Monthly Archives: April 2008

What’s black and white and red all over?

Major newspaper circulation numbers, which continue to hemorrhage. The numbers reported from Editor and Publisher are simply shocking (hat tip Instapundit). Some of year-over-year numbers as reported by E&P:

— The New York Times lost more than 150,000 copies on Sunday. Circulation on that day fell a whopping 9.2% to 1,476,400. The paper’s daily circulation declined 3.8% to 1,077,256.

According to New York Times spokeswoman Diane McNulty, the company had budgeted for the declines in Sunday and daily circulation. Two-thirds of the Sunday loss stemmed from the elimination of bonus days and third-party bulk copies. Also: the paper had a single copy and home delivery price increase in July. The paper also focused on growing “highly profitable circulation,” she noted.

— At The Washington Post, daily circulation decreased 3.5% to 673,180 and Sunday dropped 4.3% to 890,163.

— Meanwhile, daily circulation at The Wall Street Journal grew a fraction of a percent, up 0.3% to 2,069,463 copies. At USA Today, circulation inched up 0.27%* to 2,284,219. (Correction: the original version of this story said USA Today’s daily circulation was up 2.7%.)

— The New York Post lost over 3% daily and more than 8% on Sunday.

— Daily circulation at The Orange County Register plunged 11.9% to 250,724 and Sunday fell 5.3% to 311,982.

— In Los Angeles, the Times lost more than 40,000 daily copies. Daily circulation there was down 5.1% to 773,884. Sunday declined 6.0% to 1,101,981.

— The San Francisco Chronicle reported that daily circulation dropped 4.2% to 370,345, while Sunday dropped 3.0% to 424,603.

— The Boston Globe’s daily circulation fell 8.3% to 350,605. Sunday declined 6.4% to 525,959.

It’s interesting that the two papers that are holding their own are the Wall Street Journal and the USA Today. The Journal targets the high-end business oriented subscriber and the USA Today targets, well, everyone.  What makes them stand out is that they both have a non-traditional business model compared to the rest of the newspapers. The Journal is also the only paper in the world (as far as I know) that has a thriving and profitable subscription based internet presence.

The rest of these papers will continue to deny the obvious. They will ride their existing leadership and business model into oblivion.

Phorm and SSL

Ben Laurie has been writing terrific posts on the Phorm/BT abomination. His latest, which you can read here, discusses the issue of how Phorm could, in theory, inspect the contents of HTTPS traffic.

That this is even a topic of discussion tells you how badly this is going to go for BT in the long run. It’s kind of like that old “would you sleep with someone for a million dollars joke”. The punch line is “we’ve already established you’re a whore, now we’re just negotiating a price”.

With Phorm, BT has established that they will compromise their customer’s privacy for money. Now we just get to speculate how far they will go to do it.

I’m probably a human

Alipr’s new picture based CAPTCHA system has pronounced me “probably human”. Here is a link to try out their new system. It looks very promising. There is an interesting article about it here. I had written about the recent compromise of existing popular CAPTCHA systems here.

It would be ironic if the war between the service providers and the spammers provides us some of the biggest advanced in AI in years.

It wouldn’t surprise me though. When I was doing AI research in the 80s a lot of what was being done had a definite “solutions looking for a problem” feel to it. What we are seeing now is very different. There is a very specific problem that is trying to be solved and there are very clear financial rewards. The spammers are trying to impersonate real people. The service providers know that spam bots in their system would clog it up and chase away the real, advertising revenue generating, people that want more of.

War is often a technology driver.

The Five Stages of code change

Denial – “I didn’t change anything. It’s not my fault it’s broken!”

Anger – “OK I might have changed something, but not in that class. Why is everyone always blaming me for these things?”

Bargaining – “Look I know the SCCM tool says I changed the class, but it was just a comment. Can’t we leave it at that?”

Depression – “I changed some of the core logic, but it couldn’t have caused that effect. I probably get blamed anyway.”

Acceptance – “OK, OK, I’ll fix it!”

A pitch from space, as it should be

The NY Yankees are going to have an astronaut aboard the ISS “throw out the first pitch from space”. In reality he is going to toss a baseball to another astronaut on the ISS.

Boring. Weak.

Clearly NASA is just not bringing their A game anymore. Now my idea for “a pitch from space” would be something like:

  • An ablative reentry stage to get through the upper atmosphere
  • A guided ballistic stage that would guide the reentry device to just over the stadium where a parachute would deploy
  • A gymbol mounted horizontal accelerator (i.e. gun) would automatically orient towards the catcher and fire the baseball, adjusting for current altitude and downward acceleration

Now that would be worth watching!

Come on NASA, man up! Cry ‘Havoc!’ and let slip the dogs of tech!

I bet the SpaceShipOne guys could pull it off.

IGF and LDAP, again

Phil Hunt has some good thoughts here on my recent post about IGF and LDAP. Just to be clear I am not suggesting that IGF replaces enterprise AD. But as I understand the some of the IGF proposals around the Identity Bus concept, IGF APIs would replace LDAP APIs on the client side. At least for new applications. From Phil’s post:

The nice thing about CARML is that it is just a declaration. There is nothing saying a CARML declaration cannot be created by hand for an existing application. Though we are working on an open source implementation, it does not have to be used for applications and infrastructure managers to receive benefits from IGF. The new API is really about creating appeal for developers. Developers want something very different than enterprises. They want to be able to write flexible applications without having to spend 90% of their time writing code to support varied deployment scenarios and varied protocols.

For business, the benefits of IGF are going to be mainly around risk management and privacy as demand to use personal information increases beyond current traditional enterprise directory content. Enterprises wanting to use identity-related information from HR systems or CRM systems already have to worry about legislative and regulatory issues. While manageable today, the processes are largely manual and forensic in nature. It’s a situation that cries out for standardization.

As I said, I wasn’t suggesting that IGF replaces AD. But if you expect developers to migrate to a new way for developing client applications you need to give them a compelling business case.

Let take a concrete example. Suppose an IT shop wants to build a replacement time card application. If the requirements are that the web app looks the current user up in AD and routes the time card to the person in the manager field for approval, we know what the problems are. There could be data integrity issues where the manager field is not getting properly updated. There can also be compliance issues.

So IGF can tell the app developer what the data quality is for the manager field. But what is the business value? They still need the information regardless of the data quality. Yes there is a compliance issue. But again, what is the business value? The manually process of noting the field access by the compliance person only needs to happen once.

Switching to a new identity API is going to require tools and training. That is going to come out of the project budget and schedule. What are you going to tell the project manager to convince him to commit budget and schedule?

We all agree that for enterprise identity data AD is the clear incumbent and that isn’t going to change anytime soon. But on the application side LDAP is also very likely the incumbent. And you are trying to change that.

All I was trying to get across (not well I fear), if that displacing an incumbent technology is very difficult. I personally hope it happens on the client API side. But my past experience working on identity service standards tell me it’s a big hill to climb.

Rise of the machines

Not only are we not making significant progress on the Turing Test, we are losing ground on the Reverse Turning Test.

The ramifications of this are not pleasant to consider.

I have failed to communicate

Clayton Donley of Oracle makes some excellent points here about my “Elephant in the Room” post.  But I have apparently done a poor job in communicating the whole point of the post. In his post:

What I think his post misses is the fact that most LDAP access in most applications is poorly written, even when using ADSI or ADO to talk natively to Active Directory. I can’t count the number of virtual directory deployments that we’ve sold to help customers in environments that were nearly 100% Microsoft (ADO/ADSI-enabled apps talking to Microsoft AD). Many of these deployments were to get around bad schema assumptions, others were to get around topology issues or forest boundary issues.

While we sell virtual directory technology, we hate making our customers pay money to solve such tactical issues. We want to be layering on higher-order value.

So when Phil Hunt or others talk about the Liberty IGF project, what they’re really saying is that we want a better way to give application developers a way to code something in a way they understand and can do well rather than a native access protocol that requires specialization. So while LDAP isn’t going away and everything from virtual directories to identity buses will need to support native access over LDAP to be successful, not looking at what developers are learning and using every day would be a mistake.

Keep in mind that developers must integrate with a LOT of technologies to build an enterprise application or portal. For example, a portal may be integrating with HR, CRM, and ERP systems. That integration is increasingly happening via web services. Giving these developers a mandate to use a completely different type of technology to integrate identity will only make identity more specialized and less standardized and understood over time. That is a recipe for disaster.

I did not mean to imply LDAP was a better choice that Liberty IGF. I was in fact the BMC rep to Liberty TEG and am very supportive of their work. I also agree there are a lot of problems with LDAP and how developers use it.

But having been involved at some level in the standardization efforts of DAML, XRPM, DSML v2, SPML, SAML, WSDM, OATH, Liberty, WS-Trust, WS-SecureConversation, and WS-Federation. I have spent a lot of time working on identity service standards and developing implementations of those standards at several different companies.

But the hardest thing is getting adoption of these standards. The point of my post was not to suggest that standards for identity services other than LDAP aren’t a good thing. The point was that to drive adoption you have to accept the reality that AD and other LDAPs have the predominant mind-share today.

To many enterprises, LDAP is their one identity hammer. And they see all their identity problems as nails. If we want them to put down the LDAP hammer and pick up the IGF pneumatic impact wrench, we have to explain to him in real world business cases why it’s better. Because they  know the LDAP hammer will work and they already have it in their tool box. The IGF pneumatic impact wrench is a strange new tool to him that they must first understand and second justify purchasing.

Of course AD isn’t all identity in an enterprise. But for extranet identities you will have to justify why IGF or some other identity service is better than just throwing in an ADAM, OID,  or OpenLDAP instance. Or even a virtual directory like OVD or OptimalIdM VIS (for the .NET centric customer). The enterprise architects know they already have a wide variety of tools and APIs to leverage LDAP. They don’t yet have those for IGF and other identity services.

Bottom line – identity services will not reach the level of adoption to where you could say there is an “Identity Bus” until there are compelling business cases made for it. Enterprises not only have to adopt the identity service standards, but they need to make vendor support of those standards a selection criterion to drive adoption.

Slightly misleading headline

Reading this headline:

India, BlackBerry to meet April 21 on security fears

One might reach the conclusion that the government of India felt that Blackberry communication was not secure enough, thereby putting their citizens privacy at risk. Sadly they appear to be concerned that it’s not insecure enough for their tastes:

The government has held a series of meetings with RIM and mobile operators after it emerged security officials were worried that emails sent through BlackBerry devices could not be traced or intercepted.

I find it hard to believe the emails can’t be intercepted, given that they have to route through a local GPRS carrier. And I’m not sure what “traced” even means for email. But clearly India wants RIM to set up in-country Blackberry servers so that they can easily monitor and possibly even control the traffic. I suspect there are some economic issues at play as well.

I can only imagine the outrage if the US took such a position. But many people who claim to care about privacy are strangely silent about violations that occur outside the US.

Would your city commit manslaughter to increase tax revenues?

Apparently these six American cities shortened shorted their yellow light times to increase red-light violation rates at intersections with red-light cameras (hat tip to Instapundit):

Six cities have been busted recently for having an amber light that lasted less than the minimum timing at an intersection, and millions of dollars in fines have been collected when drivers went through the premature red and got caught on camera. Chattanooga, Tennessee; Dallas, Texas; Springfield, Missouri; Lubbock, Texas; Nashville, Tennessee; and Union City, California all cut the timing on their lights, and while some have paid back the fines, others have not. In Dallas, over $700,000 was collected in a matter of eight months, and in Tennessee the light timing was changed at only a few intersections, which just so happen to be the areas where local law enforcement set up traps.

I’m not a lawyer, but putting those that made these decisions on trial for manslaughter if there was a fatal accident at one of these intersections seems very reasonable.