Neither rhyme nor reason

Okay, so the Great Internet Wall of China is in place, and is now of special attention during the Olympic Games. We even have heard that the IOC is sorry about the whole thing and that there is nothing they can do provide the unfettered net access that we were lead to believe was going to exist during the Games.. Well there is very simple technical solution, though I dare say that it would probably be diplomatically untenable.

All that needs to happen is for the International Olympic Committee to setup a web proxy for all the Chinese resident media, or any one else in China during the Games. A farm of squid proxy servers nicely load-balanced would perform admirably. They could allow full access to purportedly banned sites such as the BBC and Amnesty International. The proxy listening on TCP port 8080 should do it - then media or even Chinese citizens could set up their web browser proxy setting to point to say http://proxy.olympics.org:8080. The servers could be anywhere in the world, and operated by anyone, as long the IOC delegates them their domain name.

Surely China would not dare to filter traffic to olympics.org would they? C’mon IOC, if you say you can’t force China to open it’s Internet access, why not dare them to filter traffic sent via your domain?

You might have read here my post on the rumours of the HP 2133 Mini-note. About a month ago I managed to coerce one of the first 5 in Australia from the hands of the HP sales team here in Sydney. Because I didn’t want to annoy them and destroy the supplied Vista installation, I was limited to how much testing I could do with Linux on this. We did setup an 2GB SD card with Ubuntu that worked quite well. Certainly the Ubuntu desktop was a lot smoother in terms of performance than Vista. I also had a go with the SuSE image that comes with the Mini-note, though didn’t want to let it install to the hard disk. Again it ran quite well.

As far as a mobile device you can actually use it is way up there. The keyboard is really as big and useful as they claim, certainly better than some of the competition. Having a full aluminium shell makes it feel very solid, and should standup to everyday knocks and just shoving it into a bag - its main target market is college and school students, so it needs to hand. The screen is very clear - but of course being only 9″ diagonal wide-screen, I’m not sure I could use it as my main screen every day - the VGA port would definitely be made use of.

I took it along to the monthly SLUG meeting and follow-on dinner to give it an informal spruik. It provoked quite an interest and envy - I expect it might make a few people’s wish list. Unfortunately I had to give this one back. I think it is quite likely this form-factor is on the rise, particular as performance actually becomes useful, and battery life allows one to work on the road (though at the moment a spare battery is a necessity to cover a full working day). There is only so much you can do with a PDA or a Smartphone - a ultra-mobile mini-notebook with good networkability and running a nicely integrated version of Linux may well “make it”.

The photo below show it running Ubuntu next to my regular laptop (with a 15.1″ 4:3 screen).

Ok, so I, for a while like Jeremy have lamented the disappearance of the URI scheme (the "http://” bit ) in URLs when seen in advertising and the like. Maybe it’s because my day job is basically a network (and security) consultant. Making communication happen through network protocols is my bread and butter. A full URL spec like http://www.abc.net.au/news is unambiguous in intent. It describes to a suitable application which host to connect to, on what port, and what protocol it should talk with. It also indicates the particular datum of interest.

But there are two aspects to review in Jeremy’s argument. Firstly, how do humans recognise that abc.net.au/triplej is a contraction of a URL? Secondly, is there really a technical need to specify the protocol?
As far as “knowing” that a string of text is a shorthand URL, we can look for the following telltales :-
1. There might still be almost deprecated URI scheme (http://) as internet jargon that they learned circa 1994 (for the average Joe Blow at least).
2. We know that www means World Wide Web.
3. Words punctuated only by “.” and “/” is normally an internet thing.
4. The letters in URLs are most always in lowercase.
5. They are familiar with the common TLDs - “.com“, “.org“, “.au” and so on - another dead giveaway.

So what happens when URIs become non-obvious because some of the this distinguishing marks are missing. (I am not a linguist or semanticist so I may well have this wrong)

Jeremy has already seen the demise of point 1. The same goes for point 2. When I was a lad, domains always had separate host records, so company.com.au would always have a host www.company.com.au to provide it’s web prescence. Mail to joe@company.com.au almost invariable was steered by the MX record for the domain to mail.company.com.au, the mail host. Not so today. Maybe it was the fact that doubleyoodoubleyoodoubleyoo is hard to say (which is why some trendy geeks say stuff like dubdubdub or wahwahwah. Point 3 is interesting, again back in the 60s you always wrote abbreviations with fullstops/periods in between the capitalised letters. Like A.B.C. or C.S.I.R.O or the Man from U.N.C.L.E You just don’t do that now. So now basically those “.”s have been repurposed as domain name delimiters - and I reckon that this is actually the strongest clue we have now. With point 4, domain names are can just as easily be uppercase (DNS is case insensitive) but the file part of the URL often is not. Because UNIX systems were ruling the roost when web servers first were deployed, and we tended to write all file names in lowercase, this idiom seemed to stick. Finally for point 5, it ain’t so easy nowadays. Jeremy’s domain name is under the “.name” TLD, but what about .museum - does anyone even know that http://australian.museum is a valid domain name?

But anyway I guess us humans cope, and if the publicity gurus do misjudge when they prepare their ad copy, then they don’t get hits on their website. So I guess the URLs that aren’t real obvious get removed from the internet gene pool through natural selection.

On the second aspect, around the idea that there are protocols on the ‘net other than HTTP, does it really matter? Firstly HTTP is almost always the starting point in any case. If you do need jump from HTTP to something more private like HTTPS then the browser will do that for you. If you need to stream multimedia then the .m3u file you hit will redirect you to something more appropriate. And semantically the combination of your client application and server might be able to determine what you intended anyway. For instance if you type arnoldschicken.com.au into your phone, I reckon it should just give you the option to dial their nearest store. Or type arnoldschicken.com.au into your GPS navigator then it should by default set the nearest store as your destination. The semantic bit could either be derived from the user-agent, or possibly the device could add context either through a URL (say arnoldschicken.com.au/locations might return a list of parseable locations for the GPS or arnoldschicken.com.au/phonenumbers could return a list of numbers (that could be connected via SIP). Alternatively standard SOAP calls might be invoked to give similar information. Certainly more work can and should be done in this space. So I guess defaulting to HTTP may well make sense for when people initiate the connection - if needed the application then switches to the more appropriate protocol or scheme when it needs to.

So in conclusion, while “http://” might be dead, humans are pretty smart in recognising truncated URLs, and machines will get better (if not already) help us make better use of these. (And just for a final point - how many of just bang a few letters into the Google search bar and get what we want to find pretty quickly in any case!)

Sometime you would have to wonder whether logic totally escapes CIOs. In an article making comment on the The Australian Open Source Industry and Community Report 2008 prepared by Waugh Partners, ZDnet put out an article entitled “Open source barred from Australian government”. What I found particularly curious was a comment from the CIO of the Australian Tax Office, Bill Gibson. In it, he says that he “is concerned that open source software could not be as easily scrutinised as proprietary software”. This is probably a paraphrase from an earlier published interview by Zdnet where he is quoted as saying - “We are very, very focused on security and privacy and the obligations that we have as an agency to ensure that we protect those rights of citizens’ information in that respect. So, we’ve continued to have concerns about the security related aspects around open source products. We would probably need to make sure that we will be very comfortable — through some form of technical scrutiny — of what is inside such a product so that there was nothing unforeseen there.”

So how does he “scrutinise” proprietary software? I guess at best, you might be able to get to see the source code, but the license to see is usually going to be under a NDA, and it is unlikely one organisation is really going to have the skills and resources to examine all the code. And even then there are going to be dependendent libraries that you may not be able to have source code access. But in most cases, you will only be able see your software as a blackbox. If you do perform security analysis you will always limited in what you can test in this case. I just don’t see how with a blackbox you can successfully search out all the nooks and crannies with a high level of confidence.

Only with open source code to you, and the “many eyes” out there, do you have the opportunity to truly scrutinise the code. You also then are able to create and receive patches for any found vulnerabilities. Clearly the bad guys have a similar opportunity to review the source, but the evidence overwhelming supports the idea that open source inherently is less likely to have hidden security flaws and is able react to unforeseen attacks with greater rapidity.

I would be really interested to find out who Bill Gibbons has been taking advice from on software security.

One thing I forgot to mention in my previous post, is that if do want to see the International Space Station and the Shuttle all at once and you live near Sydney, tomorrow (Monday 17 March), is about the best chance you’ll get. At around 7:45pm gaze directly above, you will see both passing overhead, and will be about the brightest you could ever want. (Yes I know you have all seen satellites, but these are REALLY bright). It will be moving from South West towards North East.

Details are at Heavens Above

I was just googling for some photography stuff, and came across this photo.

Have a close look at the driver’s side window (the right hand side if you were sitting in the cockpit) ….

Still can’t see it? This picture might help…

Hmmm. Maybe the distinctive shape of the iPod just indicates how well Apple’s design elements have pervaded our consciousness.

The original image can be found at http://spaceflight.nasa.gov/gallery/images/shuttle/sts-123/hires/iss016e032313.jpg

The post that pointed this out is at Yahoo

Very rapidly we seem to be approaching an age of artificial light no longer being the result running current through filaments of wire. While fluorescent lighting is pretty old, we are finding it being condensed into the compact fluorescent form which is able to replace the regular incandescents. What hasn’t really taken off yet though is a much more efficient lighting method - Light Emitting Diodes. While LEDs are also quite old (we just watched an early 70’s Columbo episode where the murderer ran an electronics company and he was proudly showing off his red LED digital watch he had designed), only in probably the last 3 or 4 years have the ultra-bright white LEDs been around. These have found much favour with the outdoor types for use in long lasting torches and the like. We even have now almost ubiquitous solar-powered garden light. I bought my wife a LED equipped book light recently as well which is pretty good use of this technology.

I have been keeping an eye out for LEDs for general architectural use for a little while now. One problem is that the colour temperature has tended to be very blue and narrow - this meant that illuminated objects didn’t seem to be in full colour. Also you really did need a lot LEDs to get good brightness. Finally they have been pretty costly. Anyway, I visited my local electronics store the other day and spied some 12V MR16 halogen replacements. Unfortunately at $40 each (and the sales guy not all that convinced a permanent store display was worthwhile), I decided to scour Ebay instead . Sure enough, an enterprising Chinese company was able to sell me 3 LED spotlights posted to me for just over $40. We got these last week and installed them in one of our living room fittings. They look pretty cool (warm actually - the colour temperature is definitely redder than the halogen and maybe even a tunsten filament incandescent). They replaced 20W halogens - I would say their brightness is about the same. They certainly are cool to touch, I should measure their current use to find how efficient they are. Unfortunately though they don’t respond to dimmers well. Rather than getting less bright, when I turn down the dimmer they start to falter, flash and then just go out. I guess being a first generation of this type of thing, I am presuming that are using a fairly simple regulator. The dimmer would be a duty cycle chopper but I am not sure whether the 12V halogen supply is a simple transformer or a switch-mode supply. Either way, these can dim and control a halogen bulb properly. I would have thought that a circuit to sense the input supply (whether chopped or simply lower voltage) and could drive the LEDs appropriately shouldn’t be all that hard (though it needs to remain efficient of course).

The other interesting thing is that all the LED lamps I have seen to date (including the ones I bought) use regular discrete LEDs in large arrays. I am surprised that no one has developed some sort of array substrate that contains lots of LEDs. This way a direct area light could be created that could be molded in all sorts of shapes. Even one that resembled a regular light bulb - but with lots of light spots around it. I expect that there will be heaps of innovation along this front in the next few years - particular with a drive to reduce our energy footprint. (And of course the other things is that LEDs themselves should have a 100 000 hour life - which means these new LED bulbs I bought might simply become quaint and old-fashioned before they actually burnout!)