Ruminations on Technology (September 2004)

[Thu Sep 30 15:56:47 CDT 2004]

The guys over at Advogato are discussing a list of recommended reading that is quite interesting as a reference. It includes some of the usual suspects (Richard Stevens' UNIX Networking Programming, Bjarne Stroustrup's The C++ Programming Language, Kernighan and Ritchie's C Programming Language...), and some others that may not look so obvious (Robert Pirsig's Zen and the Art of Motorcycle Maintenance or Lila: An Inquiry Into Morals, by the same author). In any case, it is an interesting discussion. {link to this story}

[Thu Sep 30 14:36:41 CDT 2004]

Hahaha! I have just come across an interesting package that someone wrote for Debian: the Virtual Richard M. Stallman or vrms,defined as a package that:

... will analyze the set of currently-installed packages on a Debian GNU/Linux system, and report all of the packages from the non-free tree which are currently installed. (...) Future versions of vrms will include an option to also display text from the public writings of RMS and others that explain why use of each of the installed non-free packages might cause moral issues for some in the Free Software community. This functionality is not yet included.

Good to see there is still a sane sense of humor in the open source community. {link to this story}

[Wed Sep 29 09:50:05 CDT 2004]

While reading a few blogs in PlanetDebian I came across an interesting post by Edd Dumbill discussing a new little drag and drop spam training app. According to the developers, Spam Trainer works fine with Evolution or any other email client that supports the drag and drop protocol implemented by the GTK+ toolkit. {link to this story}

[Tue Sep 28 13:05:49 CDT 2004]

Steve Pavlina writes an article about Zero-Defect Software Development that is well worth a read. He identifies ten rules to write what he terms zero-defect software, which is not to be confused with bug-free software:

Test your product every day as you develop it, and fix defects as soon as you find them
Review your code regularly
Rewrite poor-quality modules
Assume full responsibility for every bug
Handle change effectively
Rewrite all prototyping code from scratch
Set QA objectives at the beginning of every project
Don't rush debugging work
Treat the quality of your code at the same level of importance as the quality of your product
Learn from every bug; each one represents a mistake that you made

I know, they are just common-sense but I would be willing to bet that number six bit me a few times, mainly due to lack of time. As Pavlina explains:

Sometimes you may quickly prototype a new feature to see if it will be viable. Often this is done by sacrificing code quality in the name of rapid development. If you eventually decide to keep the feature, it is very tempting to simply tack on some basic error checking to the prototyping code. Don't fall into this trap. If you weren't writing the code originally with quality as a priority, scrap the prototyping code, and re-implement the feature from scratch. Rapidly prototyped features that slip into the final product are a major source of bugs because they are not subject to the same quality standards as the rest of the code.

{link to this story}

[Tue Sep 28 11:42:31 CDT 2004]

I must say I have never been happier with GNOME. The latest releases are not only asthetically pleasant, but they also perform well, and it is obvious to me the GNOME developers have made usability a top priority of their work. Just check what is going on for GNOME 2.10 and you will understand immediately. These guys are taking the user experience seriously, and pay attention to all the details that provide me with a better and more efficient use of their software. By the way, for a couple of related links, read this interview with Jeff Waugh of Ubuntu Linux (I burnt my copy of this new distro already, but still have to install it at home) and this other interview with Mikael Hallendal, founder of Imendio, the developers of Gossip, Planner and DevHelp, among other GTK+ applications. {link to this story}

[Tue Sep 28 10:07:46 CDT 2004]

Well, it had to happen sooner or later. Apparently, a JPEG virus has been detected in the wild already. Sit back and pray your Windows box won't be infected soon. The news has been out in the media for around a week or so, but it wasn't until now that a virus has been detected in the wild. The document I link above contains some really good information on how to find out if your system is infected. Now, this is a very serious vulnerability affecting all NT-based kernels: Windows NT, Windows 2000, Windows XP, Windows 2003... Simply opening an infected JPEG file in Windows Explorer triggers this, which in today's networked world could happen very easily. {link to this story}

[Mon Sep 27 15:44:00 CDT 2004]

A lot has been said and written about Linux as a threat to Microsoft. However, something has to be said in favor of those interpretations that stress how Linux poses more of a threat to traditional UNIX than to Windows itself. Martin Taylor, chief Linux strategist at Microsoft, clarifies how Linux could unseat UNIX but not Windows:

I initially thought that people were really lining up Windows and Linux side by side, and they'd say, "Hey, Linux gives us better TCO." Actually, it's less about that. What they know is, "Hey, we can save money getting off Unix or off of RISC. So the question is, do we go to Linux or do we go to Windows?" That's where more of the comparison comes from. When I talk to customers and they say, "Hey, we can get better TCO with Linux," they're not always saying better than Windows. They're saying better than Unix.

{link to this story}

[Fri Sep 24 21:18:13 CDT 2004]

I had nearly forgotten why I had decided against the idea of even bothering with FreeBSD for my home server a few years ago. Want a few reasons? Administering a FreeBSD box is definitely not for the faint of heart, and package management (in spite of all the proud talk about the ports that you may hear) is simply primitive by today's standards. Now, don't get me wrong. The operating system is solid as a rock. It does perform nicely (well, at least on single processor IA-32 machines), and both its virtual memory and TCP/IP stack are the sturdiest around town. Still, the reality is that as soon as there is a security advisory one needs to keep a whole source tree around to apply a patch and recompile, or perhaps you are lucky and a binary was built that you can install with some cryptic and unnecessary long command. Don't believe me? Check out, for example, this OpenSSH advisory or this other one for CVS. I'm sorry but that just doesn't cut it when Red Hat, SuSE or Debian make it so easy on a system administrator to install a new binary and fix a security problem. For crying out loud, in the case of RPM you can even recompile the source RPM if you want to. It's not worth the trouble, especially if one also has a life. {link to this story}

[Tue Sep 21 11:44:50 CDT 2004]

OSNews publishes a review of Fedora Core 3 Test 2 with plenty of screenshots (actually, it's excessive if you ask me: over 100 screenshots, including the installer). Somewhere else, you can find Colin Charles' PDF document detailing what is new in this release of Fedora Core (basically, the HelixPlayer, Firefox, the Eclipse compiler or ecj, hal, some changes in SELinux, fam has been replaced with gamin, the use of both a /media and a /srv directory for FHS compliance, Evolution2, etc.).

Also, on somehow related news, Red Hat announced strong Q2FY05 results. Altogether, its revenues increased to US $46.3 millions, which amounts to an increase of 60% compared to the same quarter last yearor 11% compared to last quarter this very same fiscal year. As a consequence of this, Red Hat reported a net profit of US $11.8 million or $0.06 per share. The good news is that much of this revenue increase was driven by subscriptions to RHEL, which is the bread and butter of the company. {link to this story}

[Sat Sep 18 10:26:02 CDT 2004]

Steve, a good friend of mine, told me a couple of days ago about Sarbanes-Ox Act (popularly referred to as the Sarb-Ox Act) and how much it was disrupting his work on a daily basis. Today, I read on ComputerWorld magazine that the Sarb-Ox Act is costing around US $1 million per every US $1 billion in revenue to the average company out therei. I must say that, even though I had heard about the Act before, I was not really familiar with it. However, according to my friend's description, it definitely sounds as if the Sarbanes-Ox regulations are way too burdensome on American companies, introducing a perhaps an unneccesary level of red-ink in an environment that should otherwise be lean and dynamic. I will have to read some more about it before giving a definite opinion on the issue, but it definitely sounds like something that the legislature should avoid in order to make the US economy more (and not less) competitive. Having my friend, a sysadmin, filling out forms here and there for several hours is simply not productive. {link to this story}

[Sat Sep 18 10:17:22 CDT 2004]

Reading the trade magazines this morning, I came across a story published by ComputerWorld on how Microsoft pays Dell for each system shipped with Windows XP on it. Apparently, Mr. Gates pays Dell somewhere from US $2 to US $10 for each computer Dell sells that has Windows XP installed. No wonder it's the operating system Dell recommends on their website for each and every one of the desktops they sell. As the author of the article says:

And you thought the US Department of Justice had rapped Microsoft over the knuckles so that it would play nice and offer each of the top 20 manufacturers its operating systems at the same price.

Not only is this practice an obvious breach of fair competition against other operating systems, but it is also unfair to other computer manufacturers. Then, who believes the government should do anything at all in this era of ramping free-marketism? {link to this story}

[Fri Sep 17 12:52:45 CDT 2004]

Ealier today I needed to peek inside a binary RPM. Basically, I needed to know if an init file included in a given RPM contained a buggy line that prevented the daemon from starting. Yes, I could have searched around for the source RPM, installed it and taken a look inside. Still, the fact is that what I had at hand at that point was only the binary RPM, so why bother looking around for something else when it's perfectly possible to extract the contents of a binary RPM with the following command:

rpm2cpio filename.rpm | cpio -id

Just make sure you do this inside a clean directory because the files will be spread all ovre the place in the current directory. {link to this story}

[Thu Sep 16 12:43:24 CDT 2004]

A new Debian sub-project, Debian Hardened, has been created. Its aim is to provide a complete tree of a hardened kernel and user software based on the Debian distribution. It's supposed to include the grSecurity patch, ProPolice, etc. We'll see. {link to this story}

[Wed Sep 15 20:35:22 CDT 2004]

The Australian magazine ComputerWorld publishes an interview with Theo de Raadt, founder of the OpenBSD project. I find it quite interesting how so many reporters repeatedly refer to the operating system as the "operating system that lays claim to only one remote exploit in the default install in seven years". The key there is the word "default", of course. Let's be clear, OpenBSD truly is the most secure OS out there, and its developers do pay more attention to secure programming than most others out there. However, in order to be honest, let's acknowledge that its most popular claim (a single remote vulnerability in seven years) is a little bit of an exaggeration. Anybody who installed OpenBSD knows that the "default installation" has all ports closed by default, with the exception of OpenSSH, if one so chooses. In other words, unless a kernel vulnerability or a problem with OpenSSH is found (actually, that is precisely the "single remote vulnerability" they refer to), the operating system is invulnerable. But then, well, if we apply the same standards to other OSes, I'm pretty sure they will not do so bad either. Sure, they will have more than one remote vulnerability, but it won't be nearly as bad as one would imagine. After all, what worries most system administrators out there is not so much the kernel as holes in Apache, Sendmail, MySQL, OpenSSL, Exchange, Oracle, Mozilla, Outlook, Internet Explorer... Hey, for that matter, install Windows on a box, close all the ports, make sure no service is available, and chances are it won't have many holes. Then, of course, you won't be able to use it for anything at all.

In any case, de Raadt does come up with a few interesting points in the interview:

... we are moving into a new world where attackers aren't looking at what they're attacking. Attackers basically troll the entire Internet with a known attack and they come back a week later and see what they've collected. People are trying to break into machines and turn them into zombies and there is an entire industry providing them for spammers, etc. So, we're in a different field.

The way I look at security is that my security depends on your security because every single insecure machine on the Internet becomes a machine that can send me spam. These machines can be broken into to do a denial-of-service attack against me and take down my T1. And in a model like that we have to secure the entire Internet; that's the main target. Perhaps that's a little too visionary.

He also has a few interesting things to say about the open versus closed source debate regarding security. For the most part, he argues, what matters is the quality of the code, and not how it was developed. When it comes to security issues, there is sloppy code both in the open and the closed source worlds. {link to this story}

[Wed Sep 15 15:11:29 CDT 2004]

Finally, I got rid of that lame icon Fedora uses for GNOME's main menu! It's been there since the days of Red Hat 8, as far as I can remember, and it has always looked childish and moronic to me. Back in the Red Hat days, all I had to do was rename redhat-main-menu.png to something else and create a symlink to the default, real, nice GNOME icon. However, ever since I installed Fedora the old trick didn't work anymore. Since it's not such a big issue, I didn't bother to search around for the answer until now. Thanks go to Lars E. Pettersson for his Gnome tips for Fedora document. Here is what you need to do in Fedora Core 2:

cd /usr/share/icons/Bluecurve/48x48/apps mv icon-panel-menu.png icon-panel-menu.png.old ln -sf ../../../../pixmaps/gnome-logo-icon-transparent.png \ icon-panel-menu.png killall gnome-panel

{link to this story}

[Wed Sep 15 14:31:01 CDT 2004]

While reading the blog entries on Planet Debian, I came across a note by Julien Danjou announcing that he started managing his home directory via Subversion. Apparently, the idea was prompted by a document written by Joey Hess giving the details to keep your home directory on a CVS repository. It's something I'll have to end up doing sooner or later. I'm finding it quite difficult to keep my files in sync, especially since by now I have multiple systems at home, the laptop and then the ones over at work. I just wonder how much space is wasted in the CVS logs and the amount of complexity involved during regular daily activities. Oh, well. Let's add it to the todo list and get around it one of these days, as I have to do with so many other things. {link to this story}

[Wed Sep 15 10:49:54 CDT 2004]

Lars Wirzenius, Linus' buddy since the old days in Finland, has updated his Debian Lessons paper. The views he expresses in this document are totally his, and do not represent the Debian community at all. However, they are, as he explains,

... the important things (...) the Debian development community has learned about project management in the course of developing the Debian GNU/Linux system.

Wirzenius includes a long list of very thoughtful advise: make sure things scale up, make sure the foundation is good, document important things, automate repetitive tasks when possible, avoid single points of failure, do not worry about time tables, keep goals realistic, make it easy to work independently, do not overload developers, be open and keep things public, make it easy to contribute, etc. Some of his comments are quite good, such as his views on using IRC as a tool to communicate and make decisions:

... IRC is not good enough, since not everyone will be present at any given time. It's OK to start a discussion in IRC, but before any decisions are made, it should be taken to, say, a mailing list.

On the other hand, though:

Almost all discussions within Debian take part on mailing lists. This is good in many ways, but has some drawbacks. One such drawback is that the natural limitations on aggressiveness that are present in a face-to-face discussions are missing. This means that controversial issues easily result in flame wars. Another drawback is that there is no natural deadline to a mailing list discussion: in a face-to-face meeting, sooner or later the participants will want to go away and that ends the discussion. On a mailing list, things can easily go on for weeks, and can easily re-surface at the drop of a hat.

These facts also mean that finding a consensus and making a decision as a group is hard.

So, summing up, Wirzenius avoids dogma and simple answers, but provides plenty of food for thought and good advise. {link to this story}

[Tue Sep 14 09:29:08 CDT 2004]

I just came across the LinuxQuestions.org Wiki website. It's a good, simple, introductory resource for new Linux users, although most experienced users will find it extremely simple. {link to this story}

[Mon Sep 13 13:49:42 CDT 2004]

SCO continues its relentless race towards obscurity. In a conference call, Darl McBride announced a total loss of US $7.4 millions for its third quarter. Even more worrisome, the company's total revenues for the same quarter amounted to a paltry US $11.2 million. In other words, SCO is losing more than half the amount of money it pockets every quarter. It shouldn't surprise anybody, especially taking into account that by now its main "asset" is the litigation against IBM. They recently released an upgrade to UnixWare but I wouldn't expect it to become a rising start any time soon. {link to this story}

[Fri Sep 10 09:48:01 CDT 2004]

Everybody knows that in politics you can repeat a lie a thousand times and it will stick. Well, the very same applies to the world of technology. For some reason, one hears over and over again the idea that the main Linux desktop environments are not keyboard-friendly, and anyone who wants to be really efficient and avoid the mouse will need to switch to another window manager. Sorry, I simply cannot see it. I fully understand if you choose to run a so-called light-weight window manager on an old system that lacks the resources (mainly, memory and graphics) to run KDE or GNOME. Of course, I also understand if you just like the style of the X or Y window manager much better. That's fine with me. However, I have been running GNOME for years now, and especially since the 2.4 release it is perfectly possible to configure it to do almost everything using keyboard shortcuts. Now, I say "almost everything" because I suppose someone out there could conceivably come up with something GNOME cannot do via shortcuts but that still has to happen to me. In any case, reading a review of yet another new window manager called ratpoison reminded me of all this. The first paragraph in the review is precisely what I am talking about:

Desktop environments such as KDE and GNOME make things easier for computer users, but as desktop environments become more and more integrated, some users may feel stuck with a graphical interface that was designed for someone else. Having to use the mouse over and over for the same thing can get old real fast. Keyboard shortcuts help to pick up the pace in some applications, but neither KDE nor GNOME really lends itself to keyboard navigation. Luckily, for those who want to combine the efficiency of the command line with all the resolution of the X Window System, there's a window manager called ratpoison.

{link to this story}

[Fri Sep 10 09:34:50 CDT 2004]

Intel has been taking a lot of heat about the low sales numbers of its Itanium chip. There are multiple reasons for this: Intel, just like Microsoft, is the company to beat, the proverbial giant everyone tries to defeat; AMD has made a few right decisions in the last few years, and now poses a real threat to Intel's dominance of the market; the processor itself does have a few problems, mainly the excessive power consumption and generation of heat. Still, anybody who had a chance to run an Itanium system can tell you that its performance is indeed quite good, something that can be noticed even during regular day-to-day operations. Most importantly, many critics seem to be missing a key point: Intel never intended to assault the mass-market with this processor, but rather to convince customers who are running UltraSparc or PowerPC to switch to its new architecture. So, the only way to find out whether or not the Itanium processor is a flop is to see the figures that tell us whether or not customers are indeed migrating from those architectures to Itanium. Everything else is just hot air. {link to this story}

[Fri Sep 10 08:52:10 CDT 2004]

I have written here about the threat that Longhorn poses to Linux and how, to some extent, it seems as if Microsoft is trying to innovate with this new release. Well, at least that was the case until Bill Gates recently announced a delay in Longhorn and that WinFS will be pullout of the final product. In any case, between this and Apple's Sherlock, chances are that any operating system that aspires to be a serious contender in 5 years will need to support some sort of database filesystem. Well, today I came across a database filesystem for Linux (DBFS) still in the early stages of development. We will have to wait and see how it evolves. {link to this story}

[Thu Sep 9 11:18:29 CDT 2004]

Sadly enough, the concept of Web services has become more of a hype or a trendy marketing term than anything else. Actually, it is being widely used, don't get me wrong. What I mean is that most companies are just distorting its original meaning by using it to sell whatever their product du jour happens to be. In any case, NewsForge publishes a good article on Web services and open source tools. For the most part, the author writes a short introduction to the WS-I standard. As he explains,

The highway of application integration is littered with the corpses of various Remote Procedure Call (RPC) architectures such as CORBA and DCOM. It's too early to determine if Web services and the interoperability approach championed by WS-I will overcome the shortcomings of previous integration approaches. The WS-I's Profile approach may very well be the highway-to-nowhere rather than the road-to-success, but we shouldn't overstate the difficulty of doing this type of interoperable machine-to-machine communication.

By reducing the number of options that Web service developers are permitted to use, WS-I Profiles should force some agreement on basic documents in the maturing W-S vocabulary. Fundamentally, building interoperable Web services means creating a kind of informal Esperanto.

{link to this story}

[Wed Sep 8 16:31:57 CDT 2004]

Linux Magazine published a really good article titled Programming Linux 2.6 with plenty of good information on several new APIs in the 2.6 kernel (asynchornous I/O, synchronous directories, access control lists, extended attributes, epoll() system call, OProfile...). You don't need to be a kernel hacker to benefit from reading it. {link to this story}

[Tue Sep 7 14:52:02 CDT 2004]

Even though I have been using IRC for a few years now, there is no way on earth I qualify as a power user. I do like it and, as a matter of fact, prefer it to instant messaging. I can certainly see how AOL Instant Messenger, ICQ or MSN Messenger are easier to use for the average joe out there but none of them still provides the reliability, flexibility, power and, above all, independence from proprietary formats that IRC provides. Choose to use Gaim and your life will be a permanent cat and mouse game with the big commercial entities, bent on making sure you cannot access their networks with the client of your choice. You see, they'd rather have you nicely boxed in and trapped inside their own client applications that may or may not be good enough to allow you to communicate with other people but certainly are efficient in displaying ads and obtaining personal information from you that can be used in multiple campaigns. On the other hand, choose to use IRC and there are plenty of clients to choose from, no matter what operating system you are running, without any risk of breaking every other week due to the latest trick some corporationg came up with to leave you out in the dark, and they include no ads or spyware. So, how come instant messaging took over and left IRC in the dust? I would love to be able to say that the only reason is that we, consumers, are like sheep. However, chances are the truth is far more complex than that: IRC lost to instant messaging because nobody appeared to care about building a truly user-friendly IRC client that didn't force my grandmother to remember cryptic commands to talk to her grandkids. I'm convinced it's as easy as that. In any case, those people who are still loyal to IRC should enjoy Top Ten Tricks and Tips for New IRC Users and O'Reilly's IRC Hacks. It will at least help us make our IRC sessions a little bit more productive. {link to this story}

[Tue Sep 7 12:54:02 CDT 2004]

Ever tried to implement NIS in a large network with multiple operating systems? Not a nice experience, huh? Well, it seems as if LDAP won't be any easier either. Linux.com publishes a short article about NIS end-of-life and LDAP. Properly speaking, it's not NIS' end-of-life, although it is true that Sun does recommend a migration to LDAP. What happened to NIS+, I hear? Well, don't even bother with it! It went the way of the dodo even before it had a chance to make it to people's radar. Talk about a stillborn technology. It has been a while now since LDAP has been looming in the horizon as the main technology that will come to replace good old NIS, and believe me when I say that the last couple of years it has gained quite a few points in the list of the recruiters out there. Of course, if you work for a Windows-only shop, invest your time on Active Directory, but if you are more interested in the UNIX/Linux world (or simply have to work in a multi-OS environment) then make sure you learn at least the basics of LDAP. It will pay off. {link to this story}

[Thu Sep 2 15:17:34 CDT 2004]

Yesterday, I wrote about Sendmail beta testing a new anti-spam module and wondered whether it would be released as open source or not. Today, I came across a statement by the Apache Foundation explaining why they will not implement or deploy Sender ID. It all boils down to licensing and patent issues.

The current Microsoft Royalty-Free Sender ID Patent License Agreement terms are a barrier to any ASF project which wants to implement Sender ID. We believe the current license is generally incompatible with open source, contrary to the practice of open Internet standards, and specifically incompatible with the Apache License 2.0. Therefore, we will not implement or deploy Sender ID under the current license terms.

We raised these concerns with the IETF ASRG chairs on March 1st and we had assurances from the ASRG chairs that these matters would be addressed, but they haven't been. We feel that dismissal of unspecified, pending, patent claims recklessly shifts the risk and potential burden onto implementors.

{link to this story}

[Wed Sep 1 11:03:46 CDT 2004]

Lost in the sea of Linux distributions out there? The Linux Distribution Chooser may help. I opted for "a more technical version of Linux", "a system that is more than 2 years old" and "do want to install the OS", and it recommended Gentoo , which is not way off the mark (I prefer Debian or Fedora but am not put off by the idea of installing and running Gentoo). All the other choices sort of made sense too, although I find it quite simplistic that each and every one of the paths will lead you down to a single choice, instead of been given a couple of them. In any case, it's a curious tool out there that for the most part seems to make sensible recommendations. {link to this story}

[Wed Sep 1 10:29:45 CDT 2004]

Search Enterprise Linux carries an interview with Eric Pitcher, from Linux Networx where he discusses the ongoing competition between Linux clusters such as the ones put together by his own company, and supercomputers built by the likes of Cray, SGI and HP, among others. He makes some interesting points, I think:

On the surface, Linux clusters are composed of a collection of microprocessor-based servers. However, Linux clusters can achieve high efficiency and high productivity if the sub assemblies have been fully tested and validated, and if the cluster is delivered with management tools, integrated applications, and professional services. (...) In designing a Linux cluster, selection of the correct interconnect for the customer's application, as well as the implementation of the system as a whole, is important in achieving a high productivity system. Advances in high-speed interconnects are continuing to improve the efficiency of clusters.

All computers have bottlenecks that are exposed by certain applications. The relevant questions is what percentage of HPC applications can be run cost-effectively on clusters today? That number is quite large, as evidenced in the rapidly rising cluster sales. (...) To answer the question, replacing the PCI bus from the interconnect may contribute to better performance for some HPC codes. However, the interconnect in an HPC system is only one element of the total solution. Other important elements contributing to performance include the CPU, the chipset, the compiler, and the global file system.

Linux cluster benefits still include great flexibility and scalability —price will not change this. Cluster computing takes advantage of commodity hardware and is able to ride consumer PC trends for lower prices on processors, memory, drives, etc. Traditional supercomputers are unlikely to ever achieve the volumes that greatly benefit Linux clusters. (...) In defense of supercomputers, there are still some applications that don't run well on cluster systems. Some applications cannot be easily parallelized, require shared memory, or contain a high-performance graphics pipeline that prevents the application from being ported to clusters. Customers with these types of needs may not benefit from clusters. However, they may be able to save some money by partitioning the processing and doing some pre- or post-processing on a Linux cluster.

It's certainly refreshing to hear a top manager of a company being so honest and straight-forward in his answers. As it's usually the case, chances are in the end both clusters and supercomputers will survive and will be put to different uses, each one according to its strengths. However, to all those arrogant fans of the supercomputer who simply dismiss the cluster as essentially inferior I'd remind them about how Microsoft Windows and the PC ended up smashing UNIX and the workstation to smithreens in the 1990s. Superior technology is not always the winner in the marketplace, and the sooner we learn that the better we can make responsible business decisions. A good enough solution at a decent price will most of the time win against an excellent solution with an expensive price tag. {link to this story}

[Wed Sep 1 10:08:58 CDT 2004]

I read in CNet News that Sendmail is already beta testing an anti-spam module based on a technology called Sender ID,

... a hybrid specification created from the Caller ID for email system proposed by Microsoft and another antispam technology known as Sender Policy Framework that was developed by Meng Wong, the founder of email service Pobox.com. The specification has not been finalized by the Internet Engineering Task Force, the technical group that sets Net standards.

I couldn't find any information in the article on whether this new technology will be released as open source or, on the contrary, it will be sold by Sendmail Inc., the company set up by the programmers who wrote the software and that makes money by selling add-ons to the regular open source and free Sendmail daemon. Both SpamAssassin and ClamAV are helpful, but there is still too much garbage that somehow falls through the cracks and a new, more reliable product would definitely be welcome. {link to this story}