some slides that demonstrate the way items in Chandler can belong to collections and be related to each other - this represents a very exciting and powerful paradigm for managing personal information in ways that may work much better with how us humans actually deal with and process this kind of information.
Lisa Dusseault from OSAF talked about the intent to have Chandler use open standards where applicable for even its peer-to-peer ccommunication. This makes a lot of sense to me, and I'm glad to see OSAF head down this road.
OSAF is planning to use WebDAV as the primary method for access to its repository information, even in their peer-to-peer communications.
They've changed their security context model from using username/password to using a lightweight version of PKI, with x.509 certificates. At least initially (in the 0.4 release) the certificates will be issued and exchanged by Chandler. Later on (perhaps in 0.5) Chandler will be able to deal with certificates issued by other certificate authorities.
Lisa is the author of the proposed CalDAV standard, which uses WebDAV to exchange calendaring information. Not surprisingly, Chandler is proposing to use CalDAV as their access protocol. Given the current lack of any known implementation activity on the proposed IETF CAP protocol, CalDAV may be a way to move forward on providing calendar interoperability among disparate systems.
It sounds like things are moving right along, and I continue to be excited about the prospects of Chandler.
Tom Barton from the U of Chicago is talking about the Grouper effort.
Tom characterizes core middleware as a "linearizing infrastructure" which puts the data from source systems closer to the applications that need it, where information gets staged in ways that applications can use it.
Grouper is an Internet2/MACE project to build group management software
Tom makes the good point that group information is used not only for authorization within applications, but to facilitate things like group messaging, scheduling and other forms of collaboration.
The number of groups you have to deal with is likely to be way more than the number of people you have.
Groups will be stored in RDBMS. There will be a single API.
Grouper V1 will incorporate basic group management with subgroups and compound groups, aging of groups and memberships, abstracted interfaces for privileges, subject lookup, and last activity, and Signet integration.
The API will be Java.
Tom's slides are here.
Sandy's slides are here.
Internet2/MACE Project building on Stanford's Authority Management experience.
They'll be working on a recipe for success based on their experience to date.
The output of this project will be a set of projects, including software to define and manage priveleges, with a web interface, and components for using those privileges with applications.
Sandy notes that in order to use a central privilege system you have to have common contexts across the enterprise, including a standard view of the organizational structure that can be used across all applications.
The signet group is looking for participants to help in the development and early-adopter use of this software. See
http://middleware.internet2.edu/signet/ .
"Authentication says who you are, authorization says what you can do".
That's too simple of a phrase - what we really need is a representation and enforcement of organizational policy in software.
"Let the good stuff happen, while prohibiting the bad stuff" - in order to do that, you need to know what your policies are and have good ways of mapping your policies into software. Policies range from really high level stuff like HIPAA to setting permissions on individual files.
Only Bob could make the link between Nietzsche and authentication and authorization.
The basic principle of risk management is don't spend more to control access to the resource than it would cost if it were stolen. Everyone wants fine-grained policies, but nobody wants to manage or audit them.
Bob notes that one possible success metric for authorization infrastructure is how much human effort and elapsed time does it take to implement a high-level policy change.
There is work going on in standardizing authorization APIs and "policy expression languages" - think of standard ways of representing things like access control lists so they could be transported among multiple applications. See Bob's slides for all of the relevant acronyms.
"Provisioning" is an industry term for automated account management in apps. There's a new OASIS standard of this called SPML.
There will be lots more talk about this kind of stuff at the Internet2-Educuase Advanced Middleware camp at the end of June.
the workshop portion of the csg meeting at the university of virginia is
being webcast. visitwww.stonesoup.org and click on "next meeting."
a link to the videocast is on that page, as well as a link to the
speakers' slides. the webcast will begin at 8 am est.
A few days ago I started using Ecto to author my weblog posts, and I'm hooked.
Ecto is a desktop blogging client, written by Adriaan Tijsseling that runs on OS X (there's a windows version in beta). It works with a bunch of different weblog systems, including Movable Type, which is what I use here.
Things that I like about ecto:
- Runs on the dekstop so it's fast and always available, even when I'm disconnected.
- The user interface is (so far) very intuitive for me.
- It eases the tasks of creating simple html in posts - like creating links from clipboarded urls in one click.
- It does spell checking on the fly.
- It can insert the song currently playing in iTunes into a post with one click - I'm currently listening to:
Splashdown from the album Complete In A Silent Way Sessions - Disc 1 by Miles Davis
I had a little problem registering my copy. I sent email to Adriaan about it and got an immediate answer - now that is service!
For $17.95 a great deal!
Eliot Van Buskirk takes a look at Connect, Sony's new online music store here. I'm not convinced.
While reading Sony's usage agreement (you always read them before clicking the I Agree button, right?), I noticed that it said, "You may not use the SONY SOFTWARE over an internal network or distribute the SONY SOFTWARE to other computers over an internal network." One of the features I like the most about iTunes is that while I'm at work, I can listen to music that lives on the computers of other iTunes users on CNET's fourth floor. Not only does SonicStage block this sort of stream sharing, it could even completely prevent usage on a large network. I haven't done enough testing to be sure, but so far, I've been unable to install SonicStage on my CNET computer (I had to to test it at home). Either way, Sony's fear that songs purchased from its online music store could escape to the masses for free are abundantly clear.
Oh, and in case you Mac and Linux users were wondering (from http://www.connect.com/download.html):
We know you are interested in using the Connect music store. Unfortunately SonicStage only works on Windows 98SE and above.
We have no immediate plans to support other operating systems at this time. However, we believe this is an important user base and we hope to support it in the future.
Ken Klingenstein from Internet2 is moderating a day-and-a-half long workshop on research computing.
Right now, Dave Lifka from the Cornell Theory Center is talking about some really high performance computing clusters that they've built totally around Windows machines - definitely a take from a different direction than most of us think of when thinking of high performance grid-type computing (where mostly we talk about linux and the globus toolkit).
One cool use of this that Dave pointed out is by a Stephen Marschner, who's building models for rendering translucent materials like skin, milk, and marble. These models, where they bounce laser light off of real materials and use lots of cameras around the room to measure how the light reflects in different directions, produce huge amounts of data to analyze (I believe Dave said they produce something like 14 terabytes of data per run). There's a paper on this effort available here.
Jim Pepin from USC talked this morning about the High Performance computing initiatives at USC. Jim started his talk by recounting how university computing started by providing support for high-end researchers (which he called the "mountain lions"), but then over the years we switched focus to spend almost all of our efforts supporting everybody on campus (the "gerbils") to use commodity computing. Jim noted that in order to support the mountain lions you need to have completely dedicated staff that won't get swallowed up by the demands of gerbil support.
Jim also talked about the physical infrastructure necessary to support high performance computing - the limiting factors are cooling and electrical capacity. While in many institutions (including ours) departments like to build, own, and control their own big horsepower computing, it may turn out to be impractical when they need a half a megawatt to power up a thousand-node computing cluster.
The guys from University of Wisconsin talked about their use of the Condor system which harnesses idle CPU cycles on distributed machines.
I'm in beautiful Charlottesville, Virginia for the spring meeting of the Common Solutions Group. Topics on this meeting's agenda include a workshop on Research Computing, Authority systems, a plicy discussion on content and digital asset management, and a meeting of the Chandler Westwood Advisory Council. I'll be blogging these sessions as they happen.
