04.17.08
Posted in Fluff at 6:43 pm by
The RSA Conference this year was outstanding from the perspective of identity technology, Higgins, Bandit, OSIS, industry connections, etc. I was overly worried all week about getting enough interop testing done for OSIS and about my presentation on user-centric identity validation experiences. Yet I survived.
Meanwhile, the reason I sometimes show up for work is so that I can feed my offspring — and they continued to have their own adventures while I was gone. They seem to have lives and minds of their own. My second son distinguishes himself in my household as a Mac user. Weird. Like my daughter, he seems to have some social skills. He certainly doesn’t get them from me. He even likes sports. Lately, it’s been soccer.
So this is what I missed…
Is that COOL OR WHAT?
I have been to some games and have seen something of how the photographer works, so when I looked at the referenced photo site I realize that these photos are from some guy — probably a dad of one of the players — taking photos and then using a service to sell them to sucker parents at outrageous prices.
Would I fall for such gouging?
DAMN RIGHT I WOULD. Getting out my credit card now.
—————–
UPDATE: Apparently the photo above sometimes is not available. That’s what I get for linking directly to their site. If you really want to see it, or even order an absurdly expensive copy, you can see the storefront here.
Permalink
02.14.08
Posted in Fluff, Linux at 3:42 pm by
My oldest son is away at college. He’s finishing his senior year and deciding what to do next. I’m very proud of him, but sometimes I can’t help compare his life to mine. To earn money for living expenses during college, I had jobs washing dishes, changing oil, stocking shelves and eventually moving all the way up to cashier at Smith’s Food King. Good times. My son has had summer jobs programming for Berkeley Data Systems (Mozy) and this little Internet startup named Google. During the school year, he works on Linux boxes for the astronomy department at his school. His jobs sound like a huge amount of fun to me, and I think he has enjoyed them, but he takes things so seriously sometimes. Sigh. At that age, I did too.
I keep expecting to get traditional letters (or at least emails) from him asking for money, but instead I received this email last week:
so, sorry i haven't called recently, as i miss talking to you.
nevertheless, i thought it would be a good idea to let you know that
your server machines are all completely rootable
on bub, the code /home/jtolds/vmsplice-exploit will give you root on
nearly every 2.6 kernel machine
/home/jtolds/disable-vmsplice-if-exploitable will disable the vmsplice
code in memory by overwriting the first line of the vmsplice function
calls with the RET assembly command
I ran that on bub since it's network accessible
you may want to install new kernels or recompile or something.
if you don't and do reboot bub, you should run the exploit disabler again
love you! talk to you soon
-jt
I would have used the phrase “RET assembly instruction” instead of “RET assembly command”. Assembly ain’t no scripting language. I’m not sure what they are teaching kids in school these days.
I have, of course, upgraded my Linux kernels on the machines in question.
Permalink
11.01.07
Posted in Fluff, identity at 6:42 pm by
I don’t think I’ve ever met Paul Madsen in person. I have often found his blog posts to be humorous and insightful, and I enjoy it when he makes a good jab at a misunderstanding or weak spot of various identity systems. It appears to me the he really wants to find the most useful answers and is having a good time doing it. My favorite post from Paul (that I can think of right now) is about a taxonomy of Internet identity projects and groups. I don’t always agree with the specifics (e.g. I don’t think the Identity Commons is a Spec Definition Body) but the approach is very cool. We need it. I’m just going to refer people to that post every time they ask “why do you make this so complicated — do we really need [Specification] A and [OpenSource Software] B?”
On the other hand, I have met Ashish Jain. You can’t find a more pleasant, approachable, and engaging guy. It appears to me that the only time Ashish detaches from a collaborative conversation is when the hype to implementation ratio is too high — a valuable trait. Ashish likes to make things work. Like Signon.com. And he also publishes very funny things, like the baby covered with logos before the first Burton/OSIS interop event.
The recent exchanges between Ashish and Paul about current identity system working groups and acronyms are hilarious and also make some valid points about the personality of various projects.
Over a year ago the OSIS working group followed a time-honored tradition of changing a word in its name while maintaining the same acronym. It was originally the “Open Source Identity Selector” but became the “Open Source Identity System”. And it has been made fun of incessantly for that change. If we are ever foolhardy enough to change the name again, I definitely vote for “Open Source Invitation for Singles”.
Permalink
08.28.07
Posted in Fluff, identity at 3:40 pm by
It’s the end of summer. It tends to make me feel a little nostalgic even though I always enjoy the change in the feel of the light and air as autumn hints. Or maybe it’s just the pollen from that damn Russian Thistle that makes me feel different.
It’s also back-to-school time at my house. Mechanical pencils, 3-ring binders, and new clothes. My youngest two children each moved up a school. They always seem to get a cold in the first weeks of school and this year is no exception.
Meanwhile I’m getting excited about the progress and next steps for the Bandit project. There has been a lot of vacation time for the Bandit team this summer, but a surprising amount of work got done as well. This Fall is time to show it and put it into real use.
Maybe it’s the thoughts of vacation and next steps for the Bandit project that caused these photos to catch my eye. They are from a trip to Cabo San Lucas in July. They show something of what was on my mind then: sun, beer, beach, identity systems, and Lessig’s Code 2.0 (very highly recommended). Thanks to Mike for the information card shirt. I try to wear it in compliance with the logo usage guidelines, but I think I probably sometimes stand too close to other images and I spilled some salsa on it. I’ll keep working on it. The DigitalMe shirt is an old one from 1999 that I kept because I liked the logo. It’s amazing how some things come back into fashion.
Now back to real work. Stay tuned. Some Really Good Stuff is coming due to collaboration of many projects in building the Internet identity fabric.
Permalink
12.22.06
Posted in Fluff at 2:26 pm by
I have been tagged by Pam and Gerry in the “five little known things about me” blogwave. Thanks to both of you, I think. I’m going to reply because I know there are those out there that are anxious to read what I write (hi mom!).
1. I take tuba pictures. As a teenager I found a broken sousaphone (often referred to as a tuba) in a neighbor’s garbage. Since I was odd and enjoyed photography, it immediately became one of my favorite subjects. I have photographs of the tuba in trees, mountains, wrecked cars, vacant houses, and college bathrooms. I was once ejected with it from Temple Square in Salt Lake City. You probably have to have a sense of humor warped in roughly the same curvature as mine to think it’s as funny as I do, but here are a few examples.
2. In the late 1980’s I believe I was hugged by Craig Burton. It was part of a Novell new employee ritual. I remember standing in a line that ended with Craig or Judith and thinking “please let me get Judith”. I have no memory of what happened next. Perhaps I’ve blocked it from memory.
3. As a high school student in a very small town in northern Utah, I was a member of a comedy troupe called The Lumberjacks. The school administration thought it was wholesome humor. If any of them had actually seen the namesake Monty Python skit, it would have been scandolous.
4. Much of my current career path is due to a father-son project. About 1998 I made a deal with my oldest son (then 12) that we would try this new Linux stuff together. He was to buy the OS (I think it was Redhat 5.2) and I was to buy the machine. He came through. I did not. So he built a machine from spare parts sitting around the house. I did help him install Linux. That Linux machine was reliable, stable, and we learned a lot. In fact, that machine was later used as the basis of a demo that showed Novell’s directory service integrated with DNS and providing rudimentary federation between directory instances across the Internet. The demo was shown, with great success, to Novell’s CEO (then Eric Schmidt). I left the company for a while, the project was cancelled, management changed, etc., but, last I heard from my son, that machine is still running.
5. I find it more productive to mix work and play. When I was a university student I worked as a childcare counselor for the United Way. One of the activities that I did with the children was to send them out into the fields to pick dandelion blossoms. They enjoyed it and it got them to run outside for a while. I took the blossoms home and made many gallons of rather good dandelion wine.
So now I get to tag five: Pete, Paul, Mary, Dave, Lyndon
Permalink
11.29.06
Posted in Fluff, identity at 2:28 am by
A few months ago I was filling out some forms for my children’s school. It’s a long and tedious process and I had a lot of time to think. I hate filling out forms. I really hate it. My great preference would be to have someone else do it. One of the advantages of having a wife was that she would usually fill out school forms. For many years now it’s been just me and my kids. And I really hate it filling out those damn forms.
My kids have some severe food allergies, asthma, and assorted other industrial diseases (as Mark Knopfler would say). Their school requires one form for each medication with name, address, dosage, and contact information for allergist, pediatrician, parent, and backup responsible adult. There are consent forms each for the doctor and the parent, per medication. Then there is a separate consent form for each child to give to the bus company for field trips — with name, address, medications, emergency and doctor contact information. With all the permutations, I filled out more than 20 pages, mostly redundant.
So what does all this whining have to do with online identity information?
It’s a rather long, round about answer, but I’ll get there…
I found that, as I filled out the forms, I wanted to introduce variations. For example, refer to a child by their nickname here, full name there. Say “Dr J. Jones” on this form and “Allergist Jack Jones” on that form. It broke up the boredom and allowed me a pathetically small vent for my displeasure. Of course, planning to go buy a cool all-in-one printer and copy machine would have been better, but that’s another issue.
I started to think about how I could encode information in the forms and yet still give accurate information. It’s like making up email addresses when registering for something online. I do this and I know many other folks do too. I have some domain names that I own that are configured so that any email address in that domain dumps into a single account, like dale@mydomain.com. So when I register for something at XYZ company, I can use an email address that encodes where I registered. I make up an email address like xyz-registration@mydomain.com. If I suddenly start getting spam addressed to xyz-registration, I know that XYZ company did not handle my registration information properly. I have, in a sense, modulated my identity information so that, while it still works for it’s intended purpose, I can also identify the initial recipient.
Maybe we could automate this technique with online identity information.
Many user centric identity systems deal with personas. I was recently playing with my openid account and saw that it supports personas to group attributes and selectively give out identity information. But I wonder if we could also encode extra information in the attributes associated with each persona when that information is given out, so that, if I see information about me used inappropriately, I might determine the source. Like my spam source detector system, I do not think of it as a rigorous system, just something that might be useful on occasion.
I think implementing such a system would be preferable to filling out forms. I hate forms.
Permalink
04.28.06
Posted in Fluff at 4:14 pm by
I occasionally develop strong opinions that I would like be available on the web. This is so that I can point to them rather than always having to paste them into an email. This web log is an intended to be a repository for such opinions. Hopefully it will at least be entertaining to a few.
Also, I am unsure about whether the blog title should include “olds’” or “olds’s”. I find differing rules from authoritative sources on the web. Comments welcome.
Permalink
I've done a variety of things in my career, but always seem to
return to issues of identity and technology. Most of what's written
here will be about such things. I work for Novell, but this is my
personal blog. The views expressed on here are mine alone and do not
necessarily represent the position of my employer.
