Showing posts from December, 2008

SSL broken! Hackers create rogue CA certificate using MD5 collisions

SSL broken! Hackers create rogue CA certificate using MD5 collisions | Zero Day |
"Using computing power from a cluster of 200 PS3 game consoles and about $700 in test digital certificates, a group of hackers in the U.S. and Europe have found a way to target a known weakness in the MD5 algorithm to create a rogue Certification Authority (CA), a breakthrough that allows the forging of certificates that are fully trusted by all modern Web browsers."

The Carbon Story

Middleware à la carte; adopt middleware to your architecture, not your architecture to the middleware!
The Carbon StoryView SlideShare presentation or Upload your own.

Ubuntu on Amazon EC2 Beta Released

Ubuntu on Amazon EC2 Beta Released | The Fridge
"This service allows you to create a fully running instance of Ubuntu Server on EC2 in just a few clicks. All the applications you’ll need such as a Web server, E-mail server and common development frameworks are available. There’s no charge for using Ubuntu on Amazon EC2, it’s provided without charge complete with maintenance updates. Separately, Amazon will charge EC2 users for their usage of the service."

Toyota joins the club with its first operating loss!

Toyota Expects First Operating Loss -
"NAGOYA, Japan, Dec 22 (Reuters) - Toyota Motor Corp (NYSE:TM) , the world's biggest automaker, on Monday forecast its first ever group operating loss due to a relentless global slide in car sales and a crippling rise in the yen.

Toyota had been expected to issue its second profit warning in less than seven weeks, after domestic rival Honda Motor Co (NYSE:HMC) also took the rare step of altering its guidance outside the usual quarterly reporting season, but the downward revision was bigger than predicted"

.. in 70 years. They've been recording profits since 1941. They did invest a lot in the US by building new plants and the Yen rising against the dollar won't help either. This would be a great opportunity to see how they fare in uncertain times. I hope they'll recover fast making yet another example for the MBA text books :) !!

Balancing Repeatability and Situationality with Process Mashups

An Interesting post I read today on balancing issues faced by early adaptors of Enterprise Mashups. Starting from empowering users and thereby losing the monopoly if IT as the primary enterprise application creator to differentiating between Process Mashups and Data Mashups, the post provides some good viewpoints.

"At the center of the perfect storm of Service-Oriented Architecture
(SOA), Web-Oriented Architecture (WOA), and the business-centric take
on Web 2.0 we call Enterprise 2.0 is the notion of the enterprise mashup.
Loosely defined as governed, managed compositions of Services in the
context of a rich, Internet-based user interface environment,
enterprise mashups have become a key driver for SOA initiatives, even
though such applications as yet have relatively limited use in the

i18n for Javascript

The WSO2 Carbon platform contains two UI technologies. Plain old JSPs and Javascript (DHTML/Ajax, the rich client stuff). When it comes to i18n JSPs are taken care of. In Javascript however, i18n seems a daunting task. Various Javascript libraries such as GWT, Dojo and even YUI have tried to address the issue in their own way. But when I did an evaluation last week of those, I wasn't really happy about the unnecessary complexity of their code and the additional QA overhead they will add.

So I wrote my own i18n implementation for Javascript, which will be used by all Javascript embedded components in the Carbon platform. The implementation uses both JSP and Javascript code to balance out processing overheads between the browser and server.

Server side processing is done with a JSP tag library, which reads a given Resource bundle and populates a JSON Object with the key-value pairs found within. The JSP authors can opt to either use one single Resource Bundle for all their i18n values…

Generate JavaScript API Documentation with YUI Doc

YUI Doc: A New Tool for Generating JavaScript API Documentation » Yahoo! User Interface Blog
".. the first public version of YUI Doc, a python-based documentation tool that generates API documentation for JavaScript code. YUI Doc was developed by Adam Moore, one of the principal engineers on the YUI project since its inception, to support YUI’s API-level documentation."
Finally, the arrival of a much needed tool. This will be an ideal companion for YUI Compressor during build time to auto generate API Docs for your Javascript libraries.

The Biz School Chronicles

My group and I did an interesting presentation today. It was mainly on our thoughts and recommendations regarding a layoff at a fictional large bank. I think we did pretty good and the feedback was also positive. So for a change, I thought I'd post our presentation instead of my usual comments on something I learned.

This was a group assignment for the unit Management Process and Organizational Behavior.

Synergy Metrobank View SlideShare presentation or Upload your own. (tags: downsizinglayoff)

Pirates discover Mashups

Firefox Pirates Take Over Amazon | TorrentFreak
"An add-on for the Firefox browser called ‘Pirates of the Amazon’ makes it possible to shop at the Amazon store but leave without paying a dime. Instead, on Amazon product pages the add-on integrates links to ‘free’ copies on The Pirate Bay."
If you thought that was awesome, there's more ..
"‘Pirates of the Amazon’ is not the only pirate add-on for Firefox, in fact there are quite a few. IMDB,, and Rotten Tomatoes all have their own pirate skin available. Most of them use the Greasemonkey add-on which allows the installation of all kinds of useful user scripts which customize the web to your pirate needs."

RIAA: "They're in our internets with their firefoxes downloading our moosic... for free! They.. took.. our.. jerbs!"

Mashup Business Models

Mashup Business Models - ReadWriteWeb
"Developing a mashup can be a lot of fun and it's usually low cost, because you're using (semi) open tools and data. Forget fun though for a minute - is there a business in mashups? There are obvious benefits for the data providers, for example both Google and craigslist benefit from increased traffic to their sites. In most cases that leads to increased revenue as well. But what's in it for the mashup developer, apart from publicity and prestige?"

In summary, some models they list are;
Lead generation and affiliate programsTransactional MashupsSubscriptionsPay-per-transaction

What attracts a click?

I said click!

Advertising - Web Marketing That Hopes to Learn What Attracts a Click -
“It’s reporting back to the advertiser and agency saying, ‘Guess what? The soccer mom in Indiana likes background three, which was pink, likes image four, which was the S.U.V., and likes marketing message 12, about room, safety and comfort,”
We have a very dynamic marketing team at WSO2. Personally, I believe that having a great, selling product is better than having a perfect product that doesn't make much money. Most household names today didn't start by having the perfect product. They built something innovative and useful to a broad audience. When people liked it and the money started flowing in, they used part of that revenue towards perfection by way of R&D while using the rest to pay bills and give stakeholders return on their investments. Don't take my word for it, look at Micro$oft. They still haven't made Windows perfect!

Perfection is a long term goal but genera…

What would Drucker do?

"Why would a company that hasn't been able to innovate change its way simply because you hand them $25 billion?"

The Drucker Institute put out a video recently on why GM shouldn't get a bailout. I guess having extensively studied the writings of Drucker, such as "Concept of the Corporation", which specifically chronicles inner workings of GM back in the 40's, they are in a better position to comment on the issue than most. In this video, Rick Wartzman, director of the Drucker Institute at Claremont Graduate University shares his thoughts in Drucker's point of view.

Facebook launches proprietory version competing OpenID

Biggest Battle Yet For Social Networks: You, Your Identity And Your Data On The Open Web
"Facebook is moving ahead alone with Connect, using proprietary standards for login and data sharing. They’ve also prohibited Google from trying to get in the middle of things with their Friend Connect service. MySpace, by contrast, is using mostly open standards in their approach, and is working closely with Google to make sure the services work properly together."I guess this means they won't be coming to the OpenSocial party either. It's annoying to see companies still trying to lock in users when there are more than enough open standards and implementations out there.