Catching Up During the Holidays

Ah, the annual holiday lull, when Silicon Valley all but shuts down, and I get a chance to catch up on a couple of things in my gotta-blog-on-this file.

McGraw's Silver Bullet

If you haven't tuned in to Gary McGraw's Silver Bullet Security Podcasts, you're missing some great interviews with some of the leading lights in computer security. McGraw is, himself, an oft-quoted (by me, among others) security expert, CTO of Cigital, and author of numerous books on software security, including Software Security: Building Security In.

His latest interview with Bruce Schneier, founder and CTO of Counterpane, is not to be missed. McGraw calls Schneier an ''uber-guru'' of computer security, and rightly so; he's the author of eight bestselling books, including Beyond Fear: Thinking Sensibly About Security in an Uncertain World, and he's the editor of the popular Crypto-Gram mailing list. McGraw talks with Schneier, security geek to security geek, about the connection between physical security and its technological component, the intersection of economics and security, and the ideas of ''wholesale surveillance'' and ''security theater.''

McGraw has come into his own as a writer in the past few years; I'm impressed with his skills as an interviewer. One aesthetic criticism: Dude, please, lose the 70s porno-movie music that opens the interviews.

IBM Continues to Support Accessibility in ODF-Compliant Products

I'm sure the standards watchers out there have already heard about IBM's latest move to support the OpenDocument Format (ODF), but for everyone else: Big Blue announced last month that it has developed software interfaces that will make it easier for assistive technologies to provide those with disabilities access to advanced features in software programs. IBM has contributed those interfaces to the Free Standards Group (FSG), a non-profit member-supported organization dedicated to strengthening and promoting Linux as a platform for application development. According to IBM, the interfaces will be further developed and maintained within the FSG's Accessibility Workgroup, which has been standardizing interfaces to make applications on the Linux platform accessible to those with disabilities since 2004.

I heard about this from the indefatigable Andrew Updegrove, who wrote in an email: ''Today's announcement (and further projects as yet unannounced), are rapidly fulfilling the pledge made by ODF supporters over a year ago to do whatever is required to make ODF-compliant software not only as accessible, but more useful, to those with disabilities than Microsoft Office.''

There has been lots of activity around the issue of accessibility in ODF-compliant products since that issue was first recognized by the State of Massachusetts in late summer of 2005. The OASIS standards body, which developed and maintains the ODF, formed a working group to improve accessibility, and several developers, both commercial and open source, are working independently on versions of ODF-compliant office suites.

For more on this announcement, and much more on the ODF and standards in general, I highly recommend Updegrove's endlessly informative blog

Bad Title; Great Book

Don't be put off by the unfortunate title of Jason Bloomberg and Ronald Schmelzer's excellent new book, Service Orient or Be Doomed!: How Service Orientation Will Change Your Business. The dynamic duo who make up the IT industry advisory and analysis firm ZapThink focus their considerable analytical powers on the evolution of SOA and Web services, and they share their insights on service orientation in this book.

Service Orient takes an interesting tack: It presents service orientation as a new way of thinking about organizing a business and its processes. Not surprisingly, it's being billed as a guide to SOA for non-technical readers—a ''must-read book for management''—but I want to recommend it to the geeks out their for the outstanding big-picture view it provides. In a post-bust world focused on business-technology optimization, codederos need to understand how SOA is affecting business.

The book is insightful, well-written, and frequently funny. Highly recommended.

Sam and Shlomo

I attend a lot of trade shows and user conferences, and there's no doubt about the value of the keynotes and sessions at these events. But I often find the shiniest pearls of wisdom among the attendees. My conversation with Zend Technologies' Shlomo Vanunu and Sam Pinkhasov, both of whom I met in October at the Zend/PHP Conference and Expo, is a case in point. Vanunu is an IBM iSeries consultant, and Pinkhasov is a project manager. Both worked on porting the Zend Engine to the iSeries. Both had come to Silicon Valley from Israel for the conference. (Zend founders Andi Gutmans and Zeev Suraski are Israelis, and the company maintains offices there.)

We were sitting together in the audience during the conference keynote opener when Microsoft and Zend, the Cupertino, CA-based provider of products and services for the open-source PHP scripting language, announced that they would be collaborating to provide customers with richer functionality and better integration of PHP on Windows. Like most tech-beat reporters, I focused on the growing pragmatism of Microsoft and other large commercial enterprises that are now, more or less, embracing open source. Sam and Shlomo saw it differently.

''Everybody talks about that, but there are also many pragmatists in the open source community,'' Shlomo said, ''many who see the commercial potential of open source software. I would argue that it is they who are doing the embracing. Without them, it wouldn't matter how much companies like Microsoft accepted open source.''

''You should remember that there are all kinds of people in the open source community,'' Sam added. ''It's not really as monolithic as reporters think it is. I sometimes wonder if 'community' is even the right word for it.''

Of course, religious convictions do abound among the leaders in the open source... um... area. Jeremy Allison's recent departure from Novell comes to mind. Allison, a driving force behind the Samba Project, left Novell after two years with the company, reportedly because of the headline-grabbing technology and marketing pact the Waltham, MA-based Linux-vendor made with rival Microsoft in November. Allison took a job with Google, apparently in protest. In a resignation letter leaked to the open-source legal affairs blog,, Allison called the Microsoft-Novell deal ''a mistake'' that ''will be damaging to Novell’s success.'' Allison will reportedly continue to work on Samba at Google.

Still, I take Sam and Shlomo's point. It's easy to fall into patterns of perception, to affix group labels and imbue those groups with traits and attitudes. When covering an industry as dynamic as IT, that's a mistake. I think I'll add avoiding that very bad habit to my list of New Year's resolutions, right above ''Work on my abs.''

About the Author

John K. Waters is a freelance writer based in Silicon Valley. He can be reached at [email protected].