do it. think it. blog it! ... a twisted world

Kim Cameron, Microsoft's chief identity architect, believes that Microsoft has an important role to play in enabling identity, rather than seeing it as a revenue center. Well, I'm not too sure about that philosophy, but do believe that Identity, Access & Policy Managemnent are key components in todays technology marketspace. For starters, "federation" is a means by which individuals or machines authenticate themselves using their credentials, and then be able to access resources in other enterprises and/or organizations without having to authenticate themselves all over again. Sounds like single sign on, doesnt it. Well, It is single sign on in a way. just extended to span outside of the enterprise that the individual belongs to. The Liberty Alliance has released it's specifications of how identity management systems should work. The Liberty Alliance, as the name suggests, is a coalition of about 70 major industry players, including Sun Microsystems, AOL/Time Warner, Hewlett-Packard, and other major players in market sectors like telecom, wireless, and finance. Sun being one of the foremost of the industry leaders in evangelising this technology now has Microsoft working in conjunction towards a singular vision. VISION: The Network Is The Computer Anyway, getting back to the subject of multi protocol federated identity systems, I'd like to see this burton group report on Shibboleth, Liberty Enabled Systems, SWITCHaai & WS-Federation all interoperate !!! After all this report is not published just for fun aye ! In the midst of all this, If I could quote Craig Barrett : So very true wasnt he ? All this reminds me of the simple rule : IF "A" trusts "B", and if "B" trusts "C", inadvertently, "A" trusts "C".. emm.. now that's a translation from my old math school formula of "A=B=C". SO IF we apply that to the following: MAN !!! am I dying to obtain a copy of this report... You betcha !!

After watching the popular TV show "I Pimped My Ride" on mtv I thought that a befitting title to this blog post was "I Pimped My Blog", Well, after a couple of rounds of beer on a friday night, home alone, brooding over the fact that I'm alone, and being jealous of all those party goers, I thought to myself... Lemme do something neat here.!! something thats new, exciting, interesting.. and I said HEY !! Let me pimp my blog !!! And so I did. I bet that you have heard of folks who have pimped their powerbooks, their barbeque grills, their browsers, their coffeemakers, their laptops, their sandwichestheir mini coopers & their religion too. Have you noticed it yet ? Well, I hope you have, I have tested it on Intenet Explorer, Mozilla, FireFox and Netscape. Now if you are using any other browser and dont see the spectacular effects on this blog, I feel sorry for you, go get yourselves a better browser !! And fo those who do have a pretty spiffy browser, do you see it ? Well, Tell me what you think ? I am dying to hear your comments on this? And if by any chance you have not seen it, ask me what it is all about, and I shall spill the beans.. (here's a tip. look at the top right hand corner of this page) BTW: I may re-pimp my blog someday; and for archiving purposes, here's a screenshot of what it looks like today: So much for making you guess !! but anyways Do you like it? Well, If you do there's another thing (thats cooler) you gotto check out, It's Called "Project Looking Glass". If you thought that this was cool, Project Looking Glass is gonna knock your socks off !!! Here are a few Screenshots of Project Looking Glass and a video.

Here's a Screenshot of My Java Desktop. It's so neat and spiffy that I am extremely happy that I have it running on my laptop. When I first installed the Java Desktop on my laptop. everybody around me told me that I was making a brave move. "Think about the graphic applications that you use rohan, how could you generate graphics using JDS, whats gonna happen to Adobe Photoshop? what about dual boot system with Windows XP also running on it, so you are not rendered laptop-less"; well; i tell you, warnings flew left right and center. I didnt hesitate a bit before installing JDS on "my" laptop. & hey !! no dual-boot. I went all the way. Kind of like what my swimming instructor did to me when I was little : he told me to go all the way, just like what my "then" fiance (now 'wife") told me when we spoke about going steady: she said "go all the way rohan, I promise you that you will not regret it". I have never gotten to regret anything so far... so I took the plunge. Java Desktop. All the way. And hey !! I use GIMP for graphics, it's way cool, easy and though I would not say that it outbeats Adobe Photoshop, it's good enough., I use Evolution for my corporate email, thunderbird for persomal email, firefox for my internet browser, mozilla for intranet, and Staroffice. Who says that one would have issues with word documents, I can not only read word documents in StarOffice, I can also create them !!, not to forget presentation, spreadsheets, drawings, charts, workflow, diagrams the works !!. am i so happy I took the plunge ! you bet I am. So IF you are thinking about using it, I say GO FOR IT : ALL THE WAY; and in case you need help as you go along there's always jdshelp, and the community Here is another screenshot:

BTW : The images here are all made with GIMP. And speaking about my "then" fiance, now "wife", asking me to go all the way, look what I'm got now, "roti:kapda:makaan". (for the non desi's it meant food:clothing:home) Aint that the bare necessities ?.

According to this report on C|Net's news.com, Authorities in India's biggest tiger reserve plan to put satellite-linked radio collars on big cats as part of new conservation methods to save the endangered animal, a forest official said on Tuesday. This is a huge step in monitoring the whereabouts of these endangered species. I found this very interesting as I has quite recently read a report on wired.com about the plans that the United States Governments had on embedding RFID chips on all US passports. I think this move by the US government was a ridiculous one. Edward Hasbrouck had blogged about this pretty recently. He posed Frank Moss, deputy assistant secretary for passport services at the Department of State with the following question : Only to to get a response from Moss : [QUOTE] Well, thats a very strong reason not to use RFID technology for tracking humans. For a detailed list on technical issues related to RFID, Read the thread of comments in the Freedom to Tinker blog of Ed Felten, who was honored with an EFF Pioneer Award during CFP. This report on BBC boasts of India's success using this technology on Tigers. Well, RFID or any technology for that matter needs to be used right. Used Appropriately and for just the right reasons. And when that's done any technological adaptation would be a success. Here are a few good examples :

• Orthopedic Hospital of Oklahoma Use RFID Technology
• Capgemini launches RFID Solution for Retail and Consumer Package Goods Companies
• RFID in Supply Chain
• National Retail Federation : RFID For Retail
• RFID solution for manufacturing

and a bad example For More information on this technology & on how to use it right; Please visit sun.com/RFID

Computer Business Review reported that Red Hat has announced plans to hand over control of its Fedora community led Linux development project to the new Fedora Foundation as part of a new three pronged intellectual property strategy." As part of the transition, the Fedora open source project will transfer development work and copyright ownership of contributed code to the foundation. Now: This is in addition to the recent announcement by Red Hat to release the recently procured Netscape Directory Server from AOL as part of it's Fedora offering. I guess it's RedHat's hard spun effort to lure the Open Source community back. Well, Talking about opensource I bet you all know about java.net, Brazil, OpenOffice, OpenSolaris, JINI, JXTA, Grid Engine, JRMS, NetBeans. . Now. That's a true Open Source Community !!! For a Complete list of Open Source Projects that Sun is involved in; CLICK HERE. This whole topic reminds me of Ian Murdoc's post on "Red Hat Enterprise linux Is Proprietary" from almost a year ago. I bet that though the Fedora Directory Server has been opensourced, Red Hat WILL NOT, release the admin console bits as part of the offering. Well; for starters, thats the MOST desirable component organizations would like to obtain for managing the directory server. If it was just the backend LDAP server, there's always openLDAP. Speaking of LDAP servers, What i'd really like to see if a benchmark report on the following: Fedora Directory Server, openLDAP, Microsoft's Active Directory and Sun's Java Enterprise Systems Directory Server. (I just cant wait to see that). With Open Source Software being the wave of the current / NEXT generation, I would like to close with a line from Microsoft's CEO Steve Ballmer With all this said, the LINE to really remember & remember for a long long time is Jonathan Schwartz's : Hey Folks; do bookmark this post and read it 10 years from now. I bet you'd be surprised.

Well, is this something we all should fear? I do think so; and here's why? So: Now you DO remember Sept 11 dont you ?. Well, Read this So: In short, Citigroup is owned by Saudi Arabians, or am I making this up ?? Well, I have been told that a majority of the shareholders in Citigroup ARE Saudi Arabians. I am not so sure on whether this is true or not, However, you could research this for me and post your findings here. So anyway, why am I posting CitiBank's Boo Boo alongwith references to Sept 11th, Well, I Just hope it's not true, BUT, If CitiBank has lost huge volumes of it's customer data, AND if Saudi's DO have a huge stake in CitiBank, and IF this lost Data falls into the hands of folks that it was not meant to be, Well, Houston we sure do have a problem. Remember those Phishing emails we all receive, Well, expect that number to just increase from now on. Citibank is the largest financial group in the world and has long been a target for computer criminals. Computer criminals use "phishing" to gather confidential information from bank customers. But this "lost tapes" episode makes it all the more easy for them. There already has been a "HIT" All said and done; If YOU happen to be a citibank customer and are worried about this; CitiFinancial is inviting customers to enroll via a toll-free number, 1-888-469-8603, in a free credit monitoring service for 90 days.

it's true that we all make mistakes (I'm referring to typos)..typing. Some of us use all 10 fingers, some two and some just 1; However the probability of typing errors is pretty high no matter how good we are at the keyboard. When we type something into a document, and make errors, we could ensure the quality of the "text" be excellent as we'd use a spell checker, thesaurus etc. Whichever editor (Microsoft Office, OpenOffice, StarOffice) we use; there always is some kind of a feature whereby we could check the spellings etc. The same goes for creation of web pages and blogs too; However when we comment on other's blogs and are provided with nothing more than a comment box. How many of us type in stuff and validate the "syntax" of each word or run it by spellcheck / thesaurus or the likes... Some mistakes can turn into blunders. Mis-Spelt words can give a whole new meaning to a statement. There's a spellcheck feature addon for internet explorer called iespell, and NOW there's Rite of Tongue, a addon for Mozilla's FireFox that would validate the spelling for all content within a text box and actually prompt you to correct them; thus ensuring that you say what you mean. Rite Of Tongue is an extremely cool addon. Just a right-click on the word and the menu will display the correct spelling if known. Just mouse down to select and replace the word being checked. This addon comes extremely handy for those late night owls, beer and pajama junkies, and the starbucks addicts.

Well, after reading up on several blogs (Like Mary's and Jonas's) about receiving invitations to "Live8 the Long Walk To Justice" concert, I was hoping to get an invite too.. but Who Would Send Me One /. Then I thought; what good would it be if I just get an invite and not be able to attend the concert. Well, maybe I could still contribute to the cause, The "cause" being noble, I though that I'd contribute by buying myself a "one" band. Well, it's just a $ or two, but then I spend a lot more money on un-necessary stuff everyday. Here's what I think I'm gonna do. I'm gonna but a 100 Pack and distribute it around. If you would like to support the cause, but cannot afford to pay for a ONE band, let me know and I shall send one to you. The "one" bands are available in two sizes

• Small : For Youth or Women. Diameter is 2.25 in (5.72 cm).
• Large : Generally for Men. Diameter is 2.50 in (6.35 cm).

Let me know which one you would like to wear. But however; Please promise yourself that you would wear it everyday. The White Band can be worn on your wrist, your arm - in fact anywhere you like that it can be seen by everyone! You can wear it any way you like:

1. Around your wrist
2. Around your rear view mirror
3. As a hair band
4. Through the laces in your trainers
5. Around the straps of your handbag
6. As a lapel ribbon
7. On your key ring
8. Even on pet collars
9. The really important thing is that you just wear it.

You can find a local "White Band" by Clicking Here.

I'm Doing My Bit, You Do Yours. Another way of contributing to the cause and showing your support is by putting a makepovertyhistory.org band on your website. If Interested; Just ask me how?

"Jot Down Your Passwords" : said Jesper Johansson the senior program manager for Security and Policy Services at Microsoft Speaking on the opening day of the AusCERT conference at Australia's Gold Coast Resort. He continued to say He's got a point in what he's saying. Organizations enforce password policies on all their enterprise applications, sometimes strict and sometimes, weak. However the mininal feature that these password policies have is that they all expire in a pre determined period and sometimes we cannot use the same password as what had used before (or it just cannot be the same as the previous 6 password changes). This makes it extremely hard over a period of time to come up with really strong passwords and more importantly remember them. Well, I have forgotten quite a few myself, and then asking for a password reset with the support folks absolutely goes against the intent of the organizations establishing a "self service" portal for their employees. Then on the other hand, writing down passwords on a piece of paperas suggested by Johansson is simply ridiculous. The probability of that very piece of paper getting into the hands of a unintended recipient is extremely high.

I then remembered, Yahoo's webmail service allows their users to login to their mail accounts with a YahooID and password over HTTP. They DO have a feature where the user can switch to a secure mode and then enter his "login credential" and submit it over HTTPS. But how many folks really cick on the term "secure". If one types in https://mail.yahoo.com in their browsers address bar, they are immediately prompted with a WARNING that he certificate presented DOES NOT match the URL (because the cert is issues to login.yahoo.com instead of mail.yahoo.com.). WOW!!! So I did a little more digging around yahoo, and I found out that they are using this NEAT open source script by Paul Johnston which is a JavaScript implementation of the RSA Data Security, Inc. MD5 Message Digest Algorithm, as defined in RFC 1321. Thats a real cool one. I was impressed, (not with Yahoo, but Paul Johnstons script). NOW Thats a way in which passwords can be kept safe. So I went ahead and used that very same script (from yahoo/pajhome)on this site and modified it a little bit to concatenate 2 strings and here's what I came up with: A JavaScript version of obtaining a MD5 Hashed equivalent of you password thats unique for each site you use it on. Which obviously means that if your password is "hello" then the MD5 equivalent of that password on "sun.com" would be different from "yahoo.com".

Cheers !!! :: & I am really looking forward to your comments on this.