HomeFeed aggregatorSources

Cannell.org/blog

Syndicate content
URL: http://cannell.org/blog
Updated: 27 min 54 sec ago

Links for 2008-08-22 [ma.gnolia]

Sat, 08/23/2008 - 00:00
  • A Practical Guide to GPL Compliance - Software Freedom Law Center

    A Practical Guide to GPL Compliance - Software Freedom Law Center

    This is a guide to effective compliance with the GNU General Public License (GPL) and related licenses. In accordance with the Software Freedom Law Center’s (SFLC’s) philosophy of assisting the community with GPL compliance cooperatively, this guide focuses on avoiding compliance actions and minimizing the negative impact when enforcement actions occur. It introduces and explains basic legal concepts related to the GPL and its enforcement by copyright holders. It also outlines business practices and methods that lead to better GPL compliance. Finally, it recommends proper post-violation responses to the concerns of copyright holders.

    Saved By: Larry Cannell | View Details | Give Thanks

    Tags: , ,

Collaboratively Managing Passwords Across Multiple Computers

Thu, 08/21/2008 - 13:27

I have been looking for a system to manage passwords for a long time now and I have tried a number of methods and products, but they have all fallen short one way or another. The biggest challenge I have with passwords are:

  • How do I safely manage them across all of my computers?
  • How do I safely share some of them with my wife?
  • Can this be simple to use?

Most solutions on the market today fall short by not meeting the first two requirements. They assume the user only needs to manage passwords on one computer. A few solutions meet the first two requirements but are still too complicated and, at a minimum, require cutting and pasting text between windows (if you have a product that requires cutting and pasting, well then go back to the drawing board).

To make a long story short, I am now using a solution that is working quite well. It is based on RoboForm (which, by itself, is very good at managing passwords) and Windows Live FolderShare (a free file synchronization service). Here is how it works:

  • RoboForm detects when a password is entered through a web browser. It's browser integration is very good at detecting web forms asking for login information and even works with Basic Auth (this is when the browser prompts you for a username and password rather than being a form on a web page). However, login forms in some sites that make heavy use of Javascript are not detected by Roboform.
  • After I submit the login information RoboForm intercepts it, encrypts it, and stores it in a "Passcard" file. This is a critical point. Roboform does not store login information in a database record . A separate file is used for each Passcard.
  • I synchronize Passcards between computers with FolderShare. It does this by synchronizing the folders storing Passcard files. Add, modify, or delete a Passcard on one computer, that change gets reflected on all the other computers. If Roboform used a database this type of simple synchronization would not be possible.
  • Later, when I return to the site (on any of the synchronized computers), RoboForm detects this as a place it can enter login information and lights up a button on it's browser toolbar. Clicking this button tells RoboForm to fill in the login information.
  • A password is used as part of the encrypting and decrypting processes for the stored Passcard. RoboForm uses a single "Master Password" for all Passcards. However, you can setup different profiles, each managing a different set of Passcards and using a  different master password. These profiles are stored in separate folders.
  • Anytime you access a Passcard (like when creating a new Passcard or entering login information on a form) RoboForm will need the Master Password. However, RoboForm can cache the Master Password for a short period of time. I encrypt Passcards with AES encryption but RC6 and BlowFish are also options. Of course, its a good practice to use a long passphrase to make it more difficult to decrypt should the Passcard fall into the wrong hands.

Because Roboform uses the filesystem to store login information it is much easier to move this information around. For example, each Passcard is a file and each RoboForm profile is a folder. Also, by encrypting login information with a high-strength algorithm there is less concern about completely securing access to the Passcard. Although I wouldn't make them available in a public location, it could take years for someone to brute-force decrypt a Passcard encrypted with a long passphrase.

FolderShare does a good job synchronizing files and folders between computers. Combining this with Roboform's browser integration and this setup works quite well.

Links for 2008-08-20 [ma.gnolia]

Thu, 08/21/2008 - 00:00

Links for 2008-08-18 [ma.gnolia]

Tue, 08/19/2008 - 00:00

Links for 2008-08-16 [ma.gnolia]

Sun, 08/17/2008 - 00:00

Links for 2008-08-13 [ma.gnolia]

Thu, 08/14/2008 - 00:00

Links for 2008-08-12 [ma.gnolia]

Wed, 08/13/2008 - 00:00

Links for 2008-08-11 [ma.gnolia]

Tue, 08/12/2008 - 00:00

Links for 2008-07-18 [ma.gnolia]

Sat, 07/19/2008 - 00:00

Links for 2008-07-03 [ma.gnolia]

Fri, 07/04/2008 - 00:00

Links for 2008-07-02 [ma.gnolia]

Thu, 07/03/2008 - 00:00

Links for 2008-06-23 [ma.gnolia]

Tue, 06/24/2008 - 00:00

Links for 2008-06-17 [ma.gnolia]

Wed, 06/18/2008 - 00:00

Links for 2008-06-16 [ma.gnolia]

Tue, 06/17/2008 - 00:00

Links for 2008-06-15 [ma.gnolia]

Mon, 06/16/2008 - 00:00

E2'08 and Open Source

Fri, 06/13/2008 - 18:42

Matt Asay says he doesn't think he would have liked attending the Enterprise 2.0 Conference this past week because:

"It would appear that the Enterprise 2.0 world is still recycling the same froth in an attempt to stand out."

and

"everyone is showing the right slideware and demos, but few, if any, really know how to put it all to productive business use."

His conclusion is based on what he read and heard from friends who were "walking around the exhibition floor."

To be fair, conclusions like this coming from Alfresco are understandable given that (along with being the sponsor of the Alfresco open source project) they are, after all, a software vendor and vendors measure the success of a conference on what happens on the exhibit floor. However, there is much more to a conference, especially the Enterprise 2.0 Conference, than what you see on the exhibit floor.

There were a number of good things being presented and discussed at the conference about early Enterprise 2.0 deployments. In addition, Matt would have been pleased to learn that many of these were done using open source software. But these details came out in the conference itself (you know, in the sessions, the primary reason people pay to attend conferences).

First, there was a terrific session on open source Enterprise 2.0 software led by John Eckman. Participating in the panel were John Newton from Alfresco, Jeff Whatcott from Acquia/Drupal, and Bob Bickel from Ringside Networks. Kathleen Reidy posted a great summary of this session. If you stopped there you might still have thought there was little being said about open source at the conference. But, there's more.

The stars of this year's Enterprise 2.0 Conference were case studies of real-world implementations. Open source shined in almost all of these presentations .

  • A keynote address by Sean Dennehy and Don Burke from the CIA told us about Intellipedia a wikipedia-style site used by the intelligence community. Sean and Don didn't use Powerpoint to deliver their presentation. Rather, they authored their content in Intellipedia and showed that on the big screen. Although not mentioned (or perhaps mentioned only in passing), this was clearly running MediaWiki.
  • In his presentation Ned Lerner, a Director at Sony Entertainment, made some pointed remarks about how open source is important to their strategy. Ned said "open source is a safety net" because they can understand the software and fix it if necessary and that they had experienced "good results with open source."
  • In Simon Revell's presentation (Simon is a manager at Pfizer) his screen shots were showing web pages that were clearly based on Drupal (ok, not too many people would've noticed that). If you don't believe me then look at this SlideShare presentation about DIGWWW. In addition, Simon referenced Pfizerpedia which, by the way, was running...can you guess?...yes! MediaWiki.

Not to mention, the Ross Mayfield keynote where he talked about SocialCalc. There was also an open source project in the LaunchPad competition - Project SocialSite, an open source social networking project from Sun. Oh, btw, the LaunchPad site was running on Drupal.

So open source was all over the place at Enterprise 2.0. Maybe this is a case of open source just becoming essential plumbing and hardly being noticed. These examples could have been used by Matt in a blog post to illustrate how far open source has come in enterprises.

And one other thing to point out. In Matt's post he says this near the end:

Over the next year we're going to see the hype around Enterprise 2.0 reach a fever pitch, and many are going to be lost in disillusionment when it fails to turn to gold. However, in the mishmash there will be a few who finally figure it out, and the rest of the enterprise world will follow in due course.

The link in the above paragraph takes you to a CIO.com article about how Pete Fields of Wachovia justified a business case for Enterprise 2.0. Well, Matt may be upset to learn that Wachovia's business case justified a purchase of Microsoft SharePoint. But, you had to attend the Enterprise 2.0 Conference to learn that (and not just walk the exhibit floor). Pete Fields told us so in his Enterprise 2.0 keynote address :-)

Enterprise 2.0 v2.0

Fri, 06/13/2008 - 09:18

thumbs up In reflecting back on this week's second annual Enterprise 2.0 Conference in Boston I think what we saw addresses most of (Burton Group colleague) Craig Roth's points when he asked:

"I’m really holding out for the next E2.0 presentation that moves the concept forward, not just goes deeper or jumps on to a new set of technologies."

When Steve Wylie, Conference General Manager, started talking with Advisory Board members months ago about themes and keynotes he was most interested in telling Enterprise 2.0 stories from the trenches and this year's conference delivered on this vision.

Some observations and comments about the conference:

  • Attendance was incredible. Interest in Enterprise 2.0 is clearly growing. I heard estimates as high as 1,400 people in attendance, which would be a 50% increase from last year.
  • The "Rock Stars" of the show (a label given by Jessica Lipnack at the closing town hall meeting) were Sean Dennehy and Don Burke from the CIA. Their Intellipedia presentation was really good. The press and blog coverage is extensive.
  • The Monday evening Cloud Computing session hosted by David Berlind was surprisingly good. I was afraid the topic might not interest the E2.0 crowd but the Harbor Ballroom was packed. The dialog between the vendors (Amazon Web Services, Google, SalesForce) and the enterprise customers on stage was informative, provocative, and entertaining.
  • Tony Byrne's sessions about evaluating E2.0 tools had some really good practical advice.
  • The Wednesday morning keynotes from end users were excellent and reflected Steve Wylie's vision for this year's conference. We heard from Pete Fields (Wachovia), Simon Revell (Pfizer), and Ned Lerner (Sony). Simon's frankness was refreshing, as were Ned's details.
  • These three then joined Andrew McAfee, along with Sean Dennehy and Don Burke from the CIA, for a discussion about implementing Enterprise 2.0. The discussion highlighted the different paths each of them took and the challenges they are facing.
  • Although I missed the session, we heard glowing reviews about Lockheed Martin's E2.0 success story at the closing town hall meeting. I am looking forward to seeing the slides.

David Sparks covered many of the sessions. His blog posts are summarized here. A personal favorite is this interview with the CIA guys.

Planet Enterprise 2.0

Wed, 06/11/2008 - 20:07

planet Since tomorrow is the last day of this year's Enterprise 2.0 Conference I thought it would be a good time to share an RSS feed that I created and have been testing for a few months. Planet Enterprise 2.0 is an aggregation of 43 RSS feeds, all from the blogs of Enterprise 2.0 thought-leaders. By subscribing to the Planet Enterprise 2.0 feed you will see a steady stream of posts from blogs that are interesting and insightful.

The feed is hosted by FeedBurner. You can subscribe to it here. The site aggregating all of the feeds is hosted under my personal cannell.org domain at planet.cannell.org. The list of feeds currently feeding Planet Enterprise 2.0 are listed on the site here.

Some things you may be interested in knowing about the Planet Enterprise 2.0 feed:

  • planet.cannell.org (the website aggregating the feeds) is not indexed by search engines. Content aggregated on the site will not show up in search results as coming from planet.cannell.org.
  • If you have a blog that you would like added to Planet Enterprise 2.0 then please send me a request at larry@cannell.org.
  • My guidelines for adding feeds are simple. I add feeds that are related to Enterprise 2.0 and are interesting. I remove feeds if they don't have relevant content, are uninteresting, or contain blatant advertising.
  • If you use a newsreader that supports Reading Lists (OPML) you can find this on the site here (although I only know of one news reader that supports reading lists and that is BlogBridge, please correct me if I am wrong).
  • Why Planet Enterprise 2.0? Because I have seen other planet-type feeds and have found them very useful. More information about planet feed aggregation is at Wikipedia.

ACMEpedia/Endeca-pedia

Tue, 06/10/2008 - 17:27
trimmed IMG_0095ACMEpedia = Wikis + Tags + Facets

Today at the Enterprise 2.0 Conference we saw a presentation from Pete Bell, Co-Founder of Endeca, called "ACMEpedia: Wikis, Tags, and Facets." As part of the Advisory Board I lobbied for a session like this and I am grateful for Pete being here.

Pete told us how Endeca applied their own "guided summarization" product to aggregate information from several sources and present it within an intuitive interface for employees to find information and learn about Endeca's business. The intranet site is called Endeca-pedia and it provides a functional view of corporate data and content coming from:

  • Formal documents stored in eRoom and Alfresco
  • Business process information stored in SalesForce and QuickArrow
  • Informal knowledge stored in a Confluence wiki

It was interesting to see how this combination of structured and unstructured information can be navigated.

I'll post a link to the slides once they are available.

SocialCalc

Tue, 06/10/2008 - 08:35

socialcalc

At the Enterprise 2.0 Conference this morning Ross Mayfield is announcing that SocialText is releasing a production version of SocialCalc, a multi-user web-enabled spreadsheet embedded within SocialText wikis. You may recall when Dan Bricklin announced some time ago that he was working with SocialText to make a commercial version of wikiCalc.

I had a chance to talk with Ross about it earlier and I have to say it looks impressive.

Excel may be the most used collaborative application in business today. We often don't think of Excel this way but many companies make critical business decisions based on data tracking, reporting, and modeling done through Excel. Often this work is done collaboratively among several people.

SocialCalc looks to provide a new approach to traditional Excel-based collaboration by embedding spreadsheet capabilities within SocialText wikis. This has the potential to enhance many existing collaborative spreadsheet scenarios and likely creates a whole new set of possibilities as well. Even a simple spreadsheet embedded within a wiki page benefits by gaining useful wiki features such as version control with rollback and functioning completely within a browser.

In addition, SocialCalc  has a number of options for referencing structured data stored elsewhere. For example, SocialCalc can reference named ranges in other spreadsheets and also query web services (check out this early screencast of wikicalc).

Although SocialCalc is not the first product to offer collaborative spreadsheet capabilities (SharePoint 2007 and even Hyperion Performance Management come to mind) but being embedded within a wiki makes it an interesting option for enterprises to consider.