Thursday, May 30, 2002

A Unified Theory of Software Evolution

Software systems can suffer complexity-death if programmers spend too much time adding new functionality and do not take enough time to re-engineer existing code.
The New Economy II

This is a sequel to John's first article (see below) with more details. Very interesting!
John Robb: The new Economy

John Robb makes an interesting point: he thinks the "New Economy" has really arrived, but it's generally not about higher corporate profits, but higher wages and lower consumer prices (which, combined, mean lower corporate profits ...). Both of this is driven by the availability of information on the Internet ("the monster.com effect").

Monday, May 27, 2002

HP Labs Tech Report: Progressive Open Source

This interesting paper describes Progressive Open Source (POS), a software engineering paradigm that tries to leverage the power of proven Open Source methods and tools within "normal" software engineering organizations and with their partners. "Corporate Source", i.e. shared corporate source code and by this means code review / shared code ownership are central to this approach.

The software reuse community has long promoted the notions of interface-exposing and implementation-hiding component-oriented software reuse. However, implementation hiding has a strong limitation: an interface can never completely specify its implementation.

Similarities between the typical scientific process and the Open Source process can be noted: the primary motivation for people involved in the process is a quest for knowledge and peer recognition. Through this "psychological trick" the main obstacle to collaboration, communication and sharing between different teams/departments/subsidiaries can be overcome: NIH (not invented here).
Supporting Multiple-Location Users (Alertbox May 2002)

About half of the users now access the Internet from more than one location. Despite the implications of this for service design, many systems assume that users remain bound to a single computer.

Sunday, May 19, 2002

A Matter of Trusting Trust
Ten Risks of PKI

The authors of both articles challenge the widespread assumption that PKI and digital certificates provide a safe method of authentication "out of the box". The second article is co-authored by Bruce Schneier, the author of "Applied Security".

In 2001 Verisign, the market leading digital certificate issuer, issued a certificate for the name of "Microsoft" to someone who pretended to be working for Microsoft, but in fact, was no Microsoft employee at all.

How do I know that I can trust a digital certificate? The trust evaluation mechanism that is implemented in Windows verifies that a certificate is signed by a "trusted" signer. A list of "trusted signers" is pre-installed in Windows. On my WindowsXP system this list currently contains 109 "Trusted Root Certification Authorities" - most of them I've never heard of, and of course I have no idea what policies and processes each of these "authorities" have to identify persons or legal entities they issue certificates for (each certification authority describes these polices in its CPS - Cryptographic Practice Statement, however these are large documents that read like a combination Law Review and Computer Programming Essay, and are therefore - intentionally or unintentionally - not understandable by most people).

"Certificates provide an attractive business model. They cost almost nothing to make, and if you can convince someone to buy a certificate each year for $5, that times the population of the Internet is a big yearly income ... It's no wonder so many companies are trying to cash in on this potential market. With that much money at stake, it is also no wonder that almost all the literature and lobbying on the subject is produced by PKI vendors."

While certificate providers pride themselves in their nuclear weapon safe data centers, the main weak link in the security chain is in fact somewhere else: how do they verify the identity of the person or legal entity they issue the certificate for, and how do they authorize the correctness of additional content of the certificate? Organizations that can naturally make authoritative statements are banks for their customers, goverment institutions for citizens, or companies for their employees. But today these institutions are often not the ones issuing the certificates. The certificate issuers are large global corporations like Verisign, that do not really know for whom they issue their certificates.

The whole current concept of pre-installed Trusted Root CAs in browsers seems to be flawed. It does not make sense to trust all these organizations "by default". In fact, today's server SSL certificates main purpose is to enable an encrypted connection, but not really to establish the identity of a website or merchant (with hosted shops the certificate often carries the name of the hoster, not of the merchant, and it's questionable anyway if SSL CA's really can make authoritative statements if someone legally owns a DNS entry or not). So we can have SSL encryption without any of those pre-installed Trusted Root CA's. For authoritative statements about the identity of a certificate owner I would trust government-issued certificates (for individual persons) or the official commercial register for companies. Further I would want to trust certificates that a company I regularly do business with has issued for their employees (but I may not want to add this company to my list of trusted root CA's!)

Abuse of private keys can also be an issue. Viruses or Trojans could steal the private key and even when the key is stored on a SmartCard it could be abused to sign things the key owner isn't aware of. With today's digital signature laws that could mean you would have to prove that you didn't sign something that has been signed using your private key. However that's probably a similar situation like when you have a perfect fake of your conventional paper+pen signature. But a mechanism to declare a private key as invalid seems to be absolutely required. Certificate revocation lists (CRLs) are supported by most systems but rarely checked in realtime when a certificate is validated for performance reasons.
Yearly Top Ten Neglected Issues in the German Press

Interesting bilingual (German and English) website. Some of the top neglected issues of 2001: Monopolization of the drinking water supply, CNN-self censoring about the war against terrorism, alcohol industry jointly responsible for frequent cause of death among juveniles.
I am Sam: Sean Penn, Michelle Pfeiffer

Saw this movie a week ago. Father with a mental capacity of a 7-year-old tries to rise his (intelligent) doughter. Nice movie. Tagline: "love is all you need". Many Beatles songs occur in the music. more (IMDB)
Starwars Episode II - Attack of the Clones

Wow. Incredible visual effects, scenery, characters. And even an interesting story. Some things remind me of Lord of the Rings. The problem of power and it's danger of destroying character. And Natalie Portman as Senator Padmé Amidala is great :-) more (IMDB)

Sunday, May 05, 2002

XML.com: Google's Gaffe

Paul Prescod explains in this article why he thinks that SOAP is inferior to XML+HTTP+URI.
Living without the "Microsoft Tax"

Potential MS-Office Replacement: OpenOffice.org

Yesterday I downloaded and installed OpenOffice.org. I must admit that this stuff by far exceeded my expectations. I expected some buggy, slow software, with lots of nice MS-Office functionality missing, and odd user interface. Well, not so. This stuff is surprisingly fast (I think it's faster than MS Office), didn't crash so far, nice UI, reads MS-Office documents without messing them up too much, I found every functionality I've looked for so far... word processing, spreadsheet, presentation, drawing. What's missing is the Outlook piece, i.e. Email, Calendar, ToDo, Contacts.

Today I've been doing some Research on Cross-Platform Email Server and Client Software.

Email Servers:

What's really nice is the modular architecture of Postfix/Qmail and Courier. You can use Postfix/Qmail to receive/send email and store the Email in user directories in a standard "Maildir" format. Then you can use other software to provide IMAP, POP3 or HTTP access to this data.


Email Clients supporting IMAP and LDAP:


  • Mozilla (Open Source, currently RC1, no calendar)

  • Ximian Evolution (Open Source but Linux only, includes calendar, an Exchange 2000 connector is available for $69 per seat)

The well-known programs Eudora and Pegasus Mail are both available for Windows and MacOS only, Ximian is available on Linux only. So there's only Mozilla left, however it does only email and news, no calendar. That's really a bit sad. In summary, if the calendar is a must, you have to use Exchange Server 2000 as back-end and then Outlook for Windows clients and Ximian with Exchange Connector for Linux clients. If you can live without the calendar (at least for a while), use Mozilla with any IMAP/LDAP back-end and hope that Mozilla will add the calendar soon.

The 80% Company

Nick Denton says in his article that a company where people do not work very long hours, only work 4 days a week (i.e. 80%) and "have a life besides their job" should be more efficient and productive. He claims that people work more disciplined and effective if they have to get everything done by 5:30pm, e.g. to relieve their kids from childcare. Secondly, they focus on getting their job done instead of "satisfying their psychological needs" through their job - meaning they are more flexible mentally regarding changes in their job, less interested in politics and endless fruitless discussions just to prove they were "right", etc.

It sounds convincing, however I'm not sure if it really works. Dave Winer believes it doesn't.