Orcmid's Lair |
||||
|
2004-04-03Fixing the Web WheelFor the sites that I visit the most-often that do not require a logon, I havem them in my mouse software's "Web Wheel" middle button feature. These are the pages that I will train my firewall on first. They are easier than this Blog's edit post setup, which uses heavy Java Script and took a few adjustments to get right.Welcome to MSN.com. Even though I think I have blocked them, my.msn.com still does raise the ActiveX permission dialog, so there is some way they are sliding by my general settings. My Yahoo!. Well, Yahoo works and I don't have to decline ActiveX all of the time. Everything works just fine. I learn that there are other sites involved in the creation of my my.yahoo.com web page, though. Interesting. But for the most part, I don't need to do anything special. Lining up the keyholesIn my Internet Explorer, I can set some privileges based on four categories: Internet (the general case), Local Intranet (LAN), Trusted Sites, and Restricted (absolutely untrusted) sites. I keep my Internet protections set pretty high, to the point that I am always having to give permission to use ActiveX or other components. I can't make it an automatic prohibition because some sites don't work if I don't enable ActiveX. I can have ActiveX allowed for Trusted sites, but IE only lets me trust sits that are on TLS (SSL) connections. So that's a conflict.So, this has me do too much work to keep declining Active X, confirming that I know the site might not display properly, and so on. For the most part, declining Active X makes no meaningful difference with regard to the content of a page. It just stifles advertising creativity. So I want to switch to a scheme where ActiveX is by default "off" and only "on" where I have said so, without any need to ask me much. I think I can work it with my software firewall. That is, I am going to lower the guard in Internet Explorer and then raise it on my firewall, because there is more individual site exception-control there. I am now going to see if that works. Stand by ... . Setting a tough barrier. So I didn't mess with Internet Explorer much, but I set privacy in Zone Alarm Pro to the max, as follows: 1. All but session cookies are disabled. 2. All ads are disabled. 3. All mobile objects, including Javascript are disabled. This is a high bar. I haven't changed Internet Explorer's "ask me first" because I want to see what comes through where I do open up a bit. Uh, now how do I blog? So the first thing that doesn't work is Blogger. I took care of it by allowing persistent cookies and enabling JavaScript. I will have to allow at elast persistent cookies on many other sites so that I don't have to sign in all of the time, and we will see how that all works. Just dance with the privacy advisor. That's a little pop-up that keeps telling me what it is blocking. I don't know what there is to cut down its incessant bobbing right now, but I did learn that blogger has a new.blogger.com URL also and I don't quite know where it is refered to in editing my blog, but I will let it have the same privileges as www.blogger.com, and nothing more. As far as I can tell, everything is working with Blogger. This becomes an interestiing activity with regard to all of the other places I will visit for the first time with these settings in place. I will do my Web Wheel and my Blog This! thingie next. Collaborative and Cooperative SystemsThe Wiki MilieuxPulling it all togetherWell, if it isn't one thing, it's another. I don't know what to do with a lot of this, especially that which is based on XML or RDF. It is rather far from WikiText, and there are too many new things to worry about for now. What I am clear about is that there are bits and pieces all over the Internet and seeing how to pull together some kind of best-of-breed analysis is going to be difficult and time-consuming.Raw: OPML Considered H...awful. Well, OK, I read the little OPML 1.0 specification, and I dunno, and then there is OCS and just plain XHTML and there's OML too and just plain RDF so, heck. What is OPML?. Lest I forget one more time, there is also OPML to content with. That's the Outline Processor Markup Language, and it is used a lot. SourceForge.net: Project Info - Serendipity PHP Weblog System. This BSD License project is in solid beta and seems to have the features that I would like to have in one form or another. It also supports RSS feeds, which is how I turned it up. WordPress. This is meant ot be a personal publishing platform. I don't know why it doesn't sit well with me. It is all done in PHP and that should be a plus. I think it may just be the layout and text style, along with font choices. I'm guessing here. I'm making this clipping because it is also a SourceForge project and I want to remember to take a deeper look at some point. RSS Bandit - Rss Bandit. This is a project to make an RSS viewer using C#. One of the interesting aspects of the project is that this Wiki is built with Open Wiki, which is rather nice, and it has some nice features as well as being developed on SourceForge. Systems Architecture and DesignDomain-Centered ApproachesDomain-Driven DesignThere is a book and a web site. I am not sure that it addresses the requirements gap, but it would seem to share the territory with Model-Driven Architecture.What Is It?. An useful resource on Domain-Driven Design. Computing MilieuxPreservation and Interchange of Electronic MaterialsThe Open Document Format InitiativeAlmost more interesting than the initiative, which is quite straightforward, is the fact that these blog or wiki pages (I am not sure which they are) have been seriously defaced and not cleaned up. There is WikiSpam and apparently BlogSpam too. What a shame. Open Data Format Initiative: The Initial Manifesto. This is a very strange page, and my first example of WikiSpam, I think. Most peculiar.Collaborative and Cooperative SystemsThe Wiki MilieuxPulling it all togetherI am getting lost in Wikis that cover overlapping topics, some just talking about effort and refering to it, and others representing invested effort as well. In addition to finding it difficult to sort all of this out for myself, I find that there is now WikiSpam and BlogSpam floating over they hyperspace. There is out and out defacement, specifically like spamming, and then there are other outbursts, probably easier to deal with, involving serious incivility. I am looking for an integrative view of all of these facets and a coherent approach that I can invest in that works for now and should be preservable under spiral and evolutionary development.An information systems view of on-line materialsCaveat Lector: Iunii 22, 2003 - Iunii 28, 2003 Archives. This is an interesting blog, and it does talk about RSS and data migration and other important stuff in the middle of all the Latin (and some great wallpaper).ResourcesThe Cover Pages are an apt source on syndication of web pages, so it will be valuable to check here on a regular basis.Cover Pages: RDF Rich Site Summary (RSS). Always a good resource. And yes, they have an RSS channel. Hmm. roaming web-based rss aggregation from bloglines - August 25, 2003 - currybetdotnet. This raises problems about how to have ones profile everywhere. Bloglines and other services are fixing up hosted solutions that only require you to have a browser. I suppose I should look at having my hosted site keep my aggregations, then, so I could just log on from anywhere and see what I have. It also has the updating work differently. I don't know about that part. I do know that I do mean log on. Maybe it is on a local server that I can synchronize to a hosted one. So, more to think about around wiki-blog-aggregation. I am really interested in federation, not aggregation, but it seems I need to understand what already works. Magpie RSS - PHP RSS Parser. Well, something to look at. We'll have to see how easy this is to adapt. And I should come back to SourceForge and see what else there is in terms of RSS-oriented projects. Oddblog - 2003-06-19 On RSS. Ths is interesting because Oddblog is interesting too. I like their calendar solution. There is something about the organization of this material that suggests to me that blog and wiki are not that far apart. When I do my work on wikiness, I need to look at blogness too. Ah, the blogness monster. OK, time to stop searching around and do my household chores. Like get out of my bathrobe. Introduction to RSS: Syndication and Aggregation. A little whatzitabout article, with a discussion of aggregator services and also reference to the meerkat technical aggregator. SnipSnap :: RSS Aggregation. Well, here are some goodies about SnipSnap and aggregation. SnipSnap is a Java-implemented weblog and wiki tool, so I should find out more. Also, their resources column is interesting. A Work In Progress: Improved Trackback Visibility. Here's a nice discussion of trackback, which is kinda related to syndication and aggregation and commentation (!?) and annotation and well, all that stuff. RssReader - free RSS reader displays any RSS and Atom news feed. Here's an RSS reader that requires the .NET framework. It is freeware but there is no other license information available. The software is from the Netherlands. Pluck: RSS Reader & Power Search. Here's a browser-integrated RSS reader and search tool. The software (at version 0.8.1) is free, it has a launch button on the IE 6.0 menu, and it is built first for Win2k an Windows XP. It looks too limited at the moment, but it has some interesting aspects. It's a closed product, so I am not that interested at this point. NewsTrove.com. This site creates RSS Newsfeed URLs on various topics. I don't know that I am ready to play with it. It offers to create JavaScript newsfeed for websites, too. I have this feeling that I am not sure what I am wandering into. Meanwhile, I get to deal with my reluctance to have yet-one-more always-on appliance on my desktop, especially when I use my software firewall to curb most of the stuff that already tries to use or open up to the Internet without my permission. O p e n W i k i - Open Wiki. This ASP-based wiki implementation also supports all sorts of aggregation, which is how it turned up in today's searching activities. Another reason to take a look at it. Computing MilieuxGovernance and CivicsProtecting the VoteSourceForge.net: Project Info - evm. Here's the Electronic Voting Machine project. Thursday's demonstration was apparently the culmination of the beta software stage. I have a quibble about the use of Python, although not in terms of good choice for a development language. It bothers me that the Python object model is inherently insecure, and people love it because they can do these neat things, like hijack (oops, hook) methods, etc.Mercury News | 04/01/2004 | Electronic voting alternative offered. This article by Elise Ackerman provides more about the group and what it proposed to demonstrate on Thursday. There is more on other initiatives, who the participants in this work are, and the availability of the software for inspection. ACM News Service - Electronic Voting Alternative Offered. This is very heartening. What strikes me is that it deals with something that is too important to leave to market economics and for which transparency must be established along with preservation of the secret ballot. I am sure there are more tests to be made, but the possible establishment of accountability and confirmability, and the stand that was taken to secure it has raised my interest. 2004-04-02Collaborative and Cooperative SystemsThe Wiki MilieuxResourcesAmphetaDesk - Syndicated Aggregator. Well, this one works through my browser and is definitely open-source. Come back here later. Gotta go now ...SharpReader RSS Aggregator. Well, here is a .NET Aggregator. Maybe I am not ready for this. I am not that keen on having something that continuously updates and lets me know stuff. That reminds me of how long it took me to not allow Outlook to check for new mail on its own. Now, I just check when I am good and ready to process mail and, yes, when I am being bored and distracting myself from something I'm avoiding. I don't want anything too automatic. And it is date night, so I can stop this search for now and start all my antivirus scans to run while I'm out. NewsGator Plug-ins. Posting support is interesting, though. So I can post to my blog from within Outlook. Something I will keep in mind. And there are these published APIs for different blogs. Interesting. NewsGator - the RSS news aggregator for Outlook. I need to use an aggregator. I don't know why. It is like belonging to too many Wikis, having too many blogs that I might want to pay attention to. Also, I need to see what my own feed looks like. So, I'll look at aggregation. AnderBill recommended one to me, and this may be it. I am not sure I want integration in Outlook. So I am going to keep looking. Also, I'm a cheapskate, even though this is not very expensive. 2004-04-01Computing TechnologyMiscellaneous GleaningsComputer, heal thyself. This 2004 March 29 FCW.COM article by John Moore discusses the current efforts toward autonomic computing and early-deployment areas. The fundamental question - trusting a system to make decisions about corrections to failures - is brought up in the context of the HAL 9000 in 2001: A Space Oddyssey. Yup.Technology News: Networks: Federated Identity Standards: Confused?. This 2004-03-25 TecNewsWorld article by Eric Norlin and Darren Platt provides a good rundown of the variety of pieces and shapes through which federated identity standards are arriving. There seem to be 3 approaches, and it won't sort out until 2005. Meanwhile, this is a great cataloging of all of the different specifications that bear on this topic. NewsFactor Network - Enterprise - Researchers Question I.T. Subcultural Values. Here's the Mike Martin 2004-03-29 article for SCI:TECH. It provides more depth around the impact of subcultures in organizations and specifically how the situation arises with the IT subculture. ACM News Service - Researchers Question I.T. Subcultural Values. Some analysis of how IT personnel tend to operate inside of a subculture that separates them from the prevailing organization and its purposes. The communication barriers as well lack of recognition of subcultures at work leads to high IT-project failure rates. SourceForge.net: Project Info - GENESIS. Well, I can see why open-source developers might not have jumped on board this project. It is java-centric and apparently usability in terms of setup and operation are awful. This does not seem to have much minimalism. It will be interesting to see how this could be done lighter-weight with some nice quick-start characteristics. Making this a ready-to-hand support for distributed software development teams may involve considerable effort from where they are at the moment. G E N E S I S. This is a project to create open-source (under a convoluted Mozilla-license modification) environment tools for cooperative software engineering. The package is available on SourceForge, but no open-source developers have stepped in to work on it. c a m r a m: Welcome to CAMRAM. I am a little concerned with what is said here about filtering mail closer to ingress, since that implies that all mail is stamped, which did not strike me as the balanced idea. Hashcash.org. This is the hashcash site, with information on how it is intended to operate as an anti-spam measure. It is viewed as a denial-of-service countermeasure in that it circumvents having anti-spam systems losing legitimate, wanted incoming e-mail. A Better Way To Squelch Spam?. This 2004 March 26 article in Technology Review taoks about the Camran open-source approach using "proof-of-work" stamps and a 3-way incoming filter: properly-stamped, friends, and content (and that by junk, ok, and not sure). The advocates are interested in preserving forwarding arrangements (e.g., MIT alumni) and also have mailing lists continue to work. The ASN.1 Consortium. A commercially-sponsored non-profit organization for promotion of ASN.1, liaison with ITU-T, etc. ASN.1 Project. The ITU-T (formerly CCITT) is now the home of further support for ASN.1. ASN.1 is viewed as a mature technology, and the big challenge these days is mapping between XSD (XML Schema Definitions) and ASN.1 Abstract-Syntax modules. The Marshalling Problem (Philipp Hoschka). Hoschka's thesis was on the Marshalling Problem. It is interesting that presentation layer was seen as the problem of the 90's, because XML is seen as the solution. I hadn't thought of it in those terms, but that is exactly the role that XML has in Web Services, for example. Improving the performance of marshalling sounds like a good principle either way, too. ASN.1 homepage (Philipp Hoschka, INRIA, France). This is a nice little compendium that was maintained through 1999. Hoschka also refers to his thesis work on generating efficient ASN.1 code that is not too big to be practical. It would be interesting to see more of that. OSS Nokalva - The OSS ASN.1 Tools. This ASN.1 tools and toolkit vendor also provides eBook versions of some useful books on ASN.1. ASN.1 / XML Software Tools from Objective Systems. There was a time when I loved ASN.1, and if there had been a way to keep it simple (and have a standard ASCII representation for modules and values -- sort of like DTDs/Schemas and the documents), we might have had a smoother arrival of XML. No matter, ASN.1 (and its XER XML-encoding) is still with us, as the list of exploits in Internet protocols attests. Here is a source of ASN.1 products and freeware. 2004-03-31Microsoft, Others Publish Metadata-Exchange Standard. This Darryl K. Taft 2004 March 31 eWeek article reports on the announcement of WS-MetadataExchange and an update of WS-Addressing from Microsoft, IBM, BEA Systems and SAP AG. There are some interesting comments on the mingling of private standards (such as these) and the public WSDL, UDDI, etc., that they are coordinated with. 2004-03-30S & P : Multiple Vulnerabilities in SNMP. Here's a 2002 article in IEEE Security & Privacy by Guofei Jiang at Dartmouth. There are links to the major study that was made of SNMP-implementation vulnerabilities and also for some tools for confirming the status of SNMP on a network. ISP Planet - Technology - Battening Down SNMP. This Lisa Phifer 2002 February 15 ISP-Planet article suggests ways to determine how much SNMP is running open on your network and how to lock it down. "Never rely on community strings to keep outsiders away. In SNMPv1, community strings are carried in plaintext—they can be sniffed rather easily by anyone else on the LAN. SNMPv3 uses encrypted authentication, but few products in the field today use this newest version of the protocol. In some cases, it may be feasible to secure your management traffic—for example, by using PPTP, IPsec, or SSH to tunnel SNMP between the manager and agent. "Community string vulnerabilities have been known for a long time; if you use SNMP, employ the strongest authentication and privacy mechanisms you can muster. However, this week's CERT advisory is a clear indication that authentication by itself is insufficient. " Coder to Developer. This is Mike Gunderloy's site for his latest book. I like the statement of motivation, and I used the invitation to his personal pages to look over some reviews he has written of books that I know about. I expect the book to be valuable. Rules for Effective Source Code Control. Mike Gunderloy, Developer.com 2004 March 25 article. Here's what seems to be a sensible cataloging of the importance of source control and the variables that one must consider when choosing an automated tool. vnunet.com Rising to the software challenge. Professor Sir Tony Hoare writes on 2004 March 26, suggesting that a great grand challenge opportunity is somehow bridging from a theory of programming to the products of software-development practice. Hoare is interested in the idea of a genuine verifying compiler that produces correct code every time. This is an interesting vision. I am not sure that even the problem is well-stated, though, never mind being able to characterize the nature of a solution and how we'd tell when we've got one. I'm left without some way to get my arms around this, or go deeper. Technology News: Security: IT Security and Software Development. David Halperin in TechNewsWorld, 2004 March 26. This article raises the complexity of configuration management and verification of operability as a source of security exposure that confounds our ability to manage for it. It is suggested that management and business imperatives work against any solution. I don't see how increased system complexity is getting us out of this. COMPLEXITY SCIENCE & MANAGEMENT. We are discussing the management of complex systems in the computer networking class and Peter Kelly has dug up this article along with pointing out the problems they have just experienced in Manchester with a major telephony failure. Technology Benefiting Humanity. ACM Ubiquity 5, 5 (2004) article by Jim Fruchterman. I must lean back and read this lengthy memo more carefully. 2004-03-29cryptlib. There is a slashdot article on a book that discusses the coherent model of this cryptographic library, so I came looking. It looks impressive. Computer Science | William M. Spears. Here's a lead to more-recent work by William (and Diana) Spears. They are looking at Swarm Robotics. I need to dig into Michael Crichton's Prey and recover my notes. Theory of Complex Adaptive Systems. I really can't get my head around the idea of controlling emergent behavior and understanding how one verifies that the local protocol implementation of numerous rapidly-acting autonomous agents can be validated. But if I wanted to gain an appreciation for it, I think this is a good place to start digging. Meatball Wiki: WikiTextMimeType. OK, I found the page where the business about WikiText MIME type is discussed. Very interesting. Mainly for its links to other material and places on related topics. InterWiki - Wikipedia. This is the InterWiki article on Wikipedia. It provides a nice discussion of the scheme, how it works on MeatBall, and how it is integrated in Wikipedia. The discussion is balanced and it provides more insight into how things are the way they are on Wikipedia. Meatball Wiki: TourBusMap. OK, this is pretty interesting. A little like a link community but perhaps more interesting. The page on Wikipedia on this topic is clever. CommunityWiki: DenotingAuthor. I am over on CommunityWIki (which is situated at eMacsWiki, but who knew), and I am reading some fascinating material on too many things.&nbps; I really, really want to use Orcmid as my handle here, of course, and it is not in the spirit of this particular community. Sheesh. 2004-03-28CommunityWiki: MurrayAltheim. Murray has been connecting up with people about MIME types for Wiki Text and the like. I love the feedback and encouragement about code-first, think later. I am not an adherent, as anyone would be able to surmise. So, I get to keep biting my tongue!
|