Month: July 2001

Linux pluggable security

security buffs will want to closely track linux 2.5 kernel development once it opens up. there has been a flurry of activity on the security front. at least 12 projects want to extend the linux kernel with things like ACLs, mandatory access control, capabilities and so on. it has been very hard to keep track of these projects, and even harder to figure out how they relate to one another.

now there seems to be a consensus that all security functionality should interface with the kernel via a new linux security modules api. all the different security architectures would then be implemented as plugins, and an administrator would be free to chose what security architecture serves best his needs. a good report has been written on these efforts.

http output compression

noticed a large speed increase? i enabled transparent gzip compression.. http 1.1 has been out for how long? 2 years? among its lesser known features, it enabled transparent content compression using gzip to reduce page sizes by up to 80%. problem was, of course, that nobody bothered. now, however, it seems that apache has it working perfectly, even for dynamic content. what a wonderful feature to save some bandwidth and provide far better response times..

get all the nitty gritty details at remote communications

10k client web servers

It’s time for web servers to handle 10k clients simultaneously, don’t you think? After all, the web is a big place now.

i stumbled on a lively discussion about scalability limitations in current web server architectures. scaling web servers to handle 10k clients simultaneously exposes design weaknesses in the underlying operating systems that would otherwise not show. both the problem space and the suggested remedies can teach you a lot about os theory.

Shrek vs Final Fantasy

Final Fantasy opens today in the US (and will open around august 18th here). And Shrek has just opened. Both movies have only synthetic actors, which makes them kind of intriguing 🙂

The days when have to endure tom cruise might just about be over. Or they might not. As James Cameron has said: people do not want to see actors. people want to see stars.

Will synthetic actors draw fans? If Lara Croft is any indication, they will.. social implications aside, both of these movies are stunningly made and best of class. I will certainly check them out.

Very timely, slashdot has an article about the tech behind final fantasy.

hb3d.ch

an interactive VRML 3d walkthrough through our central station. by yours truly. 🙂 we have been playing around, and the result is hb3d.ch, a promo site for an upcoming state vote about our central station. requires a vrml plugin and quicktime if you want to watch the movies. voters can explore the VRML world. we had to reverse engineer 100y old plans, since the station had no CAD files for us.

Dictators on trial

it has become fashionable to hold everyone to the same legal standards, even former heads of state. but does it matter? recently, the newspapers have been full with articles about the trials that face milosevic, estrada, pinochet, among others. obviously, the legal system is more powerful than ever, tackling cases that may have seemed hopeless just a few short years ago. the international court of den hague is gaining status and has started to hear cases like germany versus the us where germany condemns the death penalty.

while it is worthwhile to have a global court system to protect human rights issues, there is another side to it which is not at all pleasant. the hague convention will, if ratified, allow jurisdictions of member states to enforce their laws in other member states.

this could mean that china could sue someone in switzerland over free speech because what is legal to say differs a great deal from china to switzerland.

Creating friendly AI

Success in Friendly AI can have positive consequences that are arbitrarily large, depending on how powerful a Friendly AI is. Failure in Friendly AI has negative consequences that are also arbitrarily large. The farther into the future you look, the larger the consequences (both positive and negative) become. What is at stake in Friendly AI is, simply, the future of humanity.

With such high stakes, taking a cautious approach has an entirely new meaning. For instance the slightest error might result in the emergence of unfriendly ai. Knowing that human design capabilities are limited and error prone, how do you design such a system?

Thus, Creating Friendly AI uses “volition-based Friendliness” as the assumed model for Friendliness content. Volition-based Friendliness has both a negative aspect – don’t cause involuntary pain, death, alteration, et cetera; try to do something about those things if you see them happening – and a positive aspect: to try and fulfill the requests of sentient entities.

In other words, the only way out is to make sure the AI has an active interest in being friendly.

soap on apache

i am digging into soap now, and it’s a mess who would have thought that installing soap on apache were such an undertaking? since soap for apache is basically donated java code from ibm, it of course relies on the entire java framework for apache being present.

1 thing i always hated about java was the incredible mess it had with all its 100s of directories, 10s of config files, $CLASSPATH and so on. now while many open source projects have not exactly been known for good documentation (perhaps this “lesser task” is beneath self-declared hackers) it seems to be worse with open source projects in java.

anyway i did not have the nerve after a full days work to read up on all these arcane details i frankly could care less about. so no soap for apache today.

competing with .net does not just mean whipping together a soap stack and create some bindings for php, perl and python. web services is about leveraging infrastructure to get quick results. if you have to fiddle around with configuration details you could just as well skip web services. there is a strong need for a ready to run soap package where everything is already neatly configured and integrated. you should be able to have a hello world up and running in minutes. that’s what they deliver today on the microsoft side of the fence.

Web service user interface

its lets create a standard day. wsui is a vendor-neutral standard that enables application developers and sites to deliver entire applications over the Internet as Web services. huh?
my reading of the spec, which is indeed nicely short, brings me to the analysis that wsui will

  • facilitate integration on the gui level
  • provide default actions like start, edit, admin
  • provide a default style sheet for appearance
  • provide default variables for user auth etc

with these properties wsui could come in handy to give user-machine web service interactions a boost. i think the significance of machine-machine web services is way overblown. more likely, they will make their first appearance as human-visible portal parts because humans tend to be more forgiving with less than perfect results. web services will have to prove their reliability with human interaction first before they will be deployed on purely machine-machine transactions.

wsui may therefore shape what users perceive of web services. it will be interesting to watch whether a proposal from a relatively unknown player will garner the attention it needs to be widely adopted. one further wonders whether vendors really have abandoned their traditional (highly profitable) lock-in strategies and don’t just pay lip service to interop on the wire level (like they do with soap). mix and match of components on the gui level would be unheard of, since it levels the playing field so much its scary.. so i am rather skeptical about the success of this proposal.. time will tell.

GPL .net?

miguel de icaza has stirred up the unix community before with his famous unix sucks speech.
in that paper, he argued that unix needs higher-level code reuse and object-orientation. so it seems very reasonable that he wants to clone .net.

the mono project aims to implement several technologies developed by Microsoft that have now been submitted to the ECMA Standards Body.

for the time being, this is a gnome effort. in order to succeed, mono needs to attract a much wider audience, though. kde comes to mind, as do other projects like soap for apache. dave winer of userland seems to be aware of the project, lets hope they can find areas to work together.

miguel gave an interview to o’reilly where he said some interesting things about .net. With .NET, Microsoft is starting with a clean slate and building for the future. It’s a new development environment for the next 20 years.
Almost anybody could develop a compatible implementation of .NET, because what you need to know is out in the open.
I don’t think we as a community can design something that is going to be as completely thought out as .NET. It’s taken them several years already to design this, and I believe that Microsoft hired a lot of smart people to build it. It would definitely take us a lot of time and debate to get there. He doesn’t believe that the open source community needs to leapfrog .NET, but rather they should make it their own, much as Unix led to GNU/Linux.

dave winer has, as always, interesting commentary on mono. he argues that open source had to come about in the unix world because there are no easy ways for interop at higher levels (like com or corba provide) than the source code levels. integration is always done at the source level. this has very much truth to it, and dave goes on to argue that the focus should be on interop with .net first, source level compatibility later. a way to leverage the installed base is indeed missing. the unix culture to keep policy out has hampered any attempts to fix this.