Advogato blog for cpw

20 Aug 2002

Tue, 20 Aug 2002 01:48:06 GMT

raph was talking about using Vorbis compression in VoIP. Vorbis is not a low-latency codec, though, so would probably introduce unacceptable delays in a conversation. http://www.vorbis.com/faq.psp#speech discusses this issue and provides pointers.

15 Apr 2002

Mon, 15 Apr 2002 13:00:34 GMT

A mail to the OpenOffice guys:

Hello, folks.

I've just attempted to install OO 641d on Linux and have noticed problems which in my opinion should be considered release-critical.

setup -net should be the default when logged in as root.
Instead, setup -net is an undocumented feature! The setup binaries do not respond to -h or -?, the command line option summary request convention, and there is no installation guide. I eventually found it by browsing the discussion list archives.
setup binary does not respond to -h or -? with a list of command-line options
user setup should occur automatically upon first run of a common binary (soffice), and user files should be placed in ~/.openoffice.org<build>

Problems I do not consider release-critical:

Local user files should not include complete dictionaries, et al - only personal customizations

I do not understand why OO still doesn't behave as an application on a multi-user system should. I had hoped that this would have been fixed since SO 5.x, but it has not. There has been enough time to fix it, so I can only presume this is done deliberately.

I am also disappointed by the unavailability of issuezilla to anonymous browsing, which I also do not understand.

Yours forlornly,
-- Chris Whip

15 Aug 2001

Wed, 15 Aug 2001 22:16:50 GMT

Please tell me someone's trawling through patent archives for the .NET-related patents that Microsoft is counting on to kill off Mono. Please.

8 Aug 2001

Wed, 8 Aug 2001 19:41:56 GMT

According to The Register, Microsoft will be uni ting its various server data stores into one database based on the SQL Server engine. The engine will be enhanced to support the more flexible operations of the Exchange/Active Directory store, and those products will be moved over. And NTFS will be run on top of SQL Server, rather than the other way around.

This is a profound change. I think it will make life easier for users. But AFAICT it means database drivers in the kernel. This is an intimidating thought for anyone, but especially someone who wants to strip down the OS for embedded work.

Why are Microsoft doing all the cool stuff lately?

Because they're not just trying to make a better Unix, like Sun, or Linus. I'm beginning to think they have less philosophical baggage. They know their current stuff kinda blows. We're too busy hacking on drivers.

Are projects like this just too big for us?

20 Jul 2001

Fri, 20 Jul 2001 22:44:49 GMT

Joined the EFF. (First time it's come up and I've had the money.)

17 Jul 2001

Tue, 17 Jul 2001 17:36:08 GMT

Just read David Gelernter's Second Coming manifesto. Nice.

The topic of lifestreams comes up again - and the folly of file names. I guess it's time to try and implement a metadata-based filing system and build a groupware server around it. Groupware is Internet-wide communications writ small, and a good place to start.

11 Jul 2001

Wed, 11 Jul 2001 19:42:20 GMT

OK, so here's my basic proposal for a net-wide authentication service.

Trusted third party authentication (Kerberos-like). User need not trust service and vice versa - instead, they negotiate use of an aauthentication server they both trust. Ideally, we don't want to entirely trust any one authentication server, or perhaps even any one authentication service provider, but this is deep magic to me.

Users and services generate their own public keys, a la PGP. Paying a CA just to have a key is not on - paying for one to trust your key may be. Especially a CA that actually looks at you, takes photos, affidavits and skin samples, and will then commit to an authentication reliability guarantee which high-security applications will require

We'll need to be able to implement a client on a smart card.

We'll need to implement a client in IE and Mozilla somehow.

We'll need to do it all fast, before Microsoft and AOL take over

Pluggable encryption schemes would be nice. Ideally the encryption scheme would be implemented in a portable bytecode of some kind. Crypto codec could possibly be negotiable between client, server and authenticator. The service protocols will probably be more vulnerable than the encryption algorithms, so this may not really be cost-effective, but it's worth thinking about.

11 Jul 2001

Wed, 11 Jul 2001 07:26:23 GMT

Yes, beating HailStorm (or providing a reasonably widely-accepted alternative to it) is more important then being able to run .NET software. It's going to be hard to get right, but much, much harder to get accepted - and religious dogma will not help us sell the damn thing to service providers and users. Openness will help, but Jabber is not killing of AOL IM or MSNM. Price will help somewhat.

Can it be done? I think so. Note Apache versus IIS. Note DNS versus WINS, or TCP/IP versus NetBEUI.

Note also IE versus Mozilla. The desktop is our greatest weakness. We will need to work with IE to succeed. (We will also need to work with Mozilla to attract enough mindshare to get close.)

11 Jul 2001

Wed, 11 Jul 2001 07:13:15 GMT

The FSF have put forward dotgnu.org as a contender to fit the Passport-shaped gap in Ximian's Mono initiative. I'm initially unconvinced. Their project is too unfocused - it portrays itself as a total .NET replacement - and too religious to gather enough mindshare to succeed.

>What do you guys think of Microsoft's .Net and Hailstorm efforts?

>Dangerous stuff. It is often said that the price of freedom is eternal vigilance. Unless we counter them, Microsoft's efforts are not only a threat to Free Software, they are also extremely dangerous tools in the hands of any Evil Government that wants to make their citizens unfree.

These are not the words of a project with its eye on the ball - producing a working, reliable, secure authentication service for a hostile Net and a license-apathetic gaggle of web hackers.

27 Jun 2001

Wed, 27 Jun 2001 06:52:42 GMT

How much hacking would it take to run an authentication server for multiple separate Web sites, such that the users and sites can authenticate each other while trusting only the authentication server?

This sounds like Kerberized Web to me, but I'm not positive about that.