Monthly Archives: September 2006

Peter Saint-Andre: Be Open

Peter Saint-Andre: Be Open. talked with Linus Torvalds about GPLv3, resulting in the following reflections:

At any rate, Torvalds says that he would probably decline to participate because of his dislike of committees. “I don't think committees ever make any sense at all, and I hate meetings. I have a belief that committees tend to get formed when you want to avoid responsibility, and particularly when you know what you want to get and you want to be able to say it was 'consensus.' I work over email, and I do so for a reason.”

Moreover, Torvalds suggests that the GPLv3 committees “were actually set up to be more insidious than they sometimes are.” He suggests that the committees are largely window dressing, organized so that “The FSF could claim it was all done in the open. The process wasn't open at all. The committees were not allowed to talk about the drafts before they were released, and none of the notes or discussions were ever released afterwards. If you want to have an open process, you put the cards on the table, and you allow open and free discussion in public.

Emphasis in original: open and free discussion in public. That's how we try to do things in the Jabber world, too. Why do so many projects and standards development organization find opennes so hard?  [Planet Jabber]

Personal KM in the Organization

Personal KM in the Organization.

I've puttered around the edges of knowledge management over the years. I must admit that my interest has always been in personal knowledge management more so than capital-K, capital-M knowledge management.

Dave Pollard has a tremendous post today called “The PK-enabled Organization,” that pulls together a personal knowledge management (PKM) approach within the context of an organization. It stresses the bottom-up, rather than the top-down approach to KM that I've always felt makes the most sense.

It's a long read (it'll be a chapter in a book), but you will be well-rewarded for your time and effort.

The money quote:

Rather than trying to impose new processes and infrastructure on people, PKM attempts to support and reflect the ways we intuitively learn and share what we do. It adapts technology to people's behaviour, rather than forcing behaviour to adapt to new technology. What is missing, still, is more pioneers.

Speaking of KM, one of my favorite KM experts, Jack Vinson, has a great short post comparing traditional conferences to unconferences and making the analogy with punk rock – another bottom-up, adaptive approach.

Important ideas. []

Campfire: Flare joins Pyro

Campfire: Flare joins Pyro.

Aside from my email app, Pyro is the only other app I have open all day. Pyro is the specialized Mac OS X web browser for Campfire. Windows people haven’t had an equivalent. Until now.

Today Matt Brindley offers up Flare. Among other specializations, Flare changes the tray icon color to show new messages have arrived, let’s you switch between open rooms using Ctrl + the room number, and notifies you of new messages with a preview.

Flare is only at version 0.4 so if you dig Flare be sure to let Matt know. Your support will encourage further development. Thanks for developing this Matt!  [Signal vs. Noise]

When launching Campfire, the folks at 37signals said that they built it so you wouldn't have to have special software to chat.

Server hardening Guide

Server hardening Guide.

For those of you at TechEd – here's a copy of the SBS Server Hardening guide —

1.   Kill off Windows 98s, seriously, get rid of them in your network.
2.   Use Passphrases, don't stick them on sticky notes, hide them!
3.   Ensure you keep up to date on Patching – get that green check.
4.   Install antivirus and antimalware software and keep them up to date.
5.   Don't use the server as a workstation (don't surf).
6.   Leave those XP sp2 firewalls enabled on workstations.
7.   Stop saving stuff on workstations, use companyweb or my doc redirect.
8.   Ensure you are doing backups with the SBS backup wizard.
9.   Stop running as a local administrator on workstations.
10.  For everything else, read Chapter 15 in “Protect your Windows Network: From Perimeter to Data” by Jesper M. Johansson and Steve Riley published by Addison-Wesley
[E-Bitz – SBS MVP the Official Blog of the SBS “Diva”]

Seventeen things every freelancer should know

Seventeen things every freelancer should know.

Veteran freelance illustrator Megan Jeffrey lists 17 things she's learned over the 17 years she's been self-employed. Lifehackers will love this bit:

Keep Records. It doesn't take that long to jot down your beginning mileage and your ending mileage if you keep a little notebook in your car. And keeping up with your receipts and logging them at regular intervals will make your Future-Self happy with your Present-Self. And your Tax-Time-Self will be the happiest of all! If you need cute little pens and cute little stickers to make bookkeeping attractive, do it. Whatever encourages you.

Because really, getting things done starts with writing things down, and tools that are available and fun to use get used. See Megan's full post for lots of other great freelancing advice.


WHAT'S NEXT IN IRAQ. US forces are now in a precarious and untenable position in Iraq. The window of opportunity for an easy exit has passed. Three years of fighting an open source insurgency has destroyed Iraq's economy (through systemsdisruption starting in 2004), worn down US commitment/curtailed operational flexibility (the IED marketplace during 2004/05/06), and forced a country-wide descent into primary loyalties (through a combination of social systems disruption that reached a crescendo in 2006 and an early reliance on loyalist paramilitaries
as a force multiplier back in 2004). Iraq is now in full failure and as
a result, the assumption that the US will be able to continue with its
partial efforts at urban pacification has become dangerously wrong.

reasons should be obvious. US forces are now surrounded by a sea of
militias and insurgents. Within Baghdad itself, where the current
pacification effort is focused, US troops are badly outnumbered in
extremely difficult urban terrain. Worse yet, the opposition is growing
in numbers, sophistication, and aggressiveness at a rate more rapid
than the static number of US troops can build up the Iraqi military. It
is now only a matter of time before either a misstep or a calculated
event pushes the countryside into full scale warfare. . . .   [Global Guerrillas]

Smart Dolphins

Smart Dolphins.

Allow me to quote the first three paragraphs of that story to provide some background for this unusual comparison.

First off, we learn that some dolphins have been trained to keep their pool clean by removing litter in exchange for fish:

At the Institute for Marine Mammal Studies in Mississippi, Kelly the dolphin has built up quite a reputation. All the dolphins at the institute are trained to hold onto any litter that falls into their pools until they see a trainer, when they can trade the litter for fish. In this way, the dolphins help to keep their pools clean.

But Kelly has demonstrated that she’s figured out the system much as a clever child would:

Kelly has taken this task one step further. When people drop paper into the water she hides it under a rock at the bottom of the pool. The next time a trainer passes, she goes down to the rock and tears off a piece of paper to give to the trainer. After a fish reward, she goes back down, tears off another piece of paper, gets another fish, and so on. This behaviour is interesting because it shows that Kelly has a sense of the future and delays gratification. She has realised that a big piece of paper gets the same reward as a small piece and so delivers only small pieces to keep the extra food coming. She has, in effect, trained the humans.

Fascinating, huh? Read the rest of the story here.  

Virtually There

Virtually There.

There's no question that one of the emerging business types is the virtual organization. Joyent is one of them. Of the twenty people that work for Joyent, only four of us regularly see each other at an office. The remainder are working around the clock around the world from Australia to Prague. It is very difficult to schedule a time for a conference call, so the question of real-time response to issues is tough. . . .

Joyent, being almost entirely virtual has been a managerial struggle for me at times. I can't just pick up the phone and talk with the head of software (who happens to be in New Zealand). It is virtually impossible to conceive of a time when we will all be in the same place (and we're only 20 people) at the same time. There's something not right about that, but I haven't been able to put my finger on it and I wonder if I should just accept the inevitable reality that some questions about the business won't be answered immediately, ever. We're like satellites circling the globe with windows-of-communication that must be packed with dense, meaningful messages without the benefit of facial or aural nuance. . . .

For the manager, the temptation is to focus on “actions” (which is impossible to do) rather than “tasks”. Coming back to Joyent, we have had to struggle with the distinction between action and task. The solution we have arrived at as a team is to boil much more of what we want to accomplish down to specific, discreet tasks. These tasks are organized into two month delivery cycles thought a dialog between product/process management and the person that is going to be responsible for delivering the specific task. Many times the dialog happens in the mind of a single person, but the whole company is aware of the delivery cycle of each person and team. We use Joyent's group calendar (part of Connector) to publish the equivalent of .plan files each week. And each team (generally) comes to Marin County, CA after every delivery cycle to just hang out, exchange ideas, and drink lots of wine.

We use a jabber chat rooms, Skype, Jajah, email, blogs, Connector notifications and RSS streams for collaboration.

The trick is to understand, over time, the intersection of these ideals (“action” and “task”) and the uniqueness of each person in the company and the teams they make. Yes, even when you bring certain types together and they are all sitting around the same group of folding tables, they;re still communicating using instant messaging. That is what is called a “sign of the times”. [Joyeur]

Jorge Castro: On Active Directory…

Jorge Castro: On Active Directory…

Ted Haeger shows off some of the kickass active directory integration that Novell has been putting into SLED/SLES. Kudos for doing all the work upstream. I am typically a Linux guy, but a migration this summer forced me to learn Windows Active Directory, and Windows Server. I've learned alot, so I wanted to let you guys know where we are, and what we can do to compete.

All our work Ubuntu servers and desktops are “Active Directory integrated”. They show up in the Management Console and everything. Granted you can't do things to them like you can with normal windows machines (ie. set policies or deploy software), but it's a start. As a side bonus you get things like Kerberos authentication, which means I can ssh from host to host passwordless, and I can browse samba shares right from GNOME without inputing my password too. I get my Kerberos ticket in the morning when I login and I'm set for the day as I move around from machine to machine. That's some hot action.

Some things I wanted to ask and comment about:

  • I wonder how Novell gets offline authentication right. We've tried using nscd and that just sucks. Did they fix it or come up with their own solution?
  • It would be cool if someone were to map AD policies to gconf. So when an admin forces a wallpaper or something via the MMC, the linux machines obey also.
  • Make sure you scroll down when reading Ted's blog, there's some good discussion there.
  • On a more depressing note, as much work that is going into this kind of compatability work, it still kind of sucks that there is not an open source way to manage large amounts of clients like you can with Active Directory and eDirectory.
  • I will be discussing this kind of integration at the Ohio Linux Fest in a few weeks. If you dug Ted's blog post about the AD integration then you should try to come, we have lots to discuss… oh, and Ted will be there too.
  • On an unfriendly note, there's nothing shittier than spending a summer working on getting all this to work, and getting flamed by so-called Linux enthusiasts for “selling out to Microsoft.” Let me be the first to tell you graybeards to get bent. A full 90 degrees too.
  • I recently brainstormed with Corey on competing with active directory. I was debating speccing out an “Active Directory Killer” for UDS Mountain View. What do you guys think? Federico's survey results prove that GNOME is being deployed in large numbers, is now not the time to architect an Active Directory killer? Of course I am at the mercy of the amount of finite resources that other people can contribute, so my idea is to at least be able to spec what admins want. If you want to help with this, mail me, so that we can show up to Mountain View prepared. The least we can do is spec something out in detail so that someday someone can make it happen.
  • And shit, why not ask? Novell, please open source eDirectory. (Go to 5 blades)

1000 bonus points to the first person to respond “Use OpenLDAP instead of Active Directory”. Please leave your address too, so I may slay you. 🙂   [Planet Ubuntu]

Partying with a mobile phone on a Friday night

Partying with a mobile phone on a Friday night.

In the State of Calfornia we're seeing that CPA firms are being mandated by their Insurance companies to have a confidentiality clause in their managed services contracts. When it comes to allowing remote access by support personnel there's a couple of cardinal rules to live by

  • Never give them your real password. If you are like most folks, you have passwords that are variations of main passwords. So if you go give them your REAL password, be prepared to reset it and never use that variation again. I went in and set the password to a real sucky one for a temporary basis and then reset it back to the long strong one when done.
  • Always set up an account with admin rights that you will offer up to remote technicians that is not your main admin account, not the built in admin account, and one that you only enable for them and then disable once they've hopped off the box. Reset the password on that one as well. You want to ensure that you leave accountability in your log files. I have a disabled admin account called “Msoft”. With a password that I invarably forget what I've set it so I just reset it to what I need.
  • If you are like me and don't set up straight TS access to the web and only do VPN, they do have other ways to 'get on' your box. If you don't feel comfortable with offering up TS or VPN credentials, they can use things like an remote Office Live meeting session.. it's a little bit awkward and icky for them, but if you are not comfortable, just say so as they do have options. But at a minumum, if you do give a technician a username and password on the system, the minute you are done, reset the password, disable the account.
  • When troubleshooting a mobility issue and you attempt to test a connection over a non SSL connection JUST FOR TESTING PURPOSES… remind yourself that you have a router between you and the outside world… a router that has port 80 closed…..yup… I was attempting to do a non SSL connection to port 80 and 80 wasn't open to use for debugging purposes.
  • So when the support guy told me to delete the user account and set it back up again…. I sort of went … uh… hmmm….that's MY account that I'd have to be setting back up again… how about I try a couple of things offline and get back to you? Bottom line, if something goes beyond what you want to rip out at this time, don't be afraid to stop the process and try more things on your own. They'll give you a phone number and an SRX to start the case up again with.

[E-Bitz – SBS MVP the Official Blog of the SBS “Diva”]