Total Immersion

Well, I had to check and sure enough, Amazon’s new Kindle device is powered by Linux. Obvious really - and what’s equally obvious is that there will spring forth a developer community. Given that Amazon has release the tarball it seems unlikely they’re locking things down too hard. While it may not be the prettiest kid on the block, it’ll be interesting to see what it spawns.

I did think about registering kindlehacks.com, but then I thought better

It’s now six weeks since RSA Europe, when I made a diary note to take a deeper look at the SAFECode forum. SAFECode stands for the Software Assurance Forum for Excellence in Code - we can be profoundly grateful that the founders didn’t try to expand out the entire acronym. It also stands for “increasing trust in information technology (IT) products and services through the advancement of proven software assurance methods” - a kind of Green Cross man of the IT world, helping software developers across the highly risky freeways of the technologcal world.

The SAFECode idea is to co-ordinate software best practices across software vendor companies, build in appropriate checks and balances to ensure the resulting applications are secure (or at least, to minimise the risks). Is it necessary? Where there’s smoke there’s fire, and to be sure, Microsoft is no longer the only target of cyber-attacks. As hackers mature into commercial operators, no longer motivated (just) by “giving it to the man,” an ever-widening pool of programs is coming under threat.

In principle, then, SAFECode is a good, worthy and valuable idea. It is by no means guaranteed to succeed, for a number of reasons. Don’t get me wrong - of course it will be a good thing to co-ordinate and share best practice. From the point of view of its longer term success there are several howevers, based around:

- Credibility. To succeed, the SAFECode forum requires to be seen as successful. This is a conundrum but it isn’t new - consider the ITIL library of systems management best practice, which has taken a good 10 years to establish itself. It may be that SAFECode by itself proves inadequate because it focuses only on security, and quickly runs into the weeds as it tries to integrate with the wider picture of software development, which is itself peppered by competing best practice, from waterfall to RUP to agile.

- Critical mass. While there are big hitters in the list (from the site: EMC Corporation, Juniper Networks, Inc., Microsoft Corporation, SAP AG, and Symantec Corp.), the number of members is not yet adequate to cause a mass adoption or understanding of the best oractices it wants to espouse.

- Clarity. SAFECode can perhaps learn from the mistakes of other forums - notably in this case ITIL - by opening its documents to the widest possible audience. A quick glance at the publications page indicates that the organisation does not yet have anything to tell people, not in terms of best practice. The wrong thing to do hereon in would be to make any publications for members only, or indeed available only for sale. Commerciality will get in the way of SAFECode’s mission, if not scuppering it already.

- Collaboration. The technology world has come a long way since the smoke-filled rooms in which many best practice standards have been conceived. We have ridden the open source wave and now we are in the midst of a new era of collaboration, as illustrated by social networking. The fastest route to success (and I’m not always a fan) for SAFECode would be to build a Wiki, and open it up as widely as possible with appropriate editorial responsibility. While noise to signal would have to be managed, this would aid both visibility of the process and road-testing of the results

- Certification process. Without some kind of certification, SAFECode members do not have to prove anything for themselves, nor would there be any kind of recourse should SAFECode practices not be kept. Certification needs to have teeth - while anyone can join the forum, only products that fulfil appropriate criteria should be marked as “SAFECode certified”, and only organisations that continue to apply the best practices should be able to maintain their member status.

In summary, then, all initiatives such as SAFECode should be applauded. However, the forum should be judged not on its existence alone, but on its ability to change how applcations are written - and ultimately, on whether the risks posed by member applications are reduced. This may seem like a tall order but if SAFECode can’t provide some kind of guarantee, then it will be of little use. Not only this, but its currency will very quickly devalue, to the detriment of its founders and the credibility of their products.

Spooky - I was just collating some thought about social networking then Anne Zelenka posts half of my thought process. The power of the meme or proof of a higher power? Most likely just coincidence but anyway, it prompted me to throw down my thoughts before they get blogged into the past. So, here’s my uncorroborated opinions and unfounded predictions for 2008:

- There will be consolidation of the social networking market. I just received a Xing email, and several Spock and Plaxo Pulse invites arrived today. The fight in the corporate space is with LinkedIn, and there can be only one. The same goes for personal social networking.

- Twitter will “vanish.” I don’t believe Twitter will exist in the same form a year from now. Most likely scenario: the company will be bought and integrated into a larger offering; alternatively it will become a messaging backbone for other services. Despite the highly vocal tweets of a few twitterati, most of the world don’t work that way, or that fast.

- Facebook will lose to the next generation. Lets face it, Facebook was fun for a while, but is there really anything keeping us there? Facebook is all face and no heart, or soul - an integation platform to be written to. When something more interesting turns up, Facebook’s fickle “customers” will walk.

- The real winners will be the leaves and the trunks. A few social networking sites will become the “trunks” - consolidation hubs that enable integration between sites. A few others will specialise in “leaves” - offering customer-specific tools that suit the needs of their subscribers. I expect Microsoft to be a leaf player, not a trunk player, for example. Google will be a trunk player.

That’ll do - now taking beer-oriented bets for whether or not the above will prove true a year from now.

I’m in the process of downloading WCG (again), this time for my new environment. It occurred to me that I might be able to get more out of it by running several WCG instances as virtual machines - turns out I can, according to James Bliss. Worth a go - but I do wonder whether I’m helping destroy the planet with all that additional power required to drive the extra CPU cycles. Ho hum - worth the risk.

I had a bit of a screwdriver couple of days this weekend, building (or, in modern flat-pack parlance) assembling a bed, and also replacing the hard drive in my Archos 340 (AV300 series) audio/video jukebox. This latter task had been a while coming, as my music collection alone now takes up 48GB - the straw that broke the camel’s back was inheriting a collection of classical CD’s from a good friend. These are now digitised and the originals stowed, leaving me the listening pleasure but also causing difficulty in knowing what to store, where.

So, I finally succumbed and purchased a 160GB hard drive. There’s quite a lot of information on the Web about upgrading an Archos AV300 series - thanks guys - the one thing I didn’t know was whether it could take a 160GB, though I had read reports of success with the 120GB drives. Answer: no it can’t - I now have a 125GB partition for stuff the Archos can play, and a 35GB partition for various videos it cannot. Live and, through a number of attempts at reformatting, learn (second answer: accept the first partition size the Archos proposes, around 128GB I think).

Having then spent a slow and boring time transferring files from the RAID box to the Archos, I now have a bunch of films recorded from the TV, the aforementioned 48Gb of music and our entire digital collection of family photos. I don’t know if I am now in that gadget honeymoon period (you know, when anything new seems really, really useful) but it is quite remarkable what a difference it can make to have everything in one place. There are some films, for example, that I have been meaning to watch ever since they were recorded - but now I might actually do so, given the fact they are conveniently placed on the jukebox, rather than stuck away somewhere on the server. Right now I’m listening to a bit of Dvorak on a long-haul flight, you can guarantee I couldn’t have done without the new drive.

It takes me back to my IT manager days, when we seemed to be forever struggling against a tide of data. The answer would invariably be the same - to adopt coping strategies for as long as possible before planning in some downtime and going through a consolidation exercise. Things would be great for a while, before eventually our best-laid plans would give way to the pressures referred to by my previous boss Rob Hailstone as “the wardrobe principle.”

Perhaps the worst example of this was caused quite ironically from having too much storage. Sun Microsystems, in their infinite generosity supplied a batch of 40 SS10 workstations with an equal number of - if my memory serves me correctly - external 400 MB drives. At first we were daunted and gleeful in equal measure - this was free stuff, after all - but over time the discs became incorporated into the IT environment. Oracle was a hungry beast, not just because of the database sizes but the number of test instances we needed to run.

For a period there was no problem that couldn’t be solved without throwing extra disk space at it. After a while however, the disks that had held so much promise became a burden of their own, and we had to consolidate things down again.

Still, and no doubt like things will turn out for my newly rejuvenated Archos, it was nice while it lasted.

P.S. Incidentally, a note for Archos lovers - the trick with bending back (carefully) the battery contacts, as remarked upon in a number of places on the Web, really does work to restore battery life. Thanks again!

Its been an interesting experience so far - notably my reading and writing of blogs has suffered as I’ve been tinkering and tweaking, but I think I now have a stable environment, notably:

- Ubuntu 7.10 running Gnome
- VirtualBox for Outlook, Office and Mind Manager access
- Firefox and Thunderbird for Web and personal mail
- KDevelop for Ruby development
- gTwitter, Skype and Xeyes in the toolbar
- OpenOffice for simple word processing and looking at presentations
- Drivel for typing this

And it all works OK - well, it should, shouldn’t it? I’ve tested pretty much all the options and features that could be alternatives to the above, but for the most part they’re either not suited, or not working. Specifically, there appears to be a bug in the current release of Evolution, which is preventing me from accessing Exchange directly. I haven’t spoken to the Evolution guys but I’ve read pretty widely on this and no dice. Its not blocking but it woudl be nice if it worked. I’ve also tried the gadgets tool (name eludes me) - it doesn’t work under Gnome, which for some reason I keep coming back to from KDE, don’t ask me why but its just simpler and cleaner. Ah, that’s why

I have had inordinate problems with screen resolutions, on my external display; I was also having issued with the screen freezing up for periods but it now transpires that the latter was caused, or exacerbated by the former. Newbie tip: don’t try (like I did) to hack your xorg.conf file, before running the command to detect and auto-generate such a file from scratch. This worked much better - its all documented in the Ubuntu display howto here: https://help.ubuntu.com/community/FixVideoResolutionHowto There are issues with the display freezing in Gutsy, but I would recommend sorting this first and see if it resolves them.

Update:  I was also having an issue with suspend/resume not working, which seems to have “gone away” now I’m running with the new xorg.conf. Spooky

I’ve also got to get my microphone working. I was surprised to receive a Slype call a few days ago - surprised because we don’t tend to use it that much for work any more (default action: reach for phone). I grabbed my headset and plugged it in to find that I needed to configure the ALSA device driver, and it wasn’t going to just play so I left it. Still need to get round to that.

I also want to look at Kandy as an alternative for driving my USB 3G dongle. Apart from that, I think I’m done. It was interesting - a few days ago I went back to my Vista install for some reason, grumbling as I did about the Ubuntu display issue. When I logged in however, I did have a similar issue with recognising the display resolution etc, which made me have a bit of a rethink (conclusion: displays are tough in any OS). I’ve tried a couple of other things - for example installing a software configuration management too for my development efforts, before remembering that it could be quite a tricky thing to deploy, and removing both it and Apache. Lesson learned - there’s such a thing as too much choice!

As a final point I had a sudden ah-ha moment as I used XP within VirtualBox. I had been worrying about what happened to my data if the virtual machine should get corrupted in some way - but then it suddenly occurred to me that everthing within the computer was virtual and at risk, bing converted into a string of 0’s and 1’s and processed through this sexy-looking, but ultimately deceptive Von Neumann machine. The answer: to back up the data, of course. So I have no installed SmartSync within my virtual environment, and it is doing exactly that. Whoa!