Month: March 2004

Groove 3.0

Groove 3.0 is almost here.  I haven't tried it yet, but Stowe Boyd's preview of Groove 3.0 gives a good glimpse of what to expect.  I particularly like the fact that Groove 3.0 will be tightly integrated with the file system, turning folders into workspaces.  I didn't like Groove 2.0's work-inside-a-box UI at all, so this is a welcome change.

I had a similar idea in my stack of Big-Ideas-I-Have-No-Time-For called Chutes.  Chutes are containers for code and data that maps to a native folder.  A chute folder has three area: inbox, outbox, and content.  Shortcuts to chutes can be mailed or displayed on a webpage so I can share a chute I created on my desktop with my collegues or people who visit my webpage.  To send me a file, you just drop the file into a chute and it will show up in the chute's inbox at my end.  To access files in my chute, just open the chute to see what's there.

One feature of Chutes which I am not sure Groove 3.0 has is bots that lives in a chute.  Chute Bots are little programs that processes objects within a specific area of a chute.  For example, a printer bot drgagged into the inbox of a Printer chute will print documents dropped into the chute by anyone, remove the document from inbox, and drops a status report in the outbox.  If the outbox had an e-mail bot, the status report can be mailed to a configured destination like sender of the original document.

I am looking forward to Groove 3.0.

Tim Bray Rides into Sunset

Tim Bray is now working for Sun.  Congratz, Tim.  While I personally think the 'sun' is setting, I am also expecting Sun to make earnest, albeit frantic, moves in unexpected directions which should make way for a spectacular sunset.  Tim is riding into some seriously wild fun.

Onfolio

I tried Onfolio, mentioned by Ray Ozzie this morning.  Onfolio is an IE 'sidebar' for clipping information you find on the web and share them via e-mailing.  You can save webpages locally and search them later.  You can also launch it on its own as a 'deskbar'.  Onfolio Publisher is just a simple HTML editor that saves in MHTML format.  Standard version cost $20+ and Pro version costs $50 more.  Publisher is available only in the Pro version.

Onfolio reminded me of a product I designed long time ago that allowed web users to record their browsing sessions online and share them with friends.  Mine used a VCR metaphor so it's different from Onfolio in that respect but collecting and sharing is the same.

Onfolio is a neat product, but I didn't enjoy the UI at all.  Sidebar UI was too restricting and deskbar UI had window overlapping problem.  Online Publisher was too simple as a 'report' editor.  Onfolio is written in .NET so I felt it was too heavy for the benefits it provided.  .NET is cool but it's not yet ready for everyday desktop use, particularly if it is a utility running all the time.  I think I would have like it more if it had more blogging support and smaller footprint.  Too bad.

Talented Frankenstein Feeds

Last month, I was seeing feeds everywhere and jokingly mentioned that I might end up thinking of myself as a feed.  JY, commented that he already did.  Anyway, I did started thinking about what it meant for a person to be a feed and ended up with an inverted question: what if a feed is an object?

Nothing surprising there.  Prodding along, I got to: what if a feed is a music or a movie?  Now that is an interesting question.  If so, one should be able to play a feed as one would an MP3 file or a movie.  Since it is confusing to think about music and movie feeds at the same time, I abstracted the feed into a performance feed: feed of performance whether it is a rap song, a poem, movie, or just a video of ocean waves.

Now, what does such a feed look like?  At syntax level, it would be an RSS feed containing many items of enclosures for audio and videos.  Since it is a performance, each item plays a part in the performance.  To synchronize the pieces of a performance, some items will contain SMIL fragments to pull the pieces together.  Let's call those items composition posts.

Rising back to social software level, how do those pieces get into a performance feed?  This question leads to a feed with many contributors where a traditional blog feed has only one contributor, the blogger himself.  That's still not exciting enough.  So the wiki concept is thrown in to end up with a feed into which anyone can contribute.  Some would contribute musica, video, or images, others would pull them together to create compositions.

Going back to the player side, when a listener would use a Performance Player to open a feed, a list of compositions would appear.  Note that the feed will continue to grow as more people contribute, so the list of composition will grow over time.  The listener selects a composition and plays it.

Now THAT is exciting.  Why Frankenstein?  It's a creation made out of pieces from many people, isn't it?  While I was thinking about this idea, the final vision I had was of Frankenstein singing atop a mountain at night with full moon behind him and his voice was that of a thousand people playing a music together.

Blogger Cert

In the last geek dinner in Palo Alto with Scoble and others, one of the things we talked about was how blogosphere tend to build trust.  If you have been reading a blog for a while, you get to know the blogger.  A blogger whose blog is more than a year old and has many thoughtful posts, the blogger has created a foundation for trust just as a person who lived at the same address for 10 years does.

Why not put shape to that trust with a security certificate?  Services that has been monitoring and possibly archiving blogs for a while, like Technorati and Feedster, can measure how old a blog is and how active it has been and then issue a set of certs to the blogger based on that information and others.  We can then use the certs within the blogosphere for signing, identifying, and encrypting.

Korean President Roh Impeached

While I was having dinner, Korean Assembly controlled by the corrupted opposition parties impeached President Roh.  This CNN article depicts the cause of his impeachment as if he has done something wrong.  He hasn't.  Corruption scandal mentioned in the article pales in comparison to the corruption scandals of the opposition parties.

By how much?  At one point, President Roh said he would resign if the total amount of illegal political funds he used in the last President Election was more than 1/10 of the opposition party's.  Controversial figure released last week was a little over 1/7th.  Yes, that is still a lot, but less is less and far better direction than more.

Supposed violation of the election law also mentioned in the article is no more than brief informal comment during a TV interview in which he mentioned that he would do everything allowed by law to help the budding pro-government party which has only a handful of seats in the Assembly.  He wasn't advocating anything illegal.  His plan to join the pro-government party was known by all before so which party he supported was never in doubt.  So this impeachment amounts to a coup de'tat by corrupt politicians.

President Roh's executive power is now suspended until the Korean Supreme Court decides whether the Assembly vote was legal or not.  Emotion is rising high in Korea at this moment.  In the last 48 hours, a former President of Dawoo jumped into Han river because President Roh implicated him in a bribery attempt and a citizen put himself on fire to protest the impeachment vote.

I wouldn't be surprised if million of Koreans showed up in front of the Assembly tommorrow calling for the blood of those voted to impeach the President.  Even more maddening is that most of those assemblymen were expected to be voted out of their seats within a few weeks.  My own blood is boiling at the moment.  I am tempted to fly over there and unleash my own cans of whupass on the crazy politicians.

Update 1:

All of the Korean news sites including OhmyNews and Korean Yahoo News are swamped at the moment.  Give it a few hours.

Update 2:

All assemblymen who are members of the pro-government party, Uri-dang, resigned to protest the impeachment vote.  President Roh continued his tour of a factory despite hearing of his impeachment.  He said he expects the Supreme Court to put things right.  When someone asked him how he could be smiling at a time like this, he said he can smile because he has a dream of a better Korea.  He also said that pain and suffering is necessary for rebirth.

Update 3:

A man drove through a gate leading to the Assembly building and, when stopped by security, set the car on fire.  Another man tried to set himself on fire on the roof of a police station in Choongbook, a state south of Seoul.  Koreans are, if anything, very passionate people.  I know I wouldn't be able to get any sleep tonight because I am too angry.  While I am not a citizen of Korea anymore, I still consider myself a Korean and all this makes me as mad as I was on 9/11.

Update 4:

Thanks to Dave for the link.  Here are some pictures of young Koreans protesting the impeachment in a candle march.

Update 5:

Some pictures from OhmyNews:

The guy in the back center is one of the two leaders who
orchestrated the impeachment.  His nick name is Choi-tler as in Hitler.

They forcefully removed all the pro-Roh assemblymen
and formed a wall to keep them out while voting was taking place.

Here is the Speaker of the House declaring successful passage of
the impeachment vote.  A 'Shoe of Justice' is what he got in return.
Dorks with their arms up are all yelling 'It's My Size!'

A citizen got so mad he attempted to drive into
the Assembly building.  Failing that, he torched his car.

Update 6:

Here is an OhmyNews article in English and another picture from OhmyNews.

The People's Candle March

Update 7:

Almost 75 percent of S. Koreans Oppose Roh's Impeachment - Yonhap News

7 Out of 10 Oppose Impeachment - Korea Times

In addition, polls taken by three major TV networks in Korea showed similar results.  Looks like Uri Party will win the lionshare of the National Assemly seats in the upcoming election.  I had no idea the opposition parties could be this stupid.

Update 8:

People are gathering for massive candle vigils in Seoul (English version) .  Below is picture from Jong-ro district at the heart of Old Seoul on the evening of March 13th.  Such events became popular recently to give visible mass to the voice of the people.  Pretty effective, I think because eventually the choice comes down to surrendering or doing stupid things that could turn the crowd violent.

Candle vigils are planned to be held every night
until at least the election on April 15th.

It's also a family event.  Cool.

Pictures from other Korean cities:

Photos of foreigners and canines protesting as well.

Excellent Video Codec Comparison

Quality of video codecs is not something I dwell much time on but I throughly enjoyed ExtremeTech's excellent comparison of video codecs.  They compared the quality and performance of four codecs: DivX5, WMV9, Quicktime, and MPEG-4.  DivX5 and WMV9 came out on top although I thought WMV9 was clearly superior to DivX5 except in encoding speed.  Two surprises for me.  I thought Quicktime was better than the comparison showed and didn't know MPEG-4 sucked that badly.  Phew!

ZipDisable

IIS 6.0's auto-compression feature is driving me nuts.  For some reason, my RSS files are being served compressed even when client didn't ask for it via HTTP Content-Encoding header.  I even got Port80's ZipEnable to disable compression just for RSS files but that didn't work consistently so I just disabled compression for all static contents.  Maybe Port80 should have named their product ZipDisable.

Update:

Eeek.  Even disabling compression for everything via ZipEnable doesn't work.  Looks like it's time to explore the IIS 6.0 registry settings.

Secure UI: User Participation

One often overlooked area of security industry is user participation, the role users play in a security system.  Geeks are so obsessed with technology that there is a valuable resource already assigned to each account: the user.  Users are not only free but also highly motivated.  After all, it's their account that they are watching over.

The problem is that today's security systems do not provide enough tools and information to the users.

When users log into a system, they usually receive almost no feedback beyond seeing the protected resource.  With web pages, all they get is a lock at the bottom of the browser and a sign-out button.  All that let's the users know is where they are and where the exit is.  It doesn't tell them whether someone broke into their account last night.  They wouldn't even know if an intruder is standing right next to them.  WTF.

Technologies that help users play a bigger role in security is an area that is still wide open IMHO.  There are already some patent activities in area, including one I recently filed for a client, but that is just a drop in a bucket.  For example, blogging technology like trackback can be applied to this area by helping users become more aware of activities happening around them.

Effectiveness of most security technologies depend heavily on the effectiveness of the user interface.  Unfortunately, there just aren't many engineer with deep experiences in both areas.  If you are a security expert, you should be thinking as much about the users as the hackers.  Helping them become more aware of what is going on and making it easy for them to take actions will lead to more secure systems.

Update:

A reader asked me to explain what my patent is about because he didn't want to wade through all the exasperating mixture of geektalk and legalese.  Quite understandable.  I don't like reading or writing patents myself so some other poor guy had to write it based on a few hours of my handwaving.

Imagine yourself living in a log cabin somewhere high up in the mountains where it snows all the time.  You wake up in the morning and take a walk around the cabin.  If nothing came by while you were sleeping, you will just see your footprints in the snow.  If something did, you will notice right away.

The patent is about visual methods (sorry) to do the same for users signing into secure system either during or after signing in or at the point of transaction.  You can even print it out on credit card invoice so I can be assured that no one but I used that particular credit card in the past week.  It is similar to the 'last time you logged in' message you get when you log into a Unix system except the visuals are designed to present higher density of information effectively like the way Edward Tafte's Sparklines does.