Al Gore in 2008
I've generally never made a secret of my support for Mr. Gore. Though I'm a political independehttp://www.blogger.com/img/gl.link.gif
nt and agrhttp://www.blogger.com/img/gl.link.gifee with Frank Zappa's take on Tipper's efforts to clean up rock music, I've got a soft spot for Mr. Gore. I just think we would all be better off if we elected smart guys who focus on long-term issues like global warming, restructuring our energy economy, supporting tech development, devolving high concentrations of political power, reforming social security (without a $3 Billion payout to Wall Street) and bringing fiscal conservatism back to the federal government. Funny... before the 90's these were Republican ideals.
Anyway... Getting Mr. Gore to run again for the 2008 election is probably a pipe dream, but you never know. That's why I was happy to find the draftgore.org and draftgore2008.org sites as well as the
Draft Gore 2008 Petition.
Finally, I happened upon the following entry from last year at
daily motion, and I don't know how I missed it:
Dan Ingalls Video on OO Programming
Some of the old-timers I know in the programming business complain about Object Orientation (OO). They say it's hard to make heads or tails of OO because terms like "Object" and "Class" are used in circular definitions. The good old-timers dive right in, get a feel for how you do things in OO languages and come out with a good understanding based on experience. The younger programmers I've met don't have the same issues; many of them used Java in their first programming courses. But a lot of them don't know the context into which OO languages were introduced and without this context, it's hard for them to understand why Smalltalk, Lisp, Ruby and Python programmers look down on Java and C#. Of course I wouldn't look down on anyone's language choice,
all languages express the Tao (but do not program in COBOL if you can avoid it.)So I recently found this video at the
internet archive. It's Dan Ingalls of Xerox PARC fame giving a talk about OO. It's from way back in 1989, so it's aimed at professional developers of the time. If you've been avoiding OO or you want to understand what the old timers were thinking when they created OO languages, this might be a good view.
Dan Ingalls: Object-Oriented Programming (1989)
Jim Alfred on Mobile Security
Okay... a bit of fair disclosure... I used to work for
Certicom and I have a little bit of Certicom stock left in my portfolio, so I'll be the first to admit I'm not completely unbiased.
However... I think there's widespread agreement in the crypto world that Elliptic Curve Crypto is a pretty valueable addition to your aresenal of information security weapons. In an article recently published by Dr. Dobb's (
Ensuring Strong Security for Mobile Transactions) author Jim Alfred provides a nutshell view of mobile security. Jim is, of course, a current Certicom employee, so you might not be surprised to discover that ECC factors into his view of "good security." But it's good to see Certicom, which seems to make most of it's money licensing low-level crypto algorithms talking about the complete device security chain, from bottom to top.
One of the drawbacks of ECC is, however, that is't not nearly as easy to explain as RSA or Diffie-Hellman. So any time I talk about ECC, I also like to point to certicom's
Elliptic Curve Tutorial. If you don't know anything about ECC, this is a good place to start.
Tags:
crypto,
Certicom,
mobile
Why I Don't Care About Your Damn'd Boxed Types
Peter Siebel recently gave a TechTalk at the Google-drome about the Sapir-Whorf Hypothesis and Programming Languages. It basically describes why programmers have issues understanding the usefulness of language features that aren't found in their language of choice. My language of choice is, of course, Smalltalk. This explains why I don't understand when people go ga-ga over C#. This is a great talk, even though it almost implies that Lisp is the "one, true programming language." Everyone knows that God programs in FORTH. Or rather... knows everyone god FORTH is-relationship? true.
Fortunately for us, the good people at Google uploaded a copy of this video to their gigantic server in the sky...
Practical Common Lisp
Good Mobile Blogs : VisionMobile and Software Everywhere
So everyone knows about
Phone Scoop and
Howard Forums. But there are a couple of other blogs I've been reading lately that are "must-reads" for people building wireless solutions:
VisionMobile Forums and
Pikesoft's Software Everywhere.
VisionMobile Forums is a part of Andreas Constantinou's venue for disseminating his views of the mobile industry. Andreas has, IMHO, a pretty good grip on what's going on out there. And... it's not just Andreas producing content; he's been able to attract a few other contributors. So it's not just the "Andreas Constantinou Show," it really is a bit more like a think-tank for mobile-strategists.
David Beers runs
PikeSoft, a software house specalizing in mobile software development. In his copious spare time he writes the Software Everywhere blog which focuses on ubiquitous mobile software. Cool Stuff.
The Structure and Interpretation of Computer Programs
Way back in the olden days before microcomputers were programmed in languages like Java, C# and C++, there were a thousand languages, each
expressing an aspect of the Tao. But one language, LISP, has a special place in the history and development of software. LISP was a mind-bendingly flexible tool, allowing developers great flexibility in representing problems. Somewhere in the early 1980's software started becoming less about solving problems and more about looking good for consumers. The ability to elegantly represent data relationships took a back seat to how quickly it could be used to crank out the next version of QuatroPro or Unix.
But LISP remains the "programming language of the Gods." If you understand what's going on inside a LISP interpreter and how the language is used to solve problems, then you're well on your way to understanding the representation of data and process flow in the most abstract way. If you can grok LISP, there's very little that should confuse you about Java and C#.
Fortunately for us mortals, the good people at MIT have made the video of that university's intro programming course available on the web. So if you're interested in learning LISP, there are few better resources online than MIT's
Structure and Interpretation of Computer Programs lecture series featuring Hal Abelson and Gerald Jay Sussman. They have also made the accompanying text available for free download as well ( at
http://mitpress.mit.edu/sicp/full-text/book/book.html. )
Bill Joy on SPARC
Here's another hit from the
Internet Archive. It's Bill Joy talking about Open Systems and Sun's (then) new SPARC architecture. I'm including it on my list of "must-see geek videos" because when most people these days hear about Bill Joy, about the only thing they hear is "The Future Doesn't Need Us" and "Java." To be sure, Bill has a lot of interesting things to say about both topics, but what may get lost in the shuffle is that Bill was one of Sun's Co-Founders and served as chief scientist there until 2003.
Plus, there's lots of 1980's style big-hair.
Bill Joy: The Open System Imperative (1987)
Bill Joy Lays Down the Law on Security
I like Bill Joy.
I mean, I don't know him personally, but when he says things in public they tend to be things I agree with. Way back in the 1980's he was talking about open systems when companies like Harris, DEC and IBM were still pushing proprietary, general-purpose machines. In the 1990's he was intricately involved with Java. Everyone has an opinion about Java; lately many geeks are abandoning it for Python or Ruby. To be sure there are some sub-optimal features of the language, but compared to C it's got a lot of things going for it.
But lately he had an opinion piece in Business Week about software security:
Software Isn't Complete Unless It's Secure. Now you can set the wayback machine pretty far in the past and find people saying the same thing. But this time it's clear that Software Security is a "big deal." Bill Joy's talking about it. That's Bill "I used to be chief scientist at Sun and now work for a major VC firm" Joy.
Bill's text isn't revolutionary to those of us who have been in the software security world for a while. The message is pretty straight-forward:
- It's too easy to build insecure software
- The consequences of insecure software are increasingly dire, and
- There are financial incentives to delivering incomplete software
Now Bill's not a Software Security Guru, but that's okay. The simple truth of the matter is none of us are really security gurus. Information Security as a discipline is far from being a well-organized field. "Information Security" can be code from such radically different concepts as configuring a firewall, scanning software source code for vulnerabilities, or even changing an organization's business processes. Adding fuel to the fire are a host of consulting companies, each with their own specialization, each redefining your information security problems to match their solution. In general, they're not bad people, they're not trying to cheat you our your company. It's just a case of "when all you've got is a hammer, every problem looks like a nail."
Information Security professionals are frequently called upon to do the impossible: to guarantee that a system is free from security vulnerabilities. Assuming we could even agree what's a "regular" bug and what's a security vulnerability, it's still asking someone to "prove a negative." Security requirements are frequently written in such a way as to demand a certain level of "real security." But systems today can only be built to address vulnerabilities we know about now. With the increase in online commerce, there's plenty of motivation for "bad guys" to make mischief. And they're creating new exploits every day.
From a software perspective, there are plenty of things developers can do. Companies like
Cigital and
Secure Software provide consulting services for development organizations (ask about "CLASP" or "Risk Management Framework".) Companies like
Fortify,
Ounce Labs and even
Coverity provide tools that can be used to automate software checking for security vulnerabilities. Finally... books like Howard & LeBlanc's
Writing Secure Code and Viega and McGraw's
Building Secure Software are two good references for developers interested in shoring up their code.
Homebrew Mobile Phone Club Mentioned in Wired
If you happen to have a copy of the December 2006 issue of Wired handy, turn to page 105 for a nice, but brief description of the July 2006 Homebrew Mobile Phone meeting. There's also an online version of Rob Strohmeyer's article at the
DIY Cell Phone page on their site.
One thing I would like to mention though... The article only mentions me by name which is exciting, but kinda bypasses a lot of the story. Any valuable project these days takes a complete team to be successful, and there's a bit more of a story and more people than what the article represents.
First off, I should identify Surj Patel and Deva Seetharam as the club's spiritual guidance. Surj and Deva were working on homebrew mobile phone's way back in 2005 using a lot of the parts Larry and I were using in 2006. You can find more info about Surj at his site at
http://www.surjpatel.com/. Deva posts there a lot too. The
Open Cell Phone Site has a lot of information about the TuxPhone, which was designed by Surj and Deva and Colin Cross.
The article at Wired seems to imply that TuxPhone is a Homebrew Mobile Phone Club project. It's not... It's designed by Surj and Deva and Colin. There are a couple of projects going on with the Mobile Phone Club including FrankenPhone, SqueakyMoPho and Albion. Each of them are Linux based mobile phones built from commonly available parts...
You can find more info on the club at
hbmobile.org.
And... let me spend a few moments to list all the people without whom the club (and it's projects) would not have existed.
First off... thanks to Larry Cohen for being there to bounce ideas off of. If anyone's seen Larry recently, please ask him to phone home. Tamara Colby gets a big shout out for moral support and logistic support (ditto for her husband Steve.) Chris DiBona of Google stepped in just at the right moment to provide a meeting place for our initial meetings and I'm forever in his debt. Gordon and Craig over at
GumStix continue to be a great help to the community. Ditto for everyone at
SparkFun.
Most importantly... thanks to everyone who gives up the Wednesday nights to meet and gab about mobile phones.
